233 lines
8.2 KiB
PHP
233 lines
8.2 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\Restaurante;
|
|
use App\Models\Usuario;
|
|
use App\Services\Auth0Service;
|
|
use App\Services\PaginatorService;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Log;
|
|
use Illuminate\Validation\Rule;
|
|
use Illuminate\Validation\ValidationException;
|
|
use Ramsey\Uuid\Uuid;
|
|
|
|
class UsuariosController extends Controller {
|
|
|
|
/**
|
|
* Obtiene de forma paginada los usuarios registrados en el backend
|
|
* @param Request $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function all(Request $request) {
|
|
$paginate = app(PaginatorService::class)->paginate($request->input('per_page', 15), $request->input('page', 1), Usuario::all()->count());
|
|
$paginate['links'] = [
|
|
'first' => route('users.all', ['page' => 1, 'per_page' => $paginate['per_page']]),
|
|
'prev' => $paginate['current_page'] - 1 >= 1 ? route('users.all', ['page' => $paginate['current_page'] - 1, 'per_page' => $paginate['per_page']]) : null,
|
|
'current' => route('users.all', ['page' =>$paginate['current_page'], 'per_page' => $paginate['per_page']]),
|
|
'next' => $paginate['current_page']+ 1 <= $paginate['last_page'] ? route('users.all', ['page' => $paginate['current_page'] + 1, 'per_page' => $paginate['per_page']]) : null,
|
|
'last' => route('users.all', ['page' => $paginate['last_page'], 'per_page' => $paginate['per_page']]),
|
|
];
|
|
|
|
return response()->json([
|
|
'pagination' => $paginate,
|
|
'data' => array_values(Usuario::with('restaurantes')->skip($paginate['from'] - 1 )->take($paginate['per_page'])->get()->all())
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Obtiene un usuario por su id, siendo el id de auth0 o el id de la base de datos
|
|
* @param $id
|
|
* @return JsonResponse
|
|
*/
|
|
public function get($id) {
|
|
$usuario = Usuario::findByIdOrAuth0Id($id);
|
|
|
|
if (!$usuario) {
|
|
return response()->json([
|
|
'error' => 'user_not_found',
|
|
'message' => 'El usuario con id o auth0_id ' . $id . ' no existe'
|
|
], 404);
|
|
}
|
|
|
|
return response()->json($usuario);
|
|
}
|
|
|
|
/**
|
|
* Crea un nuevo usuario localmente y en auth0
|
|
* @throws ValidationException
|
|
*/
|
|
public function create(Request $request) {
|
|
$this->validate($request, [
|
|
'nombre' => 'required',
|
|
'email' => 'required|email',
|
|
'username' => 'required',
|
|
'password' => 'required',
|
|
'roles' => 'required|array',
|
|
'roles.*' => ['required', Rule::in(['admin', 'mesero', 'recaudador', 'productor'])],
|
|
'restaurant' => 'required|exists:restaurantes,id',
|
|
]);
|
|
|
|
/** @var Usuario $logged_user */
|
|
$logged_user = $request->user;
|
|
|
|
$restaurant = Restaurante::find($request->input('restaurant'));
|
|
|
|
if (!$logged_user->canManageUsers()) {
|
|
return response()->json([
|
|
'error' => 'cant_manage_users',
|
|
'message' => 'El usuario ' . $logged_user->id . ' no tiene permisos para crear usuarios'
|
|
], 403);
|
|
}
|
|
|
|
if (!$logged_user->hasPermissionsOnRestaurant($restaurant)) {
|
|
return response()->json([
|
|
'error' => 'cant_manage_user_of_another_restaurant',
|
|
'message' => 'El usuario ' . $logged_user->id . ' no puede crear un usuario en el restaurant ' . $restaurant->id . ' porque que no pertenece a el'
|
|
], 403);
|
|
}
|
|
|
|
$auth0 = app(Auth0Service::class);
|
|
$auth0User = $auth0->createUser(
|
|
email: $request->input('email'),
|
|
username: $request->input('username'),
|
|
password: $request->input('password'),
|
|
metadata: [
|
|
'roles' => $request->input('roles'),
|
|
'restaurantes' => [$restaurant],
|
|
]
|
|
);
|
|
|
|
if (array_key_exists('error', $auth0User)) {
|
|
return response()->json([
|
|
'error' => $auth0User['errorCode'],
|
|
'message' => $auth0User['message'],
|
|
], $auth0User['statusCode']);
|
|
}
|
|
|
|
$usuario = $restaurant->usuarios()->create([
|
|
'id' => Uuid::uuid4(),
|
|
'auth0_id' => $auth0User['identities'][0]['provider'] . '|' . $auth0User['identities'][0]['user_id'],
|
|
'nombre' => $request->input('nombre')
|
|
]);
|
|
|
|
return response()->json($usuario);
|
|
}
|
|
|
|
/**
|
|
* Actualiza un usuario, dado su id o auth0_id
|
|
* @param Request $request
|
|
* @param $id
|
|
* @return JsonResponse
|
|
* @throws ValidationException
|
|
*/
|
|
public function update(Request $request, $id) {
|
|
$this->validate($request, [
|
|
'nombre' => 'sometimes',
|
|
'email' => 'sometimes|email',
|
|
'username' => 'sometimes',
|
|
'password' => 'sometimes',
|
|
'roles' => 'sometimes|array',
|
|
'roles.*' => ['sometimes', Rule::in(['admin', 'mesero', 'recaudador', 'productor'])],
|
|
]);
|
|
|
|
/** @var Usuario $logged_user */
|
|
$logged_user = $request->user;
|
|
$usuario = Usuario::findByIdOrAuth0Id($id);
|
|
|
|
if (!$usuario) {
|
|
return response()->json([
|
|
'error' => 'not_found',
|
|
'message' => 'El usuario con id ' . $id . ' no existe'
|
|
], 404);
|
|
}
|
|
|
|
if (!$logged_user->canManageUsers()) {
|
|
return response()->json([
|
|
'error' => 'cant_manage_users',
|
|
'message' => 'El usuario ' . $logged_user->id . ' no tiene permisos para modificar usuarios'
|
|
], 403);
|
|
}
|
|
|
|
if (!$logged_user->hasPermissionsOverUser($usuario)) {
|
|
return response()->json([
|
|
'error' => 'cant_manage_that_user',
|
|
'message' => 'El usuario ' . $logged_user->id . ' no tiene permisos para modificar al usuario ' . $usuario->id
|
|
], 403);
|
|
}
|
|
|
|
|
|
$metadata = [];
|
|
if ($request->input('roles')) $metadata['roles'] = $request->input('roles');
|
|
|
|
$auth0 = app(Auth0Service::class);
|
|
$auth0User = $auth0->updateUser(
|
|
auth0_id: $usuario->auth0_id,
|
|
email: $request->input('email'),
|
|
username: $request->input('username'),
|
|
password: $request->input('password'),
|
|
metadata: $metadata
|
|
);
|
|
|
|
if (array_key_exists('error', $auth0User)) {
|
|
return response()->json([
|
|
'error' => $auth0User['errorCode'],
|
|
'message' => $auth0User['message'],
|
|
], $auth0User['statusCode']);
|
|
}
|
|
|
|
if ($request->input('nombre')) $usuario->nombre = $request->input('nombre');
|
|
$usuario->save();
|
|
|
|
return response()->json($usuario);
|
|
}
|
|
|
|
/**
|
|
* Elimina un usuario
|
|
* @param Request $request
|
|
* @param $id
|
|
* @return JsonResponse
|
|
*/
|
|
public function delete(Request $request, $id) {
|
|
/** @var Usuario $logged_user */
|
|
$logged_user = $request->user;
|
|
$usuario = Usuario::findByIdOrAuth0Id($id);
|
|
|
|
if (!$usuario) {
|
|
return response()->json([
|
|
'error' => 'not_found',
|
|
'message' => 'El usuario con id ' . $id . ' no existe'
|
|
], 404);
|
|
}
|
|
|
|
if (!$logged_user->canManageUsers()) {
|
|
return response()->json([
|
|
'error' => 'cant_manage_users',
|
|
'message' => 'El usuario ' . $logged_user->id . ' no tiene permisos para modificar usuarios'
|
|
], 403);
|
|
}
|
|
|
|
if (!$logged_user->hasPermissionsOverUser($usuario)) {
|
|
return response()->json([
|
|
'error' => 'cant_manage_that_user',
|
|
'message' => 'El usuario ' . $logged_user->id . ' no tiene permisos para modificar al usuario ' . $usuario->id
|
|
], 403);
|
|
}
|
|
|
|
$auth0 = app(Auth0Service::class);
|
|
$auth0Response = $auth0->deleteUser($usuario->auth0_id);
|
|
|
|
if ($auth0Response && array_key_exists('error', $auth0Response)) {
|
|
return response()->json([
|
|
'error' => $auth0Response['errorCode'],
|
|
'message' => $auth0Response['message'],
|
|
], $auth0Response['statusCode']);
|
|
}
|
|
|
|
$usuario->delete();
|
|
|
|
return response()->json([], 204);
|
|
}
|
|
}
|