ongfuren/GLOC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c1ef2df5123029a96d9f5dad03f07dab9d526b7a
GLOC/app/Http/Controllers/UserGroupController.php
furen81 c1ef2df512 Refactor script
2026-02-07 04:52:11 +07:00

126 lines
4.1 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers;
use App\Models\UserGroup;
use Illuminate\Http\Request;
class UserGroupController extends Controller
{
/**
* GET /api/user-groups
* List user groups for the current agent
*/
public function index(Request $request)
{
$agent = $request->_agent;
$query = UserGroup::query();
if ($agent->role === 'master') {
// Master sees all groups, or filter by specific agent_id if provided
if ($request->has('agent_id')) {
$query->where(function ($q) use ($request) {
$q->where('agent_id', $request->agent_id)
->orWhere('is_system', true); // Always show system roles
});
}
} else {
// Regular agent sees their own groups + system groups
$query->where(function ($q) use ($agent) {
$q->where('agent_id', $agent->id)
->orWhere('is_system', true);
});
}
$groups = $query->orderBy('created_at', 'desc')->get();
return response()->json([
'success' => true,
'groups' => $groups
]);
}
/**
* POST /api/user-groups
* Create new user group
*/
public function store(Request $request)
{
$validated = $request->validate([
'name' => 'required|string',
'description' => 'nullable|string',
'allowed_menu_ids' => 'array', // List of Menu IDs
'code' => 'nullable|string'
]);
// Auto assign Agent ID
$agentId = $request->_agent->role === 'master' && $request->has('agent_id')
? $request->agent_id
: $request->_agent->id;
$group = UserGroup::create([
'name' => $validated['name'],
'code' => $validated['code'] ?? strtoupper(str_replace(' ', '_', $validated['name'])),
'description' => $validated['description'] ?? '',
'agent_id' => $agentId,
'allowed_menu_ids' => $validated['allowed_menu_ids'] ?? [],
'is_active' => true,
'is_system' => false
]);
return response()->json(['success' => true, 'group' => $group]);
}
/**
* PUT /api/user-groups/{id}
* Update permissions/name
*/
public function update(Request $request, $id)
{
$group = UserGroup::find($id);
if (!$group)
return response()->json(['success' => false, 'message' => 'Not found'], 404);
// Security: Prevent editing System Groups if strict, but maybe allow permission edit?
// Usually system groups are fixed.
// if ($group->is_system && $request->_agent->role !== 'master') {
// return response()->json(['success' => false, 'message' => 'Cannot edit system groups'], 403);
// }
// For now, allow editing permissions even for system groups? Or prevent?
// Let's assume User creates their own groups.
// Check ownership
if (!$group->is_system && $group->agent_id !== $request->_agent->id && $request->_agent->role !== 'master') {
return response()->json(['success' => false, 'message' => 'Unauthorized'], 403);
}
$group->update($request->only(['name', 'description', 'allowed_menu_ids', 'is_active']));
return response()->json(['success' => true, 'group' => $group]);
}
/**
* DELETE /api/user-groups/{id}
*/
public function destroy($id, Request $request)
{
$group = UserGroup::find($id);
if (!$group)
return response()->json(['success' => false, 'message' => 'Not found'], 404);
if ($group->is_system) {
return response()->json(['success' => false, 'message' => 'Cannot delete system groups'], 403);
}
// Check ownership
if ($group->agent_id !== $request->_agent->id && $request->_agent->role !== 'master') {
return response()->json(['success' => false, 'message' => 'Unauthorized'], 403);
}
$group->delete();
return response()->json(['success' => true, 'message' => 'Deleted']);
}
}
Reference in New Issue View Git Blame Copy Permalink