add squad members.

app/Controller/SquadController.php

@@ -14,6 +14,7 @@
 namespace App\Controller;
 
 use App\Model\Squad;
+use App\Model\Product;
 use Ramsey\Uuid\Uuid;
 use Hyperf\HttpServer\Contract\RequestInterface;
 use Psr\Http\Message\ResponseInterface as Psr7ResponseInterface;
@@ -22,7 +23,6 @@ class SquadController extends AbstractController
 {
     public function index($productUuid = false): Psr7ResponseInterface
     {
-        var_dump($productUuid);
         if (empty($productUuid) === false) {
             $squad = Squad::where('product_uuid', $productUuid)->get();
         } else {
@@ -59,14 +59,33 @@ public function create(): Psr7ResponseInterface
 
     public function update($uuid): Psr7ResponseInterface
     {
-        $squad = Squad::find($uuid);
+        $user = $this->container->get('user');
+
+        $squad = Squad::where('uuid', $uuid)->first();
 
         if (! $squad) {
             return $this->response->json(['error' => 'Squad not found'], 404);
         }
 
+        $product = Product::where('uuid', $squad->product_uuid)->first();
+
+        if (! $product) {
+            return $this->response->json(['error' => 'Product not found'], 404);
+        }
+
+        if ($user->uuid !== $product->owner_uuid) {
+            return $this->response->json(
+                [
+                    'error' => 'Você não tem permissão para autalizar este produto.',
+                ],
+                403
+            );
+        }
+
         $data = $this->request->getParsedBody();
-        $squad->fill($data);
+
+        $squad->name = $data['name'];
+        $squad->description = $data['description'];
         $squad->save();
 
         return $this->response->json([
@@ -75,14 +94,31 @@ public function update($uuid): Psr7ResponseInterface
         ]);
     }
 
-    public function del()
+    public function delete($uuid)
     {
-        $squad = Squad::find($id);
+        $user = $this->container->get('user');
+
+        $squad = Squad::where('uuid', $uuid)->first();
 
         if (! $squad) {
             return $this->response->json(['error' => 'Squad not found'], 404);
         }
 
+        $product = Product::where('uuid', $squad->product_uuid)->first();
+
+        if (! $product) {
+            return $this->response->json(['error' => 'Product not found'], 404);
+        }
+
+        if ($user->uuid !== $product->owner_uuid) {
+            return $this->response->json(
+                [
+                    'error' => 'Você não tem permissão para autalizar este produto.',
+                ],
+                403
+            );
+        }
+
         $squad->delete();
 
         return $this->response->json(['message' => 'Squad deleted successfully!']);

config/routes.php

@@ -1,14 +1,5 @@
 <?php
 
-/**
- * This file is part of Hyperf.
- *
- * @link     https://www.hyperf.io
- * @document https://hyperf.wiki
- * @contact  group@hyperf.io
- * @license  https://github.com/hyperf/hyperf/blob/master/LICENSE
- */
-
 declare(strict_types=1);
 
 use Hyperf\HttpServer\Router\Router;
@@ -36,9 +27,9 @@ function () {
         Router::addRoute(['GET'], '/squad/{uuid}', 'App\Controller\SquadController@show');
         Router::addRoute(['POST'], '/squad', 'App\Controller\SquadController@create');
         Router::addRoute(['PUT'], '/squad/{uuid}', 'App\Controller\SquadController@update');
-        Router::addRoute(['DELETE'], '/squad', 'App\Controller\SquadController@delete');
+        Router::addRoute(['DELETE'], '/squad/{uuid}', 'App\Controller\SquadController@delete');
 
-        // Squad
+        // Member
         Router::addRoute(['GET'], '/squad/{uuid}/members', 'App\Controller\Member@index');
         Router::addRoute(['GET'], '/squad/{uuid}/member/{memberUuid}', 'App\Controller\Member@show');
         Router::addRoute(['POST'], '/squad/{uuid}/member', 'App\Controller\Member@create');