You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

195 lines
5.6 KiB

<?php
namespace App\Http\Controllers;
use App\User;
use App\Business;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
class BusinessController extends Controller
{
public function index()
{
return auth()->user()->businesses
->keyBy('id')
->map(fn($b, $bid) => Business::info($bid));
}
public function store(Request $request)
{
// $users = [];
// foreach ($request->users ?? [] as $key => $value) {
// $users[$value] = [];
// }
// $owner = [
// Auth::id() => [
// 'level' => enum('levels.owner.id'),
// ]
// ];
//
// $users = $users + $owner;
//
// $request->merge(['users' => $users]);
$business = Business::create($request->all());
$business->users()->sync([Auth::id() => [
'level' => enum('levels.owner.id'),
]
], false);
return Business::info($business->id);
}
public function show(string $business)
{
permit('businessAccess');
return Business::info($business);
}
public function update(Request $request, string $business)
{
// permit('businessEdit');
$business = Business::findOrFail($business);
$business->fill($request->all())->save();
return Business::info($business->id);
}
public function setAvatar(Request $request, string $business)
{
$business = Business::findOrFail($business);
if ($request->hasFile('avatar')) {
$business->saveAsAvatar($request->file('avatar'));
}
return Business::info($business->id);
}
public function unSetAvatar(Request $request, string $business)
{
$business = Business::findOrFail($business);
$business->deleteAvatar();
return Business::info($business->id);
}
public function info(string $business)
{
return request('_business_info');
}
public function restore(string $business)
{
$business = Business::onlyTrashed()->findOrFail($business);
$business->restore();
return response(['message' => 'business successfully restored.']);
}
public function storeOrUpdateUser($business, Request $request)
{
permit('businessUsers');
$validatedData = $this->validate($request, [
'level' => 'required|numeric|between:0,4',
'user_id' => 'required|numeric|not_in:'.auth()->id(),
]);
DB::transaction(function () use ($validatedData, $request, $business) {
$this->addUser($business, $request->user_id, $validatedData);
if (can('businessAccess', ['user_id'=> $request->user_id])) {
//update
$this->relatedUpdateChanges($request->user_id, $request->level);
}
}, 3);
return Business::info($business, true);
}
public function relatedUpdateChanges($user_id, $level)
{
if ($level == enum('levels.owner.id')) {
// user up level to owner
$this->removeProjectDirectRelation($user_id);
}
if ($level != enum('levels.owner.id') &&
$level > request('_business_info')['info']['users'][$user_id]['level']) {
// user at least up level to $request->level
$this->updateProjectAccessLevel($level, $user_id);
}
}
public function addUser($business, $user, $validatedData)
{
$businessModel = Business::findOrFail($business);
$businessModel->users()->sync([$user => $validatedData], false);
}
public function removeProjectDirectRelation($user)
{
$userModel = User::findOrFail($user);
return $userModel->projects()->sync([], true);
}
public function updateProjectAccessLevel($level, $user)
{
$ids = [];
foreach (request('_business_info')['projects'] as $project_id => $item) {
foreach ($item['members'] as $idx => $member) {
if ($member['id'] == $user && $member['level'] != enum('levels.inactive.id') && $member['level'] < $level) {
$ids[$project_id] = ['level' => $level];
break;
}
}
}
$userModel = User::findOrFail($user);
return $userModel->projects()->sync($ids, false);
}
public function deleteUser($business, $user)
{
permit('businessAccess');
$this->checkDeleteUserPolicy($user);
$businessModel = Business::findOrFail($business);
DB::transaction(function () use ($user, $businessModel) {
$this->detachUser($businessModel, $user);
$this->removeProjectDirectRelation($user);
}, 3);
return Business::info($business, true);
}
public function haveAnotherOwner($user)
{
foreach (request('_business_info')['info']['users'] as $id => $item) {
if ($item['level'] == enum('levels.owner.id') && $id != $user) {
return true;
}
}
return false;
}
public function detachUser($business, $user)
{
return $business->users()->sync(
$business->users->except($user)->pluck('id')->toArray()
);
}
public function checkDeleteUserPolicy($user)
{
if (!can('isBusinessOwner') && auth()->id() != $user ) {
// Non owner user remove another owner
abort(405);
}
if (can('isBusinessOwner') && auth()->id() == $user && !$this->haveAnotherOwner($user)) {
// Owner remove self but business haven't another owner
abort(405);
}
}
}