diff --git a/app/BlogPost.php b/app/BlogPost.php
index 3781ea9..09dbe14 100644
--- a/app/BlogPost.php
+++ b/app/BlogPost.php
@@ -3,10 +3,11 @@
namespace App;
use Illuminate\Database\Eloquent\Model;
-use SoftDeletes;
+use Illuminate\Database\Eloquent\SoftDeletes;
class BlogPost extends Model
{
+ use SoftDeletes;
/**
* The attributes that are mass assignable.
@@ -24,6 +25,6 @@ class BlogPost extends Model
*/
public function user()
{
- return $this->belongs('App\User');
+ return $this->belongsTo('App\User');
}
}
diff --git a/app/Http/Controllers/BlogPostController.php b/app/Http/Controllers/BlogPostController.php
index f9fd0da..08eab8c 100644
--- a/app/Http/Controllers/BlogPostController.php
+++ b/app/Http/Controllers/BlogPostController.php
@@ -49,10 +49,10 @@ class BlogPostController extends Controller
/**
* Display the specified resource.
*
- * @param \App\BlogPost $blogPost
+ * @param \App\BlogPost $post
* @return \Illuminate\Http\Response
*/
- public function show(BlogPost $blogPost)
+ public function show(BlogPost $post)
{
//
}
@@ -60,10 +60,10 @@ class BlogPostController extends Controller
/**
* Show the form for editing the specified resource.
*
- * @param \App\BlogPost $blogPost
+ * @param \App\BlogPost $post
* @return \Illuminate\Http\Response
*/
- public function edit(BlogPost $blogPost)
+ public function edit(BlogPost $post)
{
//
}
@@ -72,10 +72,10 @@ class BlogPostController extends Controller
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
- * @param \App\BlogPost $blogPost
+ * @param \App\BlogPost $post
* @return \Illuminate\Http\Response
*/
- public function update(Request $request, BlogPost $blogPost)
+ public function update(Request $request, BlogPost $post)
{
//
}
@@ -83,11 +83,15 @@ class BlogPostController extends Controller
/**
* Remove the specified resource from storage.
*
- * @param \App\BlogPost $blogPost
+ * @param \App\BlogPost $post
* @return \Illuminate\Http\Response
*/
- public function destroy(BlogPost $blogPost)
+ public function destroy(BlogPost $post)
{
- //
+ $this->authorize('delete', $post);
+
+ $post->delete();
+
+ return view('posts.delete', compact('post'));
}
}
diff --git a/app/Http/Controllers/HomeController.php b/app/Http/Controllers/HomeController.php
index 7cbc2c3..6387507 100644
--- a/app/Http/Controllers/HomeController.php
+++ b/app/Http/Controllers/HomeController.php
@@ -3,6 +3,7 @@
namespace App\Http\Controllers;
use Illuminate\Http\Request;
+use Auth;
class HomeController extends Controller
{
@@ -23,6 +24,6 @@ class HomeController extends Controller
*/
public function index()
{
- return view('home');
+ return view('posts.index', ['user' => Auth::user()]);
}
}
diff --git a/app/Policies/BlogPostPolicy.php b/app/Policies/BlogPostPolicy.php
new file mode 100644
index 0000000..d3d5823
--- /dev/null
+++ b/app/Policies/BlogPostPolicy.php
@@ -0,0 +1,99 @@
+deleted_at !== null)
+ {
+ return $user->admin || $user->id === $blogPost->user_id;
+ }
+
+ return true;
+ }
+
+ /**
+ * Determine whether the user can create blog posts.
+ *
+ * @param \App\User $user
+ * @return mixed
+ */
+ public function create(User $user)
+ {
+ return true;
+ }
+
+ /**
+ * Determine whether the user can update the blog post.
+ *
+ * @param \App\User $user
+ * @param \App\BlogPost $blogPost
+ * @return mixed
+ */
+ public function update(User $user, BlogPost $blogPost)
+ {
+ return $user->admin || $user->id === $blogPost->user_id;
+ }
+
+ /**
+ * Determine whether the user can delete the blog post.
+ *
+ * @param \App\User $user
+ * @param \App\BlogPost $blogPost
+ * @return mixed
+ */
+ public function delete(User $user, BlogPost $blogPost)
+ {
+ return $user->admin || $user->id === $blogPost->user_id;
+ }
+
+ /**
+ * Determine whether the user can restore the blog post.
+ *
+ * @param \App\User $user
+ * @param \App\BlogPost $blogPost
+ * @return mixed
+ */
+ public function restore(User $user, BlogPost $blogPost)
+ {
+ return $user->admin || $user->id === $blogPost->user_id;
+ }
+
+ /**
+ * Determine whether the user can permanently delete the blog post.
+ *
+ * @param \App\User $user
+ * @param \App\BlogPost $blogPost
+ * @return mixed
+ */
+ public function forceDelete(User $user, BlogPost $blogPost)
+ {
+ return $user->admin || $user->id === $blogPost->user_id;
+ }
+}
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
index 3049068..a681056 100644
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -5,6 +5,10 @@ namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
+use App\BlogPost;
+use App\Policies\BlogPostPolicy;
+use Illuminate\Auth\SessionGuard;
+
class AuthServiceProvider extends ServiceProvider
{
/**
@@ -13,7 +17,7 @@ class AuthServiceProvider extends ServiceProvider
* @var array
*/
protected $policies = [
- // 'App\Model' => 'App\Policies\ModelPolicy',
+ BlogPost::class => BlogPostPolicy::class,
];
/**
@@ -24,7 +28,12 @@ class AuthServiceProvider extends ServiceProvider
public function boot()
{
$this->registerPolicies();
+ }
- //
+ public function register()
+ {
+ SessionGuard::macro('admin', function () {
+ return \Auth::user()->admin;
+ });
}
}
diff --git a/database/migrations/2014_10_12_000000_create_users_table.php b/database/migrations/2014_10_12_000000_create_users_table.php
index 3d36745..be5b6bb 100644
--- a/database/migrations/2014_10_12_000000_create_users_table.php
+++ b/database/migrations/2014_10_12_000000_create_users_table.php
@@ -15,7 +15,7 @@ class CreateUsersTable extends Migration
{
Schema::create('users', function (Blueprint $table) {
$table->bigIncrements('id');
-
+
$table->string('username', 30)
->unique();
@@ -23,6 +23,10 @@ class CreateUsersTable extends Migration
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
+
+ $table->boolean('admin')
+ ->default(false);
+
$table->rememberToken();
$table->timestamps();
});
diff --git a/database/seeds/DatabaseSeeder.php b/database/seeds/DatabaseSeeder.php
index 91cb6d1..bb8120b 100644
--- a/database/seeds/DatabaseSeeder.php
+++ b/database/seeds/DatabaseSeeder.php
@@ -11,6 +11,7 @@ class DatabaseSeeder extends Seeder
*/
public function run()
{
- // $this->call(UsersTableSeeder::class);
+ $this->call(UserSeeder::class);
+ $this->call(BlogPostSeeder::class);
}
}
diff --git a/database/seeds/UserSeeder.php b/database/seeds/UserSeeder.php
new file mode 100644
index 0000000..26975d8
--- /dev/null
+++ b/database/seeds/UserSeeder.php
@@ -0,0 +1,35 @@
+ 'Alex Thomassen',
+ 'martin' => 'Martin Onsrud',
+ 'stian' => 'Stian Larsen',
+ 'oyvind' => 'Øyvind Finsrud',
+ ];
+
+ foreach ($users as $username => $name)
+ {
+ $user = new User;
+ $user->username = $username;
+ $user->name = $name;
+ $user->email = $username . '@example.com';
+ $user->password = Hash::make('Kaffekopp123');
+ $user->admin = true;
+
+ $user->save();
+ }
+ }
+}
diff --git a/resources/views/errors/401.blade.php b/resources/views/errors/401.blade.php
new file mode 100644
index 0000000..5c586db
--- /dev/null
+++ b/resources/views/errors/401.blade.php
@@ -0,0 +1,5 @@
+@extends('errors::minimal')
+
+@section('title', __('Unauthorized'))
+@section('code', '401')
+@section('message', __('Unauthorized'))
diff --git a/resources/views/errors/403.blade.php b/resources/views/errors/403.blade.php
new file mode 100644
index 0000000..a5506f0
--- /dev/null
+++ b/resources/views/errors/403.blade.php
@@ -0,0 +1,5 @@
+@extends('errors::minimal')
+
+@section('title', __('Forbidden'))
+@section('code', '403')
+@section('message', __($exception->getMessage() ?: 'Forbidden'))
diff --git a/resources/views/errors/404.blade.php b/resources/views/errors/404.blade.php
new file mode 100644
index 0000000..7549540
--- /dev/null
+++ b/resources/views/errors/404.blade.php
@@ -0,0 +1,5 @@
+@extends('errors::minimal')
+
+@section('title', __('Not Found'))
+@section('code', '404')
+@section('message', __('Not Found'))
diff --git a/resources/views/errors/419.blade.php b/resources/views/errors/419.blade.php
new file mode 100644
index 0000000..c09216e
--- /dev/null
+++ b/resources/views/errors/419.blade.php
@@ -0,0 +1,5 @@
+@extends('errors::minimal')
+
+@section('title', __('Page Expired'))
+@section('code', '419')
+@section('message', __('Page Expired'))
diff --git a/resources/views/errors/429.blade.php b/resources/views/errors/429.blade.php
new file mode 100644
index 0000000..f01b07b
--- /dev/null
+++ b/resources/views/errors/429.blade.php
@@ -0,0 +1,5 @@
+@extends('errors::minimal')
+
+@section('title', __('Too Many Requests'))
+@section('code', '429')
+@section('message', __('Too Many Requests'))
diff --git a/resources/views/errors/500.blade.php b/resources/views/errors/500.blade.php
new file mode 100644
index 0000000..d9e95d9
--- /dev/null
+++ b/resources/views/errors/500.blade.php
@@ -0,0 +1,5 @@
+@extends('errors::minimal')
+
+@section('title', __('Server Error'))
+@section('code', '500')
+@section('message', __('Server Error'))
diff --git a/resources/views/errors/503.blade.php b/resources/views/errors/503.blade.php
new file mode 100644
index 0000000..acd3810
--- /dev/null
+++ b/resources/views/errors/503.blade.php
@@ -0,0 +1,5 @@
+@extends('errors::minimal')
+
+@section('title', __('Service Unavailable'))
+@section('code', '503')
+@section('message', __($exception->getMessage() ?: 'Service Unavailable'))
diff --git a/resources/views/errors/illustrated-layout.blade.php b/resources/views/errors/illustrated-layout.blade.php
new file mode 100644
index 0000000..64eb7cb
--- /dev/null
+++ b/resources/views/errors/illustrated-layout.blade.php
@@ -0,0 +1,486 @@
+
+
+
+
+
+
+ @yield('title')
+
+
+
+
+
+
+
+
+
+
+
+
+
+ @yield('image')
+
+
+
+
+ @yield('message')
+
+
+
+
+ @yield('code')
+
+
+
+ @yield('message')
+
+
+
Post deleted!
+
Title: {{ $post->title }}
+
ID: {{ $post->id }}
+
@markdown($post->body)
-
- Created: {{ $post->created_at }}
- @if ($post->created_at->diffInSeconds($post->updated_at) > 1)
- | Last updated: {{ $post->updated_at }}
+
+
+
+ Created: {{ $post->created_at }}
+ @if ($post->created_at->diffInSeconds($post->updated_at) > 1)
+ | Last updated: {{ $post->updated_at }}
+ @endif
+
+
+ @can('delete', $post)
+
+
+
+ @endcan
+
+
+ @auth
+ @if (Auth::admin() && Auth::id() !== $user->id)
+
+
+ Be careful! You have permissions to delete all blog posts, so keep that in mind before clicking on buttons.
+
@endif
-
+ @endauth
@endforeach
@endif
diff --git a/routes/web.php b/routes/web.php
index 75508e3..5f35e60 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -19,6 +19,8 @@ Auth::routes();
Route::get('/home', 'HomeController@index')->name('home');
-Route::group(['prefix' => 'posts'], function() {
- Route::get('/u/{username}', ['uses' => 'BlogPostController@index']);
+Route::group(['prefix' => 'posts', 'as' => 'posts.'], function() {
+ Route::get('/u/{username}', ['as' => 'index', 'uses' => 'BlogPostController@index']);
+
+ Route::delete('/delete/{post}', ['as' => 'delete', 'uses' => 'BlogPostController@destroy']);
});