✨ **Add authenticated API endpoints for managing Meetups, Cities, Venues, and Lecturers**

- ➕ Introduced `store`, `update`, `mine`, and `mineShow` endpoints for `Meetups`, `Cities`, `Venues`, and `Lecturers` with validation and authorization.
- 🔒 Added `Policies` for `Meetups`, `Cities`, `Venues`, and `Lecturers` leveraging `ChecksCreatorOwnership` for ownership checks.
- 🌐 Created `Resources` for structured API responses: `MeetupResource`, `CityResource`, `VenueResource`, and `LecturerResource`.
- ✅ Added dedicated `Request` classes for input validation: `Store` and `Update` variants for all models.
- 🛠️ Updated controllers to support new functionalities with localized error messages and proper HTTP responses.

app/Http/Controllers/Api/CityController.php

@@ -3,13 +3,19 @@
 namespace App\Http\Controllers\Api;
 
 use App\Http\Controllers\Controller;
+use App\Http\Requests\Api\StoreCityRequest;
+use App\Http\Requests\Api\UpdateCityRequest;
+use App\Http\Resources\CityResource;
 use App\Models\City;
-use App\Models\Lecturer;
-use Dedoc\Scramble\Attributes\ExcludeRouteFromDocs;
 use Dedoc\Scramble\Attributes\Group;
 use Dedoc\Scramble\Attributes\QueryParameter;
+use Dedoc\Scramble\Attributes\Response as ResponseAttribute;
 use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
+use Illuminate\Support\Facades\Gate;
+use Symfony\Component\HttpFoundation\Response;
 
 #[Group(name: 'Stammdaten', weight: 5)]
 class CityController extends Controller
@@ -41,27 +47,64 @@ class CityController extends Controller
             ->get();
     }
 
-    #[ExcludeRouteFromDocs]
-    public function store(Request $request)
+    /**
+     * Stadt anlegen
+     *
+     * Erlaubt einem authentifizierten Nutzer, eine Stadt programmatisch anzulegen.
+     * Der Ersteller (created_by) wird automatisch gesetzt.
+     */
+    #[ResponseAttribute(status: 401, description: 'Nicht authentifiziert.')]
+    #[ResponseAttribute(status: 422, description: 'Validierungsfehler.')]
+    public function store(StoreCityRequest $request): JsonResponse
     {
-        //
+        $city = City::create($request->validated());
+
+        return CityResource::make($city->fresh())
+            ->response()
+            ->setStatusCode(Response::HTTP_CREATED);
     }
 
-    #[ExcludeRouteFromDocs]
-    public function show(Lecturer $lecturer)
+    /**
+     * Stadt aktualisieren
+     *
+     * Aktualisiert eine Stadt; nur fuer den Ersteller oder einen Super-Admin.
+     */
+    #[ResponseAttribute(status: 403, description: 'Nur der Ersteller oder ein Super-Admin darf die Stadt aendern.')]
+    #[ResponseAttribute(status: 422, description: 'Validierungsfehler.')]
+    public function update(UpdateCityRequest $request, City $city): CityResource
     {
-        //
+        $city->update($request->validated());
+
+        return CityResource::make($city->fresh());
     }
 
-    #[ExcludeRouteFromDocs]
-    public function update(Request $request, Lecturer $lecturer)
+    /**
+     * Eigene Staedte auflisten
+     *
+     * Liefert alle vom authentifizierten Nutzer erstellten Staedte, alphabetisch sortiert.
+     */
+    public function mine(Request $request): AnonymousResourceCollection
     {
-        //
+        Gate::authorize('viewAny', City::class);
+
+        $cities = City::query()
+            ->where('created_by', $request->user()->id)
+            ->orderBy('name')
+            ->get();
+
+        return CityResource::collection($cities);
     }
 
-    #[ExcludeRouteFromDocs]
-    public function destroy(Lecturer $lecturer)
+    /**
+     * Eigene Stadt anzeigen
+     *
+     * Zeigt eine einzelne, vom authentifizierten Nutzer erstellte Stadt.
+     */
+    #[ResponseAttribute(status: 403, description: 'Nur der Ersteller oder ein Super-Admin darf die Stadt sehen.')]
+    public function mineShow(City $city): CityResource
     {
-        //
+        Gate::authorize('view', $city);
+
+        return CityResource::make($city);
     }
 }