get(); } public function store(Request $request, string $business) { permit('businessProjects'); Project::create($request->merge(['business_id' => $business])->all()); return Business::info($request->route('business'), true); } public function update(Request $request,string $project) { permit('projectEdit', ['project_id' => $project]); $project = Project::findOrFail($project); $project->update($request->except('business_id')); return Business::info($request->route('business'), true); } public function delete(Request $request, string $project) { permit('businessProjects'); $project = Project::findOrFail($project); $project->delete(); return Business::info($request->route('business')); } public function restore(Request $request, string $project) { $project = Project::onlyTrashed()->findOrFail($project); $project->restore(); return response(['message' => 'project successfully restored.']); } public function storeOrUpdateUser($business, $project, Request $request) { permit('projectUsers', ['project_id' => $project]); $validatedData = $this->validate($request, [ 'level' => 'required|numeric|between:1,3', 'user_id' => 'required|numeric|not_in:'.auth()->id(), ]); $this->checkAddUserPolicy($request->user_id, $request->level); $projectModel = Project::findOrFail($project); DB::transaction(function () use ($business, $validatedData, $request, $projectModel) { $projectModel->members()->sync([$request->user_id => $validatedData], false); if (!can('businessAccess', ['user_id' => $request->user_id])) { // Register user to business with zero level //User not exist in the business before $this->addUserWithZeroLevel($request->user_id, $business); } }, 3); return Business::info($projectModel->business_id, true); } public function checkAddUserPolicy($user, $level) { if (can('businessAccess', ['user_id' => $user]) && $level < request('_business_info')['info']['users'][$user]['level']) {// before in business abort(405); } } public function addUserWithZeroLevel($user_id, $business) { $businessModel = Business::findOrFail($business); return $businessModel->users()->sync([$user_id => [ 'level' => 0, 'user_id' => $user_id ]], false); } public function deleteUser($business, $project, $user) { permit('projectAccess', ['project_id' => $project]); $this->checkDeleteUserPolicy($user, $project); $projectModel = Project::findOrFail($project); DB::transaction(function () use ($project, $business, $user, $projectModel) { $this->detachMember($projectModel, $user); if (!can('isActiveUser', ['user_id' => $user]) && !$this->haveOneProject($user, $project)) { // User level in business is zero // And haven't another project then remove it form business $businessModel = Business::findOrFail($business); $this->detachUser($businessModel, $user); } }, 3); return Business::info($projectModel->business_id, true); } public function detachMember($project, $user) { return $project->members()->detach($user) ? true : abort(404); } public function detachUser($business, $user) { return $business->users()->detach($user) ? true : abort(404); } public function haveOneProject($user, $project) { foreach (request('_business_info')['info']['projects'] as $id => $item) { if ($item['members'][$user]['level'] > enum('levels.inactive.id') && $id != $project) { return true; } } return false; } public function checkDeleteUserPolicy($user, $project) { if (!can('isProjectOwner', ['project_id' => $project]) && (auth()->id() != $user) ) { abort(405); } } public function setAvatar(Request $request, string $project) { $project = Project::findOrFail($project); if ($request->hasFile('avatar')) { $project->saveAsAvatar($request->file('avatar')); } return $project; } public function unSetAvatar(Request $request, string $project) { $project = Project::findOrFail($project); $project->deleteAvatar(); return $project; } }