kamilniemczycki/toby
1
0
Fork 0
Code Issues Pull Requests 2 Projects Releases Activity

#63 - permissions (#67)

Browse Source 
* wip

* fix

* wip

* #63 - permissions

Co-authored-by: EwelinaLasowy <ewelina.lasowy@blumilk.pl>
This commit is contained in:
Adrian Hopek
2022-03-02 09:52:50 +01:00
committed by GitHub
parent 5cb46d2fc4
commit d825dd727f
47 changed files with 1027 additions and 411 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
app/Infrastructure/Http/Controllers/HolidayController.php
View File

@@ -4,7 +4,9 @@ declare(strict_types=1);
namespace Toby\Infrastructure\Http\Controllers;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Inertia\Response;
use Toby\Eloquent\Models\Holiday;
use Toby\Infrastructure\Http\Requests\HolidayRequest;
@@ -13,7 +15,7 @@ use Toby\Infrastructure\Http\Resources\HolidayResource;
class HolidayController extends Controller
{
public function index(): Response
public function index(Request $request): Response
{
$holidays = Holiday::query()
->orderBy("date")
@@ -21,16 +23,29 @@ class HolidayController extends Controller
return inertia("Holidays/Index", [
"holidays" => HolidayResource::collection($holidays),
"can" => [
"manageHolidays" => $request->user()->can("manageHolidays"),
],
]);
}
/**
* @throws AuthorizationException
*/
public function create(): Response
{
$this->authorize("manageHolidays");
return inertia("Holidays/Create");
}
/**
* @throws AuthorizationException
*/
public function store(HolidayRequest $request): RedirectResponse
{
$this->authorize("manageHolidays");
Holiday::query()->create($request->data());
return redirect()
@@ -38,15 +53,25 @@ class HolidayController extends Controller
->with("success", __("Holiday has been created."));
}
/**
* @throws AuthorizationException
*/
public function edit(Holiday $holiday): Response
{
$this->authorize("manageHolidays");
return inertia("Holidays/Edit", [
"holiday" => new HolidayFormDataResource($holiday),
]);
}
/**
* @throws AuthorizationException
*/
public function update(HolidayRequest $request, Holiday $holiday): RedirectResponse
{
$this->authorize("manageHolidays");
$holiday->update($request->data());
return redirect()
@@ -54,8 +79,13 @@ class HolidayController extends Controller
->with("success", __("Holiday has been updated."));
}
/**
* @throws AuthorizationException
*/
public function destroy(Holiday $holiday): RedirectResponse
{
$this->authorize("manageHolidays");
$holiday->delete();
return redirect()

2
app/Infrastructure/Http/Controllers/TimesheetController.php
View File

@@ -16,6 +16,8 @@ class TimesheetController extends Controller
{
public function __invoke(Month $month, YearPeriodRetriever $yearPeriodRetriever): BinaryFileResponse
{
$this->authorize("generateTimesheet");
$yearPeriod = $yearPeriodRetriever->selected();
$carbonMonth = Carbon::create($yearPeriod->year, $month->toCarbonNumber());

36
app/Infrastructure/Http/Controllers/UserController.php
View File

@@ -4,6 +4,7 @@ declare(strict_types=1);
namespace Toby\Infrastructure\Http\Controllers;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Inertia\Response;
@@ -16,8 +17,13 @@ use Toby\Infrastructure\Http\Resources\UserResource;
class UserController extends Controller
{
/**
* @throws AuthorizationException
*/
public function index(Request $request): Response
{
$this->authorize("manageUsers");
$users = User::query()
->withTrashed()
->search($request->query("search"))
@@ -32,16 +38,26 @@ class UserController extends Controller
]);
}
/**
* @throws AuthorizationException
*/
public function create(): Response
{
$this->authorize("manageUsers");
return inertia("Users/Create", [
"employmentForms" => EmploymentForm::casesToSelect(),
"roles" => Role::casesToSelect(),
]);
}
/**
* @throws AuthorizationException
*/
public function store(UserRequest $request): RedirectResponse
{
$this->authorize("manageUsers");
User::query()->create($request->data());
return redirect()
@@ -49,8 +65,13 @@ class UserController extends Controller
->with("success", __("User has been created."));
}
/**
* @throws AuthorizationException
*/
public function edit(User $user): Response
{
$this->authorize("manageUsers");
return inertia("Users/Edit", [
"user" => new UserFormDataResource($user),
"employmentForms" => EmploymentForm::casesToSelect(),
@@ -58,8 +79,13 @@ class UserController extends Controller
]);
}
/**
* @throws AuthorizationException
*/
public function update(UserRequest $request, User $user): RedirectResponse
{
$this->authorize("manageUsers");
$user->update($request->data());
return redirect()
@@ -67,8 +93,13 @@ class UserController extends Controller
->with("success", __("User has been updated."));
}
/**
* @throws AuthorizationException
*/
public function destroy(User $user): RedirectResponse
{
$this->authorize("manageUsers");
$user->delete();
return redirect()
@@ -76,8 +107,13 @@ class UserController extends Controller
->with("success", __("User has been deleted."));
}
/**
* @throws AuthorizationException
*/
public function restore(User $user): RedirectResponse
{
$this->authorize("manageUsers");
$user->restore();
return redirect()

5
app/Infrastructure/Http/Controllers/VacationCalendarController.php
View File

@@ -4,6 +4,7 @@ declare(strict_types=1);
namespace Toby\Infrastructure\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Carbon;
use Inertia\Response;
use Toby\Domain\CalendarGenerator;
@@ -15,6 +16,7 @@ use Toby\Infrastructure\Http\Resources\UserResource;
class VacationCalendarController extends Controller
{
public function index(
Request $request,
YearPeriodRetriever $yearPeriodRetriever,
CalendarGenerator $calendarGenerator,
?string $month = null,
@@ -35,6 +37,9 @@ class VacationCalendarController extends Controller
"calendar" => $calendar,
"currentMonth" => $month->value,
"users" => UserResource::collection($users),
"can" => [
"generateTimesheet" => $request->user()->can("generateTimesheet"),
],
]);
}
}

4
app/Infrastructure/Http/Controllers/VacationLimitController.php
View File

@@ -14,6 +14,8 @@ class VacationLimitController extends Controller
{
public function edit(): Response
{
$this->authorize("manageVacationLimits");
$limits = VacationLimit::query()
->with("user")
->orderByUserField("last_name")
@@ -27,6 +29,8 @@ class VacationLimitController extends Controller
public function update(VacationLimitRequest $request): RedirectResponse
{
$this->authorize("manageVacationLimits");
$data = $request->data();
foreach ($request->vacationLimits() as $limit) {

85
app/Infrastructure/Http/Controllers/VacationRequestController.php
View File

@@ -5,14 +5,20 @@ declare(strict_types=1);
namespace Toby\Infrastructure\Http\Controllers;
use Barryvdh\DomPDF\Facade\Pdf;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Response as LaravelResponse;
use Illuminate\Validation\ValidationException;
use Inertia\Response;
use Toby\Domain\Enums\VacationRequestState;
use Toby\Domain\Enums\VacationType;
use Toby\Domain\States\VacationRequest\AcceptedByAdministrative;
use Toby\Domain\States\VacationRequest\AcceptedByTechnical;
use Toby\Domain\States\VacationRequest\Cancelled;
use Toby\Domain\States\VacationRequest\Rejected;
use Toby\Domain\VacationDaysCalculator;
use Toby\Domain\VacationRequestStateManager;
use Toby\Domain\VacationRequestStatesRetriever;
use Toby\Domain\Validation\VacationRequestValidator;
use Toby\Eloquent\Helpers\YearPeriodRetriever;
use Toby\Eloquent\Models\User;
@@ -33,7 +39,7 @@ class VacationRequestController extends Controller
->with("vacations")
->where("year_period_id", $yearPeriodRetriever->selected()->id)
->latest()
->states(VacationRequestState::filterByStatus($status))
->states(VacationRequestStatesRetriever::filterByStatus($status))
->paginate();
return inertia("VacationRequest/Index", [
@@ -44,16 +50,37 @@ class VacationRequestController extends Controller
]);
}
public function show(VacationRequest $vacationRequest): Response
/**
* @throws AuthorizationException
*/
public function show(Request $request, VacationRequest $vacationRequest): Response
{
$this->authorize("show", $vacationRequest);
$user = $request->user();
return inertia("VacationRequest/Show", [
"request" => new VacationRequestResource($vacationRequest),
"activities" => VacationRequestActivityResource::collection($vacationRequest->activities),
"can" => [
"acceptAsTechnical" => $vacationRequest->state->canTransitionTo(AcceptedByTechnical::class)
&& $user->can("acceptAsTechApprover", $vacationRequest),
"acceptAsAdministrative" => $vacationRequest->state->canTransitionTo(AcceptedByAdministrative::class)
&& $user->can("acceptAsAdminApprover", $vacationRequest),
"reject" => $vacationRequest->state->canTransitionTo(Rejected::class)
&& $user->can("reject", $vacationRequest),
"cancel" => $vacationRequest->state->canTransitionTo(Cancelled::class)
&& $user->can("cancel", $vacationRequest),
],
]);
}
/**
* @throws AuthorizationException
*/
public function download(VacationRequest $vacationRequest): LaravelResponse
{
$this->authorize("show", $vacationRequest);
$pdf = PDF::loadView("pdf.vacation-request", [
"vacationRequest" => $vacationRequest,
]);
@@ -61,7 +88,7 @@ class VacationRequestController extends Controller
return $pdf->stream();
}
public function create(): Response
public function create(Request $request): Response
{
$users = User::query()
->orderBy("last_name")
@@ -71,15 +98,31 @@ class VacationRequestController extends Controller
return inertia("VacationRequest/Create", [
"vacationTypes" => VacationType::casesToSelect(),
"users" => UserResource::collection($users),
"can" => [
"createOnBehalfOfEmployee" => $request->user()->can("createOnBehalfOfEmployee", VacationRequest::class),
"skipFlow" => $request->user()->can("skipFlow", VacationRequest::class),
],
]);
}
/**
* @throws AuthorizationException
* @throws ValidationException
*/
public function store(
VacationRequestRequest $request,
VacationRequestValidator $vacationRequestValidator,
VacationRequestStateManager $stateManager,
VacationDaysCalculator $vacationDaysCalculator,
): RedirectResponse {
if ($request->createsOnBehalfOfEmployee()) {
$this->authorize("createOnBehalfOfEmployee", VacationRequest::class);
}
if ($request->wantsSkipFlow()) {
$this->authorize("skipFlow", VacationRequest::class);
}
/** @var VacationRequest $vacationRequest */
$vacationRequest = $request->user()->createdVacationRequests()->make($request->data());
$vacationRequestValidator->validate($vacationRequest);
@@ -100,48 +143,72 @@ class VacationRequestController extends Controller
]);
}
$stateManager->markAsCreated($vacationRequest);
$stateManager->markAsCreated($vacationRequest, $request->user());
return redirect()
->route("vacation.requests.show", $vacationRequest)
->with("success", __("Vacation request has been created."));
}
/**
* @throws AuthorizationException
*/
public function reject(
Request $request,
VacationRequest $vacationRequest,
VacationRequestStateManager $stateManager,
): RedirectResponse {
$stateManager->reject($vacationRequest);
$this->authorize("reject", $vacationRequest);
$stateManager->reject($vacationRequest, $request->user());
return redirect()->back()
->with("success", __("Vacation request has been rejected."));
}
/**
* @throws AuthorizationException
*/
public function cancel(
Request $request,
VacationRequest $vacationRequest,
VacationRequestStateManager $stateManager,
): RedirectResponse {
$stateManager->cancel($vacationRequest);
$this->authorize("cancel", $vacationRequest);
$stateManager->cancel($vacationRequest, $request->user());
return redirect()->back()
->with("success", __("Vacation request has been cancelled."));
}
/**
* @throws AuthorizationException
*/
public function acceptAsTechnical(
Request $request,
VacationRequest $vacationRequest,
VacationRequestStateManager $stateManager,
): RedirectResponse {
$stateManager->acceptAsTechnical($vacationRequest);
$this->authorize("acceptAsTechApprover", $vacationRequest);
$stateManager->acceptAsTechnical($vacationRequest, $request->user());
return redirect()->back()
->with("success", __("Vacation request has been accepted."));
}
/**
* @throws AuthorizationException
*/
public function acceptAsAdministrative(
Request $request,
VacationRequest $vacationRequest,
VacationRequestStateManager $stateManager,
): RedirectResponse {
$stateManager->acceptAsAdministrative($vacationRequest);
$this->authorize("acceptAsAdminApprover", $vacationRequest);
$stateManager->acceptAsAdministrative($vacationRequest, $request->user());
return redirect()->back()
->with("success", __("Vacation request has been accepted."));

4
app/Infrastructure/Http/Middleware/HandleInertiaRequests.php
View File

@@ -23,6 +23,10 @@ class HandleInertiaRequests extends Middleware
return array_merge(parent::share($request), [
"auth" => fn() => [
"user" => $user ? new UserResource($user) : null,
"can" => [
"manageVacationLimits" => $user ? $user->can("manageVacationLimits") : false,
"manageUsers" => $user ? $user->can("manageUsers") : false,
],
],
"flash" => fn() => [
"success" => $request->session()->get("success"),

21
app/Infrastructure/Http/Requests/VacationRequestRequest.php
View File

@@ -27,16 +27,29 @@ class VacationRequestRequest extends FormRequest
public function data(): array
{
$from = $this->get("from");
return [
"user_id" => $this->get("user"),
"type" => $this->get("type"),
"from" => $from,
"from" => $this->get("from"),
"to" => $this->get("to"),
"year_period_id" => YearPeriod::findByYear(Carbon::create($from)->year)->id,
"year_period_id" => $this->yearPeriod()->id,
"comment" => $this->get("comment"),
"flow_skipped" => $this->boolean("flowSkipped"),
];
}
public function yearPeriod(): YearPeriod
{
return YearPeriod::findByYear(Carbon::create($this->get("from"))->year);
}
public function createsOnBehalfOfEmployee(): bool
{
return $this->user()->id !== $this->get("user");
}
public function wantsSkipFlow(): bool
{
return $this->boolean("flowSkipped");
}
}

1
app/Infrastructure/Http/Resources/VacationRequestActivityResource.php
View File

@@ -17,7 +17,6 @@ class VacationRequestActivityResource extends JsonResource
"time" => $this->created_at->format("H:i"),
"user" => $this->user ? $this->user->fullName : __("System"),
"state" => $this->to,
"text" => $this->to->label(),
];
}
}