Files
alrahma_sunday_school_api/routes/api.php
T
2026-06-04 02:24:41 -04:00

1218 lines
77 KiB
PHP

<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Api\Auth\AuthController;
use App\Http\Controllers\Api\Users\UserController;
use App\Http\Controllers\Api\Administrator\AdministratorEnrollmentController;
use App\Http\Controllers\Api\Administrator\AdministratorAbsenceController;
use App\Http\Controllers\Api\Administrator\AdministratorDashboardController;
use App\Http\Controllers\Api\Administrator\AdministratorNotificationController;
use App\Http\Controllers\Api\Administrator\AdministratorTeacherSubmissionController;
use App\Http\Controllers\Api\Administrator\EmergencyContactController as AdministratorEmergencyContactController;
use App\Http\Controllers\Api\Administrator\TeacherClassAssignmentController;
use App\Http\Controllers\Api\Badges\BadgeController;
use App\Http\Controllers\Api\Students\StudentController;
use App\Http\Controllers\Api\Students\StudentController as StudentApiController;
use App\Http\Controllers\Api\Finance\InvoiceController;
use App\Http\Controllers\Api\Assignment\AssignmentApiController;
use App\Http\Controllers\Api\Parents\AuthorizedUsersController;
use App\Http\Controllers\Api\Parents\ParentController as ParentApiController;
use App\Http\Controllers\Api\Parents\ParentAttendanceReportController as ParentAttendanceReportApiController;
use App\Http\Controllers\Api\AttendanceTracking\AttendanceTrackingController;
use App\Http\Controllers\Api\Email\BroadcastEmailController;
use App\Http\Controllers\Api\Settings\ConfigurationController;
use App\Http\Controllers\Api\Staff\StaffController;
use App\Http\Controllers\Api\ClassPreparation\ClassPreparationController;
use App\Http\Controllers\Api\ClassProgress\ClassProgressController;
use App\Http\Controllers\Api\Email\EmailController;
use App\Http\Controllers\Api\Email\EmailExtractorController;
use App\Http\Controllers\Api\Communication\CommunicationController;
use App\Http\Controllers\Api\CompetitionScores\CompetitionScoresController;
use App\Http\Controllers\Api\Discounts\DiscountController;
use App\Http\Controllers\Api\Expenses\ExpenseController;
use App\Http\Controllers\Api\ExtraCharges\ExtraChargesController;
use App\Http\Controllers\Api\Parents\EmergencyContactController;
use App\Http\Controllers\Api\Settings\EventController;
use App\Http\Controllers\Api\Settings\PolicyController;
use App\Http\Controllers\Api\Family\FamilyAdminController;
use App\Http\Controllers\Api\Family\FamilyController;
use App\Http\Controllers\Api\Reports\FilesController;
use App\Http\Controllers\Api\Reports\ReportCardsController;
use App\Http\Controllers\Api\Reports\StickersController;
use App\Http\Controllers\Api\Scores\FinalController;
use App\Http\Controllers\Api\Finance\FinancialController;
use App\Http\Controllers\Api\System\FlagController;
use App\Http\Controllers\Api\System\DashboardController;
use App\Http\Controllers\Api\System\DatabaseHealthController;
use App\Http\Controllers\Api\System\NavBuilderController;
use App\Http\Controllers\Api\Scores\GradingController;
use App\Http\Controllers\Api\System\HealthController;
use App\Http\Controllers\Api\System\SchoolIdController;
use App\Http\Controllers\Api\System\SemesterRangeController;
use App\Http\Controllers\Api\Scores\HomeworkController;
use App\Http\Controllers\Api\Frontend\InfoIconController;
use App\Http\Controllers\Api\Frontend\FrontendController;
use App\Http\Controllers\Api\Inventory\InventoryController;
use App\Http\Controllers\Api\Inventory\InventoryCategoryController;
use App\Http\Controllers\Api\Inventory\InventoryMovementController;
use App\Http\Controllers\Api\Auth\IpBanController;
use App\Http\Controllers\Api\Frontend\LandingPageController;
use App\Http\Controllers\Api\Attendance\EarlyDismissalsController;
use App\Http\Controllers\Api\Attendance\LateSlipLogsController;
use App\Http\Controllers\Api\Messaging\MessagesController;
use App\Http\Controllers\Api\Incidents\IncidentController as IncidentApiController;
use App\Http\Controllers\Api\Notifications\NotificationManagementController;
use App\Http\Controllers\Api\Frontend\PageController;
use App\Http\Controllers\Api\Finance\PaymentController;
use App\Http\Controllers\Api\Finance\RefundController;
use App\Http\Controllers\Api\Finance\PaymentNotificationController;
use App\Http\Controllers\Api\Finance\PaymentTransactionController;
use App\Http\Controllers\Api\Finance\PaypalTransactionsController;
use App\Http\Controllers\Api\Finance\PurchaseOrderController;
use App\Http\Controllers\Api\Finance\ReimbursementController;
use App\Http\Controllers\Api\Finance\ChargeController;
use App\Http\Controllers\Api\Finance\FeeCalculationController;
use App\Http\Controllers\Api\Finance\PaymentEventChargesController;
use App\Http\Controllers\Api\Finance\PaymentManualController;
use App\Http\Controllers\Api\Finance\PaypalPaymentController;
use App\Http\Controllers\Api\Auth\RegisterController;
use App\Http\Controllers\Api\Auth\RolePermissionController;
use App\Http\Controllers\Api\Auth\RoleSwitcherController;
use App\Http\Controllers\Api\Settings\SchoolCalendarController;
use App\Http\Controllers\Api\Scores\ScorePredictorController;
use App\Http\Controllers\Api\Reports\SlipPrinterController;
use App\Http\Controllers\Api\Inventory\SupplierController;
use App\Http\Controllers\Api\Inventory\SupplyCategoryController;
use App\Http\Controllers\Api\Staff\TeacherController;
use App\Http\Controllers\Api\System\StatsController;
use App\Http\Controllers\Api\Ui\UiController;
use App\Http\Controllers\Api\Support\ContactController as SupportContactController;
use App\Http\Controllers\Api\Support\SupportController as ApiSupportController;
use App\Http\Controllers\Api\Scores\ProjectController as ProjectScoreController;
use App\Http\Controllers\Api\Scores\MidtermController as MidtermScoreController;
use App\Http\Controllers\Api\Scores\FinalController as FinalScoreController;
use App\Http\Controllers\Api\Scores\QuizController as QuizScoreController;
use App\Http\Controllers\Api\Scores\HomeworkController as HomeworkScoreController;
use App\Http\Controllers\Api\Scores\ParticipationController as ParticipationScoreController;
use App\Http\Controllers\Api\Scores\ScoreController as ScoreDashboardController;
use App\Http\Controllers\Api\Grading\GradingController as GradingApiController;
use App\Http\Controllers\Api\Grading\HomeworkTrackingController;
use App\Http\Controllers\Api\Scores\ScoreCommentController as ScoreCommentApiController;
use App\Http\Controllers\Api\Messaging\WhatsappController;
use App\Http\Controllers\Api\Subjects\SubjectCurriculumController as SubjectCurriculumApiController;
use App\Http\Controllers\Api\Exams\ExamDraftController as ExamDraftApiController;
use App\Http\Controllers\Api\Settings\ConfigurationAdminController;
use App\Http\Controllers\Api\Notifications\NotificationController as ApiNotificationController;
use App\Http\Controllers\Api\Utilities\PhoneFormatterController;
use App\Http\Controllers\Api\Settings\PreferencesController;
use App\Http\Controllers\Api\Settings\SettingsController;
use App\Http\Controllers\Api\Classes\ClassController as ClassSectionController;
use App\Http\Controllers\Api\Attendance\AdminAttendanceApiController;
use App\Http\Controllers\Api\Attendance\AttendanceCommentTemplateController;
use App\Http\Controllers\Api\Attendance\TeacherAttendanceApiController;
use App\Http\Controllers\Api\Attendance\StaffAttendanceApiController;
use App\Http\Controllers\Api\Utilities\ProofreadController;
use App\Http\Controllers\Api\PrintRequests\PrintRequestsController;
use App\Http\Controllers\Api\BadgeScan\BadgeScanController;
use App\Http\Controllers\Api\Documentation\ApiDocsAdminController;
use App\Http\Controllers\Api\Documentation\DocsCatalogController;
use App\Http\Controllers\Api\Parents\AuthorizedUserInviteController;
use App\Http\Controllers\Api\Administrator\AdministratorPromotionController;
use App\Http\Controllers\Api\Parents\ParentPromotionController;
use App\Http\Controllers\Api\Public\PublicWinnersController;
use App\Http\Controllers\Api\ScannerController;
use App\Http\Controllers\Api\Staff\TimeOffNotificationController;
use App\Http\Controllers\Api\System\AccessDeniedController;
use App\Http\Controllers\Api\Certificates\CertificateController;
// CodeIgniter also registers POST /api/login and POST /api/register (public, no /v1).
Route::post('login', [AuthController::class, 'login']);
Route::post('register', [RegisterController::class, 'store']);
/*
| CodeIgniter POST /api/proofread (LanguageTool proxy; session or Bearer like CI auth filter).
*/
Route::post('proofread', [ProofreadController::class, 'check'])->middleware('teacher.portal.auth');
Route::get('documentation/swagger.json', [DocsCatalogController::class, 'swaggerMergedJson'])
->name('docs.swagger-json');
Route::prefix('documentation')->group(function () {
Route::get('/', [DocsCatalogController::class, 'index'])->name('docs.index');
Route::get('/swagger', [DocsCatalogController::class, 'swagger'])->name('docs.swagger.catalog');
});
Route::middleware('auth.docs')->group(function () {
Route::get('docs', [ApiDocsAdminController::class, 'index'])->name('api-docs.index');
});
Route::get('docs/public', [ApiDocsAdminController::class, 'public'])->name('api-docs.public');
Route::get('access_denied', [AccessDeniedController::class, 'accessDenied'])->name('access_denied');
Route::get('timeoff/notify/{token}', [TimeOffNotificationController::class, 'notify'])
->where('token', '[^/]+')
->name('api.timeoff.notify');
Route::prefix('winners/competitions')->group(function () {
Route::get('/', [PublicWinnersController::class, 'competitionIndex']);
Route::get('{id}', [PublicWinnersController::class, 'competitionShow'])->whereNumber('id');
});
Route::get('confirm_authorized_user', [AuthorizedUserInviteController::class, 'confirm'])
->name('api.invite.confirm');
Route::get('set_authorized_user_password/{authorizedUserId}', [AuthorizedUserInviteController::class, 'setPasswordForm'])
->whereNumber('authorizedUserId')
->name('api.invite.set-password-form');
Route::post('set_authorized_user_password/{authorizedUserId}', [AuthorizedUserInviteController::class, 'savePassword'])
->whereNumber('authorizedUserId')
->name('api.invite.set-password');
/*
| Legacy paths without /v1: POST cannot use 301 reliably; alias to same handlers as v1 (auth:api).
| GET uses 301 to canonical /api/v1/...
*/
Route::middleware('auth:api')->prefix('attendance-templates')->group(function () {
Route::post('save', [AttendanceCommentTemplateController::class, 'legacySave']);
Route::post('delete', [AttendanceCommentTemplateController::class, 'legacyDelete']);
});
Route::permanentRedirect('attendance-templates', '/api/v1/attendance-templates');
Route::permanentRedirect('attendance-comment-templates', '/api/v1/attendance-comment-templates');
Route::permanentRedirect('attendance-comment-templates/list-data', '/api/v1/attendance-comment-templates/list-data');
Route::permanentRedirect('administrator/attendance-templates', '/api/v1/administrator/attendance-templates');
Route::prefix('v1')->group(function () {
// Parity with CodeIgniter: POST /api/v1/login and POST /api/v1/register (public, no /auth prefix)
Route::post('login', [AuthController::class, 'login']);
Route::post('register', [RegisterController::class, 'store']);
Route::prefix('auth')->group(function () {
Route::get('register/captcha', [RegisterController::class, 'captcha']);
Route::post('register', [RegisterController::class, 'store']);
Route::post('login', [AuthController::class, 'login']);
Route::post('refresh', [AuthController::class, 'refresh'])->middleware('jwt.auth');
Route::post('logout', [AuthController::class, 'logout'])->middleware('auth:api');
Route::get('me', [AuthController::class, 'me'])->middleware('auth:api');
});
Route::prefix('policies')->group(function () {
Route::get('school', [PolicyController::class, 'school']);
Route::get('picture', [PolicyController::class, 'picture']);
});
Route::prefix('pages')->group(function () {
Route::get('privacy', [PageController::class, 'privacyPolicy']);
Route::get('terms', [PageController::class, 'termsOfService']);
Route::get('help', [PageController::class, 'helpCenter']);
Route::post('contact', [PageController::class, 'submitContact']);
});
Route::post('contact', [SupportContactController::class, 'send']);
/*
| Badge scan kiosk (public, throttled). Logs: authenticated staff (legacy CI RFIDController).
*/
Route::post('badge_scan/scan', [BadgeScanController::class, 'scan'])
->middleware('throttle:120,1');
Route::post('scanner/process', [ScannerController::class, 'process'])
->middleware('throttle:120,1');
Route::prefix('frontend')->group(function () {
Route::get('/', [FrontendController::class, 'index']);
Route::get('facility', [FrontendController::class, 'facility']);
Route::get('team', [FrontendController::class, 'team']);
Route::get('call-to-action', [FrontendController::class, 'callToAction']);
Route::get('testimonial', [FrontendController::class, 'testimonial']);
Route::get('not-found', [FrontendController::class, 'notFound']);
Route::get('me', [FrontendController::class, 'fetchUser'])->middleware('auth:api');
});
Route::get('health', [HealthController::class, 'index']);
Route::get('system/db-check', [DatabaseHealthController::class, 'index']);
Route::middleware('auth:api')->prefix('preferences')->group(function () {
Route::get('/', [PreferencesController::class, 'show']);
Route::post('/', [PreferencesController::class, 'store']);
Route::get('list', [PreferencesController::class, 'index']);
Route::get('{userId}', [PreferencesController::class, 'showForUser']);
Route::put('{userId}', [PreferencesController::class, 'updateForUser']);
Route::delete('{userId}', [PreferencesController::class, 'destroy']);
});
Route::middleware('auth:api')->prefix('nav-builder')->group(function () {
Route::get('menu', [NavBuilderController::class, 'menu']);
Route::get('data', [NavBuilderController::class, 'data']);
Route::post('/', [NavBuilderController::class, 'store']);
Route::delete('{id}', [NavBuilderController::class, 'destroy']);
Route::post('reorder', [NavBuilderController::class, 'reorder']);
});
Route::middleware(['auth:api', 'badge_scan.logs'])->get('badge_scan/logs', [BadgeScanController::class, 'logs']);
Route::middleware('auth:api')->prefix('landing')->group(function () {
Route::get('/', [LandingPageController::class, 'index']);
Route::get('teacher', [LandingPageController::class, 'teacher']);
Route::get('parent', [LandingPageController::class, 'parent']);
Route::get('administrator', [LandingPageController::class, 'administrator']);
Route::get('admin', [LandingPageController::class, 'admin']);
Route::get('student', [LandingPageController::class, 'student']);
Route::get('guest', [LandingPageController::class, 'guest']);
});
/*
| Print requests (CodeIgniter PrintRequests — teacher/admin JSON + uploads).
*/
Route::middleware('auth:api')->prefix('print-requests')->group(function () {
Route::middleware('print_requests.teacher')->group(function () {
Route::get('teacher', [PrintRequestsController::class, 'teacher']);
Route::post('/', [PrintRequestsController::class, 'store']);
Route::patch('{id}', [PrintRequestsController::class, 'teacherUpdate'])->whereNumber('id');
Route::delete('{id}', [PrintRequestsController::class, 'destroy'])->whereNumber('id');
Route::post('hand-copy', [PrintRequestsController::class, 'handCopy']);
Route::post('{id}/copy', [PrintRequestsController::class, 'copy'])->whereNumber('id');
});
Route::middleware('print_requests.admin')->group(function () {
Route::get('admin', [PrintRequestsController::class, 'admin']);
Route::patch('{id}/status', [PrintRequestsController::class, 'adminStatus'])->whereNumber('id');
});
Route::get('{id}/file', [PrintRequestsController::class, 'download'])->whereNumber('id');
});
Route::middleware('auth:api')->prefix('info-icon')->group(function () {
Route::get('profile', [InfoIconController::class, 'profileIcon']);
});
Route::middleware(['auth:api', 'admin.access'])->prefix('administrator')->group(function () {
Route::get('attendance-templates', [AttendanceCommentTemplateController::class, 'bootstrapUrls'])
->name('api.v1.administrator.attendance-templates.bootstrap');
Route::get('absence', [AdministratorAbsenceController::class, 'index']);
Route::post('absence', [AdministratorAbsenceController::class, 'store']);
Route::get('dashboard/metrics', [AdministratorDashboardController::class, 'metrics']);
Route::get('dashboard/user-search', [AdministratorDashboardController::class, 'userSearch']);
Route::get('teacher-submissions', [AdministratorTeacherSubmissionController::class, 'index']);
Route::post('teacher-submissions/notify', [AdministratorTeacherSubmissionController::class, 'notify']);
Route::get('teacher-class/assignments', [TeacherClassAssignmentController::class, 'index']);
Route::post('teacher-class/assign', [TeacherClassAssignmentController::class, 'store']);
Route::post('teacher-class/delete', [TeacherClassAssignmentController::class, 'destroy']);
Route::get('notifications/alerts', [AdministratorNotificationController::class, 'alerts']);
Route::post('notifications/alerts', [AdministratorNotificationController::class, 'saveAlerts']);
Route::get('notifications/print-recipients', [AdministratorNotificationController::class, 'printRecipients']);
Route::post('notifications/print-recipients', [AdministratorNotificationController::class, 'savePrintRecipients']);
Route::get('enrollment-withdrawal', [AdministratorEnrollmentController::class, 'index']);
Route::get('enrollment-withdrawal/new-students', [AdministratorEnrollmentController::class, 'newStudents']);
Route::post('enrollment-withdrawal/update-statuses', [AdministratorEnrollmentController::class, 'updateStatuses']);
Route::get('enroll-withdrawal', [AdministratorEnrollmentController::class, 'index']);
Route::get('enroll-withdrawal/new-students', [AdministratorEnrollmentController::class, 'newStudents']);
Route::post('enroll-withdrawal/update-statuses', [AdministratorEnrollmentController::class, 'updateStatuses']);
Route::prefix('promotions')->group(function () {
Route::get('/', [AdministratorPromotionController::class, 'index']);
Route::get('summary', [AdministratorPromotionController::class, 'summary']);
Route::post('evaluate', [AdministratorPromotionController::class, 'evaluate']);
Route::post('reminders/dispatch', [AdministratorPromotionController::class, 'dispatchScheduledReminders']);
Route::post('deadlines/expire', [AdministratorPromotionController::class, 'expireDeadlines']);
Route::post('deadlines', [AdministratorPromotionController::class, 'setDeadline']);
Route::prefix('levels')->group(function () {
Route::get('/', [AdministratorPromotionController::class, 'levelProgressions']);
Route::post('/', [AdministratorPromotionController::class, 'upsertLevelProgression']);
Route::post('seed', [AdministratorPromotionController::class, 'seedLevelProgressions']);
});
Route::get('{promotionId}', [AdministratorPromotionController::class, 'show'])->whereNumber('promotionId');
Route::patch('{promotionId}/status', [AdministratorPromotionController::class, 'updateStatus'])->whereNumber('promotionId');
Route::post('{promotionId}/deadline', [AdministratorPromotionController::class, 'setDeadline'])->whereNumber('promotionId');
Route::post('{promotionId}/reminders', [AdministratorPromotionController::class, 'sendReminder'])->whereNumber('promotionId');
Route::get('{promotionId}/reminders', [AdministratorPromotionController::class, 'reminders'])->whereNumber('promotionId');
Route::get('{promotionId}/audit', [AdministratorPromotionController::class, 'audit'])->whereNumber('promotionId');
Route::patch('{promotionId}/enrollment-steps', [AdministratorPromotionController::class, 'adminCompleteEnrollment'])->whereNumber('promotionId');
});
Route::get('emergency-contacts', [AdministratorEmergencyContactController::class, 'index']);
Route::get('emergency-contacts/data', [AdministratorEmergencyContactController::class, 'index']);
Route::get('emergency-contacts/{contactId}', [AdministratorEmergencyContactController::class, 'show']);
Route::patch('emergency-contacts/{contactId}', [AdministratorEmergencyContactController::class, 'update']);
Route::delete('emergency-contacts/{contactId}', [AdministratorEmergencyContactController::class, 'destroy']);
Route::prefix('staff')->group(function () {
Route::get('/', [StaffController::class, 'index']);
Route::get('{id}', [StaffController::class, 'show']);
Route::post('/', [StaffController::class, 'store']);
Route::patch('{id}', [StaffController::class, 'update']);
Route::delete('{id}', [StaffController::class, 'destroy']);
});
Route::prefix('flags')->group(function () {
Route::get('pending', [IncidentApiController::class, 'current']);
Route::get('form-meta', [IncidentApiController::class, 'formMeta']);
Route::get('students/{gradeId}', [IncidentApiController::class, 'studentsByGrade']);
Route::get('processed', [IncidentApiController::class, 'processed']);
Route::get('analysis', [IncidentApiController::class, 'analysis']);
Route::post('/', [IncidentApiController::class, 'store']);
Route::post('{incidentId}/state', [IncidentApiController::class, 'updateState']);
Route::post('{incidentId}/close', [IncidentApiController::class, 'close']);
Route::post('{incidentId}/cancel', [IncidentApiController::class, 'cancel']);
});
Route::prefix('grading')->group(function () {
Route::get('homework-tracking', [HomeworkTrackingController::class, 'index']);
});
Route::prefix('expenses')->group(function () {
Route::get('/', [ExpenseController::class, 'index']);
Route::get('options', [ExpenseController::class, 'options']);
Route::get('{id}', [ExpenseController::class, 'show']);
Route::post('/', [ExpenseController::class, 'store']);
Route::put('{id}', [ExpenseController::class, 'update']);
Route::post('{id}/status', [ExpenseController::class, 'updateStatus']);
});
Route::prefix('reports')->group(function () {
Route::get('financial-detailed', [FinancialController::class, 'report']);
});
Route::prefix('invoices')->group(function () {
Route::get('management', [InvoiceController::class, 'management']);
});
Route::prefix('paypal-transactions')->group(function () {
Route::get('/', [PaypalTransactionsController::class, 'index']);
Route::get('csv', [PaypalTransactionsController::class, 'downloadCsv']);
});
Route::prefix('reimbursements')->group(function () {
Route::get('under-processing', [ReimbursementController::class, 'underProcessing']);
Route::post('mark-donation', [ReimbursementController::class, 'markDonation']);
Route::post('batches', [ReimbursementController::class, 'createBatch']);
Route::post('batches/assign', [ReimbursementController::class, 'updateBatchAssignment']);
Route::post('batches/lock', [ReimbursementController::class, 'lockBatch']);
Route::post('batches/admin-files', [ReimbursementController::class, 'uploadBatchAdminFile']);
Route::get('batches/admin-files/{name}/{mode?}', [ReimbursementController::class, 'serveAdminCheckFile']);
Route::post('batches/email', [ReimbursementController::class, 'sendBatchEmail']);
Route::get('export', [ReimbursementController::class, 'export']);
Route::get('batches/export', [ReimbursementController::class, 'exportBatch']);
Route::get('reimbursed-expenses', [ReimbursementController::class, 'reimbursedExpenses']);
Route::get('/', [ReimbursementController::class, 'index']);
Route::post('/', [ReimbursementController::class, 'store']);
Route::post('process', [ReimbursementController::class, 'process']);
Route::put('{id}', [ReimbursementController::class, 'update']);
});
Route::prefix('printables')->group(function () {
Route::prefix('badges')->group(function () {
Route::get('form-options', [BadgeController::class, 'formData']);
});
Route::prefix('report-card')->group(function () {
Route::get('meta', [ReportCardsController::class, 'meta']);
});
});
Route::prefix('certificates')->group(function () {
Route::get('form-options', [CertificateController::class, 'formOptions']);
Route::post('generate', [CertificateController::class, 'generate']);
});
Route::middleware('admin.access')->prefix('role-permission')->group(function () {
Route::get('roles', [RolePermissionController::class, 'roles']);
Route::post('roles', [RolePermissionController::class, 'storeRole']);
Route::get('roles/{roleId}', [RolePermissionController::class, 'showRole']);
Route::patch('roles/{roleId}', [RolePermissionController::class, 'updateRole']);
Route::delete('roles/{roleId}', [RolePermissionController::class, 'deleteRole']);
Route::get('users', [RolePermissionController::class, 'users']);
Route::post('users/{userId}/roles', [RolePermissionController::class, 'assignRoles']);
Route::get('permissions', [RolePermissionController::class, 'permissions']);
Route::post('permissions', [RolePermissionController::class, 'storePermission']);
Route::get('permissions/{permissionId}', [RolePermissionController::class, 'showPermission']);
Route::patch('permissions/{permissionId}', [RolePermissionController::class, 'updatePermission']);
Route::delete('permissions/{permissionId}', [RolePermissionController::class, 'deletePermission']);
Route::get('roles/{roleId}/permissions', [RolePermissionController::class, 'rolePermissions']);
Route::put('roles/{roleId}/permissions', [RolePermissionController::class, 'updateRolePermissions']);
});
});
Route::middleware('auth:api')->prefix('attendance')->group(function () {
// Teacher
Route::get('/teacher/grid', [TeacherAttendanceApiController::class, 'grid']);
Route::get('/teacher/form', [TeacherAttendanceApiController::class, 'form']);
Route::post('/teacher/submit', [TeacherAttendanceApiController::class, 'submit']);
// Admin daily/student attendance
Route::get('/admin/daily', [AdminAttendanceApiController::class, 'dailyData']);
Route::post('/admin/update', [AdminAttendanceApiController::class, 'updateManagement']);
Route::post('/admin/add-entry', [AdminAttendanceApiController::class, 'addEntry']);
// Staff/admin monthly/admin attendance
Route::get('/staff/month', [StaffAttendanceApiController::class, 'monthData']);
Route::get('/staff/admins', [StaffAttendanceApiController::class, 'admins']);
Route::post('/staff/admins/save', [StaffAttendanceApiController::class, 'saveAdmins']);
Route::post('/staff/cell', [StaffAttendanceApiController::class, 'saveCell']);
Route::get('/staff/month-csv', [StaffAttendanceApiController::class, 'monthCsv']);
Route::prefix('late-slip-logs')->group(function () {
Route::get('/', [LateSlipLogsController::class, 'index']);
Route::get('{id}', [LateSlipLogsController::class, 'show']);
Route::delete('{id}', [LateSlipLogsController::class, 'destroy']);
});
Route::prefix('early-dismissals')->group(function () {
Route::get('/', [EarlyDismissalsController::class, 'index']);
Route::get('/student-options', [EarlyDismissalsController::class, 'studentOptions']);
Route::post('/', [EarlyDismissalsController::class, 'store']);
Route::post('/signature', [EarlyDismissalsController::class, 'uploadSignature']);
});
});
Route::middleware('auth:api')->prefix('attendance-tracking')->group(function () {
Route::get('/pending-violations', [AttendanceTrackingController::class, 'pendingViolations']);
Route::get('/notified-violations', [AttendanceTrackingController::class, 'notifiedViolations']);
Route::get('/student-case/{studentId}', [AttendanceTrackingController::class, 'studentCase']);
Route::post('/record', [AttendanceTrackingController::class, 'record']);
Route::post('/send-auto-emails', [AttendanceTrackingController::class, 'sendAutoEmails']);
Route::get('/compose', [AttendanceTrackingController::class, 'compose']);
Route::post('/send-manual-email', [AttendanceTrackingController::class, 'sendManualEmail']);
Route::get('/parents-info', [AttendanceTrackingController::class, 'parentsInfo']);
Route::post('/save-notification-note', [AttendanceTrackingController::class, 'saveNotificationNote']);
});
Route::middleware('auth:api')->prefix('attendance-comment-templates')->group(function () {
Route::get('/', [AttendanceCommentTemplateController::class, 'index'])->name('api.v1.attendance-comment-templates.index');
Route::get('list-data', [AttendanceCommentTemplateController::class, 'listData'])
->name('api.v1.attendance-comment-templates.list-data');
Route::get('{id}', [AttendanceCommentTemplateController::class, 'show']);
Route::post('/', [AttendanceCommentTemplateController::class, 'store']);
Route::put('{id}', [AttendanceCommentTemplateController::class, 'update']);
Route::delete('{id}', [AttendanceCommentTemplateController::class, 'destroy']);
});
/*
| CodeIgniter View\AttendanceCommentTemplateController — legacy list/save/delete (auth:api).
*/
Route::middleware('auth:api')->prefix('attendance-templates')->group(function () {
Route::get('/', [AttendanceCommentTemplateController::class, 'listData'])->name('api.v1.attendance-templates.legacy');
Route::post('save', [AttendanceCommentTemplateController::class, 'legacySave']);
Route::post('delete', [AttendanceCommentTemplateController::class, 'legacyDelete']);
});
Route::middleware('auth:api')->prefix('assignments')->group(function () {
Route::get('/', [AssignmentApiController::class, 'index']);
Route::post('/', [AssignmentApiController::class, 'store']);
Route::get('/class-assignment-data', [AssignmentApiController::class, 'classAssignmentData']);
});
Route::middleware('auth:api')->group(function () {
// Legacy alias: same handler as GET /api/v1/scores/homework
Route::get('teacher/homework-list', [HomeworkScoreController::class, 'index']);
// Legacy alias: teacher add-homework page and save action
Route::get('teacher/add-homework', [HomeworkScoreController::class, 'index']);
Route::post('teacher/add-homework', [HomeworkScoreController::class, 'update']);
// Legacy alias: teacher add-quiz page and save action
Route::get('teacher/add-quiz', [QuizScoreController::class, 'index']);
Route::post('teacher/add-quiz', [QuizScoreController::class, 'update']);
// Legacy alias: teacher add quiz column
Route::get('teacher/add-quiz-column-form', [QuizScoreController::class, 'index']);
Route::post('teacher/add-quiz-column-form', [QuizScoreController::class, 'addColumn']);
// Legacy alias: teacher add-midterm-exam page and save action
Route::get('teacher/add-midterm-exam', [MidtermScoreController::class, 'index']);
Route::post('teacher/add-midterm-exam', [MidtermScoreController::class, 'update']);
// Legacy alias: teacher add-final-exam page and save action
Route::get('teacher/add-final-exam', [FinalScoreController::class, 'index']);
Route::post('teacher/add-final-exam', [FinalScoreController::class, 'update']);
// Legacy alias: teacher add-participation page and save action
Route::get('teacher/add-participation', [ParticipationScoreController::class, 'index']);
Route::post('teacher/add-participation', [ParticipationScoreController::class, 'update']);
// Legacy alias: teacher add-project page and save action
Route::get('teacher/add-project', [ProjectScoreController::class, 'index']);
Route::post('teacher/add-project', [ProjectScoreController::class, 'update']);
// Legacy alias: teacher assignment management screen
Route::get('teacher/teacher-assignment', [TeacherClassAssignmentController::class, 'index']);
// Legacy alias: teacher exam drafts
Route::get('teacher/exam-drafts', [ExamDraftApiController::class, 'teacherIndex']);
Route::post('teacher/exam-drafts', [ExamDraftApiController::class, 'teacherStore']);
Route::get('teacher/drafts', [ExamDraftApiController::class, 'teacherIndex']);
Route::post('teacher/drafts', [ExamDraftApiController::class, 'teacherStore']);
// Legacy alias: teacher inventory book distribution form/save
Route::get('teacher/inventory/books/distribute', [InventoryController::class, 'teacherDistribution']);
Route::post('teacher/inventory/books/distribute', [InventoryController::class, 'teacherDistributionStore']);
// Legacy alias: teacher print request bootstrap/context
Route::get('teacher/print-requests/context', [PrintRequestsController::class, 'teacher']);
// Legacy alias: same handler as GET /api/v1/teachers/classes (class dashboard / roster)
Route::get('teacher/class-view', [TeacherController::class, 'classes']);
Route::get('teacher/no-classes', [TeacherController::class, 'classes']);
Route::get('teacher/select-semester', function () {
return response()->json([
'ok' => true,
'school_year' => \App\Models\Configuration::getConfig('school_year'),
'semester' => \App\Models\Configuration::getConfig('semester'),
'semester_options' => ['Fall', 'Spring'],
]);
});
Route::get('teacher/absence-vacation', [TeacherController::class, 'absenceForm']);
Route::post('teacher/absence-vacation', [TeacherController::class, 'submitAbsence']);
// Legacy CI paths: same handler as GET /api/v1/attendance/teacher/form
Route::get('teacher/showupdate-attendance', [TeacherAttendanceApiController::class, 'form']);
Route::get('teacher/showupdate_attendance', [TeacherAttendanceApiController::class, 'form']);
// Legacy alias: same handler as GET /api/v1/scores/overview (teacher score dashboard)
Route::get('teacher/scores', [ScoreDashboardController::class, 'overview']);
// Legacy alias: school calendar events with audience=teacher
Route::get('teacher/calendar', [SchoolCalendarController::class, 'teacherCalendarLegacy']);
// Legacy teacher progress submit page: GET loads form metadata, POST saves reports
Route::post('teacher/class-progress-submit', [ClassProgressController::class, 'store']);
Route::get('teacher/class-progress-submit', [ClassProgressController::class, 'legacySubmitForm']);
// Legacy teacher progress history page
Route::get('teacher/class-progress-history', [ClassProgressController::class, 'index']);
// Legacy teacher progress view page
Route::get('teacher/class-progress-view', [ClassProgressController::class, 'index']);
// Legacy alias: same handler as GET /api/v1/competition-scores
Route::get('teacher/competition-scores', [CompetitionScoresController::class, 'index']);
Route::get('dashboard/route', [DashboardController::class, 'route']);
Route::get('emergency-contacts', [AdministratorEmergencyContactController::class, 'index']);
Route::prefix('utilities/phone')->group(function () {
Route::post('format', [PhoneFormatterController::class, 'format']);
});
Route::prefix('ui')->group(function () {
Route::post('style', [UiController::class, 'style']);
});
Route::prefix('support')->group(function () {
Route::get('/', [ApiSupportController::class, 'index']);
Route::post('/', [ApiSupportController::class, 'store']);
Route::get('teacher', [ApiSupportController::class, 'teacher']);
});
Route::prefix('staff')->group(function () {
Route::get('/', [StaffController::class, 'index']);
Route::get('{id}', [StaffController::class, 'show']);
Route::post('/', [StaffController::class, 'store']);
Route::patch('{id}', [StaffController::class, 'update']);
Route::delete('{id}', [StaffController::class, 'destroy']);
});
Route::prefix('messages')->group(function () {
Route::get('/', [MessagesController::class, 'index']);
Route::get('inbox', [MessagesController::class, 'inbox']);
Route::get('sent', [MessagesController::class, 'sent']);
Route::get('drafts', [MessagesController::class, 'drafts']);
Route::get('trash', [MessagesController::class, 'trash']);
Route::post('/', [MessagesController::class, 'store']);
Route::post('receive', [MessagesController::class, 'receive']);
Route::get('recipients/{type}', [MessagesController::class, 'recipients']);
Route::get('{id}', [MessagesController::class, 'show']);
Route::patch('{id}', [MessagesController::class, 'update']);
Route::delete('{id}', [MessagesController::class, 'destroy']);
});
Route::prefix('settings')->group(function () {
Route::get('/', [SettingsController::class, 'index']);
Route::patch('/', [SettingsController::class, 'update']);
});
Route::prefix('ip-bans')->group(function () {
Route::get('/', [IpBanController::class, 'index']);
Route::get('{id}', [IpBanController::class, 'show']);
Route::post('ban', [IpBanController::class, 'ban']);
Route::post('unban', [IpBanController::class, 'unban']);
});
Route::prefix('class-sections')->group(function () {
Route::get('/', [ClassSectionController::class, 'index']);
Route::post('/', [ClassSectionController::class, 'store']);
Route::get('{classSection}', [ClassSectionController::class, 'show']);
Route::put('{classSection}', [ClassSectionController::class, 'update']);
Route::delete('{classSection}', [ClassSectionController::class, 'destroy']);
Route::get('{classSectionId}/attendance', [ClassSectionController::class, 'attendance']);
Route::post('seed-defaults', [ClassSectionController::class, 'seedDefaults']);
});
Route::get('stats', [StatsController::class, 'index']);
Route::prefix('notifications')->group(function () {
Route::get('/', [ApiNotificationController::class, 'index']);
Route::post('/', [ApiNotificationController::class, 'store']);
Route::get('active', [ApiNotificationController::class, 'active']);
Route::get('deleted', [ApiNotificationController::class, 'deleted']);
Route::get('{notificationId}', [ApiNotificationController::class, 'show']);
Route::patch('{notificationId}', [ApiNotificationController::class, 'update']);
Route::delete('{notificationId}', [ApiNotificationController::class, 'destroy']);
Route::post('{notificationId}/restore', [ApiNotificationController::class, 'restore']);
Route::post('{notificationId}/read', [ApiNotificationController::class, 'markRead']);
});
Route::middleware('admin.access')->prefix('role-permissions')->group(function () {
Route::get('roles', [RolePermissionController::class, 'roles']);
Route::post('roles', [RolePermissionController::class, 'storeRole']);
Route::get('roles/{roleId}', [RolePermissionController::class, 'showRole']);
Route::patch('roles/{roleId}', [RolePermissionController::class, 'updateRole']);
Route::delete('roles/{roleId}', [RolePermissionController::class, 'deleteRole']);
Route::get('users', [RolePermissionController::class, 'users']);
Route::post('users/{userId}/roles', [RolePermissionController::class, 'assignRoles']);
Route::get('permissions', [RolePermissionController::class, 'permissions']);
Route::post('permissions', [RolePermissionController::class, 'storePermission']);
Route::get('permissions/{permissionId}', [RolePermissionController::class, 'showPermission']);
Route::patch('permissions/{permissionId}', [RolePermissionController::class, 'updatePermission']);
Route::delete('permissions/{permissionId}', [RolePermissionController::class, 'deletePermission']);
Route::get('roles/{roleId}/permissions', [RolePermissionController::class, 'rolePermissions']);
Route::put('roles/{roleId}/permissions', [RolePermissionController::class, 'updateRolePermissions']);
});
Route::prefix('role-switcher')->group(function () {
Route::get('/', [RoleSwitcherController::class, 'index']);
Route::post('switch', [RoleSwitcherController::class, 'switch']);
});
Route::prefix('settings/school-calendar')->group(function () {
Route::get('options', [SchoolCalendarController::class, 'options']);
Route::get('events', [SchoolCalendarController::class, 'index']);
Route::get('events/{eventId}', [SchoolCalendarController::class, 'show']);
Route::post('events', [SchoolCalendarController::class, 'store']);
Route::patch('events/{eventId}', [SchoolCalendarController::class, 'update']);
Route::delete('events/{eventId}', [SchoolCalendarController::class, 'destroy']);
});
Route::prefix('settings/events')->group(function () {
Route::get('/', [EventController::class, 'index']);
Route::post('/', [EventController::class, 'store']);
Route::get('charges/list', [EventController::class, 'charges']);
Route::post('{eventId}/charges', [EventController::class, 'updateCharges']);
Route::get('charges/students', [EventController::class, 'studentsWithCharges']);
Route::get('{eventId}', [EventController::class, 'show']);
Route::patch('{eventId}', [EventController::class, 'update']);
Route::delete('{eventId}', [EventController::class, 'destroy']);
});
Route::prefix('whatsapp')->group(function () {
Route::get('links', [WhatsappController::class, 'index']);
Route::post('links', [WhatsappController::class, 'store']);
Route::get('links/{linkId}', [WhatsappController::class, 'show']);
Route::patch('links/{linkId}', [WhatsappController::class, 'update']);
Route::delete('links/{linkId}', [WhatsappController::class, 'destroy']);
Route::get('parent-contacts', [WhatsappController::class, 'parentContacts']);
Route::get('parent-contacts-by-class', [WhatsappController::class, 'parentContactsByClass']);
Route::post('invites/send', [WhatsappController::class, 'sendInvites']);
Route::post('membership', [WhatsappController::class, 'updateMembership']);
});
Route::prefix('teachers')->group(function () {
Route::get('classes', [TeacherController::class, 'classes']);
Route::post('classes/switch', [TeacherController::class, 'switchClass']);
Route::get('absence/form', [TeacherController::class, 'absenceForm']);
Route::post('absence', [TeacherController::class, 'submitAbsence']);
});
Route::prefix('students')->group(function () {
Route::get('/', [StudentApiController::class, 'index']);
Route::post('/', [StudentApiController::class, 'store']);
Route::get('score-card/selectable', [StudentApiController::class, 'scoreCardSelectable']);
Route::get('assignments', [StudentApiController::class, 'assignments']);
Route::post('assign-class', [StudentApiController::class, 'assignClass']);
Route::post('remove-class', [StudentApiController::class, 'removeClass']);
Route::get('removed', [StudentApiController::class, 'removed']);
Route::post('set-active', [StudentApiController::class, 'setActive']);
Route::post('auto-distribute', [StudentApiController::class, 'autoDistribute']);
Route::get('promotion-totals', [StudentApiController::class, 'promotionTotals']);
Route::patch('{studentId}', [StudentApiController::class, 'update']);
Route::delete('{studentId}', [StudentApiController::class, 'destroy']);
Route::get('{studentId}', [StudentApiController::class, 'show']);
Route::get('{studentId}/classes', [StudentApiController::class, 'classes']);
Route::post('{studentId}/classes', [StudentApiController::class, 'assignClassForStudent']);
Route::delete('{studentId}/classes/{classSectionId}', [StudentApiController::class, 'removeClassForStudent']);
Route::post('{studentId}/promote', [StudentApiController::class, 'promote']);
Route::get('{studentId}/attendance', [StudentApiController::class, 'attendance']);
Route::get('{studentId}/incidents', [StudentApiController::class, 'incidents']);
Route::get('{studentId}/scores', [StudentApiController::class, 'scores']);
Route::get('{studentId}/notes', [StudentApiController::class, 'notes']);
Route::get('{studentId}/parents', [StudentApiController::class, 'parents']);
Route::get('{studentId}/emergency-contacts', [StudentApiController::class, 'emergencyContacts']);
Route::post('{studentId}/emergency-contacts', [StudentApiController::class, 'addEmergencyContact']);
Route::patch('{studentId}/emergency-contacts/{contactId}', [StudentApiController::class, 'updateEmergencyContact']);
Route::post('{studentId}/badge_scan', [StudentApiController::class, 'updateBadgeScan']);
Route::post('{studentId}/photo', [StudentApiController::class, 'uploadPhoto']);
Route::get('{studentId}/photo', [StudentApiController::class, 'photo']);
Route::get('{studentId}/report-card', [ReportCardsController::class, 'studentReport'])
->name('api.v1.students.report-card');
Route::get('{studentId}/score-card', [StudentApiController::class, 'scoreCard']);
});
Route::middleware('parent.access')->prefix('parents')->group(function () {
Route::get('attendance', [ParentApiController::class, 'attendance']);
Route::get('invoices', [ParentApiController::class, 'invoices']);
Route::get('enrollments', [ParentApiController::class, 'enrollments']);
Route::post('enrollments', [ParentApiController::class, 'updateEnrollments']);
Route::prefix('promotions')->group(function () {
Route::get('/', [ParentPromotionController::class, 'overview']);
Route::get('{promotionId}', [ParentPromotionController::class, 'show'])->whereNumber('promotionId');
Route::post('{promotionId}/start', [ParentPromotionController::class, 'start'])->whereNumber('promotionId');
Route::patch('{promotionId}/steps', [ParentPromotionController::class, 'updateSteps'])->whereNumber('promotionId');
Route::post('{promotionId}/submit', [ParentPromotionController::class, 'submit'])->whereNumber('promotionId');
});
Route::get('registration', [ParentApiController::class, 'registration']);
Route::post('registration', [ParentApiController::class, 'storeRegistration']);
Route::patch('students/{studentId}', [ParentApiController::class, 'updateStudent']);
Route::delete('students/{studentId}', [ParentApiController::class, 'deleteStudent']);
Route::get('emergency-contacts', [ParentApiController::class, 'emergencyContacts']);
Route::post('emergency-contacts', [ParentApiController::class, 'storeEmergencyContact']);
Route::patch('emergency-contacts/{contactId}', [ParentApiController::class, 'updateEmergencyContact']);
Route::get('profile', [ParentApiController::class, 'profile']);
Route::patch('profile', [ParentApiController::class, 'updateProfile']);
Route::get('events', [ParentApiController::class, 'events']);
Route::post('events/participation', [ParentApiController::class, 'updateParticipation']);
Route::get('attendance-reports/form', [ParentAttendanceReportApiController::class, 'form']);
Route::post('attendance-reports', [ParentAttendanceReportApiController::class, 'submit']);
Route::get('attendance-reports', [ParentAttendanceReportApiController::class, 'list']);
Route::post('attendance-reports/check-existing', [ParentAttendanceReportApiController::class, 'checkExisting']);
Route::patch('attendance-reports/{reportId}', [ParentAttendanceReportApiController::class, 'update']);
Route::get('authorized-users', [AuthorizedUsersController::class, 'index']);
Route::get('authorized-users/{id}', [AuthorizedUsersController::class, 'show'])->whereNumber('id');
Route::post('authorized-users', [AuthorizedUsersController::class, 'store']);
Route::patch('authorized-users/{id}', [AuthorizedUsersController::class, 'update'])->whereNumber('id');
Route::delete('authorized-users/{id}', [AuthorizedUsersController::class, 'destroy'])->whereNumber('id');
});
Route::middleware('admin.access')->prefix('users')->group(function () {
Route::get('/', [UserController::class, 'index']);
Route::post('/', [UserController::class, 'store']);
Route::get('login-activity', [UserController::class, 'loginActivity']);
Route::get('{userId}', [UserController::class, 'show']);
Route::put('{userId}', [UserController::class, 'update']);
Route::delete('{userId}', [UserController::class, 'destroy']);
});
Route::prefix('administrator')->group(function () {
Route::get('login-activity', [UserController::class, 'loginActivity']);
});
Route::prefix('broadcast-email')->group(function () {
Route::get('options', [BroadcastEmailController::class, 'options']);
Route::post('send', [BroadcastEmailController::class, 'send']);
Route::post('upload-image', [BroadcastEmailController::class, 'uploadImage']);
});
Route::prefix('email')->group(function () {
Route::get('senders', [EmailController::class, 'senders']);
Route::post('send', [EmailController::class, 'send']);
});
Route::prefix('email-extractor')->group(function () {
Route::get('emails', [EmailExtractorController::class, 'emails']);
Route::post('compare', [EmailExtractorController::class, 'compare']);
});
Route::prefix('communications')->group(function () {
Route::get('options', [CommunicationController::class, 'options']);
Route::get('students/{studentId}/families', [CommunicationController::class, 'families']);
Route::get('families/{familyId}/guardians', [CommunicationController::class, 'guardians']);
Route::post('preview', [CommunicationController::class, 'preview']);
Route::post('send', [CommunicationController::class, 'send']);
});
Route::prefix('inventory')->group(function () {
Route::get('items', [InventoryController::class, 'index']);
Route::get('items/{id}', [InventoryController::class, 'show']);
Route::post('items', [InventoryController::class, 'store']);
Route::patch('items/{id}', [InventoryController::class, 'update']);
Route::delete('items/{id}', [InventoryController::class, 'destroy']);
Route::post('items/{id}/audit', [InventoryController::class, 'audit']);
Route::post('items/{id}/adjust', [InventoryController::class, 'adjust']);
Route::get('summary/{type}', [InventoryController::class, 'summary']);
Route::get('summary-all', [InventoryController::class, 'summaryAll']);
Route::get('teacher-distribution', [InventoryController::class, 'teacherDistribution']);
Route::post('teacher-distribution', [InventoryController::class, 'teacherDistributionStore']);
Route::get('categories', [InventoryCategoryController::class, 'index']);
Route::post('categories', [InventoryCategoryController::class, 'store']);
Route::patch('categories/{id}', [InventoryCategoryController::class, 'update']);
Route::delete('categories/{id}', [InventoryCategoryController::class, 'destroy']);
Route::get('movements', [InventoryMovementController::class, 'index']);
Route::post('movements', [InventoryMovementController::class, 'store']);
Route::patch('movements/{id}', [InventoryMovementController::class, 'update']);
Route::delete('movements/{id}', [InventoryMovementController::class, 'destroy']);
Route::post('movements/bulk-delete', [InventoryMovementController::class, 'bulkDelete']);
Route::get('suppliers', [SupplierController::class, 'index']);
Route::post('suppliers', [SupplierController::class, 'store']);
Route::patch('suppliers/{id}', [SupplierController::class, 'update']);
Route::delete('suppliers/{id}', [SupplierController::class, 'destroy']);
Route::get('supply-categories', [SupplyCategoryController::class, 'index']);
Route::post('supply-categories', [SupplyCategoryController::class, 'store']);
Route::patch('supply-categories/{id}', [SupplyCategoryController::class, 'update']);
Route::delete('supply-categories/{id}', [SupplyCategoryController::class, 'destroy']);
});
Route::prefix('family-admin')->group(function () {
Route::get('/', [FamilyAdminController::class, 'index']);
Route::get('search', [FamilyAdminController::class, 'search']);
Route::get('card', [FamilyAdminController::class, 'card']);
Route::post('compose-email', [FamilyAdminController::class, 'composeEmail']);
});
Route::prefix('families')->group(function () {
Route::get('by-student/{studentId}', [FamilyController::class, 'familiesByStudent']);
Route::get('{familyId}/guardians', [FamilyController::class, 'guardiansByFamily']);
Route::post('bootstrap', [FamilyController::class, 'bootstrap']);
Route::post('attach-second/by-user', [FamilyController::class, 'attachSecondByUser']);
Route::post('attach-second/by-email', [FamilyController::class, 'attachSecondByEmail']);
Route::post('set-primary-home', [FamilyController::class, 'setPrimaryHome']);
Route::post('set-guardian-flags', [FamilyController::class, 'setGuardianFlags']);
Route::post('unlink-guardian', [FamilyController::class, 'unlinkGuardian']);
Route::post('unlink-student', [FamilyController::class, 'unlinkStudent']);
Route::post('import-legacy-second-parents', [FamilyController::class, 'importSecondParentsFromLegacy']);
});
Route::prefix('competition-scores')->group(function () {
Route::get('/', [CompetitionScoresController::class, 'index']);
Route::get('{id}', [CompetitionScoresController::class, 'edit']);
Route::post('{id}', [CompetitionScoresController::class, 'save']);
});
Route::prefix('discounts')->group(function () {
Route::get('/', [DiscountController::class, 'options']);
Route::get('options', [DiscountController::class, 'options']);
Route::post('apply', [DiscountController::class, 'apply']);
Route::get('vouchers', [DiscountController::class, 'listVouchers']);
Route::get('vouchers/{id}', [DiscountController::class, 'showVoucher']);
Route::post('vouchers', [DiscountController::class, 'storeVoucher']);
Route::put('vouchers/{id}', [DiscountController::class, 'updateVoucher']);
Route::delete('vouchers/{id}', [DiscountController::class, 'deleteVoucher']);
});
Route::prefix('expenses')->group(function () {
Route::get('/', [ExpenseController::class, 'index']);
Route::get('options', [ExpenseController::class, 'options']);
Route::get('{id}', [ExpenseController::class, 'show']);
Route::post('/', [ExpenseController::class, 'store']);
Route::put('{id}', [ExpenseController::class, 'update']);
Route::post('{id}/status', [ExpenseController::class, 'updateStatus']);
});
Route::prefix('finance')->group(function () {
Route::get('financial-report', [FinancialController::class, 'report']);
Route::get('financial-summary', [FinancialController::class, 'summary']);
Route::get('financial-report/csv', [FinancialController::class, 'downloadCsv']);
Route::get('financial-report/pdf', [FinancialController::class, 'downloadPdf']);
Route::get('unpaid-parents', [FinancialController::class, 'unpaidParents']);
Route::post('fees/refund', [FeeCalculationController::class, 'refund']);
Route::post('fees/tuition-total', [FeeCalculationController::class, 'tuitionTotal']);
Route::post('fees/tuition-breakdown', [FeeCalculationController::class, 'tuitionBreakdown']);
Route::post('fees/family-balance', [FeeCalculationController::class, 'familyBalance']);
Route::prefix('fees/charges')->group(function () {
Route::get('/', [ChargeController::class, 'index']);
Route::post('extra', [ChargeController::class, 'storeExtra']);
Route::post('event', [ChargeController::class, 'storeEvent']);
Route::post('extra/{id}/cancel', [ChargeController::class, 'cancelExtra']);
Route::post('extra/{id}/apply', [ChargeController::class, 'applyExtra']);
Route::post('event/{id}/cancel', [ChargeController::class, 'cancelEvent']);
Route::post('event/{id}/mark-paid', [ChargeController::class, 'markEventPaid']);
});
Route::prefix('refunds')->group(function () {
Route::post('recalculate-overpayments', [RefundController::class, 'recalculateOverpayments']);
Route::get('parent-balances/{parentId}', [RefundController::class, 'parentBalances']);
Route::get('/', [RefundController::class, 'index']);
Route::post('/', [RefundController::class, 'store']);
Route::get('{refundId}', [RefundController::class, 'show']);
Route::patch('{refundId}', [RefundController::class, 'update']);
Route::delete('{refundId}', [RefundController::class, 'destroy']);
Route::post('{refundId}/approve', [RefundController::class, 'approve']);
Route::post('{refundId}/reject', [RefundController::class, 'reject']);
Route::post('{refundId}/payments', [RefundController::class, 'recordPayment']);
});
Route::prefix('reimbursements')->group(function () {
Route::get('under-processing', [ReimbursementController::class, 'underProcessing']);
Route::post('mark-donation', [ReimbursementController::class, 'markDonation']);
Route::post('batches', [ReimbursementController::class, 'createBatch']);
Route::post('batches/assign', [ReimbursementController::class, 'updateBatchAssignment']);
Route::post('batches/lock', [ReimbursementController::class, 'lockBatch']);
Route::post('batches/admin-files', [ReimbursementController::class, 'uploadBatchAdminFile']);
Route::get('batches/admin-files/{name}/{mode?}', [ReimbursementController::class, 'serveAdminCheckFile'])
->name('api.v1.finance.reimbursements.admin-file');
Route::post('batches/email', [ReimbursementController::class, 'sendBatchEmail']);
Route::get('export', [ReimbursementController::class, 'export']);
Route::get('batches/export', [ReimbursementController::class, 'exportBatch']);
Route::get('reimbursed-expenses', [ReimbursementController::class, 'reimbursedExpenses']);
Route::get('/', [ReimbursementController::class, 'index']);
Route::post('/', [ReimbursementController::class, 'store']);
Route::post('process', [ReimbursementController::class, 'process']);
Route::put('{id}', [ReimbursementController::class, 'update']);
});
Route::prefix('purchase-orders')->group(function () {
Route::get('/', [PurchaseOrderController::class, 'index']);
Route::get('options', [PurchaseOrderController::class, 'options']);
Route::get('{id}', [PurchaseOrderController::class, 'show']);
Route::post('/', [PurchaseOrderController::class, 'store']);
Route::post('{id}/receive', [PurchaseOrderController::class, 'receive']);
Route::post('{id}/cancel', [PurchaseOrderController::class, 'cancel']);
});
Route::prefix('invoices')->group(function () {
Route::get('management', [InvoiceController::class, 'management']);
Route::post('generate', [InvoiceController::class, 'generate']);
Route::get('parent/{parentId}', [InvoiceController::class, 'byParent']);
Route::get('parent-payment', [InvoiceController::class, 'parentPayment']);
Route::post('{invoiceId}/status', [InvoiceController::class, 'updateStatus']);
Route::get('unpaid', [InvoiceController::class, 'unpaid']);
Route::get('{invoiceId}/pdf', [InvoiceController::class, 'pdf']);
});
Route::prefix('payments')->group(function () {
Route::post('/', [PaymentController::class, 'store']);
Route::get('parent/{parentId}', [PaymentController::class, 'byParent']);
Route::post('{paymentId}/balance', [PaymentController::class, 'updateBalance']);
});
Route::prefix('manual-pay')->group(function () {
Route::get('search', [PaymentManualController::class, 'search']);
Route::get('suggest', [PaymentManualController::class, 'suggest']);
Route::post('invoices/{invoiceId}/payments', [PaymentManualController::class, 'record']);
Route::put('payments/{paymentId}', [PaymentManualController::class, 'edit']);
Route::get('files/{filename}', [PaymentManualController::class, 'file']);
});
Route::prefix('event-charges')->group(function () {
Route::get('/', [PaymentEventChargesController::class, 'index']);
Route::post('/', [PaymentEventChargesController::class, 'store']);
Route::get('parents/{parentId}/students', [PaymentEventChargesController::class, 'enrolledStudents']);
});
Route::prefix('payment-notifications')->group(function () {
Route::get('/', [PaymentNotificationController::class, 'index']);
Route::post('send', [PaymentNotificationController::class, 'send']);
});
Route::prefix('payment-transactions')->group(function () {
Route::post('/', [PaymentTransactionController::class, 'store']);
Route::get('payment/{paymentId}', [PaymentTransactionController::class, 'byPayment']);
Route::post('{transactionId}/status', [PaymentTransactionController::class, 'updateStatus']);
});
Route::prefix('paypal-transactions')->group(function () {
Route::get('/', [PaypalTransactionsController::class, 'index']);
Route::get('csv', [PaypalTransactionsController::class, 'downloadCsv']);
});
Route::prefix('paypal')->group(function () {
Route::get('redirect', [PaypalPaymentController::class, 'redirect']);
Route::post('payments/{paymentId}/create', [PaypalPaymentController::class, 'create']);
Route::post('execute', [PaypalPaymentController::class, 'execute'])->name('api.v1.finance.paypal.execute');
Route::get('cancel', [PaypalPaymentController::class, 'cancel'])->name('api.v1.finance.paypal.cancel');
});
});
Route::prefix('files')->group(function () {
Route::get('receipts/{name}', [FilesController::class, 'receipt'])->name('api.v1.files.receipt');
Route::get('reimbursements/{name}', [FilesController::class, 'reimb'])->name('api.v1.files.reimbursement');
Route::get('early-dismissal/{name}', [FilesController::class, 'earlyDismissalSignature'])
->name('api.v1.files.early-dismissal');
Route::get('exams/teacher/{name}', [FilesController::class, 'examDraftTeacher'])
->name('api.v1.files.exam-draft-teacher');
Route::get('exams/final/{name}', [FilesController::class, 'examDraftFinal'])
->name('api.v1.files.exam-draft-final');
});
Route::prefix('reports/slips')->group(function () {
Route::post('print', [SlipPrinterController::class, 'print']);
Route::post('preview', [SlipPrinterController::class, 'preview']);
Route::get('logs', [SlipPrinterController::class, 'logs']);
Route::post('reprint', [SlipPrinterController::class, 'reprint']);
});
Route::prefix('reports/stickers')->group(function () {
Route::get('form-data', [StickersController::class, 'formData']);
Route::get('students', [StickersController::class, 'studentsByClass']);
Route::post('print', [StickersController::class, 'print']);
});
Route::prefix('reports/report-cards')->group(function () {
Route::get('meta', [ReportCardsController::class, 'meta']);
Route::get('completeness', [ReportCardsController::class, 'completeness']);
Route::get('acknowledgement', [ReportCardsController::class, 'acknowledgement']);
Route::get('students/{studentId}', [ReportCardsController::class, 'studentReport']);
Route::post('students/{studentId}', [ReportCardsController::class, 'studentReport']);
Route::get('classes/{classSectionId}', [ReportCardsController::class, 'classReport']);
Route::post('classes/{classSectionId}', [ReportCardsController::class, 'classReport']);
});
Route::prefix('subjects/curriculum')->group(function () {
Route::get('/', [SubjectCurriculumApiController::class, 'index']);
Route::get('{id}', [SubjectCurriculumApiController::class, 'show']);
Route::post('/', [SubjectCurriculumApiController::class, 'store']);
Route::patch('{id}', [SubjectCurriculumApiController::class, 'update']);
Route::delete('{id}', [SubjectCurriculumApiController::class, 'destroy']);
});
Route::prefix('exams/drafts')->group(function () {
Route::get('teacher', [ExamDraftApiController::class, 'teacherIndex']);
Route::post('teacher', [ExamDraftApiController::class, 'teacherStore']);
Route::get('admin', [ExamDraftApiController::class, 'adminIndex']);
Route::post('admin/legacy', [ExamDraftApiController::class, 'adminUploadLegacy']);
Route::post('admin/review', [ExamDraftApiController::class, 'adminReview']);
});
Route::prefix('configuration')->group(function () {
Route::get('/', [ConfigurationAdminController::class, 'index']);
Route::get('key/{config_key}', [ConfigurationAdminController::class, 'getByKey']);
Route::post('/', [ConfigurationAdminController::class, 'store']);
Route::patch('{id}', [ConfigurationAdminController::class, 'update']);
Route::delete('{id}', [ConfigurationAdminController::class, 'destroy']);
});
Route::prefix('system')->group(function () {
Route::get('semester-range/school-year', [SemesterRangeController::class, 'schoolYearRange']);
Route::get('semester-range/semester', [SemesterRangeController::class, 'semesterRange']);
Route::get('semester-range/normalize', [SemesterRangeController::class, 'normalize']);
Route::get('semester-range/resolve', [SemesterRangeController::class, 'resolve']);
Route::get('school-ids/student', [SchoolIdController::class, 'generateStudent']);
Route::get('school-ids/user', [SchoolIdController::class, 'generateUser']);
Route::post('school-ids/assign', [SchoolIdController::class, 'assign']);
});
Route::prefix('incidents')->group(function () {
Route::get('current', [IncidentApiController::class, 'current']);
Route::get('history', [IncidentApiController::class, 'history']);
Route::get('processed', [IncidentApiController::class, 'processed']);
Route::get('analysis', [IncidentApiController::class, 'analysis']);
Route::get('grades/{gradeId}/students', [IncidentApiController::class, 'studentsByGrade']);
Route::post('/', [IncidentApiController::class, 'store']);
Route::post('{incidentId}/state', [IncidentApiController::class, 'updateState']);
Route::post('{incidentId}/close', [IncidentApiController::class, 'close']);
Route::post('{incidentId}/cancel', [IncidentApiController::class, 'cancel']);
});
Route::prefix('scores')->group(function () {
Route::get('overview', [ScoreDashboardController::class, 'overview']);
Route::post('lock', [ScoreDashboardController::class, 'lock']);
Route::get('student-scores', [ScoreDashboardController::class, 'studentScores']);
Route::prefix('projects')->group(function () {
Route::get('/', [ProjectScoreController::class, 'index']);
Route::get('by-year', [ProjectScoreController::class, 'bySchoolYear']);
Route::post('/', [ProjectScoreController::class, 'update']);
Route::post('columns', [ProjectScoreController::class, 'addColumn']);
});
Route::prefix('quizzes')->group(function () {
Route::get('/', [QuizScoreController::class, 'index']);
Route::get('by-year', [QuizScoreController::class, 'bySchoolYear']);
Route::post('/', [QuizScoreController::class, 'update']);
Route::post('columns', [QuizScoreController::class, 'addColumn']);
});
Route::prefix('homework')->group(function () {
Route::get('/', [HomeworkScoreController::class, 'index']);
Route::get('by-year', [HomeworkScoreController::class, 'bySchoolYear']);
Route::post('/', [HomeworkScoreController::class, 'update']);
Route::post('columns', [HomeworkScoreController::class, 'addColumn']);
});
Route::prefix('midterm')->group(function () {
Route::get('/', [MidtermScoreController::class, 'index']);
Route::get('by-year', [MidtermScoreController::class, 'bySchoolYear']);
Route::post('/', [MidtermScoreController::class, 'update']);
});
Route::prefix('final')->group(function () {
Route::get('/', [FinalScoreController::class, 'index']);
Route::get('by-year', [FinalScoreController::class, 'bySchoolYear']);
Route::post('/', [FinalScoreController::class, 'update']);
});
Route::prefix('participation')->group(function () {
Route::get('/', [ParticipationScoreController::class, 'index']);
Route::get('by-year', [ParticipationScoreController::class, 'bySchoolYear']);
Route::post('/', [ParticipationScoreController::class, 'update']);
});
Route::get('predictor', [ScorePredictorController::class, 'index']);
Route::prefix('comments')->group(function () {
Route::get('/', [ScoreCommentApiController::class, 'index']);
Route::post('/', [ScoreCommentApiController::class, 'store']);
Route::put('/', [ScoreCommentApiController::class, 'update']);
});
});
Route::prefix('grading')->group(function () {
Route::get('overview', [GradingApiController::class, 'overview']);
Route::get('scores/{type}/{classSectionId}/{studentId}', [GradingApiController::class, 'show']);
Route::put('scores', [GradingApiController::class, 'update']);
Route::post('locks/toggle', [GradingApiController::class, 'toggleLock']);
Route::post('locks/all', [GradingApiController::class, 'lockAll']);
Route::post('refresh', [GradingApiController::class, 'refresh']);
Route::get('placement', [GradingApiController::class, 'placement']);
Route::post('placement/level', [GradingApiController::class, 'updatePlacementLevel']);
Route::post('placement/levels', [GradingApiController::class, 'updatePlacementLevels']);
Route::post('placement/batch', [GradingApiController::class, 'createPlacementBatch']);
Route::get('placement/batch/{batchId}', [GradingApiController::class, 'showPlacementBatch']);
Route::put('placement/batch/{batchId}', [GradingApiController::class, 'updatePlacementBatch']);
Route::get('below-sixty', [GradingApiController::class, 'belowSixty']);
Route::get('below-sixty/email', [GradingApiController::class, 'belowSixtyEmail']);
Route::post('below-sixty/email', [GradingApiController::class, 'sendBelowSixtyEmail']);
Route::post('below-sixty/status', [GradingApiController::class, 'updateBelowSixtyStatus']);
Route::get('below-sixty/meeting', [GradingApiController::class, 'belowSixtyMeeting']);
Route::post('below-sixty/meeting', [GradingApiController::class, 'saveBelowSixtyMeeting']);
Route::get('homework-tracking', [HomeworkTrackingController::class, 'index']);
});
Route::prefix('extra-charges')->group(function () {
Route::get('/', [ExtraChargesController::class, 'list']);
Route::get('options', [ExtraChargesController::class, 'options']);
Route::get('parents', [ExtraChargesController::class, 'parentOptions']);
Route::get('invoices', [ExtraChargesController::class, 'invoicesForParent']);
Route::post('/', [ExtraChargesController::class, 'store']);
Route::put('{id}', [ExtraChargesController::class, 'update']);
Route::post('{id}/void', [ExtraChargesController::class, 'void']);
Route::post('{id}/reverse', [ExtraChargesController::class, 'reverse']);
});
Route::prefix('class-prep')->group(function () {
Route::get('/', [ClassPreparationController::class, 'index']);
Route::post('mark-printed', [ClassPreparationController::class, 'markPrinted']);
Route::post('adjustments', [ClassPreparationController::class, 'saveAdjustments']);
Route::post('print/{classSectionId}/{schoolYear}', [ClassPreparationController::class, 'print']);
Route::get('sticker-counts', [ClassPreparationController::class, 'stickerCounts']);
Route::get('classes/{classSectionId}/students', [ClassPreparationController::class, 'studentsByClass']);
});
Route::prefix('class-progress')->group(function () {
Route::get('meta', [ClassProgressController::class, 'meta']);
Route::get('/', [ClassProgressController::class, 'index']);
Route::post('/', [ClassProgressController::class, 'store']);
Route::get('attachments/{attachment}', [ClassProgressController::class, 'downloadAttachment'])
->name('api.v1.class-progress.attachment');
Route::get('{class_progress}', [ClassProgressController::class, 'show']);
Route::patch('{class_progress}', [ClassProgressController::class, 'update']);
Route::delete('{class_progress}', [ClassProgressController::class, 'destroy']);
Route::get('{class_progress}/attachment', [ClassProgressController::class, 'downloadLegacyAttachment']);
});
Route::prefix('badges')->group(function () {
Route::get('form-data', [BadgeController::class, 'formData']);
Route::post('pdf', [BadgeController::class, 'generatePdf']);
Route::get('print-status', [BadgeController::class, 'printStatus']);
Route::post('log-print', [BadgeController::class, 'logPrint']);
});
});
});