created_by_user_id !== auth()->id()) { return response()->json(['message' => 'Forbidden'], 403); } $calendarSlots = $trip->calendarSlots() ->with(['plannableItems']) ->orderBy('slot_order') ->get(); return response()->json(['data' => $calendarSlots]); } public function update(Request $request, CalendarSlot $calendarSlot): JsonResponse { // Check if user owns the trip if ($calendarSlot->trip->created_by_user_id !== auth()->id()) { return response()->json(['message' => 'Forbidden'], 403); } $validated = $request->validate([ 'name' => 'sometimes|required|string|max:255', ]); $calendarSlot->update($validated); return response()->json(['data' => $calendarSlot]); } public function reorder(Request $request, CalendarSlot $calendarSlot): JsonResponse { $validated = $request->validate([ 'items' => 'required|array', 'items.*.plannable_item_id' => 'required|exists:plannable_items,id', 'items.*.sort_order' => 'required|integer', ]); foreach ($validated['items'] as $item) { PlannedItem::where('calendar_slot_id', $calendarSlot->id) ->where('plannable_item_id', $item['plannable_item_id']) ->update(['sort_order' => $item['sort_order']]); } return response()->json(['message' => 'Items reordered successfully']); } }