/**
* Store a newly created resource in storage.
*
* @param Request $request
* @param URI int $fact_id
* @return Response
*/
public function store(Request $request, $user_id = null, $fact_id = null)
{
if (!$request->input('tag_name')) {
return $this->respondUnprocessed();
}
$fact = Fact::find($fact_id);
if ($user_id) {
$authUser = Auth::ID();
if ($authUser != $user_id) {
return $this->respondForbidden("Unauthorized: Must be logged to access endpoint");
}
if ($fact->user_id != $user_id) {
return $this->respondForbidden("Unauthorized: Verify you still have access to resource");
}
}
if (!$fact) {
return $this->respondNotFound("Fact Not found");
} else {
$tag_name = $request->input('tag_name');
$tag = Tag::firstOrCreate(['tag_name' => $tag_name]);
if ($tag) {
TaggedFact::create(['fact_id' => $fact_id, 'tag_id' => $tag->id]);
$metadata = ['tag_id' => $tag->id];
return $this->respondCreated("Request Successful", $metadata);
} else {
return $this->respondUnprocessed("Unable to tag the fact");
}
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param int $uri_user_id
* @return mixed
*/
public function handle($request, Closure $next)
{
// User_id URI segment
$user_id = $request->user_id;
if ('testing' === app()->env) {
$user_id = 1;
}
$authUser = Auth::ID();
if ($user_id != $authUser) {
$data = ['error' => ['message' => 'Not authorized to access this resource', 'code' => 403]];
return Response()->json($data, 403);
} else {
return $next($request);
}
}
