model = $model; $this->middleware('permission:List users')->only('index'); $this->middleware('permission:List users')->only('show'); $this->middleware('permission:Create users')->only('store'); $this->middleware('permission:Update users')->only('update'); $this->middleware('permission:Delete users')->only('destroy'); } public function index(Request $request) { $paginator = $this->model->with('roles.permissions')->paginate($request->get('limit', config('app.pagination_limit', 20))); if ($request->has('limit')) { $paginator->appends('limit', $request->get('limit')); } return fractal($paginator, new UserTransformer())->respond(); } public function show($id) { $user = $this->model->with('roles.permissions')->byUuid($id)->firstOrFail(); return fractal($user, new UserTransformer())->respond(); } public function store(Request $request) { $this->validate($request, [ 'name' => 'required', 'email' => 'required|email|unique:users,email', 'password' => 'required|min:8|confirmed', ]); $user = $this->model->create($request->all()); if ($request->has('roles')) { $user->syncRoles($request['roles']); } return fractal($user, new UserTransformer())->respond(201); } public function update(Request $request, $uuid) { $user = $this->model->byUuid($uuid)->firstOrFail(); $rules = [ 'name' => 'required', 'email' => 'required|email|unique:users,email,'.$user->id, ]; if ($request->method() == 'PATCH') { $rules = [ 'name' => 'sometimes|required', 'email' => 'sometimes|required|email|unique:users,email,'.$user->id, ]; } $this->validate($request, $rules); // Except password as we don't want to let the users change a password from this endpoint $user->update($request->except('_token', 'password')); if ($request->has('roles')) { $user->syncRoles($request['roles']); } return fractal($user->fresh(), new UserTransformer())->respond(); } public function destroy(Request $request, $uuid) { $user = $this->model->byUuid($uuid)->firstOrFail(); $user->delete(); return response()->json(null, 204); } }