update controllers logic

This commit is contained in:
root
2026-04-23 00:04:35 -04:00
parent 1977a513df
commit ca4ba272fc
353 changed files with 13402 additions and 1301 deletions
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Finance\FeeRefundRequest;
use App\Http\Requests\Finance\FeeTuitionTotalRequest;
use App\Http\Resources\Fees\FeeRefundResource;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Finance\FinancialReportRequest;
use App\Http\Requests\Finance\FinancialSummaryRequest;
use App\Http\Requests\Finance\FinancialUnpaidParentsRequest;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Invoices\InvoiceManagementRequest;
use App\Http\Requests\Invoices\InvoiceParentRequest;
use App\Http\Requests\Invoices\InvoiceStatusRequest;
@@ -88,9 +88,9 @@ class InvoiceController extends BaseApiController
public function parentPayment(InvoiceParentRequest $request): JsonResponse
{
$parentId = (int) (auth()->id() ?? 0);
if ($parentId <= 0) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
$parentId = $this->authenticatedUserIdOrUnauthorized();
if ($parentId instanceof JsonResponse) {
return $parentId;
}
$schoolYear = $request->validated()['school_year'] ?? null;
@@ -136,4 +136,17 @@ class InvoiceController extends BaseApiController
echo $pdfBytes;
}, 'invoice_' . $invoiceId . '.pdf', ['Content-Type' => 'application/pdf']);
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
return $userId;
}
}
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Payments\PaymentByParentRequest;
use App\Http\Resources\Payments\PaymentResource;
use App\Services\Payments\PaymentBalanceService;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Payments\PaymentEventChargesListRequest;
use App\Services\Payments\PaymentEventChargesService;
use Illuminate\Http\JsonResponse;
@@ -26,6 +26,11 @@ class PaymentEventChargesController extends BaseApiController
public function store(Request $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$data = array_merge($request->query->all(), $request->all(), $request->json()->all());
$validator = Validator::make($data, [
'parent_id' => ['required', 'integer', 'min:1'],
@@ -47,9 +52,8 @@ class PaymentEventChargesController extends BaseApiController
}
$payload = $validator->validated();
$userId = (int) (auth()->id() ?? 0);
$count = $this->service->addCharges($payload, $userId);
$count = $this->service->addCharges($payload, $guard);
if ($count === 0) {
return response()->json(['ok' => false, 'message' => 'No student selected.'], 422);
}
@@ -64,4 +68,17 @@ class PaymentEventChargesController extends BaseApiController
return response()->json(['ok' => true, 'students' => $students]);
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
return $userId;
}
}
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Payments\PaymentManualEditRequest;
use App\Http\Requests\Payments\PaymentManualUpdateRequest;
use App\Services\Payments\PaymentManualService;
@@ -63,6 +63,11 @@ class PaymentManualController extends BaseApiController
public function record(PaymentManualUpdateRequest $request, int $invoiceId): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$result = $this->service->recordPayment(
@@ -75,7 +80,7 @@ class PaymentManualController extends BaseApiController
$request->file('payment_file'),
$payload['school_year'] ?? null,
$payload['semester'] ?? null,
(int) (auth()->id() ?? 0)
$guard
);
return response()->json(['ok' => true] + $result);
@@ -83,6 +88,11 @@ class PaymentManualController extends BaseApiController
public function edit(PaymentManualEditRequest $request, int $paymentId): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$this->service->editPayment(
@@ -91,7 +101,7 @@ class PaymentManualController extends BaseApiController
(string) $payload['payment_method'],
$payload['check_number'] ?? null,
$request->file('payment_file'),
(int) (auth()->id() ?? 0)
$guard
);
return response()->json(['ok' => true]);
@@ -102,4 +112,17 @@ class PaymentManualController extends BaseApiController
$mode = (string) ($request->query('mode') ?? 'download');
return $this->service->serveCheckFile($filename, $mode);
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
return $userId;
}
}
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Payments\PaymentNotificationListRequest;
use App\Http\Requests\Payments\PaymentNotificationSendRequest;
use App\Http\Resources\Payments\PaymentNotificationLogResource;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Resources\Payments\PaymentTransactionResource;
use App\Services\Payments\PaymentTransactionService;
use Illuminate\Http\JsonResponse;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Payments\PaypalExecuteRequest;
use App\Services\Payments\PaypalPaymentService;
use Illuminate\Http\JsonResponse;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Payments\PaypalTransactionsListRequest;
use App\Http\Resources\Payments\PaypalTransactionResource;
use App\Services\Payments\PaypalTransactionsService;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\PurchaseOrders\PurchaseOrderIndexRequest;
use App\Http\Resources\PurchaseOrders\PurchaseOrderItemResource;
use App\Http\Resources\PurchaseOrders\PurchaseOrderResource;
@@ -99,6 +99,10 @@ class PurchaseOrderController extends BaseApiController
}
}
if (auth()->user() === null) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
try {
$po = $this->createService->create($payload);
} catch (RuntimeException $e) {
@@ -137,7 +141,11 @@ class PurchaseOrderController extends BaseApiController
}
$user = auth()->user();
$issuedBy = $user ? (string) ($user->email ?? $user->username ?? $user->id) : 'system';
if ($user === null) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
$issuedBy = (string) ($user->email ?? $user->username ?? $user->id);
try {
$result = $this->receiveService->receive($id, $payload['items'], $issuedBy);
@@ -156,6 +164,10 @@ class PurchaseOrderController extends BaseApiController
public function cancel(int $id): JsonResponse
{
if (auth()->user() === null) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
$po = PurchaseOrder::query()->find($id);
if (!$po) {
return response()->json(['ok' => false, 'message' => 'Purchase order not found.'], 404);
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Refunds\RefundDecisionRequest;
use App\Http\Requests\Refunds\RefundIndexRequest;
use App\Http\Requests\Refunds\RefundPaymentRequest;
@@ -60,11 +60,15 @@ class RefundController extends BaseApiController
public function store(RefundStoreRequest $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$actorId = (int) (auth()->id() ?? 0);
try {
$result = $this->requestService->requestRefund($payload, $actorId);
$result = $this->requestService->requestRefund($payload, $guard);
} catch (\Throwable $e) {
Log::error('Refund request failed.', ['error' => $e->getMessage()]);
return response()->json(['ok' => false, 'message' => 'Failed to submit refund request.'], 500);
@@ -88,14 +92,18 @@ class RefundController extends BaseApiController
public function update(RefundDecisionRequest $request, int $refundId): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$actorId = (int) (auth()->id() ?? 0);
$result = $this->decisionService->updateDecision(
$refundId,
(string) $payload['status'],
(string) $payload['reason'],
$actorId
$guard
);
if (empty($result['ok'])) {
@@ -107,8 +115,12 @@ class RefundController extends BaseApiController
public function destroy(int $refundId): JsonResponse
{
$actorId = (int) (auth()->id() ?? 0);
$result = $this->decisionService->cancel($refundId, $actorId);
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$result = $this->decisionService->cancel($refundId, $guard);
if (empty($result['ok'])) {
return response()->json(['ok' => false, 'message' => $result['message'] ?? 'Failed to cancel refund.'], 404);
@@ -119,8 +131,12 @@ class RefundController extends BaseApiController
public function approve(int $refundId): JsonResponse
{
$actorId = (int) (auth()->id() ?? 0);
$result = $this->decisionService->approve($refundId, $actorId);
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$result = $this->decisionService->approve($refundId, $guard);
if (empty($result['ok'])) {
return response()->json(['ok' => false, 'message' => $result['message'] ?? 'Approve failed.'], 422);
@@ -131,9 +147,13 @@ class RefundController extends BaseApiController
public function reject(RefundRejectRequest $request, int $refundId): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$actorId = (int) (auth()->id() ?? 0);
$result = $this->decisionService->reject($refundId, (string) $payload['reason'], $actorId);
$result = $this->decisionService->reject($refundId, (string) $payload['reason'], $guard);
if (empty($result['ok'])) {
return response()->json(['ok' => false, 'message' => $result['message'] ?? 'Reject failed.'], 422);
@@ -144,11 +164,15 @@ class RefundController extends BaseApiController
public function recordPayment(RefundPaymentRequest $request, int $refundId): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$payload['check_file'] = $request->file('check_file');
$actorId = (int) (auth()->id() ?? 0);
$result = $this->payoutService->recordPayment($refundId, $payload, $actorId);
$result = $this->payoutService->recordPayment($refundId, $payload, $guard);
if (empty($result['ok'])) {
return response()->json(['ok' => false, 'message' => $result['message'] ?? 'Failed to update payment.'], 422);
}
@@ -158,10 +182,14 @@ class RefundController extends BaseApiController
public function recalculateOverpayments(RefundRecalculateRequest $request): JsonResponse
{
$payload = $request->validated();
$actorId = (int) (auth()->id() ?? 0);
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$result = $this->overpaymentService->recalculate(true, $payload['invoice_number'] ?? null, $actorId);
$payload = $request->validated();
$result = $this->overpaymentService->recalculate(true, $payload['invoice_number'] ?? null, $guard);
return response()->json([
'ok' => true,
@@ -183,4 +211,17 @@ class RefundController extends BaseApiController
'summary' => $summary,
]);
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
return $userId;
}
}
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Finance;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Files\FileNameRequest;
use App\Http\Requests\Reimbursements\ReimbursementBatchAdminFileRequest;
use App\Http\Requests\Reimbursements\ReimbursementBatchAssignmentRequest;
@@ -68,6 +68,11 @@ class ReimbursementController extends BaseApiController
public function markDonation(Request $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$data = array_merge($request->query->all(), $request->all(), $request->json()->all());
$validator = Validator::make($data, [
'expense_id' => ['required', 'integer', 'min:1'],
@@ -81,10 +86,9 @@ class ReimbursementController extends BaseApiController
}
$payload = $validator->validated();
$userId = (int) (auth()->id() ?? 0);
try {
$this->donationService->markDonation((int) $payload['expense_id'], $userId);
$this->donationService->markDonation((int) $payload['expense_id'], $guard);
} catch (RuntimeException $e) {
$message = $e->getMessage();
$status = str_contains($message, 'not found') ? 404 : (str_contains($message, 'already') ? 409 : 422);
@@ -98,6 +102,11 @@ class ReimbursementController extends BaseApiController
public function createBatch(Request $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$data = array_merge($request->query->all(), $request->all(), $request->json()->all());
$validator = Validator::make($data, [
'title' => ['nullable', 'string', 'max:255'],
@@ -111,11 +120,10 @@ class ReimbursementController extends BaseApiController
}
$payload = $validator->validated();
$userId = (int) (auth()->id() ?? 0);
$schoolYear = $this->context->getSchoolYear();
$semester = $this->context->getSemester();
$batch = $this->batchService->createBatch($payload['title'] ?? null, $userId, $schoolYear, $semester);
$batch = $this->batchService->createBatch($payload['title'] ?? null, $guard, $schoolYear, $semester);
return response()->json([
'ok' => true,
@@ -158,13 +166,17 @@ class ReimbursementController extends BaseApiController
public function lockBatch(ReimbursementBatchLockRequest $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$userId = (int) (auth()->id() ?? 0);
try {
$this->batchService->lockBatch(
(int) $payload['batch_id'],
$userId,
$guard,
$this->context->getSchoolYear(),
$this->context->getSemester()
);
@@ -181,6 +193,11 @@ class ReimbursementController extends BaseApiController
public function uploadBatchAdminFile(ReimbursementBatchAdminFileRequest $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$batchId = (int) $payload['batch_id'];
$adminId = (int) $payload['admin_id'];
@@ -194,7 +211,7 @@ class ReimbursementController extends BaseApiController
}
try {
$file = $this->fileService->storeAdminFile($batchId, $adminId, $request->file('check_file'), (int) (auth()->id() ?? 0));
$file = $this->fileService->storeAdminFile($batchId, $adminId, $request->file('check_file'), $guard);
} catch (\Throwable $e) {
return response()->json(['ok' => false, 'message' => 'Unable to store the uploaded file.'], 500);
}
@@ -312,6 +329,11 @@ class ReimbursementController extends BaseApiController
public function store(Request $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$data = array_merge($request->query->all(), $request->all(), $request->json()->all());
$validator = Validator::make($data, [
'amount' => ['required', 'numeric', 'gt:0'],
@@ -333,7 +355,6 @@ class ReimbursementController extends BaseApiController
}
$payload = $validator->validated();
$userId = (int) (auth()->id() ?? 0);
$receiptName = null;
if ($request->hasFile('receipt')) {
@@ -343,7 +364,7 @@ class ReimbursementController extends BaseApiController
try {
$reimb = $this->crudService->store(
$payload,
$userId,
$guard,
$this->context->getSchoolYear(),
$this->context->getSemester(),
$receiptName
@@ -363,8 +384,12 @@ class ReimbursementController extends BaseApiController
public function process(ReimbursementProcessRequest $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$userId = (int) (auth()->id() ?? 0);
$receiptName = null;
if ($request->hasFile('receipt')) {
@@ -374,7 +399,7 @@ class ReimbursementController extends BaseApiController
try {
$reimb = $this->crudService->process(
$payload,
$userId,
$guard,
$this->context->getSchoolYear(),
$this->context->getSemester(),
$receiptName
@@ -404,6 +429,11 @@ class ReimbursementController extends BaseApiController
public function update(Request $request, int $id): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$reimb = Reimbursement::query()->find($id);
if (!$reimb) {
return response()->json(['ok' => false, 'message' => 'Reimbursement not found.'], 404);
@@ -428,7 +458,6 @@ class ReimbursementController extends BaseApiController
}
$payload = $validator->validated();
$userId = (int) (auth()->id() ?? 0);
$receiptName = $reimb->receipt_path;
if ($request->hasFile('receipt')) {
@@ -438,7 +467,7 @@ class ReimbursementController extends BaseApiController
$receiptName = null;
}
$updated = $this->crudService->update($reimb, $payload, $userId, $receiptName);
$updated = $this->crudService->update($reimb, $payload, $guard, $receiptName);
$data = $updated->toArray();
$data['receipt_url'] = $this->fileService->receiptUrl($updated->receipt_path ?? null);
@@ -447,4 +476,17 @@ class ReimbursementController extends BaseApiController
'reimbursement' => new ReimbursementResource($data),
]);
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
return $userId;
}
}