940afe9319
API CI/CD / Validate (composer + pint) (push) Successful in 2m7s
API CI/CD / Test (PHPUnit) (push) Failing after 2m23s
API CI/CD / Build frontend assets (push) Successful in 2m18s
API CI/CD / Security audit (push) Successful in 31s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped
250 lines
7.5 KiB
PHP
250 lines
7.5 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\AttendanceTracking;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Services\AttendanceTracking\AttendanceTrackingService;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Validator;
|
|
|
|
class AttendanceTrackingController extends Controller
|
|
{
|
|
public function __construct(
|
|
protected AttendanceTrackingService $service
|
|
) {}
|
|
|
|
public function pendingViolations(Request $request): JsonResponse
|
|
{
|
|
$result = $this->service->getPendingViolations(
|
|
$request->query('school_year'),
|
|
$request->query('semester')
|
|
);
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'data' => $result,
|
|
]);
|
|
}
|
|
|
|
public function notifiedViolations(Request $request): JsonResponse
|
|
{
|
|
$result = $this->service->getNotifiedViolations(
|
|
$request->query('school_year'),
|
|
$request->query('semester')
|
|
);
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'data' => $result,
|
|
]);
|
|
}
|
|
|
|
public function studentCase(int $studentId, Request $request): JsonResponse
|
|
{
|
|
$result = $this->service->getStudentCase(
|
|
$studentId,
|
|
$request->query('code'),
|
|
$request->query('incident_date'),
|
|
filter_var($request->query('include_notified'), FILTER_VALIDATE_BOOL) === true,
|
|
filter_var($request->query('pending_only'), FILTER_VALIDATE_BOOL) === true,
|
|
$request->query('school_year'),
|
|
$request->query('semester'),
|
|
);
|
|
|
|
return response()->json(
|
|
$result,
|
|
$result['status'] ?? 200
|
|
);
|
|
}
|
|
|
|
public function record(Request $request): JsonResponse
|
|
{
|
|
$guard = $this->forbidLowPrivilegeActor();
|
|
if ($guard instanceof JsonResponse) {
|
|
return $guard;
|
|
}
|
|
|
|
$validator = Validator::make($request->all(), [
|
|
'student_id' => ['required', 'integer', 'min:1'],
|
|
'date' => ['required', 'date_format:Y-m-d'],
|
|
'parent_email' => ['nullable', 'email'],
|
|
'parent_name' => ['nullable', 'string'],
|
|
'subject_type' => ['nullable', 'string'],
|
|
'semester' => ['nullable', 'string'],
|
|
'school_year' => ['nullable', 'string'],
|
|
]);
|
|
|
|
if ($validator->fails()) {
|
|
return response()->json([
|
|
'message' => 'Validation failed.',
|
|
'errors' => $validator->errors(),
|
|
], 422);
|
|
}
|
|
|
|
$result = $this->service->record($validator->validated());
|
|
|
|
return response()->json(
|
|
$result,
|
|
$result['status'] ?? 200
|
|
);
|
|
}
|
|
|
|
public function sendAutoEmails(Request $request): JsonResponse
|
|
{
|
|
$guard = $this->forbidLowPrivilegeActor(adminOnly: true);
|
|
if ($guard instanceof JsonResponse) {
|
|
return $guard;
|
|
}
|
|
|
|
$result = $this->service->sendAutoEmails($request->input('variant'));
|
|
|
|
return response()->json($result);
|
|
}
|
|
|
|
public function compose(Request $request): JsonResponse
|
|
{
|
|
$validator = Validator::make($request->query(), [
|
|
'student_id' => ['required', 'integer', 'min:1'],
|
|
'code' => ['nullable', 'string'],
|
|
'variant' => ['nullable', 'string'],
|
|
'incident_date' => ['nullable', 'date_format:Y-m-d'],
|
|
]);
|
|
|
|
if ($validator->fails()) {
|
|
return response()->json([
|
|
'message' => 'Validation failed.',
|
|
'errors' => $validator->errors(),
|
|
], 422);
|
|
}
|
|
|
|
$data = $validator->validated();
|
|
$result = $this->service->compose(
|
|
(int) ($data['student_id'] ?? 0),
|
|
(string) ($data['code'] ?? 'ABS_1'),
|
|
(string) ($data['variant'] ?? 'default'),
|
|
$data['incident_date'] ?? null,
|
|
);
|
|
|
|
return response()->json(
|
|
$result,
|
|
$result['status'] ?? 200
|
|
);
|
|
}
|
|
|
|
public function sendManualEmail(Request $request): JsonResponse
|
|
{
|
|
$guard = $this->forbidLowPrivilegeActor();
|
|
if ($guard instanceof JsonResponse) {
|
|
return $guard;
|
|
}
|
|
|
|
$validator = Validator::make($request->all(), [
|
|
'student_id' => ['required', 'integer', 'min:1'],
|
|
'to' => ['required', 'email'],
|
|
'subject' => ['required', 'string'],
|
|
'body_html' => ['required', 'string'],
|
|
'code' => ['required', 'string'],
|
|
'variant' => ['nullable', 'string'],
|
|
'incident_date' => ['nullable', 'date_format:Y-m-d'],
|
|
]);
|
|
|
|
if ($validator->fails()) {
|
|
return response()->json([
|
|
'message' => 'Validation failed.',
|
|
'errors' => $validator->errors(),
|
|
], 422);
|
|
}
|
|
|
|
$result = $this->service->sendEmailManual($validator->validated());
|
|
|
|
return response()->json(
|
|
$result,
|
|
$result['status'] ?? 200
|
|
);
|
|
}
|
|
|
|
public function parentsInfo(Request $request): JsonResponse
|
|
{
|
|
$validator = Validator::make($request->query(), [
|
|
'student_id' => ['required', 'integer', 'min:1'],
|
|
]);
|
|
|
|
if ($validator->fails()) {
|
|
return response()->json([
|
|
'message' => 'Validation failed.',
|
|
'errors' => $validator->errors(),
|
|
], 422);
|
|
}
|
|
|
|
$data = $validator->validated();
|
|
$result = $this->service->parentsInfo((int) ($data['student_id'] ?? 0));
|
|
|
|
return response()->json(
|
|
$result,
|
|
$result['status'] ?? 200
|
|
);
|
|
}
|
|
|
|
public function saveNotificationNote(Request $request): JsonResponse
|
|
{
|
|
$guard = $this->forbidLowPrivilegeActor();
|
|
if ($guard instanceof JsonResponse) {
|
|
return $guard;
|
|
}
|
|
|
|
$validator = Validator::make($request->all(), [
|
|
'student_id' => ['required', 'integer', 'min:1'],
|
|
'code' => ['required', 'string'],
|
|
'note' => ['required', 'string'],
|
|
'incident_date' => ['nullable', 'date_format:Y-m-d'],
|
|
'to' => ['nullable', 'email'],
|
|
'subject' => ['nullable', 'string'],
|
|
'variant' => ['nullable', 'string'],
|
|
]);
|
|
|
|
if ($validator->fails()) {
|
|
return response()->json([
|
|
'message' => 'Validation failed.',
|
|
'errors' => $validator->errors(),
|
|
], 422);
|
|
}
|
|
|
|
$result = $this->service->saveNotificationNote($validator->validated());
|
|
|
|
return response()->json(
|
|
$result,
|
|
$result['status'] ?? 200
|
|
);
|
|
}
|
|
|
|
private function forbidLowPrivilegeActor(bool $adminOnly = false): ?JsonResponse
|
|
{
|
|
$user = request()->user() ?? auth()->user();
|
|
if (! $user || ! method_exists($user, 'roles')) {
|
|
return null;
|
|
}
|
|
|
|
$roles = $user->roles()
|
|
->pluck('roles.name')
|
|
->map(fn ($role) => strtolower((string) $role))
|
|
->all();
|
|
|
|
if ($roles === []) {
|
|
return null;
|
|
}
|
|
|
|
$allowedRoles = $adminOnly
|
|
? ['administrator', 'admin', 'principal', 'vice_principal', 'vice-principal']
|
|
: ['teacher', 'administrator', 'admin', 'principal', 'vice_principal', 'vice-principal'];
|
|
|
|
foreach ($allowedRoles as $allowed) {
|
|
if (in_array($allowed, $roles, true)) {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
return response()->json(['message' => 'Forbidden.'], 403);
|
|
}
|
|
}
|