From c7fefd138ae40c4efabcfeb6cc99230a117dc8ed Mon Sep 17 00:00:00 2001
From: "m.zargarov" <m.zargarov@framework.team>
Date: Tue, 25 Jun 2024 00:52:48 +0400
Subject: [PATCH] Fix

---
 app/Console/Commands/AddScores.php         | 43 ++++++++++++++++++++++
 app/Http/Controllers/GradeController.php   | 11 ++++--
 app/Http/Controllers/LessonController.php  |  9 ++---
 app/Http/Controllers/SubjectController.php |  7 ++--
 app/Policies/LessonPolicy.php              | 13 ++++---
 app/Policies/SubjectPolicy.php             |  5 +++
 config/tinker.php                          |  1 +
 resources/views/grades/index.blade.php     | 12 +++---
 resources/views/subjects/index.blade.php   |  4 +-
 routes/web.php                             |  1 -
 10 files changed, 79 insertions(+), 27 deletions(-)
 create mode 100644 app/Console/Commands/AddScores.php

diff --git a/app/Console/Commands/AddScores.php b/app/Console/Commands/AddScores.php
new file mode 100644
index 0000000..ff59f2f
--- /dev/null
+++ b/app/Console/Commands/AddScores.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Grade;
+use Illuminate\Console\Command;
+
+class AddScores extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'app:add-scores {grade}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Add 4 and 5 scores for students';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $grade = Grade::firstWhere('id', $this->argument('grade'));
+
+        $grade->students->random(7)->each(function ($student) {
+            $student
+                ->lessons()
+                ->syncWithPivotValues($student->lessons()->pluck('id'), ['score' => 4]);
+        });
+
+        $grade->students->random(5)->each(function ($student) {
+            $student
+                ->lessons()
+                ->syncWithPivotValues($student->lessons()->pluck('id'), ['score' => 5]);
+        });
+    }
+}
diff --git a/app/Http/Controllers/GradeController.php b/app/Http/Controllers/GradeController.php
index 542e934..2dce6bc 100644
--- a/app/Http/Controllers/GradeController.php
+++ b/app/Http/Controllers/GradeController.php
@@ -69,7 +69,7 @@ class GradeController extends Controller
      */
     public function edit(Grade $grade): View
     {
-        if(request()->user()->cannot('update', Grade::class)) {
+        if(request()->user()->cannot('update', $grade)) {
             abort(403);
         }
 
@@ -83,11 +83,13 @@ class GradeController extends Controller
      */
     public function update(GradePostRequest $request, Grade $grade): RedirectResponse
     {
-        if(request()->user()->cannot('update', Grade::class)) {
+        if(request()->user()->cannot('update', $grade)) {
             abort(403);
         }
 
-        return redirect()->route('grades.show', $grade->update($request->validated()));
+        $grade->update($request->validated());
+
+        return redirect()->route('grades.show', $grade);
     }
 
     /**
@@ -95,9 +97,10 @@ class GradeController extends Controller
      */
     public function destroy(Grade $grade): RedirectResponse
     {
-        if(request()->user()->cannot('delete', Grade::class)) {
+        if(request()->user()->cannot('delete', $grade)) {
             abort(403);
         }
+
         $grade->delete();
 
         return redirect()->route('grades.index');
diff --git a/app/Http/Controllers/LessonController.php b/app/Http/Controllers/LessonController.php
index 0591b6a..57dc6e0 100644
--- a/app/Http/Controllers/LessonController.php
+++ b/app/Http/Controllers/LessonController.php
@@ -113,12 +113,9 @@ class LessonController extends Controller
             abort(403);
         }
 
-        return redirect()->route(
-            'grades.lessons.show',[
-                $grade,
-                $lesson->update($request->validated()),
-            ]
-        );
+        $lesson->update($request->validated());
+
+        return redirect()->route('grades.lessons.show',[$grade, $lesson,]);
     }
 
     /**
diff --git a/app/Http/Controllers/SubjectController.php b/app/Http/Controllers/SubjectController.php
index ba0128d..832b677 100644
--- a/app/Http/Controllers/SubjectController.php
+++ b/app/Http/Controllers/SubjectController.php
@@ -82,10 +82,9 @@ class SubjectController extends Controller
             abort(403);
         }
 
-        return redirect()->route(
-            'subjects.show',
-            $subject->update($request->validated())
-        );
+        $subject->update($request->validated());
+
+        return redirect()->route('subjects.show', $subject);
     }
 
     /**
diff --git a/app/Policies/LessonPolicy.php b/app/Policies/LessonPolicy.php
index 75d12a7..23f825d 100644
--- a/app/Policies/LessonPolicy.php
+++ b/app/Policies/LessonPolicy.php
@@ -6,6 +6,7 @@ use App\Models\Admin;
 use App\Models\Grade;
 use App\Models\Lesson;
 use App\Models\Student;
+use App\Models\Teacher;
 use App\Models\User;
 
 class LessonPolicy
@@ -13,9 +14,9 @@ class LessonPolicy
     /**
      * Determine whether the user can view any models.
      */
-    public function viewAny(User $user, Grade $grade): bool
+    public function viewAny(User $user): bool
     {
-        return $user->userable_type != Student::class || $user->userable->grade_id == $grade->id;
+        return $user->userable_type == Teacher::class;
     }
 
     /**
@@ -23,7 +24,7 @@ class LessonPolicy
      */
     public function view(User $user, Lesson $lesson): bool
     {
-        return $user->userable_type != Student::class || $user->userable->grade_id == $lesson->grade_id;
+        return $user->userable_type == Teacher::class;
     }
 
     /**
@@ -31,7 +32,7 @@ class LessonPolicy
      */
     public function create(User $user): bool
     {
-        return $user->userable_type != Student::class;
+        return $user->userable_type == Teacher::class;
     }
 
     /**
@@ -39,7 +40,7 @@ class LessonPolicy
      */
     public function update(User $user, Lesson $lesson): bool
     {
-        return $user->userable_type != Student::class;
+        return $user->userable_type == Teacher::class;
     }
 
     /**
@@ -47,6 +48,6 @@ class LessonPolicy
      */
     public function delete(User $user, Lesson $lesson): bool
     {
-        return $user->userable_type != Student::class;
+        return $user->userable_type == Teacher::class;
     }
 }
diff --git a/app/Policies/SubjectPolicy.php b/app/Policies/SubjectPolicy.php
index 425db37..2db2c27 100644
--- a/app/Policies/SubjectPolicy.php
+++ b/app/Policies/SubjectPolicy.php
@@ -42,4 +42,9 @@ class SubjectPolicy
     {
         return $user->userable_type == Student::class;
     }
+
+    public function pdf(User $user): bool
+    {
+        return $user->userable_type == Student::class;
+    }
 }
diff --git a/config/tinker.php b/config/tinker.php
index 459fe7b..e486bd5 100644
--- a/config/tinker.php
+++ b/config/tinker.php
@@ -15,6 +15,7 @@ return [
 
     'commands' => [
         App\Console\Commands\AddAdmin::class,
+        App\Console\Commands\AddScores::class,
     ],
 
     /*
diff --git a/resources/views/grades/index.blade.php b/resources/views/grades/index.blade.php
index 43440e4..ba451a5 100644
--- a/resources/views/grades/index.blade.php
+++ b/resources/views/grades/index.blade.php
@@ -36,11 +36,13 @@
                                                class="btn btn-block col-8">{{ $grade->name }}</a>
                                         </div>
                                     </td>
-                                    <td>
-                                        <div>
-                                            <a href="{{ route('grades.lessons.index', $grade) }}" class="btn btn-primary">Занятия</a>
-                                        </div>
-                                    </td>
+                                    @can('viewAny', \App\Models\Lesson::class)
+                                        <td>
+                                            <div>
+                                                <a href="{{ route('grades.lessons.index', $grade) }}" class="btn btn-primary">Занятия</a>
+                                            </div>
+                                        </td>
+                                    @endcan
                                     @can('list', \App\Models\Grade::class)
                                         <td>
                                             <div>
diff --git a/resources/views/subjects/index.blade.php b/resources/views/subjects/index.blade.php
index 82a9ec9..c01d208 100644
--- a/resources/views/subjects/index.blade.php
+++ b/resources/views/subjects/index.blade.php
@@ -69,7 +69,9 @@
                     @can('create', \App\Models\Subject::class)
                         <a href="{{ route('subjects.create') }}" class="btn btn-success">Добавить</a>
                     @endcan
-                    <a href="{{ route('export-pdf') }}" class="btn btn-info">PDF</a>
+                    @can('pdf', \App\Models\Subject::class)
+                        <a href="{{ route('export-pdf') }}" class="btn btn-info">PDF</a>
+                    @endcan
                 </div>
                 <div class="card-footer">{{ $subjects->links() }}</div>
             </div>
diff --git a/routes/web.php b/routes/web.php
index 2daa68e..bf8fbcd 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -33,7 +33,6 @@ Route::middleware('auth')->group(function () {
         'subjects' => SubjectController::class,
         'students' => StudentController::class,
         'teachers' => TeacherController::class,
-        'grades.lessons' => LessonController::class,
     ]);
 
     Route::middleware([AdminAction::class])->group(function () {