チェックインの編集は本人のみ可能

(cherry picked from commit bcb5abb161)
2019-10-14 02:03:57 +09:00 · 2019-10-14 02:03:57 +09:00 · 99a92c6106
parent 4ca6f00c1b
commit 99a92c6106
3 changed files with 43 additions and 0 deletions
--- a/app/Http/Controllers/EjaculationController.php
+++ b/app/Http/Controllers/EjaculationController.php
@ -106,6 +106,10 @@ class EjaculationController extends Controller
    {
        $ejaculation = Ejaculation::findOrFail($id);

+        if (Auth::user()->cant('edit', $ejaculation)) {
+            abort(403);
+        }
+
        return view('ejaculation.edit')->with(compact('ejaculation'));
    }

@ -113,6 +117,10 @@ class EjaculationController extends Controller
    {
        $ejaculation = Ejaculation::findOrFail($id);

+        if (Auth::user()->cant('edit', $ejaculation)) {
+            abort(403);
+        }
+
        $inputs = $request->all();

        $validator = Validator::make($inputs, [
@ -163,6 +171,11 @@ class EjaculationController extends Controller
    public function destroy($id)
    {
        $ejaculation = Ejaculation::findOrFail($id);
+
+        if (Auth::user()->cant('edit', $ejaculation)) {
+            abort(403);
+        }
+
        $user = User::findOrFail($ejaculation->user_id);
        $ejaculation->tags()->detach();
        $ejaculation->delete();
--- a/app/Policies/EjaculationPolicy.php
+++ b/app/Policies/EjaculationPolicy.php
@ -0,0 +1,27 @@
+<?php
+
+namespace App\Policies;
+
+use App\Ejaculation;
+use App\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class EjaculationPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Create a new policy instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+
+    public function edit(User $user, Ejaculation $ejaculation): bool
+    {
+        return $user->id === $ejaculation->user_id;
+    }
+}
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@ -2,6 +2,8 @@

 namespace App\Providers;

+use App\Ejaculation;
+use App\Policies\EjaculationPolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 use Illuminate\Support\Facades\Gate;

@ -14,6 +16,7 @@ class AuthServiceProvider extends ServiceProvider
     */
    protected $policies = [
        'App\Model' => 'App\Policies\ModelPolicy',
+        Ejaculation::class => EjaculationPolicy::class,
    ];

    /**