wip

conedevelopment · Jan 23, 2024 · a6453d6 · a6453d6
1 parent e051bfc
commit a6453d6
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 3 deletions.
diff --git a/resources/views/resources/form.blade.php b/resources/views/resources/form.blade.php
@@ -32,7 +32,7 @@
             <button type="submit" class="btn btn--primary" form="{{ $key }}">{{ __('Save') }}</button>
             <a href="{{ $action }}" class="btn btn--light">{{ __('Cancel') }}</a>
         </div>
-        @if($abilities['delete'])
+        @if($model->exists && $abilities['delete'])
             <div class="app-actions__column">
                 <form method="POST" action="{{ $action }}" onsubmit="return window.confirm('{{ __('Are you sure?') }}');">
                     @csrf

diff --git a/src/Fields/Relation.php b/src/Fields/Relation.php
@@ -21,6 +21,7 @@
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\Relation as EloquentRelation;
 use Illuminate\Http\Request;
+use Illuminate\Routing\Events\RouteMatched;
 use Illuminate\Routing\Router;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Gate;
@@ -35,6 +36,7 @@ abstract class Relation extends Field implements Form
     use AsForm;
     use RegistersRoutes {
         RegistersRoutes::registerRoutes as __registerRoutes;
+        RegistersRoutes::routeMatched as __routeMatched;
     }
     use ResolvesActions;
     use ResolvesFields;
@@ -608,14 +610,47 @@ protected function routesRegistered(Request $request): void
         ]);
     }
 
+    /**
+     * Handle the route matched event.
+     */
+    public function routeMatched(RouteMatched $event): void
+    {
+        $this->__routeMatched($event);
+
+        $controller = $event->route->getController();
+
+        $controller->middleware($this->getRouteMiddleware());
+
+        $middleware = function (Request $request, Closure $next) use ($event): mixed {
+            $ability = match ($event->route->getActionMethod()) {
+                'index' => 'viewAny',
+                'show' => 'view',
+                'create' => 'create',
+                'store' => 'create',
+                'edit' => 'update',
+                'update' => 'update',
+                'destroy' => 'delete',
+                default => $event->route->getActionMethod(),
+            };
+
+            Gate::allowIf($this->resolveAbility(
+                $ability, $request, $request->route('resourceModel'), $request->route($this->getRouteParameterName())
+            ));
+
+            return $next($request);
+        };
+
+        $controller->middleware([$middleware]);
+    }
+
     /**
      * Resolve the ability.
      */
     public function resolveAbility(string $ability, Request $request, Model $model, ...$arguments): bool
     {
         $policy = Gate::getPolicyFor($model);
 
-        $ability .= Str::studly($this->getRelatedName());
+        $ability .=  Str::of($this->getModelAttribute())->singular()->studly()->value();
 
         return is_null($policy)
             || ! method_exists($policy, $ability)

diff --git a/src/Resources/Resource.php b/src/Resources/Resource.php
@@ -457,7 +457,7 @@ public function routeMatched(RouteMatched $event): void
 
         $controller->middleware($this->getRouteMiddleware());
 
-        if ($this->getPolicy()) {
+        if (! is_null($this->getPolicy())) {
             $controller->authorizeResource($this->getModel(), 'resourceModel');
         }