organization_id !== $organization->id) { throw new AuthorizationException('Project does not belong to organization'); } } /** * Get projects * * @return ProjectCollection * * @throws AuthorizationException * * @operationId getProjects */ public function index(Organization $organization): ProjectCollection { $this->checkPermission($organization, 'projects:view'); $canViewAllProjects = $this->hasPermission($organization, 'projects:view:all'); /** @var User $user */ $user = Auth::user(); $projectsQuery = Project::query() ->whereBelongsTo($organization, 'organization'); if (! $canViewAllProjects) { $projectsQuery->visibleByUser($user); } $projects = $projectsQuery->paginate(); return new ProjectCollection($projects); } /** * Get project * * @throws AuthorizationException * * @operationId getProject */ public function show(Organization $organization, Project $project): JsonResource { $this->checkPermission($organization, 'projects:view', $project); $project->load('organization'); return new ProjectResource($project); } /** * Create project * * @throws AuthorizationException * * @operationId createProject */ public function store(Organization $organization, ProjectStoreRequest $request): JsonResource { $this->checkPermission($organization, 'projects:create'); $project = new Project(); $project->name = $request->input('name'); $project->color = $request->input('color'); $project->billable_rate = $request->input('billable_rate'); $project->client_id = $request->input('client_id'); $project->organization()->associate($organization); $project->save(); return new ProjectResource($project); } /** * Update project * * @throws AuthorizationException * * @operationId updateProject */ public function update(Organization $organization, Project $project, ProjectUpdateRequest $request): JsonResource { $this->checkPermission($organization, 'projects:update', $project); $project->name = $request->input('name'); $project->color = $request->input('color'); $project->billable_rate = $request->input('billable_rate'); $project->client_id = $request->input('client_id'); $project->save(); return new ProjectResource($project); } /** * Delete project * * @throws AuthorizationException * * @operationId deleteProject */ public function destroy(Organization $organization, Project $project): JsonResponse { $this->checkPermission($organization, 'projects:delete', $project); $project->delete(); return response() ->json(null, 204); } }