Avoiding issues and refactoring code

I made the code more passive, avoiding issued at taking, returning, storing alerts or removing alerts from an item. Now they all check if it is with you before returning/deleting alert etc. I am not sure if all cases are covered, but they are better than before. I had one only issued on this on that time, but I prefer to prioritize safety/security. I took the opportunitie to move some code from Controllers to the model itself, as they were changing with the DB.
2025-11-15 07:50:54 -03:00 · 2018-10-21 12:36:02 -03:00
parent 1f9da456a5
commit e22f49bc6a
4 changed files with 78 additions and 15 deletions
--- a/app/Item.php
+++ b/app/Item.php
@@ -2,7 +2,10 @@

 namespace App;

+use Auth;
+use Lang;
 use Illuminate\Database\Eloquent\Model;
+use Exception;

 class Item extends Model
 {
@@ -36,7 +39,23 @@ class Item extends Model
     */
    public static function fromAuthUser()
    {
-        return (new static)->where('user_id', \Auth::id());
+        return (new static)->where('user_id', Auth::id());
+    }
+
+    /**
+     * Take a specified item
+     * 
+     * @return void
+     */
+    public function takeItem()
+    {
+        if (isset($this->used_by)) {
+            throw new Exception("Trying to take an Item that is in use", 1);
+        }
+
+        $this->used_by = Auth::id();
+        $this->waiting_user_id = null;
+        $this->save();
    }

    /**
@@ -46,8 +65,35 @@ class Item extends Model
     */
    public function returnItem()
    {
+        if ($this->used_by != Auth::id()) {
+            throw new Exception("Trying to return an empty Item or from other user", 1);
+        }
+
        $this->used_by = null;
+        $this->save();
+    }
+
+    /**
+     * Store a waiting user to the item
+     * 
+     * @return void
+     */
+    public function storeAlert()
+    {
+        $this->waiting_user_id = Auth::id();
+        $this->timestamps = false;
+        $this->save();
+    }
+
+    /**
+     * Remove a waiting user to the item
+     * 
+     * @return void
+     */
+    public function removeAlert()
+    {
        $this->waiting_user_id = null;
+        $this->timestamps = false;
        $this->save();
    }
 }