Allow users to create private form templates (#210)
* Allow users to create private form templates * Improve back-end efficiency --------- Co-authored-by: Julien Nahum <julien@nahum.net>
This commit is contained in:
formsdev
GitHub
@@ -7,6 +7,7 @@ use App\Http\Requests\Templates\FormTemplateRequest;
|
||||
use App\Http\Resources\FormTemplateResource;
|
||||
use App\Models\Template;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class TemplateController extends Controller
|
||||
{
|
||||
@@ -16,12 +17,16 @@ class TemplateController extends Controller
|
||||
if ($request->offsetExists('limit') && $request->get('limit') > 0) {
|
||||
$limit = (int) $request->get('limit');
|
||||
}
|
||||
return FormTemplateResource::collection(
|
||||
Template::where('publicly_listed', true)
|
||||
->orderByDesc('created_at')
|
||||
->limit($limit)
|
||||
->get()
|
||||
);
|
||||
|
||||
$templates = Template::where('publicly_listed', true)
|
||||
->when(Auth::check(), function ($query) {
|
||||
$query->orWhere('creator_id', Auth::id());
|
||||
})
|
||||
->orderByDesc('created_at')
|
||||
->limit($limit)
|
||||
->get();
|
||||
|
||||
return FormTemplateResource::collection($templates);
|
||||
}
|
||||
|
||||
public function create(FormTemplateRequest $request)
|
||||
@@ -34,7 +39,8 @@ class TemplateController extends Controller
|
||||
|
||||
return $this->success([
|
||||
'message' => 'Template was created.',
|
||||
'template_id' => $template->id
|
||||
'template_id' => $template->id,
|
||||
'data' => new FormTemplateResource($template)
|
||||
]);
|
||||
}
|
||||
|
||||
|
||||
@@ -77,6 +77,7 @@ class FormTemplateRequest extends FormRequest
|
||||
}
|
||||
|
||||
return new Template([
|
||||
'creator_id' => $this->user()?->id ?? null,
|
||||
'publicly_listed' => $this->publicly_listed,
|
||||
'name' => $this->name,
|
||||
'slug' => $this->slug,
|
||||
|
||||
@@ -14,6 +14,7 @@ class Template extends Model
|
||||
use HasFactory, HasSlug;
|
||||
|
||||
protected $fillable = [
|
||||
'creator_id',
|
||||
'name',
|
||||
'slug',
|
||||
'description',
|
||||
@@ -41,6 +42,15 @@ class Template extends Model
|
||||
'publicly_listed' => false,
|
||||
];
|
||||
|
||||
protected $appends = [
|
||||
'share_url',
|
||||
];
|
||||
|
||||
public function getShareUrlAttribute()
|
||||
{
|
||||
return url('/form-templates/'.$this->slug);
|
||||
}
|
||||
|
||||
public function setDescriptionAttribute($value)
|
||||
{
|
||||
// Strip out unwanted html
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace App\Models;
|
||||
|
||||
use App\Http\Controllers\SubscriptionController;
|
||||
use App\Models\Forms\Form;
|
||||
use App\Models\Template;
|
||||
use App\Notifications\ResetPassword;
|
||||
use App\Notifications\VerifyEmail;
|
||||
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
@@ -140,6 +141,11 @@ class User extends Authenticatable implements JWTSubject
|
||||
return $this->hasMany(Form::class,'creator_id');
|
||||
}
|
||||
|
||||
public function formTemplates()
|
||||
{
|
||||
return $this->hasMany(Template::class, 'creator_id');
|
||||
}
|
||||
|
||||
/**
|
||||
* =================================
|
||||
* Oauth Related
|
||||
|
||||
@@ -18,7 +18,7 @@ class TemplatePolicy
|
||||
*/
|
||||
public function create(User $user)
|
||||
{
|
||||
return $user->admin || $user->template_editor;
|
||||
return $user !== null;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -30,7 +30,7 @@ class TemplatePolicy
|
||||
*/
|
||||
public function update(User $user, Template $template)
|
||||
{
|
||||
return $user->admin || $user->template_editor;
|
||||
return $user->admin || $user->template_editor || $template->creator_id === $user->id;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -42,6 +42,6 @@ class TemplatePolicy
|
||||
*/
|
||||
public function delete(User $user, Template $template)
|
||||
{
|
||||
return $user->admin || $user->template_editor;
|
||||
return $user->admin || $user->template_editor || $template->creator_id === $user->id;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user