Feature/policy collections update (#22)

* Develop (#14)

* Added Created, Updated and Deleted events, Moved request to each method to allow overloading:

* Apply fixes from StyleCI

* Scrutinizer updates

* Update controller.stub

* Feature/requests mapping (#13)

* Event accepts request object and any type of request can now be pushed through

* Apply fixes from StyleCI (#12)

* Request should have a constructor for instances with models

* Update BaseRepository.php

* Apply fixes from StyleCI (#15)

* Fixed namespace type declaration

* Fixed namespace type declaration

* Fixed namespace type declaration

* Develop To Master (#16)

* Added Created, Updated and Deleted events, Moved request to each method to allow overloading:

* Apply fixes from StyleCI

* Scrutinizer updates

* Update controller.stub

* Feature/requests mapping (#13)

* Event accepts request object and any type of request can now be pushed through

* Apply fixes from StyleCI (#12)

* Request should have a constructor for instances with models

* Update BaseRepository.php

* Apply fixes from StyleCI (#15)

* Fixed namespace type declaration

* Fixed namespace type declaration

* Fixed namespace type declaration

* Added resource collections and policy check.

* Updated Readme

* Formatting

* Apply fixes from StyleCI (#20)

* Scrutinizer fixes - deprecation / namesapce

* Added middleware and query qualifiers

* Policy Update

* Post adding new and artisan updated, code cleanup

* Apply fixes from StyleCI (#21)

* Scrutiniser fixes

* Put now handles relations

* Fix return types

* Minor updates to fix relationships and make command

* Sanke case vs camel case

* Apply fixes from StyleCI (#23)

* Minor bugfix for case sensitifity

* Fixed make command

* model is static

* Apply fixes from StyleCI (#24)

* Scrutiniser fixes

* Apply fixes from StyleCI (#25)

Author: phpsa

README.md

@@ -54,6 +54,13 @@ Generate with `php artisan make:policy PostPolicy --model=Post`
 * Put Update - calls the `update` policy
 * Delete item - calls the `delete` policy
 
+Query/Data modifiers in policies for the api endpoints
+
+* `qualifyCollectionQueryWithUser($user, $repository)` -> return void - add any queries to the repository (ie ->where('x','))
+* `qualifyItemQueryWithUser($user, $repository)`-> return void - add any queries to the repository (ie ->where('x','))
+* `qualifyStoreDataWithUser($data)` - return the updated data array
+* `qualifyUpdateDataWithUser($data)` - return the updated data array
+
 ## Resources / Collections (Transforming)
  Resources: https://laravel.com/docs/6.x/eloquent-resources
 

src/Contracts/ModelRepository.php

@@ -0,0 +1,107 @@
+<?php
+
+namespace Phpsa\LaravelApiController\Contracts;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Schema;
+use Phpsa\LaravelApiController\Exceptions\ApiException;
+use Phpsa\LaravelApiController\Repository\BaseRepository;
+
+trait ModelRepository
+{
+    /**
+     * Eloquent model instance.
+     *
+     * @var mixed|Model instance
+     */
+    protected static $model;
+
+    /**
+     * Repository instance.
+     *
+     * @var mixed|BaseRepository
+     */
+    protected $repository;
+
+    /**
+     * Holds the available table columns.
+     *
+     * @var array
+     */
+    protected $tableColumns = [];
+
+    /**
+     * @throws ApiException
+     */
+    protected function makeModel(): void
+    {
+        $model = resolve($this->model());
+
+        if (! $model instanceof Model) {
+            throw new ApiException("Class {$this->model()} must be an instance of ".Model::class);
+        }
+
+        self::$model = $model;
+    }
+
+    /**
+     * Creates our repository linkage.
+     */
+    protected function makeRepository()
+    {
+        $this->repository = BaseRepository::withModel($this->model());
+    }
+
+    /**
+     * Set which columns area available in the model.
+     *
+     * @param Model $model
+     */
+    protected function setTableColumns(?Model $model = null): void
+    {
+        if (is_null($model)) {
+            $model = self::$model;
+        }
+        $table = $model->getTable();
+        $this->tableColumns[$table] = Schema::getColumnListing($table);
+    }
+
+    /**
+     * gets avaialble columns for the table.
+     *
+     * @param Model $model
+     *
+     * @return array
+     */
+    protected function getTableColumns(?Model $model = null): array
+    {
+        if (is_null($model)) {
+            $model = self::$model;
+        }
+
+        $table = $model->getTable();
+
+        if (! isset($this->tableColumns[$table])) {
+            $this->setTableColumns($model);
+        }
+
+        return $this->tableColumns[$table];
+    }
+
+    /**
+     * Eloquent model.
+     *
+     * @return string (model classname)
+     */
+    abstract protected function model();
+
+    /**
+     * Unguard eloquent model if needed.
+     */
+    protected function unguardIfNeeded()
+    {
+        if ($this->unguard) {
+            self::$model->unguard();
+        }
+    }
+}

src/Traits/Parser.php renamed to src/Contracts/Parser.php

@@ -1,10 +1,9 @@
 <?php
 
-namespace Phpsa\LaravelApiController\Traits;
+namespace Phpsa\LaravelApiController\Contracts;
 
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Support\Facades\Schema;
 use Phpsa\LaravelApiController\Exceptions\UnknownColumnException;
+use Phpsa\LaravelApiController\UriParser;
 
 trait Parser
 {
@@ -13,55 +12,21 @@ trait Parser
      *
      * @var \Phpsa\LaravelApiController\UriParser
      */
-    protected $uriParser;
+    protected static $uriParser;
 
-    /**
-     * Holds the available table columns.
-     *
-     * @var array
-     */
-    protected $tableColumns = [];
-
-    /**
-     * Set which columns area available in the model.
-     *
-     * @param Model $model
-     */
-    protected function setTableColumns(Model $model = null) : void
+    protected function getUriParser($request)
     {
-        if (null === $model) {
-            $model = $this->model;
+        if (is_null(self::$uriParser)) {
+            self::$uriParser = new UriParser($request, config('laravel-api-controller.parameters.filter'));
         }
-        $table = $model->getTable();
-        $this->tableColumns[$table] = Schema::getColumnListing($table);
-    }
 
-    /**
-     * gets avaialble columns for the table.
-     *
-     * @param Model $model
-     *
-     * @return array
-     */
-    protected function getTableColumns(Model $model = null) : array
-    {
-        if (null === $model) {
-            $model = $this->model;
-        }
-
-        $table = $model->getTable();
-
-        if (! isset($this->tableColumns[$table])) {
-            $this->setTableColumns($model);
-        }
-
-        return $this->tableColumns[$table];
+        return self::$uriParser;
     }
 
     /**
      * Parses our include joins.
      */
-    protected function parseIncludeParams() : void
+    protected function parseIncludeParams(): void
     {
         $field = config('laravel-api-controller.parameters.include');
 
@@ -77,8 +42,11 @@ protected function parseIncludeParams() : void
 
         $withs = explode(',', $includes);
 
+        /** @scrutinizer ignore-call */
+        $withs = $this->filterAllowedIncludes($withs);
+
         foreach ($withs as $idx => $with) {
-            $sub = $this->model->{$with}()->getRelated();
+            $sub = self::$model->{$with}()->getRelated();
             $fields = $this->getIncludesFields($with);
 
             if (! empty($fields)) {
@@ -93,19 +61,21 @@ protected function parseIncludeParams() : void
     /**
      * Parses our sort parameters.
      */
-    protected function parseSortParams() : void
+    protected function parseSortParams(): void
     {
         $sorts = $this->getSortValue();
 
         foreach ($sorts as $sort) {
             $sortP = explode(' ', $sort);
             $sortF = $sortP[0];
 
-            if (empty($sortF) || ! in_array($sortF, $this->getTableColumns())) {
+            /** @scrutinizer ignore-call */
+            $tableColumns = $this->getTableColumns();
+            if (empty($sortF) || ! in_array($sortF, $tableColumns)) {
                 continue;
             }
 
-            $sortD = ! empty($sortP[1]) && strtolower($sortP[1]) == 'desc' ? 'desc' : 'asc';
+            $sortD = ! empty($sortP[1]) && strtolower($sortP[1]) === 'desc' ? 'desc' : 'asc';
             $this->repository->orderBy($sortF, $sortD);
         }
     }
@@ -115,7 +85,7 @@ protected function parseSortParams() : void
      *
      * @returns array
      */
-    protected function getSortValue() : array
+    protected function getSortValue(): array
     {
         $field = config('laravel-api-controller.parameters.sort');
         $sort = $field && $this->request->has($field) ? $this->request->input($field) : $this->defaultSort;
@@ -130,19 +100,22 @@ protected function getSortValue() : array
     /**
      * parses our filter parameters.
      */
-    protected function parseFilterParams() : void
+    protected function parseFilterParams(): void
     {
-        $where = $this->uriParser->whereParameters();
+        $where = self::$uriParser->whereParameters();
 
         if (empty($where)) {
             return;
         }
 
+        /** @scrutinizer ignore-call */
+        $tableColumns = $this->getTableColumns();
+
         foreach ($where as $whr) {
             if (strpos($whr['key'], '.') > 0) {
                 //@TODO: test if exists in the withs, if not continue out to exclude from the qbuild
                 //continue;
-            } elseif (! in_array($whr['key'], $this->getTableColumns())) {
+            } elseif (! in_array($whr['key'], $tableColumns)) {
                 continue;
             }
 
@@ -155,7 +128,7 @@ protected function parseFilterParams() : void
      *
      * @param array $where the where clause
      */
-    protected function setWhereClause($where) : void
+    protected function setWhereClause($where): void
     {
         switch ($where['type']) {
             case 'In':
@@ -178,40 +151,41 @@ protected function setWhereClause($where) : void
      * parses the fields to return.
      *
      * @throws UnknownColumnException
+     *
      * @return array
      */
-    protected function parseFieldParams() : array
+    protected function parseFieldParams(): array
     {
         $fields = $this->request->has('fields') && ! empty($this->request->input('fields')) ? explode(',', $this->request->input('fields')) : $this->defaultFields;
-        foreach ($fields as $k => $field) {
-            if (
-                $field === '*' ||
-                in_array($field, $this->getTableColumns())
-            ) {
+        /** @scrutinizer ignore-call */
+        $tableColumns = $this->getTableColumns();
+        foreach ($fields as $key => $field) {
+            if ($field === '*' || in_array($field, $tableColumns)) {
                 continue;
             }
-            unset($fields[$k]);
+            unset($fields[$key]);
         }
 
         return $fields;
     }
 
     /**
      * Parses an includes fields and returns as an array.
+     *
      * @param string $include - the table definer
      *
      * @return array
      */
-    protected function getIncludesFields(string $include) : array
+    protected function getIncludesFields(string $include): array
     {
         $fields = $this->request->has('fields') && ! empty($this->request->input('fields')) ? explode(',', $this->request->input('fields')) : $this->defaultFields;
-        foreach ($fields as $k => $field) {
+        foreach ($fields as $key => $field) {
             if (strpos($field, $include.'.') === false) {
-                unset($fields[$k]);
+                unset($fields[$key]);
 
                 continue;
             }
-            $fields[$k] = str_replace($include.'.', '', $field);
+            $fields[$key] = str_replace($include.'.', '', $field);
         }
 
         return $fields;
@@ -222,7 +196,7 @@ protected function getIncludesFields(string $include) : array
      *
      * @return int
      */
-    protected function parseLimitParams() : int
+    protected function parseLimitParams(): int
     {
         $limit = $this->request->has('limit') ? intval($this->request->input('limit')) : $this->defaultLimit;