fix teacher attendance
API CI/CD / Validate (composer + pint) (push) Successful in 3m10s
API CI/CD / Test (PHPUnit) (push) Failing after 5m2s
API CI/CD / Build frontend assets (push) Successful in 1m2s
API CI/CD / Security audit (push) Failing after 49s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped

This commit is contained in:
root
2026-07-07 21:51:51 -04:00
parent e0dfc3ec82
commit c891a82012
7 changed files with 102 additions and 29 deletions
@@ -42,7 +42,9 @@ class TeacherAttendanceApiController extends Controller
return new TeacherAttendanceFormResource(
$this->queryService->teacherAttendanceFormData(
$guard,
(int) $request->query('class_section_id', 0)
(int) $request->query('class_section_id', 0),
$request->query('school_year'),
$request->query('semester')
)
);
} catch (Throwable $e) {
@@ -68,7 +70,7 @@ class TeacherAttendanceApiController extends Controller
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
$userId = (int) (auth('api')->id() ?? auth()->id() ?? 0);
if ($userId <= 0) {
return response()->json(['message' => 'Unauthorized.'], 401);
}
+13 -13
View File
@@ -14,6 +14,19 @@ class MultiAuth
{
public function handle(Request $request, Closure $next): Response
{
try {
if ($apiUser = Auth::guard('api')->user()) {
Auth::setUser($apiUser);
if ($response = $this->denyUnavailableAccount($apiUser)) {
return $response;
}
return $next($request);
}
} catch (\Throwable) {
}
try {
$sanctumUser = Auth::guard('sanctum')->user();
} catch (\InvalidArgumentException) {
@@ -30,19 +43,6 @@ class MultiAuth
return $next($request);
}
try {
if ($apiUser = Auth::guard('api')->user()) {
Auth::setUser($apiUser);
if ($response = $this->denyUnavailableAccount($apiUser)) {
return $response;
}
return $next($request);
}
} catch (\Throwable) {
}
$token = $request->bearerToken();
if ($token) {
try {
@@ -123,8 +123,12 @@ class AttendanceQueryService
];
}
public function teacherAttendanceFormData(?int $userId, int $requestedSectionId = 0): array
{
public function teacherAttendanceFormData(
?int $userId,
int $requestedSectionId = 0,
?string $requestedSchoolYear = null,
?string $requestedSemester = null
): array {
if (! $userId) {
throw new RuntimeException('User not logged in.');
}
@@ -134,8 +138,12 @@ class AttendanceQueryService
? trim(($teacher->firstname ?? '').' '.($teacher->lastname ?? ''))
: 'Unknown Teacher';
$semester = $this->attendanceService->currentSemester();
$schoolYear = $this->attendanceService->currentSchoolYear();
$semester = trim((string) $requestedSemester) !== ''
? trim((string) $requestedSemester)
: $this->attendanceService->currentSemester();
$schoolYear = trim((string) $requestedSchoolYear) !== ''
? trim((string) $requestedSchoolYear)
: $this->attendanceService->currentSchoolYear();
$assignments = $this->teacherClass->getClassAssignmentsByUserId($userId, $schoolYear, $semester);
@@ -187,7 +195,9 @@ class AttendanceQueryService
implode(',', array_fill(0, count($sundayDates), '?')).')';
foreach ($students as $student) {
$student = is_array($student) ? $student : (array) $student;
$student = is_array($student)
? $student
: (method_exists($student, 'toArray') ? $student->toArray() : (array) $student);
unset($student['created_by'], $student['updated_by'], $student['deleted_at']);
$studentId = (int) $student['id'];
@@ -93,8 +93,11 @@ class TeacherAttendanceSubmissionService
'semester' => $semester,
'school_year' => $schoolYear,
];
$isTeacher = $this->attendancePolicyService->isTeacher($currentUser['roles']);
$dayStatus = strtolower((string) ($dayPolicyRow['status'] ?? 'draft'));
if (! $this->attendancePolicyService->canEditDay($dayPolicyRow, $currentUser)) {
if (! $this->attendancePolicyService->canEditDay($dayPolicyRow, $currentUser)
&& ! ($isTeacher && $dayStatus === 'submitted')) {
throw new RuntimeException('Attendance is locked for your role.');
}
@@ -137,8 +140,6 @@ class TeacherAttendanceSubmissionService
}
}
$isTeacher = $this->attendancePolicyService->isTeacher($currentUser['roles']);
DB::transaction(function () use (
$user,
$assignedTeachers,
@@ -172,6 +173,15 @@ class TeacherAttendanceSubmissionService
$position = strtolower((string) ($teacher['position'] ?? 'main'));
$position = $position === 'ta' ? 'ta' : 'main';
if ($isTeacher && DB::table('staff_attendance')
->where('user_id', $teacherId)
->whereDate('date', $attendDate)
->where('semester', $semester)
->where('school_year', $schoolYear)
->exists()) {
continue;
}
$staffPayload = [
'role_name' => 'Teacher',
'status' => strtolower((string) ($teachersData[$teacherId]['status'] ?? 'present')),
@@ -204,10 +214,7 @@ class TeacherAttendanceSubmissionService
$existing = $existingByStudent[$studentId] ?? null;
if ($isTeacher && $existing) {
$lockInfo = $detectExternalSubmission($existing);
if (($lockInfo['locked'] ?? false) === true) {
continue;
}
continue;
}
$this->studentAttendanceWriterService->saveOrUpdateStudentAttendance([