OmarElGabry /
lumen-api-oauth
@@ -2,7 +2,7 @@ discard block |
||
| 2 | 2 | |
| 3 | 3 | use Illuminate\Database\Eloquent\Model; |
| 4 | 4 | |
| 5 | -class Comment extends Model{ |
|
| 5 | +class Comment extends Model { |
|
| 6 | 6 | |
| 7 | 7 | /** |
| 8 | 8 | * The attributes that are mass assignable. |
@@ -16,14 +16,14 @@ discard block |
||
| 16 | 16 | * |
| 17 | 17 | * @var array |
| 18 | 18 | */ |
| 19 | - protected $hidden = ['created_at', 'updated_at']; |
|
| 19 | + protected $hidden = ['created_at', 'updated_at']; |
|
| 20 | 20 | |
| 21 | 21 | /** |
| 22 | 22 | * Define an inverse one-to-many relationship with App\Post. |
| 23 | 23 | * |
| 24 | 24 | * @return \Illuminate\Database\Eloquent\Relations\BelongsTo |
| 25 | 25 | */ |
| 26 | - public function post(){ |
|
| 26 | + public function post() { |
|
| 27 | 27 | return $this->belongsTo('App\Post'); |
| 28 | 28 | } |
| 29 | 29 | |
@@ -48,15 +48,15 @@ |
||
| 48 | 48 | */ |
| 49 | 49 | public function render($request, Exception $e) |
| 50 | 50 | { |
| 51 | - if(env('APP_DEBUG')){ |
|
| 51 | + if (env('APP_DEBUG')) { |
|
| 52 | 52 | return parent::render($request, $e); |
| 53 | 53 | } |
| 54 | 54 | |
| 55 | - if($e instanceof NotFoundHttpException){ |
|
| 55 | + if ($e instanceof NotFoundHttpException) { |
|
| 56 | 56 | return response()->json(['message' => 'Bad Request', 'code' => 400], 400); |
| 57 | 57 | } |
| 58 | 58 | |
| 59 | - if($e instanceof MethodNotAllowedHttpException){ |
|
| 59 | + if ($e instanceof MethodNotAllowedHttpException) { |
|
| 60 | 60 | return response()->json(['message' => 'Not Found', 'code' => 404], 404); |
| 61 | 61 | } |
| 62 | 62 | |
@@ -2,7 +2,7 @@ discard block |
||
| 2 | 2 | |
| 3 | 3 | use Illuminate\Database\Eloquent\Model; |
| 4 | 4 | |
| 5 | -class Post extends Model{ |
|
| 5 | +class Post extends Model { |
|
| 6 | 6 | |
| 7 | 7 | /** |
| 8 | 8 | * The attributes that are mass assignable. |
@@ -16,14 +16,14 @@ discard block |
||
| 16 | 16 | * |
| 17 | 17 | * @var array |
| 18 | 18 | */ |
| 19 | - protected $hidden = ['created_at', 'updated_at']; |
|
| 19 | + protected $hidden = ['created_at', 'updated_at']; |
|
| 20 | 20 | |
| 21 | 21 | /** |
| 22 | 22 | * Define a one-to-many relationship with App\Comment |
| 23 | 23 | * |
| 24 | 24 | * @return \Illuminate\Database\Eloquent\Relations\HasMany |
| 25 | 25 | */ |
| 26 | - public function comments(){ |
|
| 26 | + public function comments() { |
|
| 27 | 27 | return $this->hasMany('App\Comment'); |
| 28 | 28 | } |
| 29 | 29 | |
@@ -56,7 +56,7 @@ discard block |
||
| 56 | 56 | * @param array $arguments |
| 57 | 57 | * @return boolean |
| 58 | 58 | */ |
| 59 | - private function isOwner($arguments = []){ |
|
| 59 | + private function isOwner($arguments = []) { |
|
| 60 | 60 | |
| 61 | 61 | foreach ($arguments as $resource => $actions) { |
| 62 | 62 | foreach ($actions as $action) { |
@@ -67,9 +67,9 @@ discard block |
||
| 67 | 67 | // } |
| 68 | 68 | // }); |
| 69 | 69 | |
| 70 | - Gate::define($this->ability($action, $resource), function ($user, $arg) { |
|
| 70 | + Gate::define($this->ability($action, $resource), function($user, $arg) { |
|
| 71 | 71 | |
| 72 | - if(is_null($arg)) { return false; } |
|
| 72 | + if (is_null($arg)) { return false; } |
|
| 73 | 73 | |
| 74 | 74 | return $arg->user_id === $user->id || $user->is_admin; |
| 75 | 75 | }); |
@@ -83,11 +83,11 @@ discard block |
||
| 83 | 83 | * @param array $arguments |
| 84 | 84 | * @return boolean |
| 85 | 85 | */ |
| 86 | - private function isAdmin($arguments){ |
|
| 86 | + private function isAdmin($arguments) { |
|
| 87 | 87 | |
| 88 | 88 | foreach ($arguments as $resource => $actions) { |
| 89 | 89 | foreach ($actions as $action) { |
| 90 | - Gate::define($this->ability($action, $resource), function ($user) { |
|
| 90 | + Gate::define($this->ability($action, $resource), function($user) { |
|
| 91 | 91 | return $user->is_admin; |
| 92 | 92 | }); |
| 93 | 93 | } |
@@ -101,7 +101,7 @@ discard block |
||
| 101 | 101 | * @param string $resource |
| 102 | 102 | * @return string |
| 103 | 103 | */ |
| 104 | - private function ability($action, $resource){ |
|
| 104 | + private function ability($action, $resource) { |
|
| 105 | 105 | return "{$action}-{$resource}"; |
| 106 | 106 | } |
| 107 | 107 | |
@@ -11,11 +11,11 @@ |
||
| 11 | 11 | * @param \Closure $next |
| 12 | 12 | * @return mixed |
| 13 | 13 | */ |
| 14 | - public function handle($request, Closure $next, $controller){ |
|
| 14 | + public function handle($request, Closure $next, $controller) { |
|
| 15 | 15 | |
| 16 | 16 | $controller = new $controller(); |
| 17 | 17 | |
| 18 | - if(!$controller->isAuthorized($request)){ |
|
| 18 | + if (!$controller->isAuthorized($request)) { |
|
| 19 | 19 | return $controller->error("You aren't allowed to perform the requested action", 403); |
| 20 | 20 | } |
| 21 | 21 | |
@@ -2,19 +2,19 @@ |
||
| 2 | 2 | |
| 3 | 3 | use App\Comment; |
| 4 | 4 | |
| 5 | -class CommentController extends Controller{ |
|
| 5 | +class CommentController extends Controller { |
|
| 6 | 6 | |
| 7 | - public function index(){ |
|
| 7 | + public function index() { |
|
| 8 | 8 | |
| 9 | 9 | $comments = Comment::all(); |
| 10 | 10 | return $this->success($comments, 200); |
| 11 | 11 | } |
| 12 | 12 | |
| 13 | - public function show($id){ |
|
| 13 | + public function show($id) { |
|
| 14 | 14 | |
| 15 | 15 | $comment = Comment::find($id); |
| 16 | 16 | |
| 17 | - if(!$comment){ |
|
| 17 | + if (!$comment) { |
|
| 18 | 18 | return $this->error("The comment with {$id} doesn't exist", 404); |
| 19 | 19 | } |
| 20 | 20 | |
@@ -4,21 +4,21 @@ discard block |
||
| 4 | 4 | |
| 5 | 5 | use Illuminate\Http\Request; |
| 6 | 6 | |
| 7 | -class PostController extends Controller{ |
|
| 7 | +class PostController extends Controller { |
|
| 8 | 8 | |
| 9 | - public function __construct(){ |
|
| 9 | + public function __construct() { |
|
| 10 | 10 | |
| 11 | 11 | $this->middleware('oauth', ['except' => ['index', 'show']]); |
| 12 | 12 | $this->middleware('authorize:' . __CLASS__, ['except' => ['index', 'show', 'store']]); |
| 13 | 13 | } |
| 14 | 14 | |
| 15 | - public function index(){ |
|
| 15 | + public function index() { |
|
| 16 | 16 | |
| 17 | 17 | $posts = Post::all(); |
| 18 | 18 | return $this->success($posts, 200); |
| 19 | 19 | } |
| 20 | 20 | |
| 21 | - public function store(Request $request){ |
|
| 21 | + public function store(Request $request) { |
|
| 22 | 22 | |
| 23 | 23 | $this->validateRequest($request); |
| 24 | 24 | |
@@ -31,28 +31,28 @@ discard block |
||
| 31 | 31 | return $this->success("The post with with id {$post->id} has been created", 201); |
| 32 | 32 | } |
| 33 | 33 | |
| 34 | - public function show($id){ |
|
| 34 | + public function show($id) { |
|
| 35 | 35 | |
| 36 | 36 | $post = Post::find($id); |
| 37 | 37 | |
| 38 | - if(!$post){ |
|
| 38 | + if (!$post) { |
|
| 39 | 39 | return $this->error("The post with {$id} doesn't exist", 404); |
| 40 | 40 | } |
| 41 | 41 | |
| 42 | 42 | return $this->success($post, 200); |
| 43 | 43 | } |
| 44 | 44 | |
| 45 | - public function update(Request $request, $id){ |
|
| 45 | + public function update(Request $request, $id) { |
|
| 46 | 46 | |
| 47 | 47 | $post = Post::find($id); |
| 48 | 48 | |
| 49 | - if(!$post){ |
|
| 49 | + if (!$post) { |
|
| 50 | 50 | return $this->error("The post with {$id} doesn't exist", 404); |
| 51 | 51 | } |
| 52 | 52 | |
| 53 | 53 | $this->validateRequest($request); |
| 54 | 54 | |
| 55 | - $post->title = $request->get('title'); |
|
| 55 | + $post->title = $request->get('title'); |
|
| 56 | 56 | $post->content = $request->get('content'); |
| 57 | 57 | $post->user_id = $this->getUserId(); |
| 58 | 58 | |
@@ -61,11 +61,11 @@ discard block |
||
| 61 | 61 | return $this->success("The post with with id {$post->id} has been updated", 200); |
| 62 | 62 | } |
| 63 | 63 | |
| 64 | - public function destroy($id){ |
|
| 64 | + public function destroy($id) { |
|
| 65 | 65 | |
| 66 | 66 | $post = Post::find($id); |
| 67 | 67 | |
| 68 | - if(!$post){ |
|
| 68 | + if (!$post) { |
|
| 69 | 69 | return $this->error("The post with {$id} doesn't exist", 404); |
| 70 | 70 | } |
| 71 | 71 | |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | return $this->success("The post with with id {$id} has been deleted along with it's comments", 200); |
| 78 | 78 | } |
| 79 | 79 | |
| 80 | - public function validateRequest(Request $request){ |
|
| 80 | + public function validateRequest(Request $request) { |
|
| 81 | 81 | |
| 82 | 82 | $rules = [ |
| 83 | 83 | 'title' => 'required', |
@@ -87,7 +87,7 @@ discard block |
||
| 87 | 87 | $this->validate($request, $rules); |
| 88 | 88 | } |
| 89 | 89 | |
| 90 | - public function isAuthorized(Request $request){ |
|
| 90 | + public function isAuthorized(Request $request) { |
|
| 91 | 91 | |
| 92 | 92 | $resource = "posts"; |
| 93 | 93 | $post = Post::find($this->getArgs($request)["post_id"]); |
@@ -5,7 +5,7 @@ discard block |
||
| 5 | 5 | use App\User; |
| 6 | 6 | use Gate; |
| 7 | 7 | |
| 8 | -class Controller extends BaseController{ |
|
| 8 | +class Controller extends BaseController { |
|
| 9 | 9 | |
| 10 | 10 | /** |
| 11 | 11 | * Return a JSON response for success. |
@@ -14,7 +14,7 @@ discard block |
||
| 14 | 14 | * @param string $code |
| 15 | 15 | * @return \Illuminate\Http\JsonResponse |
| 16 | 16 | */ |
| 17 | - public function success($data, $code){ |
|
| 17 | + public function success($data, $code) { |
|
| 18 | 18 | return response()->json(['data' => $data], $code); |
| 19 | 19 | } |
| 20 | 20 | |
@@ -25,7 +25,7 @@ discard block |
||
| 25 | 25 | * @param string $code |
| 26 | 26 | * @return \Illuminate\Http\JsonResponse |
| 27 | 27 | */ |
| 28 | - public function error($message, $code){ |
|
| 28 | + public function error($message, $code) { |
|
| 29 | 29 | return response()->json(['message' => $message], $code); |
| 30 | 30 | } |
| 31 | 31 | |
@@ -38,10 +38,10 @@ discard block |
||
| 38 | 38 | * @return boolean |
| 39 | 39 | * @see https://lumen.laravel.com/docs/authorization |
| 40 | 40 | */ |
| 41 | - protected function authorizeUser(Request $request, $resource, $arguments = []){ |
|
| 41 | + protected function authorizeUser(Request $request, $resource, $arguments = []) { |
|
| 42 | 42 | |
| 43 | - $user = User::find($this->getUserId()); |
|
| 44 | - $action = $this->getAction($request); |
|
| 43 | + $user = User::find($this->getUserId()); |
|
| 44 | + $action = $this->getAction($request); |
|
| 45 | 45 | |
| 46 | 46 | // The ability string must match the string defined in App\Providers\AuthServiceProvider\ability() |
| 47 | 47 | $ability = "{$action}-{$resource}"; |
@@ -59,7 +59,7 @@ discard block |
||
| 59 | 59 | * @param \Illuminate\Http\Request $request |
| 60 | 60 | * @return bool |
| 61 | 61 | */ |
| 62 | - public function isAuthorized(Request $request){ |
|
| 62 | + public function isAuthorized(Request $request) { |
|
| 63 | 63 | return false; |
| 64 | 64 | } |
| 65 | 65 | |
@@ -74,7 +74,7 @@ discard block |
||
| 74 | 74 | * |
| 75 | 75 | * @throws LucaDegasperi\OAuth2Server\Exceptions\NoActiveAccessTokenException |
| 76 | 76 | */ |
| 77 | - protected function getUserId(){ |
|
| 77 | + protected function getUserId() { |
|
| 78 | 78 | return \LucaDegasperi\OAuth2Server\Facades\Authorizer::getResourceOwnerId(); |
| 79 | 79 | } |
| 80 | 80 | |
@@ -84,7 +84,7 @@ discard block |
||
| 84 | 84 | * @param \Illuminate\Http\Request $request |
| 85 | 85 | * @return string |
| 86 | 86 | */ |
| 87 | - protected function getAction(Request $request){ |
|
| 87 | + protected function getAction(Request $request) { |
|
| 88 | 88 | return explode('@', $request->route()[1]["uses"], 2)[1]; |
| 89 | 89 | } |
| 90 | 90 | |
@@ -94,7 +94,7 @@ discard block |
||
| 94 | 94 | * @param \Illuminate\Http\Request $request |
| 95 | 95 | * @return array |
| 96 | 96 | */ |
| 97 | - protected function getArgs(Request $request){ |
|
| 97 | + protected function getArgs(Request $request) { |
|
| 98 | 98 | return $request->route()[2]; |
| 99 | 99 | } |
| 100 | 100 | } |
@@ -5,19 +5,19 @@ discard block |
||
| 5 | 5 | |
| 6 | 6 | use Illuminate\Http\Request; |
| 7 | 7 | |
| 8 | -class PostCommentController extends Controller{ |
|
| 8 | +class PostCommentController extends Controller { |
|
| 9 | 9 | |
| 10 | - public function __construct(){ |
|
| 10 | + public function __construct() { |
|
| 11 | 11 | |
| 12 | 12 | $this->middleware('oauth', ['except' => ['index', 'show']]); |
| 13 | 13 | $this->middleware('authorize:' . __CLASS__, ['except' => ['index', 'show', 'store']]); |
| 14 | 14 | } |
| 15 | 15 | |
| 16 | - public function index($post_id){ |
|
| 16 | + public function index($post_id) { |
|
| 17 | 17 | |
| 18 | 18 | $post = Post::find($post_id); |
| 19 | 19 | |
| 20 | - if(!$post){ |
|
| 20 | + if (!$post) { |
|
| 21 | 21 | return $this->error("The post with {$post_id} doesn't exist", 404); |
| 22 | 22 | } |
| 23 | 23 | |
@@ -25,11 +25,11 @@ discard block |
||
| 25 | 25 | return $this->success($comments, 200); |
| 26 | 26 | } |
| 27 | 27 | |
| 28 | - public function store(Request $request, $post_id){ |
|
| 28 | + public function store(Request $request, $post_id) { |
|
| 29 | 29 | |
| 30 | 30 | $post = Post::find($post_id); |
| 31 | 31 | |
| 32 | - if(!$post){ |
|
| 32 | + if (!$post) { |
|
| 33 | 33 | return $this->error("The post with {$post_id} doesn't exist", 404); |
| 34 | 34 | } |
| 35 | 35 | |
@@ -44,12 +44,12 @@ discard block |
||
| 44 | 44 | return $this->success("The comment with id {$comment->id} has been created and assigned to the post with id {$post_id}", 201); |
| 45 | 45 | } |
| 46 | 46 | |
| 47 | - public function update(Request $request, $post_id, $comment_id){ |
|
| 47 | + public function update(Request $request, $post_id, $comment_id) { |
|
| 48 | 48 | |
| 49 | - $comment = Comment::find($comment_id); |
|
| 50 | - $post = Post::find($post_id); |
|
| 49 | + $comment = Comment::find($comment_id); |
|
| 50 | + $post = Post::find($post_id); |
|
| 51 | 51 | |
| 52 | - if(!$comment || !$post){ |
|
| 52 | + if (!$comment || !$post) { |
|
| 53 | 53 | return $this->error("The comment with {$comment_id} or the post with id {$post_id} doesn't exist", 404); |
| 54 | 54 | } |
| 55 | 55 | |
@@ -64,16 +64,16 @@ discard block |
||
| 64 | 64 | return $this->success("The comment with with id {$comment->id} has been updated", 200); |
| 65 | 65 | } |
| 66 | 66 | |
| 67 | - public function destroy($post_id, $comment_id){ |
|
| 67 | + public function destroy($post_id, $comment_id) { |
|
| 68 | 68 | |
| 69 | - $comment = Comment::find($comment_id); |
|
| 70 | - $post = Post::find($post_id); |
|
| 69 | + $comment = Comment::find($comment_id); |
|
| 70 | + $post = Post::find($post_id); |
|
| 71 | 71 | |
| 72 | - if(!$comment || !$post){ |
|
| 72 | + if (!$comment || !$post) { |
|
| 73 | 73 | return $this->error("The comment with {$comment_id} or the post with id {$post_id} doesn't exist", 404); |
| 74 | 74 | } |
| 75 | 75 | |
| 76 | - if(!$post->comments()->find($comment_id)){ |
|
| 76 | + if (!$post->comments()->find($comment_id)) { |
|
| 77 | 77 | return $this->error("The comment with id {$comment_id} isn't assigned to the post with id {$post_id}", 409); |
| 78 | 78 | } |
| 79 | 79 | |
@@ -82,7 +82,7 @@ discard block |
||
| 82 | 82 | return $this->success("The comment with id {$comment_id} has been removed of the post {$post_id}", 200); |
| 83 | 83 | } |
| 84 | 84 | |
| 85 | - public function validateRequest(Request $request){ |
|
| 85 | + public function validateRequest(Request $request) { |
|
| 86 | 86 | |
| 87 | 87 | $rules = [ |
| 88 | 88 | 'content' => 'required' |
@@ -91,7 +91,7 @@ discard block |
||
| 91 | 91 | $this->validate($request, $rules); |
| 92 | 92 | } |
| 93 | 93 | |
| 94 | - public function isAuthorized(Request $request){ |
|
| 94 | + public function isAuthorized(Request $request) { |
|
| 95 | 95 | |
| 96 | 96 | $resource = "comments"; |
| 97 | 97 | $comment = Comment::find($this->getArgs($request)["comment_id"]); |
