Пример #1
0
 /**
  * Store a newly created resource in storage.
  *
  * @param  Request  $request
  * @param URI int $fact_id
  * @return Response
  */
 public function store(Request $request, $user_id = null, $fact_id = null)
 {
     if (!$request->input('tag_name')) {
         return $this->respondUnprocessed();
     }
     $fact = Fact::find($fact_id);
     if ($user_id) {
         $authUser = Auth::ID();
         if ($authUser != $user_id) {
             return $this->respondForbidden("Unauthorized: Must be logged to access endpoint");
         }
         if ($fact->user_id != $user_id) {
             return $this->respondForbidden("Unauthorized: Verify you still have access to resource");
         }
     }
     if (!$fact) {
         return $this->respondNotFound("Fact Not found");
     } else {
         $tag_name = $request->input('tag_name');
         $tag = Tag::firstOrCreate(['tag_name' => $tag_name]);
         if ($tag) {
             TaggedFact::create(['fact_id' => $fact_id, 'tag_id' => $tag->id]);
             $metadata = ['tag_id' => $tag->id];
             return $this->respondCreated("Request Successful", $metadata);
         } else {
             return $this->respondUnprocessed("Unable to tag the fact");
         }
     }
 }
Пример #2
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @param int $uri_user_id
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     // User_id URI segment
     $user_id = $request->user_id;
     if ('testing' === app()->env) {
         $user_id = 1;
     }
     $authUser = Auth::ID();
     if ($user_id != $authUser) {
         $data = ['error' => ['message' => 'Not authorized to access this resource', 'code' => 403]];
         return Response()->json($data, 403);
     } else {
         return $next($request);
     }
 }