1

I need make an api with laravel 5.7, the api is not a problem itself.

I need make a strict validation for the current model and nested relations objects for save, example.

Imagine a model Posts with a relation comments. I have stored my data in database as:



    [
      {id: 1, user_id: 1, title: 'my title post', comments: [{id: 5, comment: 'my comment for post id 1'}]},
      {id: 2, user_id: 1, title: 'my second title post', comments: [{id: 15, comment: 'my comment for post id 2'}]},
      {id: 8, user_id: 2, title: 'my third title post', comments: [{id: 25, comment: 'my comment for post id 8'}]}
    ]

My user_id logged in the api is 1 If I try send a POST http to update a post and a comment how I can validate the user logged in the api is the owner of each object? example of post:

POST to update.



    [
      {id: 1, user_id: 1, title: 'my title post modified', comments: [{id: 5, comment: 'my comment for post id 1'}]},
      {id: 1, user_id: 1, title: 'my title post modified 2', comments: [{id: 25, comment: 'my comment for post id 1'}]},
      {`id: 8`, user_id: 2, title: 'my title post', comments: [{`id: 25`, comment: 'my comment for post id 1'}]},
    ]

how example show, I can modify only the first and second object of my array but I can't modify the comment in the second object.

hope I have expressed myself correctly.

Improve this question
2
  • don't you have a column in Posts table to save the write? like author_id? Commented Dec 15, 2018 at 5:42
  • @FatemehMajd its user_id in the post table Commented Dec 15, 2018 at 20:07

1 Answer 1

Reset to default
1

First make sure you get your Post data in JSON format, with double quotes " surrounding keys and Strings. And Create JSON data in Laravel - PHP like :

$postsData = '[
  {"id": 1, "user_id": 1, "title": "my title post", "comments": [{"id": 5, "comment": "my comment for post id 1"}]},
  {"id": 2, "user_id": 1, "title": "my second title post", "comments": [{"id": 15, "comment": "my comment for post id 2"}]},
  {"id": 8, "user_id": 2, "title": "my third title post", "comments": [{"id": 25, "comment": "my comment for post id 8"}]}
]';

$posts = json_decode($postsData);

//var_dump($posts);

$authUserId = 1;

foreach($posts as $post) {
  if($authUserId == $post->user_id) {
      echo 'User own this Post...<br/>';
      echo $post->id.' - '.$post->title;
      foreach($post->comments as $comment) {
              echo '<br/>';
              echo '----'.$comment->id.' - '.$comment->comment;
              echo '<br/>';
      }
      echo '<br/>';
  }
}

Output will be that only Post 1 and 2 can be saved for User 1 :

User own this Post...
1 - my title post
----5 - my comment for post id 1

User own this Post...
2 - my second title post
----15 - my comment for post id 2
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

its not a bad idea, but I was think it can be performed with some middleware or request for each model? or someting else using the framework utility, laravel is a powerful framework I think someone before was make a similar this.
If you think it then there's probably some laravel package for that. After I checked that, I found one laravel-nestedupdater - Github with 8 stars, so not very popular, but claim to do the job. There's probably others, but I don't think Laravel has one built-in yet. It would be awesome if they made it. But the more you can keep your codes away from 3rd-Party packages, the better it will be for you when you need to upgrade your codes.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.