update person on update authorization
This commit is contained in:
Muhammad Fajar
@@ -5,10 +5,11 @@ namespace Modules\Linksehat\Http\Controllers\Api;
|
||||
use App\Helpers\Helper;
|
||||
use App\Models\File;
|
||||
use App\Models\Person;
|
||||
use Auth;
|
||||
use Illuminate\Contracts\Support\Renderable;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Routing\Controller;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Modules\Linksehat\Http\Requests\PersonRequest;
|
||||
use Modules\Linksehat\Transformers\Person\PersonResource;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
@@ -88,71 +89,75 @@ class PersonController extends Controller
|
||||
* @param int $id
|
||||
* @return Renderable
|
||||
*/
|
||||
public function update(PersonRequest $request, Person $person)
|
||||
public function update(PersonRequest $request, Person $family)
|
||||
{
|
||||
$personData = $request->only([
|
||||
'owner_user_id',
|
||||
'nik',
|
||||
'name_prefix',
|
||||
'name',
|
||||
'name_suffix',
|
||||
'phone',
|
||||
'email',
|
||||
'gender',
|
||||
'birth_date',
|
||||
'birth_place',
|
||||
'citizenship',
|
||||
'current_employment',
|
||||
'last_education',
|
||||
'religion',
|
||||
'blood_type',
|
||||
'is_deceased',
|
||||
'deceased_at',
|
||||
'marital_status',
|
||||
'main_address_id',
|
||||
'domicile_address_id',
|
||||
]);
|
||||
|
||||
$person->update($personData);
|
||||
|
||||
if ($request->hasFile('user_avatar')) {
|
||||
$pathFileAvatar = File::storeFile('avatar', $person->id, $request->file('user_avatar'));
|
||||
$person->files()->updateOrCreate([
|
||||
'type' => 'avatar',
|
||||
'name' => File::getFileName('avatar', $person->id, $request->file('user_avatar')),
|
||||
'extension' => $request->file('user_avatar')->getClientOriginalExtension(),
|
||||
'path' => $pathFileAvatar,
|
||||
'created_by' => auth()->user()->id,
|
||||
'updated_by' => auth()->user()->id,
|
||||
if (Gate::forUser(auth()->user())->allows('update-person', $family)) {
|
||||
$personData = $request->only([
|
||||
'owner_user_id',
|
||||
'nik',
|
||||
'name_prefix',
|
||||
'name',
|
||||
'name_suffix',
|
||||
'phone',
|
||||
'email',
|
||||
'gender',
|
||||
'birth_date',
|
||||
'birth_place',
|
||||
'citizenship',
|
||||
'current_employment',
|
||||
'last_education',
|
||||
'religion',
|
||||
'blood_type',
|
||||
'is_deceased',
|
||||
'deceased_at',
|
||||
'marital_status',
|
||||
'main_address_id',
|
||||
'domicile_address_id',
|
||||
]);
|
||||
}
|
||||
|
||||
if ($request->hasFile('verification_file')) {
|
||||
$pathFileVerification = File::storeFile('dataDiri', $person->id, $request->file('verification_file'));
|
||||
$person->files()->updateOrCreate([
|
||||
'type' => 'dataDiri',
|
||||
'name' => File::getFileName('dataDiri', $person->id, $request->file('verification_file')),
|
||||
'extension' => $request->file('verification_file')->getClientOriginalExtension(),
|
||||
'path' => $pathFileVerification,
|
||||
'created_by' => auth()->user()->id,
|
||||
'updated_by' => auth()->user()->id,
|
||||
]);
|
||||
}
|
||||
$family->update($personData);
|
||||
|
||||
if ($request->has('relation_with_owner')) {
|
||||
$person->familyOwner()->updateOrCreate([
|
||||
'owner_id' => auth()->user()->person_id,
|
||||
'person_id' => $person->id,
|
||||
], [
|
||||
'owner_id' => auth()->user()->person_id,
|
||||
'relation_with_owner' => $request->relation_with_owner,
|
||||
'person_id' => $person->id,
|
||||
'created_by' => auth()->user()->id,
|
||||
'updated_by' => auth()->user()->id,
|
||||
]);
|
||||
}
|
||||
if ($request->hasFile('user_avatar')) {
|
||||
$pathFileAvatar = File::storeFile('avatar', $family->id, $request->file('user_avatar'));
|
||||
$family->files()->updateOrCreate([
|
||||
'type' => 'avatar',
|
||||
'name' => File::getFileName('avatar', $family->id, $request->file('user_avatar')),
|
||||
'extension' => $request->file('user_avatar')->getClientOriginalExtension(),
|
||||
'path' => $pathFileAvatar,
|
||||
'created_by' => auth()->user()->id,
|
||||
'updated_by' => auth()->user()->id,
|
||||
]);
|
||||
}
|
||||
|
||||
return Helper::responseJson(data: ['persons' => $person], message: 'Data Berhasil di update');
|
||||
if ($request->hasFile('verification_file')) {
|
||||
$pathFileVerification = File::storeFile('dataDiri', $family->id, $request->file('verification_file'));
|
||||
$family->files()->updateOrCreate([
|
||||
'type' => 'dataDiri',
|
||||
'name' => File::getFileName('dataDiri', $family->id, $request->file('verification_file')),
|
||||
'extension' => $request->file('verification_file')->getClientOriginalExtension(),
|
||||
'path' => $pathFileVerification,
|
||||
'created_by' => auth()->user()->id,
|
||||
'updated_by' => auth()->user()->id,
|
||||
]);
|
||||
}
|
||||
|
||||
if ($request->has('relation_with_owner')) {
|
||||
$family->familyOwner()->updateOrCreate([
|
||||
'owner_id' => auth()->user()->person_id,
|
||||
'person_id' => $family->id,
|
||||
], [
|
||||
'owner_id' => auth()->user()->person_id,
|
||||
'relation_with_owner' => $request->relation_with_owner,
|
||||
'person_id' => $family->id,
|
||||
'created_by' => auth()->user()->id,
|
||||
'updated_by' => auth()->user()->id,
|
||||
]);
|
||||
}
|
||||
|
||||
return Helper::responseJson(data: ['persons' => $family], message: 'Data Berhasil di update');
|
||||
} elseif (Gate::forUser(auth()->user())->denies('update-person', $family)) {
|
||||
abort(Response::HTTP_FORBIDDEN, 'Tidak bisa update karena bukan pemilik!');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -25,6 +25,8 @@ class AuthServiceProvider extends ServiceProvider
|
||||
{
|
||||
$this->registerPolicies();
|
||||
|
||||
//
|
||||
Gate::define('update-person', function ($user, $person) {
|
||||
return $user->id == $person->owner_user_id;
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user