id !== Auth::user()->id) { return redirect()->route('dashboard')->with('error', 'You can only modify your own profile'); } dd($request->all()); } /** * Remove the specified resource from storage. */ public function destroy(User $user) { // } public function set_school(Request $request, User $user) { if ($request->user()->cannot('set_school', $user)) { abort(403); } request()->validate([ 'school_id' => ['required', 'integer', 'exists:schools,id'], ]); $user->update([ 'school_id' => request('school_id'), ]); // TODO we probably don't want to go here if done from an admin page return redirect('/my_school'); } }