netgescon-day0/app/Http/Controllers/Fornitore/DipendenteController.php

192 lines
7.3 KiB
PHP

<?php
namespace App\Http\Controllers\Fornitore;
use App\Http\Controllers\Controller;
use App\Models\Fornitore;
use App\Models\FornitoreDipendente;
use App\Models\User;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
use Spatie\Permission\Models\Role;
class DipendenteController extends Controller
{
public function index()
{
$fornitore = $this->resolveFornitoreForUser();
return redirect()->to(
\App\Filament\Pages\Fornitore\Collaboratori::getUrl(
['fornitore' => (int) $fornitore->id],
panel: 'admin-filament'
)
);
}
public function store(Request $request): RedirectResponse
{
$fornitore = $this->resolveFornitoreForUser();
$validated = $request->validate([
'nome' => ['required', 'string', 'max:100'],
'cognome' => ['nullable', 'string', 'max:100'],
'email' => ['nullable', 'email', 'max:255'],
'telefono' => ['nullable', 'string', 'max:50'],
'note' => ['nullable', 'string', 'max:2000'],
'create_user_access' => ['nullable', 'boolean'],
'access_password' => ['nullable', 'string', 'min:8', 'max:100'],
]);
$email = trim((string) ($validated['email'] ?? ''));
if ($email !== '') {
$exists = FornitoreDipendente::query()
->where('fornitore_id', $fornitore->id)
->whereRaw('LOWER(email) = ?', [mb_strtolower($email)])
->exists();
if ($exists) {
return back()->withErrors(['email' => 'Esiste gia un dipendente con questa email.'])->withInput();
}
}
$dipendente = new FornitoreDipendente();
$dipendente->fornitore_id = (int) $fornitore->id;
$dipendente->nome = trim((string) $validated['nome']);
$dipendente->cognome = trim((string) ($validated['cognome'] ?? '')) ?: null;
$dipendente->email = $email !== '' ? $email : null;
$dipendente->telefono = trim((string) ($validated['telefono'] ?? '')) ?: null;
$dipendente->note = trim((string) ($validated['note'] ?? '')) ?: null;
$dipendente->attivo = true;
$dipendente->created_by_user_id = Auth::id();
$dipendente->updated_by_user_id = Auth::id();
$accessPassword = trim((string) ($validated['access_password'] ?? ''));
$createdPassword = null;
if ((bool) ($validated['create_user_access'] ?? false) && $email !== '') {
$user = User::query()->whereRaw('LOWER(email) = ?', [mb_strtolower($email)])->first();
if (! $user) {
$createdPassword = $accessPassword !== '' ? $accessPassword : Str::random(12);
$user = User::query()->create([
'name' => trim($dipendente->nome . ' ' . ($dipendente->cognome ?? '')),
'email' => $email,
'password' => Hash::make($createdPassword),
'email_verified_at' => now(),
]);
} elseif ($accessPassword !== '') {
$user->password = Hash::make($accessPassword);
$user->save();
$createdPassword = $accessPassword;
}
$role = Role::query()->where('name', 'fornitore')->first();
if ($role) {
$user->assignRole($role);
}
$dipendente->user_id = (int) $user->id;
}
$dipendente->save();
$redirect = redirect()->route('fornitore.dipendenti.index')
->with('success', 'Dipendente creato correttamente.');
if ($createdPassword !== null && $email !== '') {
$redirect->with('access_credentials', [
'email' => $email,
'password' => $createdPassword,
]);
}
return $redirect;
}
public function update(Request $request, FornitoreDipendente $dipendente): RedirectResponse
{
$fornitore = $this->resolveFornitoreForUser();
$this->authorizeDipendente($dipendente, $fornitore);
$validated = $request->validate([
'nome' => ['required', 'string', 'max:100'],
'cognome' => ['nullable', 'string', 'max:100'],
'telefono' => ['nullable', 'string', 'max:50'],
'attivo' => ['nullable', 'boolean'],
'note' => ['nullable', 'string', 'max:2000'],
]);
$dipendente->update([
'nome' => trim((string) $validated['nome']),
'cognome' => trim((string) ($validated['cognome'] ?? '')) ?: null,
'telefono' => trim((string) ($validated['telefono'] ?? '')) ?: null,
'attivo' => (bool) ($validated['attivo'] ?? false),
'note' => trim((string) ($validated['note'] ?? '')) ?: null,
'updated_by_user_id' => Auth::id(),
]);
return redirect()->route('fornitore.dipendenti.index')
->with('success', 'Dipendente aggiornato.');
}
public function toggle(FornitoreDipendente $dipendente): RedirectResponse
{
$fornitore = $this->resolveFornitoreForUser();
$this->authorizeDipendente($dipendente, $fornitore);
$dipendente->update([
'attivo' => ! $dipendente->attivo,
'updated_by_user_id' => Auth::id(),
]);
return back()->with('success', 'Stato dipendente aggiornato.');
}
private function resolveFornitoreForUser(): Fornitore
{
$user = Auth::user();
$fornitore = null;
if ($user) {
$email = mb_strtolower(trim((string) $user->email));
if ($email !== '') {
$fornitore = Fornitore::query()
->whereRaw('LOWER(email) = ?', [$email])
->withCount(['ticketInterventi', 'dipendenti'])
->orderByDesc('ticket_interventi_count')
->orderByDesc('dipendenti_count')
->orderByDesc('id')
->first();
}
if (! $fornitore) {
$link = FornitoreDipendente::query()
->where('attivo', true)
->where(function ($q) use ($user): void {
$q->where('user_id', (int) $user->id)
->orWhereRaw('LOWER(email) = ?', [mb_strtolower((string) $user->email)]);
})
->orderByRaw('CASE WHEN user_id = ? THEN 0 ELSE 1 END', [(int) $user->id])
->orderByDesc('id')
->first();
if ($link) {
$fornitore = Fornitore::query()->find((int) $link->fornitore_id);
}
}
}
abort_unless($fornitore, 403, 'Profilo fornitore non collegato.');
return $fornitore;
}
private function authorizeDipendente(FornitoreDipendente $dipendente, Fornitore $fornitore): void
{
abort_unless((int) $dipendente->fornitore_id === (int) $fornitore->id, 403);
}
}