From db0fadcb56f4a741092dac4413f8569e78d3cb02 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Wed, 25 Oct 2017 18:47:04 +1100
Subject: [PATCH] Allow ability for Vendors to be deleted from API (#1721)

---
 app/Http/Controllers/VendorApiController.php |  3 ++-
 app/Http/Requests/DeleteVendorRequest.php    | 26 ++++++++++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 app/Http/Requests/DeleteVendorRequest.php

diff --git a/app/Http/Controllers/VendorApiController.php b/app/Http/Controllers/VendorApiController.php
index 573f4fea4ca5..6fd5d75cd837 100644
--- a/app/Http/Controllers/VendorApiController.php
+++ b/app/Http/Controllers/VendorApiController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers;
 
+use App\Http\Requests\DeleteVendorRequest;
 use App\Http\Requests\VendorRequest;
 use App\Http\Requests\CreateVendorRequest;
 use App\Http\Requests\UpdateVendorRequest;
@@ -186,7 +187,7 @@ class VendorApiController extends BaseAPIController
      *   )
      * )
      */
-    public function destroy(UpdateVendorRequest $request)
+    public function destroy(DeleteVendorRequest $request)
     {
         $vendor = $request->entity();
 
diff --git a/app/Http/Requests/DeleteVendorRequest.php b/app/Http/Requests/DeleteVendorRequest.php
new file mode 100644
index 000000000000..4ce84a9418be
--- /dev/null
+++ b/app/Http/Requests/DeleteVendorRequest.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Requests;
+
+class DeleteVendorRequest extends VendorRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return $this->entity() && $this->user()->can('edit', $this->entity());
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [];
+    }
+}