auditionadmin/app/Http/Controllers/SchoolController.php

<?php

namespace App\Http\Controllers;

use App\Models\School;
use App\Models\SchoolEmailDomain;
use Illuminate\Auth\Access\Gate;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use function abort;
use function dd;
use function redirect;
use function request;

class SchoolController extends Controller
{
    public function store(Request $request): RedirectResponse
    {
        if ($request->user()->cannot('create', School::class)) abort(403);
        request()->validate([
            'name' => ['required', 'min:3', 'max:30'],
            'address' => ['required'],
            'city' => ['required'],
            'state' => ['required', 'min:2', 'max:2'],
            'zip' => ['required', 'min:5', 'max:10'],
        ]);

        $school = School::create([
            'name' => request('name'),
            'address' => request('address'),
            'city' => request('city'),
            'state' => request('state'),
            'zip' => request('zip'),
        ]);

        // TODO allow for an audition administrator that is not connected to school and needs to create a school without associating with it

        if (! Auth::user()->school) {
            Auth::user()->update([
               'school_id' => $school->id
            ]);

            SchoolEmailDomain::create([
                'school_id' => $school->id,
                'domain' => Auth::user()->emailDomain()
            ]);
        }


        return redirect('/schools/' . $school->id);
    }

    public function show(Request $request, School $school)
    {
        if ($request->user()->cannot('view',$school)) abort(403);

        return view('schools.show', ['school' => $school]);
    }

    public function create(Request $request)
    {
        if ($request->user()->cannot('create', School::class)) abort(403);
        return view('schools.create');
    }

    public function edit(Request $request, School $school)
    {
        if ($request->user()->cannot('update',$school)) abort(403);
        return view('schools.edit', ['school' => $school]);
    }

    public function update(Request $request, School $school)
    {
        if ($request->user()->cannot('update',$school)) abort(403);
        request()->validate([
            'name' => ['required', 'min:3', 'max:30'],
            'address' => ['required'],
            'city' => ['required'],
            'state' => ['required', 'min:2', 'max:2'],
            'zip' => ['required', 'min:5', 'max:10'],
        ]);

        $school->update([
           'name' => request('name'),
           'address' => request('address'),
           'city' => request('city'),
           'state' => request('state'),
           'zip' => request('zip'),
        ]);
        // TODO Handle redirect after updating school more elegantly
        return redirect('/schools/' . $school->id);
    }

    public function my_school()
    {
        if (Auth::user()->school) {
            return redirect('/schools/' . Auth::user()->school->id);
        }
        return redirect('/schools/create');
    }
}