update API

dbarzin · dbarzin · commit 74c2d37b0fd3 · 2026-02-02T09:12:30.000+01:00
diff --git a/app/Http/Controllers/API/ControlController.php b/app/Http/Controllers/API/ControlController.php
@@ -14,7 +14,7 @@ class ControlController extends Controller
 {
     public function index()
     {
-        abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $activities = Control::all();
 
@@ -23,7 +23,7 @@ public function index()
 
     public function store(Request $request)
     {
-        abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $control = Control::create($request->all());
 
@@ -50,14 +50,16 @@ public function store(Request $request)
 
     public function show(Control $control)
     {
-        abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
+
+        $control['measures'] = $control->measures()->pluck('id');
 
         return response()->json($control);
     }
 
     public function update(Request $request, Control $control)
     {
-        abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $control->update($request->all());
 
@@ -84,7 +86,7 @@ public function update(Request $request, Control $control)
 
     public function destroy(Control $control)
     {
-        abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $control->measures()->detach();
         $control->delete();
diff --git a/app/Http/Controllers/API/MeasureController.php b/app/Http/Controllers/API/MeasureController.php
@@ -12,7 +12,7 @@ class MeasureController extends Controller
 {
     public function index()
     {
-        abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $measures = Measure::all();
 
@@ -21,7 +21,7 @@ public function index()
 
     public function store(Request $request)
     {
-        abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $measure = Measure::query()->create($request->all());
         if ($request->has('controls')) {
@@ -33,14 +33,16 @@ public function store(Request $request)
 
     public function show(Measure $measure)
     {
-        abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
+
+        $measure['controls'] = $measure->controls()->pluck('id');
 
         return response()->json($measure);
     }
 
     public function update(Request $request, Measure $measure)
     {
-        abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $measure->update($request->all());
         if ($request->has('controls')) {
@@ -52,7 +54,7 @@ public function update(Request $request, Measure $measure)
 
     public function destroy(Measure $measure)
     {
-        abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
+        abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
         $measure->delete();
 

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ class ControlController extends Controller`
`14`	`14`	`{`
`15`	`15`	`public function index()`
`16`	`16`	`{`
`17`		`- abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`17`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`18`	`18`
`19`	`19`	`$activities = Control::all();`
`20`	`20`
`@@ -23,7 +23,7 @@ public function index()`
`23`	`23`
`24`	`24`	`public function store(Request $request)`
`25`	`25`	`{`
`26`		`- abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`26`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`27`	`27`
`28`	`28`	`$control = Control::create($request->all());`
`29`	`29`
`@@ -50,14 +50,16 @@ public function store(Request $request)`
`50`	`50`
`51`	`51`	`public function show(Control $control)`
`52`	`52`	`{`
`53`		`- abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`53`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`54`	`+`
	`55`	`+ $control['measures'] = $control->measures()->pluck('id');`
`54`	`56`
`55`	`57`	`return response()->json($control);`
`56`	`58`	`}`
`57`	`59`
`58`	`60`	`public function update(Request $request, Control $control)`
`59`	`61`	`{`
`60`		`- abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`62`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`61`	`63`
`62`	`64`	`$control->update($request->all());`
`63`	`65`
`@@ -84,7 +86,7 @@ public function update(Request $request, Control $control)`
`84`	`86`
`85`	`87`	`public function destroy(Control $control)`
`86`	`88`	`{`
`87`		`- abort_if(Auth::User()->role !== 4, Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`89`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`88`	`90`
`89`	`91`	`$control->measures()->detach();`
`90`	`92`	`$control->delete();`
Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ class MeasureController extends Controller`
`12`	`12`	`{`
`13`	`13`	`public function index()`
`14`	`14`	`{`
`15`		`- abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`15`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`16`	`16`
`17`	`17`	`$measures = Measure::all();`
`18`	`18`
`@@ -21,7 +21,7 @@ public function index()`
`21`	`21`
`22`	`22`	`public function store(Request $request)`
`23`	`23`	`{`
`24`		`- abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`24`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`25`	`25`
`26`	`26`	`$measure = Measure::query()->create($request->all());`
`27`	`27`	`if ($request->has('controls')) {`
`@@ -33,14 +33,16 @@ public function store(Request $request)`
`33`	`33`
`34`	`34`	`public function show(Measure $measure)`
`35`	`35`	`{`
`36`		`- abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`36`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`37`	`+`
	`38`	`+ $measure['controls'] = $measure->controls()->pluck('id');`
`37`	`39`
`38`	`40`	`return response()->json($measure);`
`39`	`41`	`}`
`40`	`42`
`41`	`43`	`public function update(Request $request, Measure $measure)`
`42`	`44`	`{`
`43`		`- abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`45`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`44`	`46`
`45`	`47`	`$measure->update($request->all());`
`46`	`48`	`if ($request->has('controls')) {`
`@@ -52,7 +54,7 @@ public function update(Request $request, Measure $measure)`
`52`	`54`
`53`	`55`	`public function destroy(Measure $measure)`
`54`	`56`	`{`
`55`		`- abort_if(Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
	`57`	`+ abort_if(!Auth::User()->isAPI(), Response::HTTP_FORBIDDEN, '403 Forbidden');`
`56`	`58`
`57`	`59`	`$measure->delete();`
`58`	`60`