Files
alrahma_sunday_school_api/app/Http/Controllers/Api/AttendanceTracking/AttendanceTrackingController.php
T
root 940afe9319
API CI/CD / Validate (composer + pint) (push) Successful in 2m7s
API CI/CD / Test (PHPUnit) (push) Failing after 2m23s
API CI/CD / Build frontend assets (push) Successful in 2m18s
API CI/CD / Security audit (push) Successful in 31s
API CI/CD / Deploy to shared hosting (PHP) (push) Has been skipped
fix unit tests as well as missing code
2026-06-25 14:26:32 -04:00

250 lines
7.5 KiB
PHP

<?php
namespace App\Http\Controllers\Api\AttendanceTracking;
use App\Http\Controllers\Controller;
use App\Services\AttendanceTracking\AttendanceTrackingService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
class AttendanceTrackingController extends Controller
{
public function __construct(
protected AttendanceTrackingService $service
) {}
public function pendingViolations(Request $request): JsonResponse
{
$result = $this->service->getPendingViolations(
$request->query('school_year'),
$request->query('semester')
);
return response()->json([
'success' => true,
'data' => $result,
]);
}
public function notifiedViolations(Request $request): JsonResponse
{
$result = $this->service->getNotifiedViolations(
$request->query('school_year'),
$request->query('semester')
);
return response()->json([
'success' => true,
'data' => $result,
]);
}
public function studentCase(int $studentId, Request $request): JsonResponse
{
$result = $this->service->getStudentCase(
$studentId,
$request->query('code'),
$request->query('incident_date'),
filter_var($request->query('include_notified'), FILTER_VALIDATE_BOOL) === true,
filter_var($request->query('pending_only'), FILTER_VALIDATE_BOOL) === true,
$request->query('school_year'),
$request->query('semester'),
);
return response()->json(
$result,
$result['status'] ?? 200
);
}
public function record(Request $request): JsonResponse
{
$guard = $this->forbidLowPrivilegeActor();
if ($guard instanceof JsonResponse) {
return $guard;
}
$validator = Validator::make($request->all(), [
'student_id' => ['required', 'integer', 'min:1'],
'date' => ['required', 'date_format:Y-m-d'],
'parent_email' => ['nullable', 'email'],
'parent_name' => ['nullable', 'string'],
'subject_type' => ['nullable', 'string'],
'semester' => ['nullable', 'string'],
'school_year' => ['nullable', 'string'],
]);
if ($validator->fails()) {
return response()->json([
'message' => 'Validation failed.',
'errors' => $validator->errors(),
], 422);
}
$result = $this->service->record($validator->validated());
return response()->json(
$result,
$result['status'] ?? 200
);
}
public function sendAutoEmails(Request $request): JsonResponse
{
$guard = $this->forbidLowPrivilegeActor(adminOnly: true);
if ($guard instanceof JsonResponse) {
return $guard;
}
$result = $this->service->sendAutoEmails($request->input('variant'));
return response()->json($result);
}
public function compose(Request $request): JsonResponse
{
$validator = Validator::make($request->query(), [
'student_id' => ['required', 'integer', 'min:1'],
'code' => ['nullable', 'string'],
'variant' => ['nullable', 'string'],
'incident_date' => ['nullable', 'date_format:Y-m-d'],
]);
if ($validator->fails()) {
return response()->json([
'message' => 'Validation failed.',
'errors' => $validator->errors(),
], 422);
}
$data = $validator->validated();
$result = $this->service->compose(
(int) ($data['student_id'] ?? 0),
(string) ($data['code'] ?? 'ABS_1'),
(string) ($data['variant'] ?? 'default'),
$data['incident_date'] ?? null,
);
return response()->json(
$result,
$result['status'] ?? 200
);
}
public function sendManualEmail(Request $request): JsonResponse
{
$guard = $this->forbidLowPrivilegeActor();
if ($guard instanceof JsonResponse) {
return $guard;
}
$validator = Validator::make($request->all(), [
'student_id' => ['required', 'integer', 'min:1'],
'to' => ['required', 'email'],
'subject' => ['required', 'string'],
'body_html' => ['required', 'string'],
'code' => ['required', 'string'],
'variant' => ['nullable', 'string'],
'incident_date' => ['nullable', 'date_format:Y-m-d'],
]);
if ($validator->fails()) {
return response()->json([
'message' => 'Validation failed.',
'errors' => $validator->errors(),
], 422);
}
$result = $this->service->sendEmailManual($validator->validated());
return response()->json(
$result,
$result['status'] ?? 200
);
}
public function parentsInfo(Request $request): JsonResponse
{
$validator = Validator::make($request->query(), [
'student_id' => ['required', 'integer', 'min:1'],
]);
if ($validator->fails()) {
return response()->json([
'message' => 'Validation failed.',
'errors' => $validator->errors(),
], 422);
}
$data = $validator->validated();
$result = $this->service->parentsInfo((int) ($data['student_id'] ?? 0));
return response()->json(
$result,
$result['status'] ?? 200
);
}
public function saveNotificationNote(Request $request): JsonResponse
{
$guard = $this->forbidLowPrivilegeActor();
if ($guard instanceof JsonResponse) {
return $guard;
}
$validator = Validator::make($request->all(), [
'student_id' => ['required', 'integer', 'min:1'],
'code' => ['required', 'string'],
'note' => ['required', 'string'],
'incident_date' => ['nullable', 'date_format:Y-m-d'],
'to' => ['nullable', 'email'],
'subject' => ['nullable', 'string'],
'variant' => ['nullable', 'string'],
]);
if ($validator->fails()) {
return response()->json([
'message' => 'Validation failed.',
'errors' => $validator->errors(),
], 422);
}
$result = $this->service->saveNotificationNote($validator->validated());
return response()->json(
$result,
$result['status'] ?? 200
);
}
private function forbidLowPrivilegeActor(bool $adminOnly = false): ?JsonResponse
{
$user = request()->user() ?? auth()->user();
if (! $user || ! method_exists($user, 'roles')) {
return null;
}
$roles = $user->roles()
->pluck('roles.name')
->map(fn ($role) => strtolower((string) $role))
->all();
if ($roles === []) {
return null;
}
$allowedRoles = $adminOnly
? ['administrator', 'admin', 'principal', 'vice_principal', 'vice-principal']
: ['teacher', 'administrator', 'admin', 'principal', 'vice_principal', 'vice-principal'];
foreach ($allowedRoles as $allowed) {
if (in_array($allowed, $roles, true)) {
return null;
}
}
return response()->json(['message' => 'Forbidden.'], 403);
}
}