- 🏗️ Introduced CoursePolicy and CourseEventPolicy for authorization.

- ✨ Added `StoreCourseRequest` and `UpdateCourseRequest` for structured validation.
- ✨ Introduced `StoreCourseEventRequest` and `UpdateCourseEventRequest` for consistent request validation.
- 🖼️ Created `CourseResource` and `CourseEventResource` for API responses.
- 🔄 Refactored `CourseController` and `CourseEventController` to use Policies and FormRequests.
- ✨ Added dedicated `uploadLogo` and `uploadAvatar` API endpoints with shared media validation.
- 🚀 Improved API by aligning Course and CourseEvent behavior with other entities.

app/Http/Requests/Api/StoreCourseEventRequest.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Requests\Api;
+
+use App\Models\CourseEvent;
+use Illuminate\Foundation\Http\FormRequest;
+
+class StoreCourseEventRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return $this->user()->can('create', CourseEvent::class);
+    }
+
+    /**
+     * @return array<string, array<int, string>>
+     */
+    public function rules(): array
+    {
+        return [
+            'course_id' => ['required', 'integer', 'exists:courses,id'],
+            'venue_id' => ['required', 'integer', 'exists:venues,id'],
+            'from' => ['required', 'date'],
+            'to' => ['required', 'date', 'after_or_equal:from'],
+            'link' => ['required', 'url', 'max:255'],
+        ];
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public function messages(): array
+    {
+        return [
+            'course_id.exists' => 'Der angegebene Kurs existiert nicht.',
+            'venue_id.exists' => 'Der angegebene Veranstaltungsort existiert nicht.',
+        ];
+    }
+}

app/Http/Requests/Api/StoreCourseRequest.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Http\Requests\Api;
+
+use App\Models\Course;
+use Illuminate\Foundation\Http\FormRequest;
+
+class StoreCourseRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return $this->user()->can('create', Course::class);
+    }
+
+    /**
+     * @return array<string, array<int, string>>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => ['required', 'string', 'max:255'],
+            'lecturer_id' => ['required', 'integer', 'exists:lecturers,id'],
+            'description' => ['nullable', 'string'],
+        ];
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public function messages(): array
+    {
+        return [
+            'lecturer_id.exists' => 'Der angegebene Referent existiert nicht.',
+        ];
+    }
+}

app/Http/Requests/Api/UpdateCourseEventRequest.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace App\Http\Requests\Api;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UpdateCourseEventRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return $this->user()->can('update', $this->route('courseEvent'));
+    }
+
+    /**
+     * @return array<string, array<int, string>>
+     */
+    public function rules(): array
+    {
+        return [
+            'course_id' => ['sometimes', 'required', 'integer', 'exists:courses,id'],
+            'venue_id' => ['sometimes', 'required', 'integer', 'exists:venues,id'],
+            'from' => ['sometimes', 'required', 'date'],
+            'to' => ['sometimes', 'required', 'date', 'after_or_equal:from'],
+            'link' => ['sometimes', 'required', 'url', 'max:255'],
+        ];
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public function messages(): array
+    {
+        return [
+            'course_id.exists' => 'Der angegebene Kurs existiert nicht.',
+            'venue_id.exists' => 'Der angegebene Veranstaltungsort existiert nicht.',
+        ];
+    }
+}

app/Http/Requests/Api/UpdateCourseRequest.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Requests\Api;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UpdateCourseRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return $this->user()->can('update', $this->route('course'));
+    }
+
+    /**
+     * @return array<string, array<int, string>>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => ['sometimes', 'required', 'string', 'max:255'],
+            'lecturer_id' => ['sometimes', 'required', 'integer', 'exists:lecturers,id'],
+            'description' => ['sometimes', 'nullable', 'string'],
+        ];
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public function messages(): array
+    {
+        return [
+            'lecturer_id.exists' => 'Der angegebene Referent existiert nicht.',
+        ];
+    }
+}

app/Http/Requests/Api/UploadMediaRequest.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Http\Requests\Api;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Foundation\Http\FormRequest;
+
+class UploadMediaRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        $model = $this->boundModel();
+
+        return $model !== null && $this->user()->can('update', $model);
+    }
+
+    /**
+     * @return array<string, array<int, string>>
+     */
+    public function rules(): array
+    {
+        return [
+            'file' => [
+                'required',
+                'image',
+                'mimes:jpeg,png,webp,avif',
+                'max:5120',
+                'dimensions:max_width=4000,max_height=4000',
+            ],
+        ];
+    }
+
+    /**
+     * The route-bound model whose media is being replaced (meetup, lecturer, course).
+     */
+    protected function boundModel(): ?Model
+    {
+        foreach ($this->route()->parameters() as $parameter) {
+            if ($parameter instanceof Model) {
+                return $parameter;
+            }
+        }
+
+        return null;
+    }
+}