From a5b91eb5850f37da4ff52453ae504c7aaf4e70a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Cort=C3=A9s?= <hola@danielcortes.xyz>
Date: Tue, 20 Jul 2021 02:40:57 -0400
Subject: [PATCH] Restaurantes se fija en el usuario que esta llamadno

---
 .../Controllers/RestaurantesController.php    | 27 ++++++++++++++-----
 .../Http/Controllers/UsuariosController.php   |  6 ++++-
 backend/routes/web.php                        |  8 +++---
 3 files changed, 29 insertions(+), 12 deletions(-)

diff --git a/backend/app/Http/Controllers/RestaurantesController.php b/backend/app/Http/Controllers/RestaurantesController.php
index 0ce3102..76171a8 100644
--- a/backend/app/Http/Controllers/RestaurantesController.php
+++ b/backend/app/Http/Controllers/RestaurantesController.php
@@ -50,8 +50,8 @@ class RestaurantesController extends Controller {
         app(UuidService::class)->validOrFail($id);
         $restaurante = Restaurante::findOrFail($id);
 
-        if(!$request->user->isOnRestaurant($restaurante)){
-            return ModelNotFoundException('restaurante', $restaurante->id);
+        if(!$request->user->isOnRestaurante($restaurante)){
+            throw new ModelNotFoundException('restaurante', $restaurante->id);
         }
 
         return response()->json($restaurante);
@@ -84,6 +84,11 @@ class RestaurantesController extends Controller {
         ]);
 
         $restaurant = Restaurante::findOrFail($id);
+
+        if(!$request->user->isOnRestaurante($restaurant)){
+            throw new ModelNotFoundException('restaurante', $restaurant->id);
+        }
+
         $restaurant->nombre = $request->input('nombre');
         $restaurant->save();
 
@@ -98,11 +103,19 @@ class RestaurantesController extends Controller {
 
         $restaurant = Restaurante::findOrFail($id);
 
-        if($restaurant->usuarios()->count() > 0) throw new CantDeleteHasChildException("restaurant", "usuario");
-        if($restaurant->canalesVenta()->count() > 0) throw new CantDeleteHasChildException("restaurant", "canal_venta");
-        if($restaurant->sectores()->count() > 0) throw new CantDeleteHasChildException("restaurant", "sector");
-        if($restaurant->zonasProduccion()->count() > 0) throw new CantDeleteHasChildException("restaurant", "zona_produccion");
-        if($restaurant->categorias()->count() > 0) throw new CantDeleteHasChildException("restaurant", "categoria");
+        if($restaurant->canalesVenta()->count() > 0)        throw new CantDeleteHasChildException("restaurant", "canal_venta");
+        if($restaurant->categorias()->count() > 0)          throw new CantDeleteHasChildException("restaurant", "categoria");
+        if($restaurant->compras()->count() > 0)             throw new CantDeleteHasChildException("restaurant", "compra");
+        if($restaurant->usuarios()->count() > 0)            throw new CantDeleteHasChildException("restaurant", "usuario");
+        if($restaurant->sectores()->count() > 0)            throw new CantDeleteHasChildException("restaurant", "sector");
+        if($restaurant->zonasProduccion()->count() > 0)     throw new CantDeleteHasChildException("restaurant", "zona_produccion");
+        if($restaurant->proveedores()->count() > 0)         throw new CantDeleteHasChildException("restaurant", "proveedor");
+        if($restaurant->ingredientes()->count() > 0)        throw new CantDeleteHasChildException("restaurant", "ingrediente");
+        if($restaurant->productos()->count() > 0)           throw new CantDeleteHasChildException("restaurant", "producto");
+        if($restaurant->ventas()->count() > 0)              throw new CantDeleteHasChildException("restaurant", "venta");
+        if($restaurant->boletasElectronicas()->count() > 0) throw new CantDeleteHasChildException("restaurant", "boleta_electronica");
+        if($restaurant->boletasExentas()->count() > 0)      throw new CantDeleteHasChildException("restaurant", "boleta_exenta");
+        if($restaurant->cajas()->count() > 0)               throw new CantDeleteHasChildException("restaurant", "caja");
 
         $restaurant->delete();
         return response()->json([], 204);
diff --git a/backend/app/Http/Controllers/UsuariosController.php b/backend/app/Http/Controllers/UsuariosController.php
index a2a5ae0..4ce0aee 100644
--- a/backend/app/Http/Controllers/UsuariosController.php
+++ b/backend/app/Http/Controllers/UsuariosController.php
@@ -21,7 +21,11 @@ class UsuariosController extends Controller {
      * Obtiene de forma paginada los usuarios registrados en el backend
      */
     public function all(Request $request) {
-        $usuarios = Usuario::all();
+        if($request->user->isGlobalAdmin()) {
+            $usuarios = Usuario::all();
+        } else {
+            $usuarios = Restaurante::all()->intersect($request->user->restaurantes);
+        }
 
         $paginate = app(PaginatorService::class)->paginate(
             perPage: $request->input('per_page', 15),
diff --git a/backend/routes/web.php b/backend/routes/web.php
index c52b711..d1ab1f3 100644
--- a/backend/routes/web.php
+++ b/backend/routes/web.php
@@ -23,7 +23,7 @@ $router->group(['prefix' => 'api/v1', 'middleware' => ['auth', 'log_endpoint']],
         $router->get(   '/',     ['as' => 'restaurant.all',    'uses' => 'RestaurantesController@all']);
         $router->get(   '/{id}', ['as' => 'restaurant.get',    'uses' => 'RestaurantesController@get']);
         $router->post(  '/',     ['as' => 'restaurant.create', 'uses' => 'RestaurantesController@create', 'middleware' => ['role:global_admin']]);
-        $router->put(   '/{id}', ['as' => 'restaurant.update', 'uses' => 'RestaurantesController@update', 'middleware' => ['role:global_admin']]);
+        $router->put(   '/{id}', ['as' => 'restaurant.update', 'uses' => 'RestaurantesController@update', 'middleware' => ['role:admin|global_admin']]);
         $router->delete('/{id}', ['as' => 'restaurant.delete', 'uses' => 'RestaurantesController@delete', 'middleware' => ['role:global_admin']]);
 
         $router->get(   '/{restaurante_id}/canales-venta',      ['as' => 'canales-venta.all',    'uses' => 'CanalesVentaController@all', 'middleware' => ['in_restaurante']]);
@@ -32,8 +32,8 @@ $router->group(['prefix' => 'api/v1', 'middleware' => ['auth', 'log_endpoint']],
         $router->put(   '/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.update', 'uses' => 'CanalesVentaController@update', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
         $router->delete('/{restaurante_id}/canales-venta/{id}', ['as' => 'canales-venta.delete', 'uses' => 'CanalesVentaController@delete', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
 
-        $router->get(   '/{restaurante_id}/sectores',      ['as' => 'sectores.all',    'uses' => 'SectoresController@all', 'middleware' => ['in_restaurante']);
-        $router->get(   '/{restaurante_id}/sectores/{id}', ['as' => 'sectores.get',    'uses' => 'SectoresController@get', 'middleware' => ['in_restaurante']);
+        $router->get(   '/{restaurante_id}/sectores',      ['as' => 'sectores.all',    'uses' => 'SectoresController@all', 'middleware' => ['in_restaurante']]);
+        $router->get(   '/{restaurante_id}/sectores/{id}', ['as' => 'sectores.get',    'uses' => 'SectoresController@get', 'middleware' => ['in_restaurante']]);
         $router->post(  '/{restaurante_id}/sectores',      ['as' => 'sectores.create', 'uses' => 'SectoresController@create', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
         $router->put(   '/{restaurante_id}/sectores/{id}', ['as' => 'sectores.update', 'uses' => 'SectoresController@update', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
         $router->delete('/{restaurante_id}/sectores/{id}', ['as' => 'sectores.delete', 'uses' => 'SectoresController@delete', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
@@ -84,7 +84,7 @@ $router->group(['prefix' => 'api/v1', 'middleware' => ['auth', 'log_endpoint']],
         $router->post(  '/{restaurante_id}/compras/{id}/ingredientes/{ingrediente_id}', ['as' => 'compras.ingredientes.add',    'uses' => 'ComprasController@addIngrediente',   'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
         $router->delete('/{restaurante_id}/compras/{id}/ingredientes/{ingrediente_id}', ['as' => 'compras.ingredientes.delete', 'uses' => 'ComprasController@deleteIngrediente','middleware' => ['role:admin|global_admin', 'in_restaurante']]);
 
-        $router->get(   '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.get',    'uses' => 'FacturasController@get',    'middleware' => ['in_restaurante']]]);
+        $router->get(   '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.get',    'uses' => 'FacturasController@get',    'middleware' => ['in_restaurante']]);
         $router->post(  '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.create', 'uses' => 'FacturasController@create', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
         $router->put(   '/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.update', 'uses' => 'FacturasController@update', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);
         $router->delete('/{restaurante_id}/compras/{id}/factura', ['as' => 'factura.delete', 'uses' => 'FacturasController@delete', 'middleware' => ['role:admin|global_admin', 'in_restaurante']]);