🧑‍💻 Change trip destination with APIv1 (#1121)

Traewelling · Nov 8, 2022 · 97f9072 · 97f9072
1 parent 6819853
commit 97f9072
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 46 deletions.
diff --git a/app/Http/Controllers/API/v1/StatusController.php b/app/Http/Controllers/API/v1/StatusController.php
@@ -7,13 +7,15 @@
 use App\Enum\StatusVisibility;
 use App\Exceptions\PermissionException;
 use App\Http\Controllers\Backend\GeoController;
+use App\Http\Controllers\Backend\Transport\TrainCheckinController;
 use App\Http\Controllers\Backend\User\DashboardController;
 use App\Http\Controllers\StatusController as StatusBackend;
 use App\Http\Controllers\UserController as UserBackend;
 use App\Http\Resources\StatusResource;
 use App\Http\Resources\StopoverResource;
 use App\Models\HafasTrip;
 use App\Models\Status;
+use App\Models\TrainStopover;
 use Exception;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
@@ -25,6 +27,7 @@
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Validation\Rules\Enum;
 use Illuminate\Validation\ValidationException;
+use InvalidArgumentException;
 
 class StatusController extends Controller
 {
@@ -315,9 +318,11 @@ public function destroy(int $id): JsonResponse {
      */
     public function update(Request $request, int $statusId): JsonResponse {
         $validator = Validator::make($request->all(), [
-            'body'       => ['nullable', 'max:280', 'nullable'],
-            'business'   => ['required', new Enum(Business::class)],
-            'visibility' => ['required', new Enum(StatusVisibility::class)],
+            'body'                      => ['nullable', 'max:280', 'nullable'],
+            'business'                  => ['required', new Enum(Business::class)],
+            'visibility'                => ['required', new Enum(StatusVisibility::class)],
+            'destinationId'             => ['required_with:destinationArrivalPlanned', 'exists:train_stations,id'],
+            'destinationArrivalPlanned' => ['required_with:destinationId', 'date'],
         ]);
 
         if ($validator->fails()) {
@@ -326,6 +331,25 @@ public function update(Request $request, int $statusId): JsonResponse {
         $validated = $validator->validate();
 
         try {
+            $status = Status::findOrFail($statusId);
+            $this->authorize('update', $status);
+
+            if (isset($validated['destinationId'], $validated['destinationArrivalPlanned'])) {
+                $stopover = TrainStopover::where('train_station_id', $validated['destinationId'])
+                                         ->where('arrival_planned', $validated['destinationArrivalPlanned'])
+                                         ->first();
+
+                if ($stopover === null) {
+                    return $this->sendv1Error('Invalid stopover given', 400);
+                }
+
+                TrainCheckinController::changeDestination(
+                    checkin:                $status->trainCheckin,
+                    newDestinationStopover: $stopover,
+                );
+            }
+            $status->fresh();
+
             $editStatusResponse = StatusBackend::EditStatus(
                 user:       Auth::user(),
                 statusId:   $statusId,
@@ -335,9 +359,11 @@ public function update(Request $request, int $statusId): JsonResponse {
             );
             return $this->sendResponse(new StatusResource($editStatusResponse));
         } catch (ModelNotFoundException) {
-            abort(404);
-        } catch (PermissionException) {
-            abort(403);
+            return $this->sendv1Error('Status not found');
+        } catch (PermissionException|AuthorizationException) {
+            return $this->sendv1Error('You are not authorized to edit this status', 403);
+        } catch (InvalidArgumentException) {
+            return $this->sendv1Error('Invalid Arguments', 400);
         }
     }
 

diff --git a/app/Http/Controllers/StatusController.php b/app/Http/Controllers/StatusController.php
@@ -132,38 +132,6 @@ public static function DeleteStatus(User $user, int $statusId): ?bool {
         return true;
     }
 
-    /**
-     * @param User             $user
-     * @param int              $statusId
-     * @param string|null      $body
-     * @param Business         $business
-     * @param StatusVisibility $visibility
-     *
-     * @return Status
-     * @throws PermissionException
-     * @api v1
-     */
-    public static function EditStatus(
-        User             $user,
-        int              $statusId,
-        string           $body = null,
-        Business         $business = Business::PRIVATE,
-        StatusVisibility $visibility = StatusVisibility::PUBLIC
-    ): Status {
-        $status = Status::findOrFail($statusId);
-
-        if ($user->id !== $status->user->id) {
-            throw new PermissionException();
-        }
-
-        $status->update([
-                            'body'       => $body,
-                            'business'   => $business,
-                            'visibility' => $visibility,
-                        ]);
-        return $status;
-    }
-
     /**
      * Create a Statuslike for a given User
      *

diff --git a/routes/api.php b/routes/api.php
@@ -43,7 +43,7 @@
     Route::get('static/privacy', [PrivacyPolicyController::class, 'getPrivacyPolicy'])
          ->name('api.v1.getPrivacyPolicy');
 
-    Route::group(['middleware' => ['auth:api', 'privacy-policy']], function() {
+    Route::group(['middleware' => ['auth:api', 'privacy-policy']], static function() {
         Route::post('event', [EventController::class, 'suggest']);
         Route::get('activeEvents', [EventController::class, 'activeEvents']);
         Route::get('leaderboard/friends', [StatisticsController::class, 'leaderboardFriends']);
@@ -55,31 +55,31 @@
         Route::delete('statuses/{id}', [StatusController::class, 'destroy']);
         Route::put('statuses/{id}', [StatusController::class, 'update']);
         Route::post('support/ticket', [SupportController::class, 'createTicket']);
-        Route::group(['prefix' => 'notifications'], function() {
+        Route::group(['prefix' => 'notifications'], static function() {
             Route::get('/', [NotificationsController::class, 'index']);
             Route::get('count', [NotificationsController::class, 'count']);
             Route::put('{id}', [NotificationsController::class, 'update']);
             Route::put('read/{id}', [NotificationsController::class, 'read']);
             Route::put('unread/{id}', [NotificationsController::class, 'unread']);
             Route::post('readAll', [NotificationsController::class, 'readAll']);
         });
-        Route::group(['prefix' => 'trains'], function() {
+        Route::group(['prefix' => 'trains'], static function() {
             Route::get('trip/', [TransportController::class, 'getTrip']);
             Route::post('checkin', [TransportController::class, 'create']);
-            Route::group(['prefix' => 'station'], function() {
+            Route::group(['prefix' => 'station'], static function() {
                 Route::get('{name}/departures', [TransportController::class, 'departures']);
                 Route::put('{name}/home', [TransportController::class, 'setHome']);
                 Route::get('nearby', [TransportController::class, 'getNextStationByCoordinates']);
                 Route::get('autocomplete/{query}', [TransportController::class, 'getTrainStationAutocomplete']);
                 Route::get('history', [TransportController::class, 'getTrainStationHistory']);
             });
         });
-        Route::group(['prefix' => 'statistics'], function() {
+        Route::group(['prefix' => 'statistics'], static function() {
             Route::get('/', [StatisticsController::class, 'getPersonalStatistics']);
             Route::get('/global', [StatisticsController::class, 'getGlobalStatistics']);
             Route::post('export', [StatisticsController::class, 'generateTravelExport']);
         });
-        Route::group(['prefix' => 'user'], function() {
+        Route::group(['prefix' => 'user'], static function() {
             Route::post('createFollow', [FollowController::class, 'createFollow']);
             Route::delete('destroyFollow', [FollowController::class, 'destroyFollow']);
             Route::delete('removeFollower', [FollowController::class, 'removeFollower']);
@@ -90,7 +90,7 @@
             Route::get('search/{query}', [UserController::class, 'search']);
             Route::get('statuses/active', [StatusController::class, 'getActiveStatus']);
         });
-        Route::group(['prefix' => 'settings'], function() {
+        Route::group(['prefix' => 'settings'], static function() {
             Route::put('acceptPrivacy', [PrivacyPolicyController::class, 'acceptPrivacyPolicy'])
                  ->withoutMiddleware('privacy-policy');
             Route::get('profile', [SettingsController::class, 'getProfileSettings']);
@@ -116,7 +116,7 @@
         });
     });
 
-    Route::group(['middleware' => ['semiguest:api', 'privacy-policy']], function() {
+    Route::group(['middleware' => ['semiguest:api', 'privacy-policy']], static function() {
         Route::get('statuses', [StatusController::class, 'enRoute']);
         Route::get('statuses/{id}', [StatusController::class, 'show']);
         Route::get('statuses/{id}/likedby', [LikesController::class, 'show']);