I am using the following code
public function show()
{
$id = Auth::user()->id;
$usuario = User::find($id);
$mascotin = Mascota::all();
$mascota = Mascota::find($id);
$mascota->save();
$cant_mascota = Mascota::count();
$cant_pregunta = Pregunta::count();
return view('usuario.show',[
'usuario' => $usuario,
'mascotin' => $mascotin,
'mascota' => $mascota,
'cant_mascota' => $cant_mascota,
'cant_pregunta' => $cant_pregunta,
]);
}
It gives me this error
Symfony \ Component \ Debug \ Exception \ FatalThrowableError (E_ERROR).Call to a member function save() on null
User Model
public function mascotas(){
return $this->hasMany('App\Mascota','user_id', 'id');
}
Mascota Model
public function usuario()
{
return $this->belongsTo('App\User', 'id','user_id');
}
Route
Route::get('/home', 'UserController#show')->name('home');
Hope you guys can help me, I'm new in laravel and I have like 1 day tring to solve this problem
$usuario = Auth::user();
$id = $usuario->id; // you already have user from Auth or Request, does not need to request database again
$mascotin = Mascota::all();
$mascota = $mascotin->find($id); // you can search in collection
//if you want to create Mascotin if it doesn't exists use Mascota::firstOrCreate(['id' => $id]);
if(!$mascota){
throw new \Exception('Mascota not found', 404); //if $mascota is mandatory
}
$mascota->save(); // this does not have place here unless you are changing $mascota before that
$cant_mascota = $mascotin->count();
$cant_pregunta = Pregunta::count();
Also you should add auth middleware to this route. Only logged users should see it.
I am not sure what "Mascota" means (it will be good to use english when you share your code) but it is not good to have the same id as user. Better use relationships.
Related
i have this PATCH function but i need to add some form of authorization to ensure you can only edit/update a film that is associated with the current user, can i get some help on how to add this
controller function:
public function update(string $id)
{
$this->user = Auth::user();
$this->film = film:findOrFail($id);
return $this->film->toJson();
}
I've looked at the laravel docs at the validation section and seen this example
$validatedData = $request->validate([
'title' => 'required|unque:posts|max:255',
'body' => 'required',
]);
i then added my own validation at the top of the file
protected $validation = [
'name' => 'string',
'description' => 'new description'
];
im a little lost on how i implement authorization to ensure only a current user can update a film?
What you're looking for is not a form validation, but a User Authorization (as in the comments). So you should have a look at the official documentation. In your case you should write a FilmPolicy that may look like to this (I will skip the registration part... It can be easily understood from the docs):
class FilmPolicy {
/**
* Determine if the given film can be updated by the user.
*
* #param \App\User $user
* #param \App\Post $post
* #return bool
*/
public function update(User $user, Film $film)
{
return $user->id === $film->user_id; // Or whatever is your foreign key
}
}
Then you should update your controller in order to handle the authorization as follow:
public function update(string $id)
{
$this->film = film::findOrFail($id);
$this->authorize('update', $this->film);
return $this->film->toJson();
}
Since this method simply throws an exception, you can have a more elaborate response as explained in the docs
Ok basically, to enable what you need in a simple way, what you can do is this;
First pass the 'user_id' to the controller.
public function update(string $id, $userid)
{
$user = Auth::user();
$id = $user->id;
if($id == $userid)
{
$this->user = Auth::user();
$this->film = film::findOrFail($id);
return $this->film->toJson();
}else{
return "Not Authorized";
}
}
If im not misunderstanding your question, this basically allows only the user who is logged in to update his film. if he goes into any other profile, the id's would mismatch and thus return a not authorized prompt.
My app has two types of users : teachers and parents. When you log in you have to specify what type you are.
I change the table name in user's constructor function :
public function __construct()
{
parent::__construct();
if(self::$userType === null)
{
self::$userType = request('user_type');
switch(self::$userType)
{
case 'teacher':
self::$userType = 'teachers';
$this->table = self::$userType;
break;
default:
self::$userType = 'procreators';
$this->table = self::$userType;
break;
}
}
This code works. However I decided to change failed authentication behavior in AuthenticatesUsers trait. This is it :
$password = bcrypt($request->input('password'));
$username = $request->input('name');
if(!User::where('name', 'LIKE', $username)->exists())
{
throw ValidationException::withMessages([
$this->username() => ['User login does not exist'],
]);
}
else if(!User::where('password', 'LIKE', $password)->exists())
{
throw ValidationException::withMessages([
'password' => ['invalid password'],
]);
}
When I type in wrong password I get an error that says "users" table does not exists. So it means it still uses the old name 'users'. I don't know why. How can I dynamically change the table's name? Apparently this code in constructor method is not enough.
Maybe static instead of self? If that isn't it, what is request('user_type') returning?
static::$userType = 'teachers';
Schema::rename('old_table_name', 'teacher');
I am tring to make test for my project, could someone show me example how to write tests or give me some good video course to learn testing.
In my example I am tring to test this part:
public function getProjectsForUser(){
if(Auth::user() -> admin_id == NULL){
$this->id = Auth::user() -> id;
}else{
$this->id = Auth::user() -> admin_id;
}
$projects = User::findOrFail(Auth::user() -> id)->projects()->where('admin_id', '=', $this->id)->get();
$role = User::findOrFail(Auth::user() -> id)->roles;
$users = User::where('admin_id', '=', $this->id)->lists('name','id');
return array('projects' => $projects,'users' => $users,'roles' => $role );
}
It was my model Project.php
Here is my PorojectController:
public function project(Project $projects){
$this -> projects = $projects ->getProjectsForUser();
return view('projects',$this -> projects);
}
Here is my test to check if user logged...
public function testHome()
{
$this->be(User::find(1));
$response = $this->call('GET', '/projects');
//CHECK IF AUTH USER
$this->assertTrue($response->isOk());
}
Now I need to check if I get right values inside array, for $project, $role, $users.
You can use assertViewHas() to assert values that should have been passed to the view. For example:
public function testHome(){
$this->be(User::find(1));
$response = $this->call('GET', '/projects');
//CHECK IF AUTH USER
$this->assertTrue($response->isOk());
$this->assertViewHas('projects', 'expected value for projects');
$this->assertViewHas('users', 'expected value for users');
$this->assertViewHas('roles', 'expected value for roles');
}
By the way: If you pass no second argument the method will just assert that the variable exists but won't compare the value.
To accomplish the same with a bit a different syntax you can use assertViewHasAll() and pass everything as array:
$this->assertViewHasAll([
'projects' => 'expected value for projects',
'users' => 'expected value for users',
'roles' => 'expected value for roles'
]);
I've seen alot of people using this way to check if a laravel model got saved. So now I wonder if it is a safe way.
And also can I check if the queries bellow got executed like this
Check if model got saved
Eg:
$myModel = new User();
$myModel->firstname = Input::get('firstname');
$myModel->lastname = Input::get('lastname');
$myModel->save();
//Check if user got saved
if ( ! $myModel->save())
{
App::abort(500, 'Error');
}
//User got saved show OK message
return Response::json(array('success' => true, 'user_added' => 1), 200);
Is the above a safe way to check whenever my model got saved or not?
Check if query returned a result
Eg:
$UserProduct = Product::where('seller_id', '=', $userId)->first();
if (! $UserProduct)
{
App::abort(401); //Error
}
Does above return an error if no product where found?
Check if query got executed
Eg:
$newUser = User::create([
'username' => Input::get('username'),
'email' => Input::get('email')
]);
//Check if user was created
if ( ! $newUser)
{
App::abort(500, 'Some Error');
}
//User was created show OK message
return Response::json(array('success' => true, 'user_created' => 1), 200);
Does above check if a user was created?
Check if model got saved
save() will return a boolean, saved or not saved. So you can either do:
$saved = $myModel->save();
if(!$saved){
App::abort(500, 'Error');
}
Or directly save in the if:
if(!$myModel->save()){
App::abort(500, 'Error');
}
Note that it doesn't make sense to call save() two times in a row like in your example. And by the way, many errors or problems that would keep the model from being saved will throw an exception anyways...
Check if query returned a result
first() will return null when no record is found so your check works find. However as alternative you could also use firstOrFail() which will automatically throw a ModelNotFoundException when nothing is found:
$UserProduct = Product::where('seller_id', '=', $userId)->firstOrFail();
(The same is true for find() and findOrFail())
Check if query got executed
Unfortunately with create it's not that easy. Here's the source:
public static function create(array $attributes)
{
$model = new static($attributes);
$model->save();
return $model;
}
As you can see it will create a new instance of the model with the $attributes and then call save(). Now if save() where to return true you wouldn't know because you'd get a model instance anyways. What you could do for example is check for the models id (since that's only available after the record is saved and the newly created id is returned)
if(!$newUser->id){
App::abort(500, 'Some Error');
}
You can also check the public attribute $exists on your model.
if ($myModel->exists) {
// Model exists in the database
}
I would do such move to when I use Model::create method :
$activity = Activity::create($data);
if ($activity->exists) {
// success
} else {
// failure
}
As for the Save method it's easier because $model->save() returns Bool :
$category = new Category();
$category->category_name = $request->category_name;
$is_saved = $category->save();
if ($is_saved) {
// success
} else {
// failure
}
/**
* Store a newly created country in storage.
*
* #url /country
* #method POST
* #param Request $request
* #return \Illuminate\Http\JsonResponse
*/
public function store(Request $request)
{
# Filer & only get specific parameters.
$request = $request->only('code', 'name', 'status');
# Assign login user(Auth Control).
$request['created_by'] = Auth::user()->id;
# Insert data into `countries` table.
$country = Country::create($request);
if(!$country)
throw new Exception('Error in saving data.');
}
I've set up the database etc by having implemented SQL code to set up the tables and the rbac/init script to fill out the roles / permissions.
I have an assign() at user creation but I keep receiving this error on the getRole():
yii\base\ErrorException Call to a member function getRole() on null
public function addUser()
{
if($this->validate()) {
$user = new User();
$auth_key = Yii::$app->getSecurity()->generateRandomString(32);
$this->password = Yii::$app->getSecurity()->generatePasswordHash($this->password);
$user->email = $this->email;
$user->password = $this->password;
$user->active = $this->active;
$user->firstname = $this->firstname;
$user->lastname = $this->lastname;
// $user->nickname = $this->nickname;
$user->datecreated = time();
$user->auth_key = $auth_key;
$user->save(false);
$auth = Yii::$app->authManager;
$authorRole = $auth->getRole($this->role);
$auth->assign($authorRole, $user->getId());
return $user;
}else{
return false;
}
}
the $role variable is passed through $_POST along with the other user attributes.
Please help. Thanks.
You've gone the wrong way about it.
The issue here seems to be that Yii::$app->authManager is not set when it should be. This probably means that your main.php configuration file does not contain the correct information.
It should contain the following component:
return [
// ...
'components' => [
'authManager' => [
'class' => 'yii\rbac\DbManager',
],
// ...
],
];
(http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#configuring-rbac-manager)
In the example from the link above PhpManager is used but in your case you will want to use yii\rbac\DbManager
Doing it this way means that you will only have one loaded manager and will also unlock all action filtering options.
I seem to have fixed this by replacing
$auth = Yii::$app->authManager;
with
$auth = new DbManager;
Let me know if this is the wrong way to go about it!