I want to give all users the option to 'detach' a row from the pivot table - alert_criteria, but only if they own the 'criteria', which is linked by 'criteria_id' in the pivot table.
Relationship
An Alert belongsToMany Criteria.
A Criteria belongsToMany Alerts.
A User belongsToMany Criteria.
They are currently viewing the data of the pivot table through:
$matches = Criteria::whereUserId( Auth::id() )
->has('alerts')
->get();
I want them to have the functionality to be able to delete any of their rows from the pivot table.
Within my view, I can access each pivot table row's ID and post to the controller through:
{{ Form::open(array('route' => array('archiveMatch', $alert->id), 'role'=>'form')) }}
@foreach($matches as $match)
@foreach($match->alerts as $alert)
{{$alert->id}}
@endforeach
@endforeach
{{ Form::close() }}
I initially thought of:
public function postArchiveMatch($id)
{
DB::delete('delete from alert_criteria where id = ?' , array($id));
}
But, I want to check if the user actually own's this pivot table row. As far as I am aware, anyone who knows this URL can delete pivot table rows even if they don't own the 'criteria':
Route::post('users/match/destroy/{id}',
array('as' => 'archiveMatch', 'uses' => 'UsersController@postArchiveMatch'));
The only long winded way I can think of is:
Get
criteria_idrelating toalert_criteria.id. (from the form post).Get all
criteriawhereuser_id=auth::idCheck to see if the 'criteria_id' is in the list. If not, that means the user doesn't own it.
I'm pretty sure I'm over complicating things but any help would be hugely appreciated.
criteriathat theuserowns. They are in$matches. – Ben Harolduseris wanting to delete a row, they're posting theIDfrom the pivot table, not thecriteria_idassociated with it. – user860511