replace authorize with can middleware

blumilksoftware · Aug 12, 2024 · 3a8d0b7 · 3a8d0b7
1 parent 6bf1691
commit 3a8d0b7
Show file tree

Hide file tree

Showing 9 changed files with 65 additions and 95 deletions.
diff --git a/app/Http/Controllers/QuestionAnswerController.php b/app/Http/Controllers/QuestionAnswerController.php
@@ -8,29 +8,33 @@
 use App\Http\Resources\AnswerResource;
 use App\Models\Answer;
 use App\Models\Question;
-use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\RedirectResponse;
+use Illuminate\Routing\Controllers\HasMiddleware;
+use Illuminate\Routing\Controllers\Middleware;
 use Inertia\Inertia;
 use Inertia\Response;
 
-class QuestionAnswerController extends Controller
+class QuestionAnswerController extends Controller implements HasMiddleware
 {
+    public static function middleware()
+    {
+        return [
+            new Middleware("can:create," . Answer::class . ",question", only: ["store"]),
+            new Middleware("can:clone,answer,question", only: ["clone"]),
+            new Middleware("can:update,answer", only: ["update", "markAsCorrect", "markAsInvalid"]),
+            new Middleware("can:delete,answer", only: ["destroy"]),
+        ];
+    }
+
     public function index(Question $question): Response
     {
         return Inertia::render("Answer/Index", [
             "answers" => AnswerResource::collection($question->answers),
         ]);
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function store(Question $question, AnswerRequest $request): RedirectResponse
     {
-        if ($question->isLocked) {
-            throw new AuthorizationException();
-        }
-
         Answer::query()
             ->make($request->validated())
             ->question()->associate($question)
@@ -46,27 +50,17 @@ public function show(Answer $answer): Response
         return Inertia::render("Answer/Show", ["answer" => new AnswerResource($answer)]);
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function markAsCorrect(Answer $answer): RedirectResponse
     {
-        $this->authorize("modify", $answer);
-
         $answer->question->correctAnswer()->associate($answer)->save();
 
         return redirect()
             ->back()
             ->with("success", "Answer marked as correct");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function markAsInvalid(Answer $answer): RedirectResponse
     {
-        $this->authorize("modify", $answer);
-
         if ($answer->isCorrect) {
             $answer->question->correct_answer_id = null;
             $answer->save();
@@ -77,37 +71,24 @@ public function markAsInvalid(Answer $answer): RedirectResponse
             ->with("success", "Answer marked as incorrect");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function update(AnswerRequest $request, Answer $answer): RedirectResponse
     {
-        $this->authorize("modify", $answer);
-
         $answer->update($request->validated());
 
         return redirect()
             ->back()
             ->with("success", "Answer updated");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function destroy(Answer $answer): RedirectResponse
     {
-        $this->authorize("destroy", $answer);
-
         $answer->delete();
 
         return redirect()
             ->back()
             ->with("success", "Answer deleted");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function clone(Answer $answer, Question $question): RedirectResponse
     {
         $answer->cloneTo($question);

diff --git a/app/Http/Controllers/QuizController.php b/app/Http/Controllers/QuizController.php
@@ -8,13 +8,22 @@
 use App\Http\Resources\QuizResource;
 use App\Models\Quiz;
 use Carbon\Carbon;
-use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\RedirectResponse;
+use Illuminate\Routing\Controllers\HasMiddleware;
+use Illuminate\Routing\Controllers\Middleware;
 use Inertia\Inertia;
 use Inertia\Response;
 
-class QuizController extends Controller
+class QuizController extends Controller implements HasMiddleware
 {
+    public static function middleware()
+    {
+        return [
+            new Middleware("can:update,quiz", only: ["update"]),
+            new Middleware("can:delete,quiz", only: ["destroy"]),
+        ];
+    }
+
     public function index(): Response
     {
         $quizzes = Quiz::query()
@@ -42,13 +51,8 @@ public function show(int $quiz): Response
         return Inertia::render("Quiz/Show", ["quiz" => new QuizResource($quiz)]);
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function update(QuizRequest $request, Quiz $quiz): RedirectResponse
     {
-        $this->authorize("modify", $quiz);
-
         $quiz->update($request->validated());
 
         return redirect()
@@ -66,23 +70,15 @@ public function lock(Quiz $quiz): RedirectResponse
             ->with("success", "Quiz locked");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function destroy(Quiz $quiz): RedirectResponse
     {
-        $this->authorize("destroy", $quiz);
-
         $quiz->delete();
 
         return redirect()
             ->back()
             ->with("success", "Quiz deleted");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function clone(Quiz $quiz): RedirectResponse
     {
         $quiz->clone();

diff --git a/app/Http/Controllers/QuizQuestionController.php b/app/Http/Controllers/QuizQuestionController.php
@@ -8,13 +8,24 @@
 use App\Http\Resources\QuestionResource;
 use App\Models\Question;
 use App\Models\Quiz;
-use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\RedirectResponse;
+use Illuminate\Routing\Controllers\HasMiddleware;
+use Illuminate\Routing\Controllers\Middleware;
 use Inertia\Inertia;
 use Inertia\Response;
 
-class QuizQuestionController extends Controller
+class QuizQuestionController extends Controller implements HasMiddleware
 {
+    public static function middleware()
+    {
+        return [
+            new Middleware("can:create," . Question::class . ",quiz", only: ["store"]),
+            new Middleware("can:clone,question,quiz", only: ["clone"]),
+            new Middleware("can:update,question", only: ["update"]),
+            new Middleware("can:delete,question", only: ["destroy"]),
+        ];
+    }
+
     public function index(Quiz $quiz): Response
     {
         $questions = $quiz->questions()
@@ -26,15 +37,8 @@ public function index(Quiz $quiz): Response
         ]);
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function store(Quiz $quiz, QuestionRequest $request): RedirectResponse
     {
-        if ($quiz->isLocked) {
-            throw new AuthorizationException();
-        }
-
         Question::query()
             ->make($request->validated())
             ->quiz()->associate($quiz)
@@ -54,37 +58,24 @@ public function show(int $question): Response
         return Inertia::render("Question/Show", ["question" => new QuestionResource($test)]);
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function update(QuestionRequest $request, Question $question): RedirectResponse
     {
-        $this->authorize("modify", $question);
-
         $question->update($request->validated());
 
         return redirect()
             ->back()
             ->with("success", "Question updated");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function destroy(Question $question): RedirectResponse
     {
-        $this->authorize("destroy", $question);
-
         $question->delete();
 
         return redirect()
             ->back()
             ->with("success", "Question deleted");
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function clone(Question $question, Quiz $quiz): RedirectResponse
     {
         $question->cloneTo($quiz);

diff --git a/app/Models/Answer.php b/app/Models/Answer.php
@@ -5,7 +5,6 @@
 namespace App\Models;
 
 use Carbon\Carbon;
-use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Database\Eloquent\Casts\Attribute;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
@@ -46,15 +45,8 @@ public function isCorrect(): Attribute
         return Attribute::get(fn(): bool => $this->question->correctAnswer()->is($this));
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function cloneTo(Question $question): self
     {
-        if ($question->isLocked) {
-            throw new AuthorizationException();
-        }
-
         $clone = $this->replicate();
         $clone->question()->associate($question)->save();
 

diff --git a/app/Models/Question.php b/app/Models/Question.php
@@ -5,7 +5,6 @@
 namespace App\Models;
 
 use Carbon\Carbon;
-use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Database\Eloquent\Casts\Attribute;
 use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
@@ -55,15 +54,8 @@ public function isLocked(): Attribute
         return Attribute::get(fn(): bool => $this->quiz->isLocked);
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function cloneTo(Quiz $quiz): self
     {
-        if ($quiz->isLocked) {
-            throw new AuthorizationException();
-        }
-
         $questionCopy = $this->replicate();
         $questionCopy->quiz()->associate($quiz)->save();
 

diff --git a/app/Models/Quiz.php b/app/Models/Quiz.php
@@ -5,7 +5,6 @@
 namespace App\Models;
 
 use Carbon\Carbon;
-use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Database\Eloquent\Casts\Attribute;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
@@ -48,9 +47,6 @@ public function isLocked(): Attribute
         return Attribute::get(fn(): bool => $this->locked_at !== null);
     }
 
-    /**
-     * @throws AuthorizationException
-     */
     public function clone(): self
     {
         $quizCopy = $this->replicate();

diff --git a/app/Policies/AnswerPolicy.php b/app/Policies/AnswerPolicy.php
@@ -5,17 +5,28 @@
 namespace App\Policies;
 
 use App\Models\Answer;
+use App\Models\Question;
 use App\Models\User;
 
 class AnswerPolicy
 {
-    public function modify(User $user, Answer $answer): bool
+    public function update(User $user, Answer $answer): bool
     {
         return !$answer->isLocked;
     }
 
-    public function destroy(User $user, Answer $answer): bool
+    public function delete(User $user, Answer $answer): bool
     {
         return !$answer->isLocked;
     }
+
+    public function create(User $user, Question $question): bool
+    {
+        return !$question->isLocked;
+    }
+
+    public function clone(User $user, Answer $answer, Question $question): bool
+    {
+        return !$question->isLocked;
+    }
 }
diff --git a/app/Policies/QuestionPolicy.php b/app/Policies/QuestionPolicy.php
@@ -5,17 +5,28 @@
 namespace App\Policies;
 
 use App\Models\Question;
+use App\Models\Quiz;
 use App\Models\User;
 
 class QuestionPolicy
 {
-    public function modify(User $user, Question $question): bool
+    public function update(User $user, Question $question): bool
     {
         return !$question->isLocked;
     }
 
-    public function destroy(User $user, Question $question): bool
+    public function delete(User $user, Question $question): bool
     {
         return !$question->isLocked;
     }
+
+    public function create(User $user, Quiz $quiz): bool
+    {
+        return !$quiz->isLocked;
+    }
+
+    public function clone(User $user, Question $question, Quiz $quiz): bool
+    {
+        return !$quiz->isLocked;
+    }
 }
diff --git a/app/Policies/QuizPolicy.php b/app/Policies/QuizPolicy.php
@@ -9,12 +9,12 @@
 
 class QuizPolicy
 {
-    public function modify(User $user, Quiz $quiz): bool
+    public function update(User $user, Quiz $quiz): bool
     {
         return !$quiz->isLocked;
     }
 
-    public function destroy(User $user, Quiz $quiz): bool
+    public function delete(User $user, Quiz $quiz): bool
     {
         return !$quiz->isLocked;
     }