From 950b93c0a8a245513705e6edac766878378e19a3 Mon Sep 17 00:00:00 2001
From: Matt Young <matt@mattyoung.us>
Date: Thu, 18 Jul 2024 00:27:41 -0500
Subject: [PATCH] #36 Preserve name uniqueness at a school

When updating a student from either the admin side or user side, the site will block an attempt to duplicate a student name at a school.

Closes #36
---
 app/Http/Controllers/Admin/StudentController.php | 15 +++++++++++++++
 app/Http/Controllers/StudentController.php       |  9 +++++++++
 tests/Feature/Pages/Admin/StudentEditTest.php    | 13 +++++++++++++
 tests/Feature/Pages/StudentsEditTest.php         | 13 +++++++++++++
 4 files changed, 50 insertions(+)

diff --git a/app/Http/Controllers/Admin/StudentController.php b/app/Http/Controllers/Admin/StudentController.php
index 9916f64..c0a4a3c 100644
--- a/app/Http/Controllers/Admin/StudentController.php
+++ b/app/Http/Controllers/Admin/StudentController.php
@@ -48,6 +48,13 @@ class StudentController extends Controller
             'school_id' => ['required', 'exists:schools,id'],
         ]);
 
+        if (Student::where('first_name', request('first_name'))
+            ->where('last_name', request('last_name'))
+            ->where('school_id', request('school_id'))
+            ->exists()) {
+            return redirect('/admin/students/create')->with('error', 'This student already exists.');
+        }
+
         Student::create([
             'first_name' => request('first_name'),
             'last_name' => request('last_name'),
@@ -91,6 +98,14 @@ class StudentController extends Controller
             }
         }
 
+        if (Student::where('first_name', request('first_name'))
+            ->where('last_name', request('last_name'))
+            ->where('school_id', request('school_id'))
+            ->where('id', '!=', $student->id)
+            ->exists()) {
+            return redirect('/admin/students/'.$student->id.'/edit')->with('error', 'A student with that name already exists at that school');
+        }
+
         $student->update([
             'first_name' => request('first_name'),
             'last_name' => request('last_name'),
diff --git a/app/Http/Controllers/StudentController.php b/app/Http/Controllers/StudentController.php
index 6390220..82baca5 100644
--- a/app/Http/Controllers/StudentController.php
+++ b/app/Http/Controllers/StudentController.php
@@ -89,6 +89,7 @@ class StudentController extends Controller
      */
     public function update(Request $request, Student $student)
     {
+
         if ($request->user()->cannot('update', $student)) {
             abort(403);
         }
@@ -98,6 +99,14 @@ class StudentController extends Controller
             'grade' => ['required', 'integer'],
         ]);
 
+        if (Student::where('first_name', request('first_name'))
+            ->where('last_name', request('last_name'))
+            ->where('school_id', Auth::user()->school_id)
+            ->where('id', '!=', $student->id)
+            ->exists()) {
+            return redirect()->route('students.edit', $student)->with('error', 'A student with that name already exists at your school.');
+        }
+
         $student->update([
             'first_name' => request('first_name'),
             'last_name' => request('last_name'),
diff --git a/tests/Feature/Pages/Admin/StudentEditTest.php b/tests/Feature/Pages/Admin/StudentEditTest.php
index 4b9c5e1..4e072f6 100644
--- a/tests/Feature/Pages/Admin/StudentEditTest.php
+++ b/tests/Feature/Pages/Admin/StudentEditTest.php
@@ -224,3 +224,16 @@ it('does not allow a non administrator to delete a student', function () {
         ->assertRedirect(route('dashboard'));
     expect(Student::find($condemnedStudent->id))->toBeInstanceOf(Student::class);
 });
+it('will not duplicate a name at a school', function () {
+    $student1 = Student::factory()->create();
+    $student2 = Student::factory()->create(['school_id' => $student1->school_id]);
+    actingAs($this->adminUser);
+    $response = patch(route('admin.students.update', $student2), [
+        'first_name' => $student1->first_name,
+        'last_name' => $student1->last_name,
+        'grade' => $student2->grade,
+        'school_id' => $student2->school_id,
+    ]);
+    $response->assertRedirect(route('admin.students.edit', $student2))
+        ->assertSessionHas('error', 'A student with that name already exists at that school');
+});
diff --git a/tests/Feature/Pages/StudentsEditTest.php b/tests/Feature/Pages/StudentsEditTest.php
index 77b28e2..d6d6f48 100644
--- a/tests/Feature/Pages/StudentsEditTest.php
+++ b/tests/Feature/Pages/StudentsEditTest.php
@@ -73,3 +73,16 @@ it('will not modify a student not at the users school', function () {
         ->assertSee('Bandit')
         ->assertDontSee('Bluey');
 });
+
+it('will not duplicate a student name at the school', function () {
+    actingAs($this->user);
+    $student = Student::factory()->create(['school_id' => $this->school->id, 'first_name' => 'Bluey', 'last_name' => 'Heeler']);
+
+    patch(route('students.update', $this->student), [
+        'first_name' => 'Bluey',
+        'last_name' => 'Heeler',
+        'grade' => 1,
+    ])->assertRedirect(route('students.edit', $this->student))
+        ->assertSessionHas('error', 'A student with that name already exists at your school.')
+        ->assertSessionHasNoErrors();
+});
-- 
2.39.5