Changed over to route model binding and simplified logic & gates

app/Http/Controllers/Api/NotesController.php

@@ -26,30 +26,17 @@ class NotesController extends Controller
      * Returns JSON responses indicating success or failure with appropriate HTTP status codes.
      *
      * @param  \Illuminate\Http\Request  $request  The incoming HTTP request containing the 'note'.
-     * @param  int|string  $assetId  The ID of the asset to attach the note to.
+     * @param  Asset  $asset  The ID of the asset to attach the note to.
      * @return \Illuminate\Http\JsonResponse
      */
-    public function store(Request $request, $assetId): JsonResponse
+    public function store(Request $request, Asset $asset): JsonResponse
     {
-        $this->authorize('update', Asset::class);
+        $this->authorize('update', $asset);
 
         if ($request->input('note', '') == '') {
             return response()->json(Helper::formatStandardApiResponse('error', null, trans('validation.required', ['attribute' => 'note'])), 422);
         }
 
-        try {
-            $asset = Asset::findOrFail($assetId);
-        } catch (ModelNotFoundException $e) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
-        } catch (\Exception $e) {
-            Log::debug('Error fetching asset: ' . $e->getMessage());
-
-            // Return generic server error response since something unexpected happened
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/settings/message.webhook.500')), 500);
-        }
-
-        $this->authorize('update', $asset);
-
         // Create the note
         $logaction = new ActionLog();
         $logaction->item_type = get_class($asset);
@@ -74,22 +61,11 @@ class NotesController extends Controller
      * user information for each note. Returns a JSON response with the notes or errors.
      *
      * @param  \Illuminate\Http\Request  $request  The incoming HTTP request.
-     * @param  int|string  $assetId  The ID of the asset whose notes to retrieve.
+     * @param  Asset  $asset  The ID of the asset whose notes to retrieve.
      * @return \Illuminate\Http\JsonResponse
      */
-    public function getList(Request $request, $assetId): JsonResponse
+    public function getList(Asset $asset): JsonResponse
     {
-        $this->authorize('view', Asset::class);
-
-        try {
-            $asset = Asset::findOrFail($assetId);
-        } catch (ModelNotFoundException $e) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, $e->getMessage()), 404);
-        } catch (\Exception $e) {
-            // Return generic server error response since something unexpected happened
-            return response()->json(Helper::formatStandardApiResponse('error', null, $e->getMessage()), 500);
-        }
-
         $this->authorize('view', $asset);
 
         // Get the manual notes for the asset

routes/api.php

@@ -847,7 +847,7 @@ Route::group(['prefix' => 'v1', 'middleware' => ['api', 'api-throttle:api']], fu
         Route::group(['prefix' => 'notes'], function () {
 
             Route::post(
-                '{asset_id}/store',
+                '{asset}/store',
                 [
                     Api\NotesController::class,
                     'store'
@@ -855,7 +855,7 @@ Route::group(['prefix' => 'v1', 'middleware' => ['api', 'api-throttle:api']], fu
             )->name('api.notes.store');
 
             Route::get(
-                '{asset_id}/getList',
+                '{asset}/getList',
                 [
                     Api\NotesController::class,
                     'getList'

tests/Feature/Assets/Api/AssetNotesTest.php

@@ -12,7 +12,7 @@ class AssetNotesTest extends TestCase
     public function testThatANonExistentAssetIdReturnsError()
     {   
         $this->actingAsForApi(User::factory()->editAssets()->create())
-            ->postJson(route('api.notes.store', 123456789))
+            ->postJson(route('api.notes.store', ['asset' => 123456789]))
             ->assertStatusMessageIs('error');
     }
 
@@ -21,7 +21,7 @@ class AssetNotesTest extends TestCase
         $asset = Asset::factory()->create();
 
         $this->actingAsForApi(User::factory()->create())
-            ->postJson(route('api.notes.store', $asset->id), [
+            ->postJson(route('api.notes.store', $asset), [
                 'note' => 'test'
             ])
             ->assertForbidden();
@@ -32,7 +32,7 @@ class AssetNotesTest extends TestCase
         $asset = Asset::factory()->create();
 
         $this->actingAsForApi(User::factory()->editAssets()->create())
-            ->postJson(route('api.notes.store', ['asset_id' => $asset->id]), [
+            ->postJson(route('api.notes.store', $asset), [
                 'note' => 'This is a test note.'
             ])
             ->assertStatusMessageIs('success')
@@ -67,7 +67,7 @@ class AssetNotesTest extends TestCase
             ]);
 
         $this->actingAsForApi($user)
-            ->getJson(route('api.notes.getList', ['asset_id' => $asset->id]))
+            ->getJson(route('api.notes.getList', $asset))
             ->assertOk()
             ->assertJson([
                 'messages' => null,