josh/BarangaySystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial: bootstrap from BukidBountyApp base

Browse Source
This commit is contained in:
Jonathan Sykes
2026-06-06 18:43:00 +08:00
commit eb4a5731fb
5674 changed files with 160857 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

272
app/Http/Controllers/UserManagement/CreateUserControllerUltimate.php Normal file
View File

@@ -0,0 +1,272 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\UserManagement;
use App\Enums\UserActions;
use App\Http\Controllers\Helpers\Permissions\UserPermissions;
use Hypervel\Http\Request;
use App\Enums\UserTypes;
use Hypervel\Support\Facades\Hash;
use Hypervel\Support\Facades\Response;
use App\Models\User;
class CreateUserControllerUltimate
{
public function listAllUserTypesforSelectHTML()
{
$currentUser = \Hypervel\Support\Facades\Auth::user();
if (!$currentUser) {
return Response::json([], 200);
}
if (!UserPermissions::isActionPermitted($currentUser->acct_type, UserActions::ViewAllUserTypes)) {
return Response::json(['error' => 'Unauthorized'], 401);
}
$currentUserType = $currentUser->acct_type;
$allowedTypes = \App\Http\Controllers\Helpers\Permissions\UserTypeService::getAllowedUserTypes($currentUserType);
$formatted = [];
foreach ($allowedTypes as $case) {
$label = str_replace('_', ' ', ucwords(strtolower($case->name)));
$formatted[] = [$case->value, $label];
}
return Response::json($formatted);
}
public static function listAllUsersforParentSelectHTML(Request $request, $dataResult = false)
{
$currentUser = \Hypervel\Support\Facades\Auth::user();
if (!$currentUser) {
return Response::json([], 200);
}
// Ultimate accounts can see all users
if ($currentUser->acct_type === UserTypes::ULTIMATE) {
$allowedIds = null;
} else {
// Only show current user and their descendants (direct or indirect children)
try {
$descendants = $currentUser->getAllDescendants();
$allowedIds = $descendants->pluck('id')->toArray();
$allowedIds[] = $currentUser->id;
} catch (\Throwable $th) {
return Response::json([], 200);
}
}
$excludeUser = $request->input('exclude_user', null);
$typeFilter = $request->input('type', null);
$usersQuery = User::select(['id', 'username', 'name', 'fullname', 'mobile_number', 'hashkey', 'acct_type']);
if ($allowedIds !== null) {
$usersQuery = $usersQuery->whereIn('id', $allowedIds);
}
// Exclude the specified user if provided
if ($excludeUser) {
$usersQuery = $usersQuery->where('hashkey', '!=', $excludeUser);
}
if ($typeFilter) {
$types = is_array($typeFilter) ? $typeFilter : [$typeFilter];
$usersQuery = $usersQuery->whereIn('acct_type', $types);
}
$users = $usersQuery->get();
if (!$dataResult) {
return Response::json($users);
} else {
return $users;
}
}
public function CreateUser(Request $request)
{
$usertypeString = $request->input('type');
if (!is_string($usertypeString) || empty($usertypeString)) {
return Response::json(['error' => 'User type is required'], 400);
}
$usertypeEnum = UserTypes::tryFrom($usertypeString);
if (!$usertypeEnum) {
return Response::json(['error' => 'Invalid User Type'], 400);
}
// Map UserTypes to specialized CreateUser UserActions
$action = match ($usertypeEnum) {
UserTypes::ULTIMATE => UserActions::CreateUserUltimate,
UserTypes::SUPER_OPERATOR => UserActions::CreateUserSuperOperator,
UserTypes::OPERATOR => UserActions::CreateUserOperator,
UserTypes::COORDINATOR => UserActions::CreateUserCoordinator,
UserTypes::SUPPLIER_OVERSEER => UserActions::CreateUserSupplierOverseer,
UserTypes::WHOLESALE_BUYER => UserActions::CreateUserWholesaleBuyer,
UserTypes::SUPPLIER => UserActions::CreateUserSupplier,
UserTypes::STORE_OWNER => UserActions::CreateUserStoreOwner,
UserTypes::STORE_MANAGER => UserActions::CreateUserStoreManager,
UserTypes::USER => UserActions::CreateUserUser,
UserTypes::RIDER => UserActions::CreateUserRider,
UserTypes::POS_TERMINAL => UserActions::CreateUserPOSTerminal,
UserTypes::AUDIT => UserActions::CreateUserAudit,
default => UserActions::CreateUser,
};
$currentUser = \Hypervel\Support\Facades\Auth::user();
$targetParentHash = $request->input('parent');
if (!$currentUser) {
return Response::json(['error' => 'Unauthorized'], 401);
}
$currentUserType = $currentUser->acct_type;
if (!($currentUserType instanceof UserTypes)) {
$currentUserType = UserTypes::tryFrom($currentUserType) ?? UserTypes::PUBLIC;
}
if ($currentUserType !== UserTypes::ULTIMATE) {
// Check the new user's type is in the allowed list for this creator
$allowedTypes = \App\Http\Controllers\Helpers\Permissions\UserTypeService::getAllowedUserTypes($currentUserType);
if (!in_array($usertypeEnum, $allowedTypes)) {
return Response::json(['error' => 'You are not allowed to create this user type.'], 401);
}
// Check that the chosen parent is the current user or a descendant
if ($targetParentHash) {
$isParentSelfOrDescendant = ($currentUser->hashkey === $targetParentHash)
|| UserPermissions::isDescendantOfCurrentUser($targetParentHash);
if (!$isParentSelfOrDescendant) {
return Response::json(['error' => 'Parent user is not in your hierarchy.'], 401);
}
}
}
$mobileRules = ['required', 'string', 'max:20', 'unique:users,mobile_number'];
if (!UserPermissions::isActionPermitted($currentUser->acct_type, UserActions::BypassMobileNumberFormat)) {
$mobileRules[] = 'regex:/^(09|\+639)\d{9}$/';
}
try {
$validated = $request->validate([
'username' => 'required|string|max:255|unique:users,username',
'name' => 'required|string|max:255',
'fullname' => 'nullable|string|max:255',
'mobile_number' => $mobileRules,
'password' => 'required|string|min:6',
'nickname' => 'nullable|string|max:255',
'parent' => 'required|string',
'type' => 'required|string',
]);
} catch (\Hypervel\Validation\ValidationException $e) {
return Response::json(['errors' => $e->errors()], 422);
}
$parentUser = User::where('hashkey', $validated['parent'])->first();
if (!$parentUser) {
return Response::json(['error' => 'Parent user not found'], 404);
}
$parent = $parentUser->id;
$user = new User();
$user->username = $validated['username'];
$user->name = $validated['name'];
$user->fullname = $validated['fullname'] ?? null;
$user->mobile_number = $validated['mobile_number'];
$user->password = Hash::make($validated['password']);
$user->nickname = $validated['nickname'] ?? null;
$user->parentuid = $parent;
$user->acct_type = $validated['type'];
$user->active = true;
$user->save();
return Response::json(['success' => true, 'hashkey' => $user->hashkey, 'message' => 'User created successfully'], 201);
}
public function checkIfUserMobileNumberExists(Request $request)
{
$request->validate([
'mobile_number' => 'required|string',
]);
$mobileNumber = $request->input('mobile_number');
$userExists = User::where('mobile_number', $mobileNumber)->exists();
return Response::json(['exists' => $userExists]);
}
public function checkIfUsernameExists(Request $request)
{
$request->validate([
'username' => 'required|string',
]);
$username = $request->input('username');
$userExists = User::where('username', $username)->exists();
return Response::json(['exists' => $userExists]);
}
public function publicRegisterUser(Request $request)
{
try {
$validated = $request->validate([
'name' => 'required|string|max:255',
'mobile_number' => 'required|string|max:20|unique:users,mobile_number|regex:/^(09|\+639)\d{9}$/',
'password' => 'required|string|min:6',
'nickname' => 'nullable|string|max:255',
]);
} catch (\Hypervel\Validation\ValidationException $e) {
return Response::json(['success' => false, 'errors' => $e->errors()], 422);
}
$parent = User::where('acct_type', UserTypes::ULTIMATE->value)->orderBy('id')->first();
if (!$parent) {
$parent = User::where('acct_type', UserTypes::COORDINATOR->value)->orderBy('id')->first();
}
if (!$parent) {
$parent = User::orderBy('id')->first();
}
if (!$parent) {
return Response::json(['success' => false, 'message' => 'No valid parent user found'], 500);
}
$user = new User();
$user->name = $validated['name'];
$user->mobile_number = $validated['mobile_number'];
$user->password = Hash::make($validated['password']);
$user->nickname = $validated['nickname'] ?? null;
$user->parentuid = $parent->id;
$user->acct_type = 'user';
$user->active = true;
$user->save();
return Response::json(['success' => true, 'hashkey' => $user->hashkey, 'message' => 'Account created successfully. Please log in.'], 201);
}
public function publicCheckMobileNumber(Request $request)
{
$request->validate([
'mobile_number' => 'required|string',
]);
return Response::json(['exists' => User::where('mobile_number', $request->input('mobile_number'))->exists()]);
}
}