deming/app/Http/Controllers/API/ControlController.php at 74c2d37b0fd3bfbe00f2ee5d7a1e096a76d6642d · dbarzin/deming · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
<?php

namespace App\Http\Controllers\API;

use App\Http\Controllers\Controller;
use App\Models\Action;
use App\Models\Control;
use App\Models\Document;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Auth;

class ControlController extends Controller
{
    public function index()
    {
        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');

        $activities = Control::all();

        return response()->json($activities);
    }

    public function store(Request $request)
    {
        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');

        $control = Control::create($request->all());

        if ($request->has('measures')) {
            $control->measures()->sync($request->input('measures', []));
        }
        if ($request->has('actions')) {
            Action::where('control_id', $control->id)->update(['control_id' => null]);
            Action::whereIn('id', $request->input('actions', []))->update(['control_id' => $control->id]);
        }
        if ($request->has('documents')) {
            Document::where('control_id', $control->id)->update(['control_id' => null]);
            Document::whereIn('id', $request->input('documents', []))->update(['control_id' => $control->id]);
        }
        if ($request->has('users')) {
            $control->users()->sync($request->input('users', []));
        }
        if ($request->has('groups')) {
            $control->groups()->sync($request->input('groups', []));
        }

        return response()->json($control, 201);
    }

    public function show(Control $control)
    {
        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');

        $control['measures'] = $control->measures()->pluck('id');

        return response()->json($control);
    }

    public function update(Request $request, Control $control)
    {
        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');

        $control->update($request->all());

        if ($request->has('measures')) {
            $control->measures()->sync($request->input('measures', []));
        }
        if ($request->has('actions')) {
            Action::where('control_id', $control->id)->update(['control_id' => null]);
            Action::whereIn('id', $request->input('actions', []))->update(['control_id' => $control->id]);
        }
        if ($request->has('documents')) {
            Document::where('control_id', $control->id)->update(['control_id' => null]);
            Document::whereIn('id', $request->input('documents', []))->update(['control_id' => $control->id]);
        }
        if ($request->has('users')) {
            $control->users()->sync($request->input('users', []));
        }
        if ($request->has('groups')) {
            $control->groups()->sync($request->input('groups', []));
        }

        return response()->json();
    }

    public function destroy(Control $control)
    {
        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');

        $control->measures()->detach();
        $control->delete();

        return response()->json();
    }
}