Build a Forum with Inertia and Laravel

Sign in Get started

This episode is for members only

Sign up to access "Build a Forum with Inertia and Laravel" right now.

Already a member? Sign in to continue

Playing

61. Preventing parent posts from being deleted

Episodes

0%

Your progress

Total: 6h 54m
Played: 0m
Remaining: 6h 54m

Join or sign in to track your progress

01. Introduction and demo

02. Getting set up

03. Modifying registration for usernames

04. Figuring out the forum layout

05. Creating and listing topics

06. Basic discussion listing

07. Pinning discussions

08. Tackling pagination in Inertia

09. Customising pagination text in Laravel

10. Showing a discussion

11. Setting up discussion posts

12. Listing through discussion posts

13. Adding more data to posts

14. Adding pagination to posts

15. Adding a post preview to discussions

16. Adding the last reply to discussions

17. Outputting discussion participants

18. Limiting participants in the UI

19. Ordering discussions by last post

20. Handling deleted users

21. Counting replies

22. Building our first filter

23. Highlighting current filters, and merging with pagination

24. Adding auth specific filters

25. Adding the topic filter

26. Scaffolding the new discussion form

27. Toggling the create discussion form

28. Keeping form state

29. Storing a new discussion

30. Discussion validation and authorization

31. Generating markdown for posts

32. Toggling the markdown preview

33. Fetching and displaying markdown

34. Adding a markdown shortcut toolbar

35. Dealing with SVG icons

36. Creating the reply form

37. Basic Inertia permission checking

38. Creating replies to discussions

39. Jumping to posts

40. Automatically scrolling to posts

41. Toggling post editing

42. Editing posts

43. Deleting posts

44. Deleting discussions

45. Setting up for best answers

46. Toggling the best discussion answer

47. Solved and unsolved filters

48. Indexing discussions for search

49. Searching discussions

50. Debouncing search

51. Adding mentionable functionality to forms

52. Indexing users for mentioning

53. Hooking up users for mentions

54. Detecting and storing mentioned users

55. Adding the mentioned filter

56. Adding mentions to the markdown toolbar

57. Adding mentions to the reply form

58. Fixing up some unauthenticated state

59. Fixing up post scrolling

60. Reviewing SSR (Server-side rendering)

61. Preventing parent posts from being deleted

62. Improving solution marking

Transcript

00:00

Okay let's go ahead and look at an issue that we saw earlier and that is the

00:03

inability to delete an original post from a discussion. So at the moment if we head over to any of the discussions that we've created here we can actually delete the original post from this which kind of doesn't make sense we want this whole thing here to kind of be attached together so we can't delete the

00:22

original post. If we wanted to delete the overall discussion we could use this button just here. So we're really simply going to go ahead and update our authorization rule for our post just to make sure it does not belong to a discussion and we're also going to keep out our debug bar just to make sure we're

00:40

not making way too many queries here. Okay so I'm gonna go ahead and start a new discussion just to test this out so let's say delete test and we'll say delete test body let's go ahead and hook this up to a topic and here it is. So we want to get rid of this. I'm gonna go ahead and reply and just say here is a

00:58

reply and there we go. So let's head over and figure out how we are going to do this. So if we go over to our post policy we've got this delete method just here. If we look at our database really quickly over in post we actually know what a parent post is because we have this parent ID is set to null if that's

01:16

the case. So actually we don't really need to go back and check if this is the first post in a discussion by any kind of relationship we just want to add a condition to what we've already got. So we're gonna say that it needs to belong to the user which of course is really important and the post is not a parent.

01:33

Now I have a feeling we created a method out earlier we actually didn't. I think just doing this manually in here would be fine. So let's go ahead and say post parent ID and we want to make sure that this is null. So let's go ahead and wrap that on is null and to be honest that should be pretty much it. If we head over

01:52

now and give this a refresh yeah just making sure that that isn't null. There we go. So we can delete any of the posts inside this discussion now but we don't see the delete link for the original post and of course we have our authorization rules in place for deleting posts anyway so even if we try

02:13

to get around this it just would not work we wouldn't be able to perform that action. So there we go that's a really quick fix I'm just gonna head over to the post destroy controller and yeah we didn't add a comment in here so that's fine and there we go very quick fix by updating our authorization.

Episode summary

In this episode, we tackle a specific issue: preventing users from deleting the very first (parent) post in a discussion. Previously, it was possible to remove the main post, which didn't make sense because it could leave orphaned replies and break the discussion flow.

We start by reviewing how deleting works and then look at our authorization rules. You'll see that a parent post is easily identified in our database—a parent_id of null means it's the original post. So, we simply update our delete logic to check for this: if the post is a parent, the delete option won't appear, and even if someone tries to bypass the UI, our authorization rule has it covered.

To make sure everything works as expected, we walk through a test where we create a new discussion, reply to it, and notice that the delete button is missing on the original post but still available for replies. That’s all it takes—a small change makes our discussions much more robust!

Episode discussion

No comments, yet. Be the first!