Refactor UserController to authorization resource

antimech · Nov 8, 2023 · 71c7eca · 71c7eca
1 parent 011a03e
commit 71c7eca
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 15 deletions.
diff --git a/app/Http/Controllers/Posts/UserController.php b/app/Http/Controllers/Posts/UserController.php
@@ -10,6 +10,14 @@
 
 class UserController extends Controller
 {
+    /**
+     * Create the controller instance.
+     */
+    public function __construct()
+    {
+        $this->authorizeResource(Post::class, 'post');
+    }
+
     /**
      * Display a listing of the resource.
      */
@@ -58,27 +66,19 @@ public function show(Post $post): View
 
     /**
      * Show the form for editing the specified resource.
-     *
-     * @throws \Illuminate\Auth\Access\AuthorizationException
      */
     public function edit(Post $post): View
     {
-        $this->authorize('update', $post);
-
         return view('posts.edit', [
             'post' => $post
         ]);
     }
 
     /**
      * Update the specified resource in storage.
-     *
-     * @throws \Illuminate\Auth\Access\AuthorizationException
      */
     public function update(Request $request, Post $post): RedirectResponse
     {
-        $this->authorize('update', $post);
-
         $this->validate($request, [
             'title' => 'required|string|max:255',
             'body' => 'required|string'
@@ -93,13 +93,9 @@ public function update(Request $request, Post $post): RedirectResponse
 
     /**
      * Remove the specified resource from storage.
-     *
-     * @throws \Illuminate\Auth\Access\AuthorizationException
      */
     public function destroy(Post $post): RedirectResponse
     {
-        $this->authorize('forceDelete', $post);
-
         $post->delete();
 
         return redirect()->route('posts.index');

diff --git a/app/Policies/PostPolicy.php b/app/Policies/PostPolicy.php
@@ -13,23 +13,23 @@ class PostPolicy
      */
     public function viewAny(User $user): bool
     {
-        //
+        return true;
     }
 
     /**
      * Determine whether the user can view the model.
      */
     public function view(User $user, Post $post): bool
     {
-        //
+        return true;
     }
 
     /**
      * Determine whether the user can create models.
      */
     public function create(User $user): bool
     {
-        //
+        return true;
     }
 
     /**