Task 7 - update forbidden field

This commit is contained in:
PovilasKorop
2021-11-29 15:31:28 +02:00
parent ccb91e35fb
commit ce6827fab8
7 changed files with 109 additions and 0 deletions
+18
View File
@@ -0,0 +1,18 @@
<?php
namespace App\Http\Controllers;
use App\Http\Requests\UpdateUserRequest;
use App\Models\User;
class UserController extends Controller
{
public function update(User $user, UpdateUserRequest $request)
{
// TASK: change this line to not allow is_admin field to be updated
// Update only the fields that are validated in UpdateUserRequest
$user->update($request->all());
return 'Success';
}
}
+31
View File
@@ -0,0 +1,31 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class UpdateUserRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'name' => 'required',
'email' => 'required',
];
}
}
+1
View File
@@ -21,6 +21,7 @@ class User extends Authenticatable
'name',
'email',
'password',
'is_admin',
];
/**