Upload beautify

app/Http/Requests/Manage/ManageArtworkDestroyRequest.php

@@ -0,0 +1,68 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\Manage;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\DB;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+
+final class ManageArtworkDestroyRequest extends FormRequest
+{
+    private ?object $artwork = null;
+
+    public function authorize(): bool
+    {
+        $user = $this->user();
+        if (! $user) {
+            $this->logUnauthorized('missing_user');
+            $this->denyAsNotFound();
+        }
+
+        $id = (int) $this->route('id');
+        if ($id <= 0) {
+            $this->logUnauthorized('missing_artwork_id');
+            $this->denyAsNotFound();
+        }
+
+        $artwork = DB::table('artworks')->where('id', $id)->first();
+        if (! $artwork || (int) $artwork->user_id !== (int) $user->id) {
+            $this->logUnauthorized('artwork_not_owned_or_missing');
+            $this->denyAsNotFound();
+        }
+
+        $this->artwork = $artwork;
+
+        return true;
+    }
+
+    public function rules(): array
+    {
+        return [];
+    }
+
+    public function artwork(): object
+    {
+        if (! $this->artwork) {
+            $this->denyAsNotFound();
+        }
+
+        return $this->artwork;
+    }
+
+    private function denyAsNotFound(): void
+    {
+        throw new NotFoundHttpException();
+    }
+
+    private function logUnauthorized(string $reason): void
+    {
+        logger()->warning('Manage artwork delete unauthorized access', [
+            'reason' => $reason,
+            'artwork_id' => $this->route('id'),
+            'user_id' => $this->user()?->id,
+            'ip' => $this->ip(),
+        ]);
+    }
+}

app/Http/Requests/Manage/ManageArtworkEditRequest.php

@@ -0,0 +1,68 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\Manage;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\DB;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+
+final class ManageArtworkEditRequest extends FormRequest
+{
+    private ?object $artwork = null;
+
+    public function authorize(): bool
+    {
+        $user = $this->user();
+        if (! $user) {
+            $this->logUnauthorized('missing_user');
+            $this->denyAsNotFound();
+        }
+
+        $id = (int) $this->route('id');
+        if ($id <= 0) {
+            $this->logUnauthorized('missing_artwork_id');
+            $this->denyAsNotFound();
+        }
+
+        $artwork = DB::table('artworks')->where('id', $id)->first();
+        if (! $artwork || (int) $artwork->user_id !== (int) $user->id) {
+            $this->logUnauthorized('artwork_not_owned_or_missing');
+            $this->denyAsNotFound();
+        }
+
+        $this->artwork = $artwork;
+
+        return true;
+    }
+
+    public function rules(): array
+    {
+        return [];
+    }
+
+    public function artwork(): object
+    {
+        if (! $this->artwork) {
+            $this->denyAsNotFound();
+        }
+
+        return $this->artwork;
+    }
+
+    private function denyAsNotFound(): void
+    {
+        throw new NotFoundHttpException();
+    }
+
+    private function logUnauthorized(string $reason): void
+    {
+        logger()->warning('Manage artwork edit unauthorized access', [
+            'reason' => $reason,
+            'artwork_id' => $this->route('id'),
+            'user_id' => $this->user()?->id,
+            'ip' => $this->ip(),
+        ]);
+    }
+}

app/Http/Requests/Manage/ManageArtworkUpdateRequest.php

@@ -0,0 +1,74 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Requests\Manage;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\DB;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+
+final class ManageArtworkUpdateRequest extends FormRequest
+{
+    private ?object $artwork = null;
+
+    public function authorize(): bool
+    {
+        $user = $this->user();
+        if (! $user) {
+            $this->logUnauthorized('missing_user');
+            $this->denyAsNotFound();
+        }
+
+        $id = (int) $this->route('id');
+        if ($id <= 0) {
+            $this->logUnauthorized('missing_artwork_id');
+            $this->denyAsNotFound();
+        }
+
+        $artwork = DB::table('artworks')->where('id', $id)->first();
+        if (! $artwork || (int) $artwork->user_id !== (int) $user->id) {
+            $this->logUnauthorized('artwork_not_owned_or_missing');
+            $this->denyAsNotFound();
+        }
+
+        $this->artwork = $artwork;
+
+        return true;
+    }
+
+    public function rules(): array
+    {
+        return [
+            'name' => 'required|string|max:255',
+            'section' => 'nullable|integer',
+            'description' => 'nullable|string',
+            'artwork' => 'nullable|file|image',
+            'attachment' => 'nullable|file',
+        ];
+    }
+
+    public function artwork(): object
+    {
+        if (! $this->artwork) {
+            $this->denyAsNotFound();
+        }
+
+        return $this->artwork;
+    }
+
+    private function denyAsNotFound(): void
+    {
+        throw new NotFoundHttpException();
+    }
+
+    private function logUnauthorized(string $reason): void
+    {
+        logger()->warning('Manage artwork update unauthorized access', [
+            'reason' => $reason,
+            'artwork_id' => $this->route('id'),
+            'user_id' => $this->user()?->id,
+            'ip' => $this->ip(),
+        ]);
+    }
+}