supportRequest = model(SupportRequest::class); $this->user = model(User::class); } public function submit() { $user = $this->getCurrentUser(); if (!$user) { return $this->respondError('You must be logged in to submit a support request', Response::HTTP_UNAUTHORIZED); } $data = $this->payloadData(); if (empty($data)) { return $this->respondError('Invalid request data', Response::HTTP_BAD_REQUEST); } $rules = [ 'subject' => 'required|min:3|max:255', 'message' => 'required|min:10', ]; $errors = $this->validateRequest($data, $rules); if (!empty($errors)) { return $this->respondValidationError($errors); } try { $userRecord = $this->user->find($user->id); if (!$userRecord) { return $this->respondError('User not found', Response::HTTP_NOT_FOUND); } $fullName = trim(($userRecord['firstname'] ?? '') . ' ' . ($userRecord['lastname'] ?? '')); $supportRequest = $this->supportRequest->create([ 'user_id' => $user->id, 'subject' => $data['subject'], 'message' => $data['message'], 'status' => 'open', ]); $emailSent = $this->sendSupportEmail( $userRecord['email'] ?? null, $fullName, $data['subject'], $data['message'] ); return $this->success([ 'request' => $supportRequest->toArray(), 'email_sent' => $emailSent, ], 'Support request submitted successfully', Response::HTTP_CREATED); } catch (\Throwable $e) { log_message('error', 'Support request error: ' . $e->getMessage()); return $this->respondError('Failed to submit support request', Response::HTTP_INTERNAL_SERVER_ERROR); } } public function requests() { $user = $this->getCurrentUser(); if (!$user) { return $this->respondError('Authentication required', Response::HTTP_UNAUTHORIZED); } $page = max(1, (int) ($this->request->getGet('page') ?? 1)); $perPage= min(100, max(1, (int) ($this->request->getGet('per_page') ?? 20))); $status = $this->request->getGet('status'); $query = $this->supportRequest->newQuery() ->where('user_id', $user->id) ->orderByDesc('created_at'); if (!empty($status)) { $query->where('status', $status); } $result = $this->paginate($query, $page, $perPage); return $this->success($result, 'Support requests retrieved successfully'); } public function show($id = null) { $user = $this->getCurrentUser(); if (!$user) { return $this->respondError('Authentication required', Response::HTTP_UNAUTHORIZED); } $request = $this->supportRequest->find($id); if (!$request) { return $this->respondError('Support request not found', Response::HTTP_NOT_FOUND); } if ((int) $request['user_id'] !== $user->id && !$this->isAdmin($user->id)) { return $this->respondError('Access denied', Response::HTTP_FORBIDDEN); } return $this->success($request, 'Support request retrieved successfully'); } protected function sendSupportEmail(?string $userEmail, string $fullName, string $subject, string $message): bool { if (empty($userEmail)) { return false; } try { Mail::raw($message, function ($mail) use ($userEmail, $fullName, $subject) { $mail->from($userEmail, $fullName) ->to('support@alrahmaisgl.org') ->subject($subject); }); return true; } catch (\Throwable $e) { log_message('error', 'Support email error: ' . $e->getMessage()); return false; } } protected function isAdmin(int $userId): bool { try { return DB::table('user_roles as ur') ->join('roles as r', 'r.id', '=', 'ur.role_id') ->where('ur.user_id', $userId) ->whereRaw('LOWER(r.name) = ?', ['admin']) ->exists(); } catch (\Throwable $e) { log_message('error', 'Failed to determine admin role: ' . $e->getMessage()); return false; } } }