Merge pull request #370 from Dev-Tonia/feat/delete_product

feat: delete product
hngprojects · Aug 7, 2024 · 2e8ab38 · 2e8ab38
2 parents bf1908e + e166769
commit 2e8ab38
Show file tree

Hide file tree

Showing 19 changed files with 1,365 additions and 579 deletions.
diff --git a/app/Http/Controllers/Api/V1/ProductController.php b/app/Http/Controllers/Api/V1/ProductController.php
@@ -78,11 +78,11 @@ public function search(Request $request)
             });
         }
 
-    
+
         $page = $request->input('page', 1);
         $limit = $request->input('limit', 10);
         $products = $query->with(['productsVariant', 'categories'])
-                      ->paginate($limit, ['*'], 'page', $page);
+            ->paginate($limit, ['*'], 'page', $page);
 
         $transformedProducts = $products->map(function ($product) {
             return [
@@ -92,9 +92,9 @@ public function search(Request $request)
                 'description' => $product->description,
                 'product_id' => $product->product_id,
                 'quantity' => $product->quantity,
-                'category' => $product->categories->isNotEmpty() ? $product->categories->map->name : [], 
-                'stock' => $product->productsVariant->isNotEmpty() ? $product->productsVariant->first()->stock : null, 
-                'status' => $product->productsVariant->isNotEmpty() ? $product->productsVariant->first()->stock_status : null, 
+                'category' => $product->categories->isNotEmpty() ? $product->categories->map->name : [],
+                'stock' => $product->productsVariant->isNotEmpty() ? $product->productsVariant->first()->stock : null,
+                'status' => $product->productsVariant->isNotEmpty() ? $product->productsVariant->first()->stock_status : null,
                 'date_added' => $product->created_at
             ];
         });
@@ -107,7 +107,7 @@ public function search(Request $request)
                 'totalPages' => $products->lastPage(),
                 'currentPage' => $products->currentPage(),
                 'perPage' => $products->perPage(),
-             ],
+            ],
             'status_code' => 200
         ], 200);
     }
@@ -194,15 +194,15 @@ public function index(Request $request)
      * Store a newly created resource in storage.
      */
     public function store(CreateProductRequest $request, $org_id)
-    {        
+    {
         $isOwner = OrganisationUser::where('org_id', $org_id)->where('user_id', auth()->id())->exists();
 
         if (!$isOwner) {
             return response()->json(['message' => 'You are not authorized to create products for this organization.'], 403);
         }
 
         $imageUrl = null;
-        if($request->hasFile('image')) {
+        if ($request->hasFile('image')) {
             $imagePath = $request->file('image')->store('product_images', 'public');
             $imageUrl = Storage::url($imagePath);
         }
@@ -239,7 +239,6 @@ public function store(CreateProductRequest $request, $org_id)
         ]);
 
         return response()->json(['message' => 'Product created successfully', 'product' => $product], 201);
-
     }
 
     /**
@@ -320,28 +319,43 @@ public function update(UpdateProductRequest $request, string $org_id, string $pr
     /**
      * Remove the specified resource from storage.
      */
-    public function destroy($productId)
+    public function destroy($org_id, $product_id)
     {
-        if (!Auth::check()) {
-            return response()->json([
-                'error' => 'Unauthorized',
-                'message' => 'You must be authenticated to delete a product.'
-            ], 401);
+
+        $isOwner = OrganisationUser::where('org_id', $org_id)->where('user_id', auth()->id())->exists();
+        // Check if the user's organization matches the org_id in the request
+        if (!$isOwner) {
+            return response()->json(
+                [
+                    'status' => 'Forbidden',
+                    'message' => 'You do not have permission to delete a product from this organization.',
+                    'status_code' => 403
+                ],
+                403
+            );
         }
 
-        $product = Product::find($productId);
+        $product = Product::find($product_id);
 
         if (!$product) {
             return response()->json([
                 'error' => 'Product not found',
-                'message' => "The product with ID $productId does not exist."
+                'message' => "The product with ID $product_id does not exist."
             ], 404);
         }
 
+        // Check if the product belongs to the organization
+        if ($product->org_id !== $org_id) {
+            return response()->json([
+                'error' => 'Forbidden',
+                'message' => 'You do not have permission to delete this product.'
+            ], 403);
+        }
+
         $product->delete();
 
         return response()->json([
             'message' => 'Product deleted successfully.'
-        ], 200);
+        ], 204);
     }
 }