5.2 Storing and Updating Posts
We've done all this before—CRUD is (re)used in just about every app. In this lesson, we'll write the code to store and update posts.
1.Introduction1 lesson, 01:23
2.Getting Started4 lessons, 46:41
3.Managing Pages6 lessons, 1:12:31
4.User Management2 lessons, 27:37
5.Managing the Blog4 lessons, 41:51
6.Adding Extras2 lessons, 26:07
7.Implementing the Front-End3 lessons, 30:24
8.Homework Review1 lesson, 07:11
9.Conclusion1 lesson, 01:24
5.2 Storing and Updating Posts
In the previous lesson, we started implementing our blog management's. And we created all of our resources such as the model, the migrations, the seeder, the controller. And we also implemented the index view or at least part of it. >> There're still some things that we need to do here. So in this lesson, we need to do the rest of the crud stuff, create, update and we will be deleting. So if you haven't looked at the pages delete homework then feel free to do so because I'm going to use that here. I'm not going to explain it in this case, because it's been explained in that. So you're not going to be missing really anything if you haven't viewed it, so don't worry about that. But if you're curious, go ahead and do that. So let's go ahead and start with our blog controller. And we'll start with the create method. And all we need to do is return the view, admin, blog, create. And just like what we did with our pages, we're going to pass in an empty model object. So new post and there we go. That's it for that method. Let's go ahead and write the store method as well because it's going to be practically the same for our store method on our pages. So the first thing that we're going to do is save this as one of the user's posts so that it will be associated with that user. So then we will create our post object. And we are going to get data from the request which we need to create a request object. But we can do that here in a few moments. So request only, and we have the title, we have the slug, we also have published at and excerpt, and finally, body. And let's break this up a little bit so that it is all on the screen without having to horizontally scroll. So there we go, but that's not enough. After we save this, we need to redirect back to the index, so we will return, redirect. We will specify the route as blog index. Let's also provide a status method since we have that capability now. So status or not status, with status and then the post was created, all right? So that is good for now. Let's go ahead and look at our views. So let's open up both the create view, as well as the partial view for our fields. So admin > blog > create and partials, the create view is going to be very simple. We simply change our pages reference to blog and we are done. So there we go, let's go ahead and close that file. But inside of our fields, we have quite a few changes. We have the title, so we're going to keep that. Now we don't have the URL instead, we have a slug, which is part of a URL. So let's change all of our URL references to slug, and that will be good there. Let's take this and copy and paste it for our published and eventually, we will add some components. Well, not components, we're going to add a date picker so that it will be a little bit easier for the user to specify the date and time. Otherwise, they will need to type it in the correct format. And it's just easier if we do that for them. So as far as our references are concerned, that is all published_at and we will be doing that probably in the next lesson. In this lesson, we're just going to get all of the crud stuff. In the next lesson, we will add some polish. So we have our title slug published_at. Our content is not content anymore. It is simply the body, so let's go ahead and change those references as well. We will change the text of the label to body and we will copy this because we also have the excerpt as well. So once again, change our body references for this field to excerpt and then we will change the label text to Excerpt, okay. So let's at least see the create view. And that looks pretty good actually. And also one thing we will do is automatically populate the slug. We will let them choose ultimately but as they type the title, we will auto populate the slug, and that will be done in the next lesson as well. Okay, so let's go ahead and create our request classes. And yes, I mean classes. So unlike the pages, I am going to create two request object or two request classes, one for storing and one for updating. And we will use one as the base class for the other because they are going to have the same exact functionality. That's just the better approach, really. So we've created those two classes, store, blog, request and update blog request. Let's go to our Requests folder. And let's implement our StoreBlogRequest. Now the authorize is going to return true. And as far as our rules are concerned, practically everything is going to be required except for the published date. So let's go ahead and copy and paste a few times. The slug is required. The published_at is going to be the only thing that's going to be different. This is nullable and if there is data, we want it to match the date_format of year, month, day, hour, minutes, seconds, so y m d h i s. And then we have the excerpt and finally, the body. Now we could implement our own custom error messages if we wanted to, but this is going to be fine. So let's open up our UpdateBlogRequest. Let's extend our StoreBlogRequest and we will get rid of everything else because we don't want to override anything. And there we have those so we can use them inside of our blog controller, but let's import them first. So we'll say App\Http\Requests\StoreBlogRequest and then one for our updates. Let's go ahead and use them in our methods as well. So for the store method, we are going to StoreBlogRequest. And that's wrong, excerpt. I'm glad to caught that. [LAUGH] It's always great to catch it to when you don't run it or before you run it, and then UpdateBlogRequest. Okay, so let's test this out. And then we will come back and implement the edit. So let's create new. So for the title, this is a test the slug, this is a test. The publish date we'll leave null, this is excerpt and this is body so whenever we submit, we should see our test. That's great and everything works. Okay, so let's go and edit this. Now of course, we need to, first of all, return our view. So for the edits, we will return view and that is admin.blog.edit. Now we do need to pass in the model, so with model. But in this case, we can't use post here. In fact, if we do, it's not going to work. Because the model binder isn't going to bind our data correctly. This needs to be called blog. So we are going to pass blog to our edit view, and we will see that there so let's go to our views. And let's open up edit. We shouldn't have to do anything inside of our fields, but we do need to change our edit so that instead of referencing pages, we reference blog. And let's also change this to blog model ID. All right, so let's refresh the page here. What do we have, undefined use of constant blogs and blog and yeah, need a dollar sign. So let's go back to the controller, add a dollar sign, there we go. Now whenever we refresh, we should see our form and we do, all of our data is populated. So that looks good. Now we just need to implement the update method. So really what we want to do is do the same thing with the pages. We want to have a policy that we can use so that's only users who are admins, authors with the ID of the author ID of the post and editors. So let's go ahead and make that policy. So we'll go back to the command line, php artisan make policy. This will be called PostPolicy. And the model is going to be a Post. So we have that, we do need to register that in our AuthServiceProvider. So let's go there. And we will say App\Post as the policy of App\Policies\PostPolicy. Okay, so that's wired up. Now we do need to actually implement that. So let's go to our Policies. Let's open up our page policy because really, a lot of that's going to be the same. Okay, so we want this before. So let's go ahead and add that to our policy. So inside of PostPolicy, we have the before method. If the user is an admin or editor, then we return true. We're not using the view so we will get rid of that. And every user can create something, so we will get rid of that. But as far as updating is concerned, that's where we're going to pretty much do this. If the user ID is the same as the post user ID, then that user can do it. And I don't know about delete. This isn't like pages, these are blog posts. But what do we do with the page? We did the same thing. So I guess we can do the same thing here as well. So we will do that. Except page is going to be post. And there we go. So let's use this policy if Auth user can't update, and then we will pass in that post, which we need to call blog that can't update that post. Then we want to redirect back to index. So our route is blog index, we also need a status. And since this is a permission thing, we can say you do not have permission to edit that post. But if they do have permission, then we of course want to edit. And after we edit, we want to redirect but in this case, we'll say that the post was updated. So we have that, now we just need to update and we will use our blog. We'll call the fill method and we will fill it with the data from the request. So we want only title slug published at the excerpt and then finally, the body. And that's not enough, we need to save it as well. So we will save. And then after we save, we redirect. So with that implemented, let's test out the editing. So let's change this to edited and the slug, we could also say edited. We'll leave the publish date null as well. We'll leave everything else alone, let's submit. And what do we have? The post was updated and we can see that it was updated. And so finally, the last thing that we need to implement is destroy. So we will essentially do what we did for updates in that we are going to check for our delete ability. And if that is not available, you do not have permission to delete that post. Otherwise, we will delete it, so blog, delete. And then we will redirect back to our index and we will say the post was deleted. And then to make that work, let's just grab what we have from our pages. So let's go to our views > pages > index, and we want this link for deleting, let's add that to this empty cell there. We also need the form that's actually going to be used to submit that request. So we will copy and paste that in and there we go. Although that cell that we put that in was for the published. So let's add another header field, one that doesn't have anything. And then we will add in another cell there in between our delete and the slug. Now as far as what we have here, this needs to be blog destroy the page needs to be blog that needs to be post and everything else is okay. So let's test deleting. And if we click on the delete of this, yes, we want to delete undefined variable blog. So let's go to our controller. When you try to do things too fast, this is what happens. It always gets me, I'll tell you. All right, so let's try that again. We will try to delete and voila, that worked. Well, now that we have finished all of the crud for our blog management, we want to add a little bit of polish to our views. We want to auto populate the slug as they type the title. We also want to provide a date time picker to make entering the published_at value easier.