From a4b4b93b3088eafd18efd8786cfa747e0933d7b8 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Mon, 28 Oct 2024 10:47:29 +0100
Subject: [PATCH] Refactor Member component to handle authorization checks and
 error handling

---
 app/Livewire/Team/Member.php | 54 ++++++++++++++++++++++++++----------
 1 file changed, 40 insertions(+), 14 deletions(-)

diff --git a/app/Livewire/Team/Member.php b/app/Livewire/Team/Member.php
index fa0cf6122..4d5cec805 100644
--- a/app/Livewire/Team/Member.php
+++ b/app/Livewire/Team/Member.php
@@ -4,39 +4,65 @@
 
 use App\Models\User;
 use Illuminate\Support\Facades\Cache;
-use Livewire\Attributes\Locked;
 use Livewire\Component;
 
 class Member extends Component
 {
-    #[Locked]
     public User $member;
 
     public function makeAdmin()
     {
-        $this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'admin']);
-        $this->dispatch('reloadWindow');
+        try {
+            if (! auth()->user()->isAdmin()) {
+                throw new \Exception('You are not authorized to perform this action.');
+            }
+            $this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'admin']);
+            $this->dispatch('reloadWindow');
+        } catch (\Exception $e) {
+            $this->dispatch('error', $e->getMessage());
+        }
     }
 
     public function makeOwner()
     {
-        $this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'owner']);
-        $this->dispatch('reloadWindow');
+        try {
+            if (! auth()->user()->isOwner()) {
+                throw new \Exception('You are not authorized to perform this action.');
+            }
+            $this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'owner']);
+            $this->dispatch('reloadWindow');
+        } catch (\Exception $e) {
+            $this->dispatch('error', $e->getMessage());
+        }
     }
 
     public function makeReadonly()
     {
-        $this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'member']);
-        $this->dispatch('reloadWindow');
+        try {
+            if (! auth()->user()->isAdmin()) {
+                throw new \Exception('You are not authorized to perform this action.');
+            }
+            $this->member->teams()->updateExistingPivot(currentTeam()->id, ['role' => 'member']);
+            $this->dispatch('reloadWindow');
+        } catch (\Exception $e) {
+            $this->dispatch('error', $e->getMessage());
+        }
     }
 
     public function remove()
     {
-        $this->member->teams()->detach(currentTeam());
-        Cache::forget("team:{$this->member->id}");
-        Cache::remember('team:'.$this->member->id, 3600, function () {
-            return $this->member->teams()->first();
-        });
-        $this->dispatch('reloadWindow');
+        try {
+            if (! auth()->user()->isAdmin()) {
+                throw new \Exception('You are not authorized to perform this action.');
+            }
+            $this->member->teams()->detach(currentTeam());
+            Cache::forget("team:{$this->member->id}");
+            Cache::remember('team:'.$this->member->id, 3600, function () {
+                return $this->member->teams()->first();
+            });
+            $this->dispatch('reloadWindow');
+        } catch (\Exception $e) {
+            $this->dispatch('error', $e->getMessage());
+        }
     }
 }