feat: multi-tenant SaaS implementation - admin interface, tenant isolation, and UI updates

2026-03-28 18:38:22 +01:00
parent 7d94be7a8c
commit f53d5770df
20 changed files with 757 additions and 34 deletions
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -0,0 +1,97 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\User;
+use App\Models\Tenant;
+use Illuminate\Http\Request;
+use Illuminate\Validation\Rule;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Str;
+use Inertia\Inertia;
+
+class UserController extends Controller
+{
+    public function index()
+    {
+        if (!auth()->user()->isSuperAdmin()) {
+            abort(403, 'Unauthorized action.');
+        }
+
+        $users = User::whereIn('role', ['admin', 'super_admin'])
+            ->with('tenant')
+            ->orderBy('name')
+            ->get();
+
+        $tenants = Tenant::orderBy('name')->get();
+
+        return Inertia::render('Admin/Users/Index', [
+            'users' => $users,
+            'tenants' => $tenants
+        ]);
+    }
+
+    public function store(Request $request)
+    {
+        if (!auth()->user()->isSuperAdmin()) {
+            abort(403, 'Unauthorized action.');
+        }
+
+        $request->validate([
+            'name' => 'required|string|max:255',
+            'email' => 'required|string|email|max:255|unique:users',
+            'role' => ['required', Rule::in(['admin', 'super_admin'])],
+            'tenant_id' => 'nullable|exists:tenants,id',
+        ]);
+
+        $password = Str::random(10);
+
+        User::create([
+            'name' => $request->name,
+            'email' => $request->email,
+            'password' => Hash::make($password),
+            'role' => $request->role,
+            'tenant_id' => $request->role === 'super_admin' ? null : $request->tenant_id,
+        ]);
+
+        return back()->with('success', 'Administrateur créé avec succès. Mot de passe généré : ' . $password);
+    }
+
+    public function update(Request $request, User $user)
+    {
+        if (!auth()->user()->isSuperAdmin()) {
+            abort(403, 'Unauthorized action.');
+        }
+
+        $request->validate([
+            'name' => 'required|string|max:255',
+            'email' => 'required|string|email|max:255|unique:users,email,' . $user->id,
+            'role' => ['required', Rule::in(['admin', 'super_admin'])],
+            'tenant_id' => 'nullable|exists:tenants,id',
+        ]);
+
+        $user->update([
+            'name' => $request->name,
+            'email' => $request->email,
+            'role' => $request->role,
+            'tenant_id' => $request->role === 'super_admin' ? null : $request->tenant_id,
+        ]);
+
+        return back()->with('success', 'Administrateur mis à jour.');
+    }
+
+    public function destroy(User $user)
+    {
+        if (!auth()->user()->isSuperAdmin()) {
+            abort(403, 'Unauthorized action.');
+        }
+
+        if ($user->id === auth()->id()) {
+            return back()->with('error', 'Vous ne pouvez pas supprimer votre propre compte.');
+        }
+
+        $user->delete();
+
+        return back()->with('success', 'Administrateur supprimé.');
+    }
+}