Controller routes #89
Conversation
…foreign key for Assignment
| public function create(User $user): RedirectResponse { | ||
| if ($user->is_admin) { | ||
| return redirect()->route('assignment.index')->with('success', 'Assignment created'); | ||
| } | ||
| return redirect()->route('assignment.index')->with('error', 'User is not an admin'); | ||
| } |
There was a problem hiding this comment.
This doesn't make an assignment which it should. Also any user should be able to make an assignment for their class rather than just admins. Your policies should control whether a user can access or not.
| public function index() | ||
| { | ||
| return inertia("AdminPage"); | ||
| } | ||
|
|
There was a problem hiding this comment.
Just leave this function empty for now rather than render a page that is unrelated.
| public function update(User $user): RedirectResponse { | ||
| if ($user->is_admin) { | ||
| return redirect()->route('assignment.index')->with('success', 'Assignment updated'); | ||
| } | ||
| return redirect()->route('assignment.index')->with('error', 'User is not an admin'); | ||
| } | ||
|
|
||
|
|
||
| public function destroy(User $user): RedirectResponse { | ||
| if ($user->is_admin) { | ||
| return redirect()->route('assignment.index')->with('success', 'Assignment deleted'); | ||
| } | ||
| return redirect()->route('assignment.index')->with('error', 'User is not an admin'); | ||
| } |
There was a problem hiding this comment.
These don't make any database changes and shouldn't check for admin.
| public function findAssignmentByCourse($course_id) | ||
| { | ||
| $assignments_list = Assignment::where('course_id', $course_id)->get(); | ||
| foreach ($assignment as $assignments_list) { | ||
| $assignment->name=$assignments_list->assignment->name; | ||
| } | ||
| return response()->json(['data'=>$assignment]); | ||
| } |
There was a problem hiding this comment.
Doesn't seem to be used?
There was a problem hiding this comment.
Can be removed since still not used
| public function index() { | ||
| return inertia("AdminPage"); | ||
| } |
app/Policies/AssignmentPolicy.php
Outdated
| public function update(User $user, Assignment $assignment) | ||
| { | ||
| return $use->is_admin | ||
| ? Response::allow() | ||
| : Response::deny(); | ||
| } | ||
|
|
||
| /** | ||
| * Determine whether the user can delete the model. | ||
| * | ||
| * @param \App\Models\User $user | ||
| * @param \App\Models\Assignment $assignment | ||
| * @return \Illuminate\Auth\Access\Response|bool | ||
| */ | ||
| public function delete(User $user, Assignment $assignment) | ||
| { | ||
| return $use->is_admin | ||
| ? Response::allow() | ||
| : Response::deny(); | ||
| } |
There was a problem hiding this comment.
These should check if the user owns the assignment instead.
app/Policies/CoursePolicy.php
Outdated
| public function view(User $user, Course $course) | ||
| { | ||
| return true; | ||
| } | ||
|
|
||
| /** | ||
| * Determine whether the user can create models. | ||
| * | ||
| * @param \App\Models\User $user | ||
| * @return \Illuminate\Auth\Access\Response|bool | ||
| */ | ||
| public function create(User $user) | ||
| { | ||
| return $use->is_admin | ||
| ? Response::allow() | ||
| : Response::deny(); | ||
| } | ||
|
|
||
| /** | ||
| * Determine whether the user can update the model. | ||
| * | ||
| * @param \App\Models\User $user | ||
| * @param \App\Models\Course $course | ||
| * @return \Illuminate\Auth\Access\Response|bool | ||
| */ | ||
| public function update(User $user, Course $course) | ||
| { | ||
| return $use->is_admin | ||
| ? Response::allow() | ||
| : Response::deny(); | ||
| } | ||
|
|
||
| /** | ||
| * Determine whether the user can delete the model. | ||
| * | ||
| * @param \App\Models\User $user | ||
| * @param \App\Models\Course $course | ||
| * @return \Illuminate\Auth\Access\Response|bool | ||
| */ | ||
| public function delete(User $user, Course $course) | ||
| { | ||
| return $use->is_admin | ||
| ? Response::allow() | ||
| : Response::deny(); | ||
| } |
There was a problem hiding this comment.
Should check if user owns the course
| Assignment::class => AssignmentPolicy::class, | ||
| Course::class => CoursePolicy::class, |
There was a problem hiding this comment.
Laravel should automatically register these. Was it not doing so?
| Gate::define('update-post', function (User $user, | ||
| Course $course, Assignment $assignment) { | ||
| //?check if user is an admin | ||
| return ($assignment->course_id === $course->id); | ||
| }); | ||
|
|
routes/web.php
Outdated
| Route::apiResource('users', CourseController::class)->only(['create','update', 'destroy']); | ||
| Route::apiResource('users', AssignmnetController::class)->only(['create','update', 'destroy']); |
There was a problem hiding this comment.
The names should change and these shouldn't be in the admin middleware
| public function create(){ | ||
| return Redirect::to('assignment.index'); | ||
| } | ||
|
|
There was a problem hiding this comment.
This should actually create the assignment here not just redirect.
| return response()->json(['data'=>$assignment]); | ||
| } | ||
|
|
||
| public function findAssignmentByUser($user_id) |
There was a problem hiding this comment.
Not used so can be removed
| public function findAssignmentByCourse($course_id) | ||
| { | ||
| $assignments_list = Assignment::where('course_id', $course_id)->get(); | ||
| foreach ($assignment as $assignments_list) { | ||
| $assignment->name=$assignments_list->assignment->name; | ||
| } | ||
| return response()->json(['data'=>$assignment]); | ||
| } |
There was a problem hiding this comment.
Can be removed since still not used
| public function show($id) | ||
| { | ||
| $assignment = Assignment::find($id); | ||
|
|
||
| //return View::make('')->with('assignment', $assignment); | ||
| } |
There was a problem hiding this comment.
If this is properly type hinted with an Assignment model then Laravel will find the model and you can just handle returning an inertia view with that model.
| public function update($id){ | ||
| $assignment = Assignment::find($id); | ||
| $assignment->name = Input::get('name'); | ||
| $assignment->due_at = Input::get('due_at'); | ||
|
|
||
| return Redirect::to('assignment.index'); |
There was a problem hiding this comment.
We should really have validation here. You can make a request class to separate this logic as well.
app/Models/Assignment.php
Outdated
| public function user(){ | ||
| return $this->belongsTo(User::class); | ||
| } |
There was a problem hiding this comment.
This likely won't be too useful so it can be removed
app/Models/User.php
Outdated
| public function assignments(){ | ||
| return $this->hasMany(Assignment::class); | ||
| } |
There was a problem hiding this comment.
This should be hasManyThrough with the Assignment and Course passed in
| @@ -14,6 +14,7 @@ public function up() { | |||
| Schema::create('courses', function (Blueprint $table) { | |||
| $table->id(); | |||
| $table->string('name'); | |||
| $table->foreignId('user_id')->constrained()->onDelete('cascade'); | |||
There was a problem hiding this comment.
We don't want to edit existing migrations
| @@ -13,6 +13,7 @@ | |||
| public function up() { | |||
| Schema::create('assignments', function (Blueprint $table) { | |||
| $table->id(); | |||
| $table->foreignId('user_id')->constrained()->onDelete('cascade'); | |||
There was a problem hiding this comment.
We don't want to edit existing migrations
routes/web.php
Outdated
| Route::get('/course',[CourseController::class,'index'])->name('course.index'); | ||
| Route::get('/assignment',[AssignmentController::class,'index'])->name('assignment.index'); |
There was a problem hiding this comment.
These should be resource instead of get so that all of the routes become available
//There's no specific page for course and assignment, so I use AdminPage instead