update controllers logic

This commit is contained in:
root
2026-04-23 00:04:35 -04:00
parent 1977a513df
commit ca4ba272fc
353 changed files with 13402 additions and 1301 deletions
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Settings;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Settings\ConfigurationStoreRequest;
use App\Http\Requests\Settings\ConfigurationUpdateRequest;
use App\Http\Resources\Settings\ConfigurationResource;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Settings;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Events\EventChargeIndexRequest;
use App\Http\Requests\Events\EventChargeUpdateRequest;
use App\Http\Requests\Events\EventIndexRequest;
@@ -62,11 +62,15 @@ class EventController extends BaseApiController
public function store(EventStoreRequest $request): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$actorId = (int) (auth()->id() ?? 0);
try {
$result = $this->managementService->create($payload, $request->file('flyer'), $actorId);
$result = $this->managementService->create($payload, $request->file('flyer'), $guard);
} catch (\Throwable $e) {
Log::error('Event creation failed.', ['error' => $e->getMessage()]);
return response()->json(['ok' => false, 'message' => 'Failed to create event.'], 500);
@@ -100,8 +104,12 @@ class EventController extends BaseApiController
public function destroy(int $eventId): JsonResponse
{
$actorId = (int) (auth()->id() ?? 0);
$result = $this->managementService->delete($eventId, $actorId);
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$result = $this->managementService->delete($eventId, $guard);
if (empty($result['ok'])) {
return response()->json(['ok' => false, 'message' => $result['message'] ?? 'Failed to delete event.'], 404);
@@ -124,8 +132,12 @@ class EventController extends BaseApiController
public function updateCharges(EventChargeUpdateRequest $request, int $eventId): JsonResponse
{
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $request->validated();
$actorId = (int) (auth()->id() ?? 0);
$result = $this->chargeService->updateParticipation(
(int) $payload['parent_id'],
@@ -133,7 +145,7 @@ class EventController extends BaseApiController
$payload['participation'],
(string) $payload['school_year'],
(string) $payload['semester'],
$actorId
$guard
);
if (empty($result['ok'])) {
@@ -163,4 +175,17 @@ class EventController extends BaseApiController
'students' => EventStudentChargeResource::collection($students),
]);
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], 401);
}
return $userId;
}
}
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Settings;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Settings\PolicyShowRequest;
use App\Http\Resources\Settings\PolicyResource;
use App\Services\Policy\PolicyContentService;
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Settings;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Preferences\PreferencesIndexRequest;
use App\Http\Requests\Preferences\PreferencesUpsertRequest;
use App\Http\Resources\Preferences\PreferencesCollection;
@@ -42,12 +42,12 @@ class PreferencesController extends BaseApiController
public function show(): JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return $this->error('Unauthorized.', Response::HTTP_UNAUTHORIZED);
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
$payload = $this->queryService->getForUser($userId);
$payload = $this->queryService->getForUser($guard);
return $this->success([
'preferences' => new PreferencesResource($payload['preferences']),
@@ -74,19 +74,19 @@ class PreferencesController extends BaseApiController
public function store(PreferencesUpsertRequest $request): JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return $this->error('Unauthorized.', Response::HTTP_UNAUTHORIZED);
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
try {
$saved = $this->commandService->upsert($userId, $request->validated());
$saved = $this->commandService->upsert($guard, $request->validated());
} catch (\Throwable $e) {
Log::error('Preferences save failed: ' . $e->getMessage());
return $this->error('Unable to save preferences.', Response::HTTP_INTERNAL_SERVER_ERROR);
}
$payload = $this->queryService->getForUser($userId);
$payload = $this->queryService->getForUser($guard);
return $this->success([
'preferences' => new PreferencesResource($payload['preferences']),
@@ -136,4 +136,17 @@ class PreferencesController extends BaseApiController
return $this->success(null, 'Preferences deleted.');
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return $this->error('Unauthorized.', Response::HTTP_UNAUTHORIZED);
}
return $userId;
}
}
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Settings;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Settings\SchoolCalendarIndexRequest;
use App\Http\Requests\Settings\SchoolCalendarOptionsRequest;
use App\Http\Requests\Settings\SchoolCalendarStoreRequest;
@@ -61,7 +61,14 @@ class SchoolCalendarController extends BaseApiController
})->all();
if ($includeMeetings) {
$parentUserId = $audience === 'parent' ? (int) (auth()->id() ?? 0) : null;
$parentUserId = null;
if ($audience === 'parent') {
$actor = $this->authenticatedUserIdOrUnauthorized();
if ($actor instanceof JsonResponse) {
return $actor;
}
$parentUserId = $actor;
}
$meetingRows = $this->meetingService->listMeetings($filters['school_year'] ?? '', $audience, $parentUserId);
foreach ($meetingRows as $row) {
$formatted[] = $this->formatterService->formatMeetingEvent($row, $audience);
@@ -151,4 +158,17 @@ class SchoolCalendarController extends BaseApiController
'admins' => !empty($payload['send_email_admin']),
];
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return $this->error('Unauthorized.', Response::HTTP_UNAUTHORIZED);
}
return $userId;
}
}
@@ -2,7 +2,7 @@
namespace App\Http\Controllers\Api\Settings;
use App\Http\Controllers\Api\BaseApiController;
use App\Http\Controllers\Api\Core\BaseApiController;
use App\Http\Requests\Settings\SettingsUpdateRequest;
use App\Http\Resources\Settings\SettingsResource;
use App\Models\Setting;
@@ -32,13 +32,13 @@ class SettingsController extends BaseApiController
$settings = Setting::singleton();
$this->authorize('update', $settings);
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return $this->error('Unauthorized.', Response::HTTP_UNAUTHORIZED);
$guard = $this->authenticatedUserIdOrUnauthorized();
if ($guard instanceof JsonResponse) {
return $guard;
}
try {
$updated = $this->settingsService->update($request->validated(), $userId);
$updated = $this->settingsService->update($request->validated(), $guard);
} catch (\Throwable $e) {
Log::error('Settings update failed: ' . $e->getMessage());
return $this->error('Unable to update settings.', Response::HTTP_INTERNAL_SERVER_ERROR);
@@ -48,4 +48,17 @@ class SettingsController extends BaseApiController
'settings' => new SettingsResource($updated),
], 'Settings updated.');
}
/**
* @return int|JsonResponse
*/
private function authenticatedUserIdOrUnauthorized(): int|JsonResponse
{
$userId = (int) (auth()->id() ?? 0);
if ($userId <= 0) {
return $this->error('Unauthorized.', Response::HTTP_UNAUTHORIZED);
}
return $userId;
}
}