update person on update authorization
This commit is contained in:
@@ -5,10 +5,11 @@ namespace Modules\Linksehat\Http\Controllers\Api;
|
|||||||
use App\Helpers\Helper;
|
use App\Helpers\Helper;
|
||||||
use App\Models\File;
|
use App\Models\File;
|
||||||
use App\Models\Person;
|
use App\Models\Person;
|
||||||
use Auth;
|
|
||||||
use Illuminate\Contracts\Support\Renderable;
|
use Illuminate\Contracts\Support\Renderable;
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
use Illuminate\Routing\Controller;
|
use Illuminate\Routing\Controller;
|
||||||
|
use Illuminate\Support\Facades\Auth;
|
||||||
|
use Illuminate\Support\Facades\Gate;
|
||||||
use Modules\Linksehat\Http\Requests\PersonRequest;
|
use Modules\Linksehat\Http\Requests\PersonRequest;
|
||||||
use Modules\Linksehat\Transformers\Person\PersonResource;
|
use Modules\Linksehat\Transformers\Person\PersonResource;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
@@ -88,71 +89,75 @@ class PersonController extends Controller
|
|||||||
* @param int $id
|
* @param int $id
|
||||||
* @return Renderable
|
* @return Renderable
|
||||||
*/
|
*/
|
||||||
public function update(PersonRequest $request, Person $person)
|
public function update(PersonRequest $request, Person $family)
|
||||||
{
|
{
|
||||||
$personData = $request->only([
|
if (Gate::forUser(auth()->user())->allows('update-person', $family)) {
|
||||||
'owner_user_id',
|
$personData = $request->only([
|
||||||
'nik',
|
'owner_user_id',
|
||||||
'name_prefix',
|
'nik',
|
||||||
'name',
|
'name_prefix',
|
||||||
'name_suffix',
|
'name',
|
||||||
'phone',
|
'name_suffix',
|
||||||
'email',
|
'phone',
|
||||||
'gender',
|
'email',
|
||||||
'birth_date',
|
'gender',
|
||||||
'birth_place',
|
'birth_date',
|
||||||
'citizenship',
|
'birth_place',
|
||||||
'current_employment',
|
'citizenship',
|
||||||
'last_education',
|
'current_employment',
|
||||||
'religion',
|
'last_education',
|
||||||
'blood_type',
|
'religion',
|
||||||
'is_deceased',
|
'blood_type',
|
||||||
'deceased_at',
|
'is_deceased',
|
||||||
'marital_status',
|
'deceased_at',
|
||||||
'main_address_id',
|
'marital_status',
|
||||||
'domicile_address_id',
|
'main_address_id',
|
||||||
]);
|
'domicile_address_id',
|
||||||
|
|
||||||
$person->update($personData);
|
|
||||||
|
|
||||||
if ($request->hasFile('user_avatar')) {
|
|
||||||
$pathFileAvatar = File::storeFile('avatar', $person->id, $request->file('user_avatar'));
|
|
||||||
$person->files()->updateOrCreate([
|
|
||||||
'type' => 'avatar',
|
|
||||||
'name' => File::getFileName('avatar', $person->id, $request->file('user_avatar')),
|
|
||||||
'extension' => $request->file('user_avatar')->getClientOriginalExtension(),
|
|
||||||
'path' => $pathFileAvatar,
|
|
||||||
'created_by' => auth()->user()->id,
|
|
||||||
'updated_by' => auth()->user()->id,
|
|
||||||
]);
|
]);
|
||||||
}
|
|
||||||
|
|
||||||
if ($request->hasFile('verification_file')) {
|
$family->update($personData);
|
||||||
$pathFileVerification = File::storeFile('dataDiri', $person->id, $request->file('verification_file'));
|
|
||||||
$person->files()->updateOrCreate([
|
|
||||||
'type' => 'dataDiri',
|
|
||||||
'name' => File::getFileName('dataDiri', $person->id, $request->file('verification_file')),
|
|
||||||
'extension' => $request->file('verification_file')->getClientOriginalExtension(),
|
|
||||||
'path' => $pathFileVerification,
|
|
||||||
'created_by' => auth()->user()->id,
|
|
||||||
'updated_by' => auth()->user()->id,
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($request->has('relation_with_owner')) {
|
if ($request->hasFile('user_avatar')) {
|
||||||
$person->familyOwner()->updateOrCreate([
|
$pathFileAvatar = File::storeFile('avatar', $family->id, $request->file('user_avatar'));
|
||||||
'owner_id' => auth()->user()->person_id,
|
$family->files()->updateOrCreate([
|
||||||
'person_id' => $person->id,
|
'type' => 'avatar',
|
||||||
], [
|
'name' => File::getFileName('avatar', $family->id, $request->file('user_avatar')),
|
||||||
'owner_id' => auth()->user()->person_id,
|
'extension' => $request->file('user_avatar')->getClientOriginalExtension(),
|
||||||
'relation_with_owner' => $request->relation_with_owner,
|
'path' => $pathFileAvatar,
|
||||||
'person_id' => $person->id,
|
'created_by' => auth()->user()->id,
|
||||||
'created_by' => auth()->user()->id,
|
'updated_by' => auth()->user()->id,
|
||||||
'updated_by' => auth()->user()->id,
|
]);
|
||||||
]);
|
}
|
||||||
}
|
|
||||||
|
|
||||||
return Helper::responseJson(data: ['persons' => $person], message: 'Data Berhasil di update');
|
if ($request->hasFile('verification_file')) {
|
||||||
|
$pathFileVerification = File::storeFile('dataDiri', $family->id, $request->file('verification_file'));
|
||||||
|
$family->files()->updateOrCreate([
|
||||||
|
'type' => 'dataDiri',
|
||||||
|
'name' => File::getFileName('dataDiri', $family->id, $request->file('verification_file')),
|
||||||
|
'extension' => $request->file('verification_file')->getClientOriginalExtension(),
|
||||||
|
'path' => $pathFileVerification,
|
||||||
|
'created_by' => auth()->user()->id,
|
||||||
|
'updated_by' => auth()->user()->id,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($request->has('relation_with_owner')) {
|
||||||
|
$family->familyOwner()->updateOrCreate([
|
||||||
|
'owner_id' => auth()->user()->person_id,
|
||||||
|
'person_id' => $family->id,
|
||||||
|
], [
|
||||||
|
'owner_id' => auth()->user()->person_id,
|
||||||
|
'relation_with_owner' => $request->relation_with_owner,
|
||||||
|
'person_id' => $family->id,
|
||||||
|
'created_by' => auth()->user()->id,
|
||||||
|
'updated_by' => auth()->user()->id,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
return Helper::responseJson(data: ['persons' => $family], message: 'Data Berhasil di update');
|
||||||
|
} elseif (Gate::forUser(auth()->user())->denies('update-person', $family)) {
|
||||||
|
abort(Response::HTTP_FORBIDDEN, 'Tidak bisa update karena bukan pemilik!');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -25,6 +25,8 @@ class AuthServiceProvider extends ServiceProvider
|
|||||||
{
|
{
|
||||||
$this->registerPolicies();
|
$this->registerPolicies();
|
||||||
|
|
||||||
//
|
Gate::define('update-person', function ($user, $person) {
|
||||||
|
return $user->id == $person->owner_user_id;
|
||||||
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user