fix test errors
API CI/CD / Validate (composer + pint) (push) Successful in 2m47s
API CI/CD / Test (PHPUnit) (push) Failing after 3m8s
API CI/CD / Build frontend assets (push) Failing after 5m22s
API CI/CD / Security audit (push) Failing after 34s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped
API CI/CD / Validate (composer + pint) (push) Successful in 2m47s
API CI/CD / Test (PHPUnit) (push) Failing after 3m8s
API CI/CD / Build frontend assets (push) Failing after 5m22s
API CI/CD / Security audit (push) Failing after 34s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped
This commit is contained in:
+35
-28
@@ -123,7 +123,6 @@ use App\Http\Controllers\Api\Ui\UiController;
|
||||
use App\Http\Controllers\Api\Users\UserController;
|
||||
use App\Http\Controllers\Api\Utilities\PhoneFormatterController;
|
||||
use App\Http\Controllers\Api\Utilities\ProofreadController;
|
||||
use App\Models\Configuration;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
|
||||
// Public auth aliases without the `/v1` prefix.
|
||||
@@ -156,15 +155,18 @@ Route::middleware('auth:api')->post('compare', [EmailExtractorController::class,
|
||||
Route::get('access_denied', [AccessDeniedController::class, 'accessDenied'])->name('access_denied');
|
||||
|
||||
Route::get('certificates/verify/{token}', [CertificateController::class, 'verify'])
|
||||
->where('token', '[^/]+');
|
||||
->where('token', '[^/]+')
|
||||
->name('api.certificates.verify');
|
||||
|
||||
Route::get('timeoff/notify/{token}', [TimeOffNotificationController::class, 'notify'])
|
||||
->where('token', '[^/]+')
|
||||
->name('api.timeoff.notify');
|
||||
|
||||
Route::prefix('winners/competitions')->group(function () {
|
||||
Route::get('/', [PublicWinnersController::class, 'competitionIndex']);
|
||||
Route::get('{id}', [PublicWinnersController::class, 'competitionShow'])->whereNumber('id');
|
||||
Route::get('/', [PublicWinnersController::class, 'competitionIndex'])->name('api.winners.competitions.index');
|
||||
Route::get('{id}', [PublicWinnersController::class, 'competitionShow'])
|
||||
->whereNumber('id')
|
||||
->name('api.winners.competitions.show');
|
||||
});
|
||||
|
||||
Route::get('confirm_authorized_user', [AuthorizedUserInviteController::class, 'confirm'])
|
||||
@@ -184,15 +186,21 @@ Route::post('set_authorized_user_password/{authorizedUserId}', [AuthorizedUserIn
|
||||
| GET aliases return JSON behind auth so browser cookies do not grant API access.
|
||||
*/
|
||||
Route::middleware('auth:api')->prefix('attendance-templates')->group(function () {
|
||||
Route::post('save', [AttendanceCommentTemplateController::class, 'legacySave']);
|
||||
Route::post('delete', [AttendanceCommentTemplateController::class, 'legacyDelete']);
|
||||
Route::post('save', [AttendanceCommentTemplateController::class, 'legacySave'])
|
||||
->name('api.attendance-templates.save');
|
||||
Route::post('delete', [AttendanceCommentTemplateController::class, 'legacyDelete'])
|
||||
->name('api.attendance-templates.delete');
|
||||
});
|
||||
|
||||
Route::middleware(['auth:api', 'throttle:60,1'])->group(function () {
|
||||
Route::get('attendance-templates', [AttendanceCommentTemplateController::class, 'listData']);
|
||||
Route::get('attendance-comment-templates', [AttendanceCommentTemplateController::class, 'index']);
|
||||
Route::get('attendance-comment-templates/list-data', [AttendanceCommentTemplateController::class, 'listData']);
|
||||
Route::get('administrator/attendance-templates', [AttendanceCommentTemplateController::class, 'bootstrapUrls']);
|
||||
Route::get('attendance-templates', [AttendanceCommentTemplateController::class, 'listData'])
|
||||
->name('api.attendance-templates.index');
|
||||
Route::get('attendance-comment-templates', [AttendanceCommentTemplateController::class, 'index'])
|
||||
->name('api.attendance-comment-templates.index');
|
||||
Route::get('attendance-comment-templates/list-data', [AttendanceCommentTemplateController::class, 'listData'])
|
||||
->name('api.attendance-comment-templates.list-data');
|
||||
Route::get('administrator/attendance-templates', [AttendanceCommentTemplateController::class, 'bootstrapUrls'])
|
||||
->name('api.administrator.attendance-templates.bootstrap');
|
||||
});
|
||||
|
||||
Route::prefix('v1')->group(function () {
|
||||
@@ -541,14 +549,16 @@ Route::prefix('v1')->group(function () {
|
||||
Route::post('/save-notification-note', [AttendanceTrackingController::class, 'saveNotificationNote']);
|
||||
});
|
||||
|
||||
Route::middleware(['auth:sanctum', 'school_year.editable'])->prefix('attendance-comment-templates')->group(function () {
|
||||
Route::middleware(['multi.auth', 'school_year.editable'])->prefix('attendance-comment-templates')->group(function () {
|
||||
Route::get('/', [AttendanceCommentTemplateController::class, 'index'])->name('api.v1.attendance-comment-templates.index');
|
||||
Route::get('list-data', [AttendanceCommentTemplateController::class, 'listData'])
|
||||
->name('api.v1.attendance-comment-templates.list-data');
|
||||
Route::get('{id}', [AttendanceCommentTemplateController::class, 'show']);
|
||||
Route::post('/', [AttendanceCommentTemplateController::class, 'store']);
|
||||
Route::put('{id}', [AttendanceCommentTemplateController::class, 'update']);
|
||||
Route::delete('{id}', [AttendanceCommentTemplateController::class, 'destroy']);
|
||||
Route::middleware('admin.access')->group(function () {
|
||||
Route::post('/', [AttendanceCommentTemplateController::class, 'store']);
|
||||
Route::put('{id}', [AttendanceCommentTemplateController::class, 'update']);
|
||||
Route::delete('{id}', [AttendanceCommentTemplateController::class, 'destroy']);
|
||||
});
|
||||
});
|
||||
|
||||
/*
|
||||
@@ -605,14 +615,7 @@ Route::prefix('v1')->group(function () {
|
||||
// Legacy alias: same handler as GET /api/v1/teachers/classes (class dashboard / roster)
|
||||
Route::get('teacher/class-view', [TeacherController::class, 'classes']);
|
||||
Route::get('teacher/no-classes', [TeacherController::class, 'classes']);
|
||||
Route::get('teacher/select-semester', function () {
|
||||
return response()->json([
|
||||
'ok' => true,
|
||||
'school_year' => Configuration::getConfig('school_year'),
|
||||
'semester' => Configuration::getConfig('semester'),
|
||||
'semester_options' => ['Fall', 'Spring'],
|
||||
]);
|
||||
});
|
||||
Route::get('teacher/select-semester', [TeacherController::class, 'selectSemester']);
|
||||
Route::get('teacher/absence-vacation', [TeacherController::class, 'absenceForm']);
|
||||
Route::post('teacher/absence-vacation', [TeacherController::class, 'submitAbsence']);
|
||||
// Legacy paths: same handler as GET /api/v1/attendance/teacher/form
|
||||
@@ -858,7 +861,7 @@ Route::prefix('v1')->group(function () {
|
||||
Route::get('login-activity', [UserController::class, 'loginActivity']);
|
||||
});
|
||||
|
||||
Route::prefix('broadcast-email')->group(function () {
|
||||
Route::middleware('admin.access')->prefix('broadcast-email')->group(function () {
|
||||
Route::get('options', [BroadcastEmailController::class, 'options']);
|
||||
Route::post('send', [BroadcastEmailController::class, 'send']);
|
||||
Route::post('upload-image', [BroadcastEmailController::class, 'uploadImage']);
|
||||
@@ -928,7 +931,7 @@ Route::prefix('v1')->group(function () {
|
||||
Route::post('movements/{id}/correct', [InventoryMovementController::class, 'correct']);
|
||||
});
|
||||
|
||||
Route::prefix('family-admin')->group(function () {
|
||||
Route::middleware('admin.access')->prefix('family-admin')->group(function () {
|
||||
Route::get('/', [FamilyAdminController::class, 'index']);
|
||||
Route::get('search', [FamilyAdminController::class, 'search']);
|
||||
Route::get('card', [FamilyAdminController::class, 'card']);
|
||||
@@ -938,6 +941,7 @@ Route::prefix('v1')->group(function () {
|
||||
Route::prefix('families')->group(function () {
|
||||
Route::get('by-student/{studentId}', [FamilyController::class, 'familiesByStudent']);
|
||||
Route::get('{familyId}/guardians', [FamilyController::class, 'guardiansByFamily']);
|
||||
Route::middleware('admin.access')->group(function () {
|
||||
Route::post('bootstrap', [FamilyController::class, 'bootstrap']);
|
||||
Route::post('attach-second/by-user', [FamilyController::class, 'attachSecondByUser']);
|
||||
Route::post('attach-second/by-email', [FamilyController::class, 'attachSecondByEmail']);
|
||||
@@ -946,6 +950,7 @@ Route::prefix('v1')->group(function () {
|
||||
Route::post('unlink-guardian', [FamilyController::class, 'unlinkGuardian']);
|
||||
Route::post('unlink-student', [FamilyController::class, 'unlinkStudent']);
|
||||
Route::post('import-legacy-second-parents', [FamilyController::class, 'importSecondParentsFromLegacy']);
|
||||
});
|
||||
});
|
||||
|
||||
Route::prefix('competition-scores')->group(function () {
|
||||
@@ -991,13 +996,13 @@ Route::prefix('v1')->group(function () {
|
||||
});
|
||||
|
||||
Route::prefix('finance')->group(function () {
|
||||
Route::middleware('admin.access')->group(function () {
|
||||
Route::get('financial-report', [FinancialController::class, 'report']);
|
||||
Route::get('financial-summary', [FinancialController::class, 'summary']);
|
||||
Route::get('stakeholder-analysis', [FinancialController::class, 'stakeholderAnalysis']);
|
||||
Route::get('stakeholder-analysis/csv', [FinancialController::class, 'stakeholderAnalysisCsv']);
|
||||
Route::get('parent-payment-followups', [FinancialController::class, 'parentPaymentFollowups']);
|
||||
Route::get('parent-payment-followups/csv', [FinancialController::class, 'parentPaymentFollowupsCsv']);
|
||||
Route::middleware('admin.access')->group(function () {
|
||||
Route::post('parent-payment-followups/{parent}/note', [FinancialController::class, 'storeParentFollowUpNote'])->whereNumber('parent');
|
||||
Route::post('parent-payment-followups/{parent}/mark-contacted', [FinancialController::class, 'markParentContacted'])->whereNumber('parent');
|
||||
Route::post('parent-payment-followups/{parent}/promise-to-pay', [FinancialController::class, 'storePromiseToPay'])->whereNumber('parent');
|
||||
@@ -1099,7 +1104,7 @@ Route::prefix('v1')->group(function () {
|
||||
|
||||
Route::prefix('invoices')->group(function () {
|
||||
Route::get('management', [InvoiceController::class, 'management']);
|
||||
Route::post('generate', [InvoiceController::class, 'generate']);
|
||||
Route::post('generate', [InvoiceController::class, 'generate'])->middleware('admin.access');
|
||||
Route::get('parent/{parentId}', [InvoiceController::class, 'byParent']);
|
||||
Route::get('parent-payment', [InvoiceController::class, 'parentPayment']);
|
||||
Route::post('{invoiceId}/status', [InvoiceController::class, 'updateStatus'])->middleware('admin.access');
|
||||
@@ -1141,7 +1146,7 @@ Route::prefix('v1')->group(function () {
|
||||
});
|
||||
});
|
||||
|
||||
Route::prefix('paypal-transactions')->group(function () {
|
||||
Route::middleware('admin.access')->prefix('paypal-transactions')->group(function () {
|
||||
Route::get('/', [PaypalTransactionsController::class, 'index']);
|
||||
Route::get('csv', [PaypalTransactionsController::class, 'downloadCsv']);
|
||||
});
|
||||
@@ -1150,7 +1155,9 @@ Route::prefix('v1')->group(function () {
|
||||
Route::get('redirect', [PaypalPaymentController::class, 'redirect']);
|
||||
Route::post('payments/{paymentId}/create', [PaypalPaymentController::class, 'create']);
|
||||
Route::post('execute', [PaypalPaymentController::class, 'execute'])->name('api.v1.finance.paypal.execute');
|
||||
Route::get('cancel', [PaypalPaymentController::class, 'cancel'])->name('api.v1.finance.paypal.cancel');
|
||||
Route::get('cancel', [PaypalPaymentController::class, 'cancel'])
|
||||
->middleware('admin.access')
|
||||
->name('api.v1.finance.paypal.cancel');
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user