jeremy/ficheagent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Implement role-based dashboards, user management CRUD, and integration request authorization policies.

Browse Source
This commit is contained in:
jeremy bayse
2026-02-21 21:30:52 +01:00
parent abca346b3e
commit 41caefece3
5 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/DashboardController.php
View File

@@ -20,7 +20,7 @@ class DashboardController extends Controller
return $this->adminDashboard(); return $this->adminDashboard();
} }
if ($user->hasRole('RH')) { if ($user->can('validate rh')) {
return $this->rhDashboard(); return $this->rhDashboard();
} }

8
app/Http/Controllers/UserController.php
View File

@@ -50,7 +50,10 @@ class UserController extends Controller implements \Illuminate\Routing\Controlle
]); ]);
if (isset($validated['roles'])) { if (isset($validated['roles'])) {
setPermissionsTeamId($user->structure_id);
$user->syncRoles($validated['roles']); $user->syncRoles($validated['roles']);
// Restaurer le contexte actuel après
setPermissionsTeamId(config('tenant.structure_id'));
} }
return redirect()->route('users.index')->with('success', 'Utilisateur créé avec succès.'); return redirect()->route('users.index')->with('success', 'Utilisateur créé avec succès.');
@@ -85,9 +88,10 @@ class UserController extends Controller implements \Illuminate\Routing\Controlle
} }
if (isset($validated['roles'])) { if (isset($validated['roles'])) {
// Prevent removing own admin role if it's the only one left? setPermissionsTeamId($user->structure_id);
// For simplicity, just allow sync.
$user->syncRoles($validated['roles']); $user->syncRoles($validated['roles']);
// Restaurer le contexte actuel après
setPermissionsTeamId(config('tenant.structure_id'));
} }
return redirect()->route('users.index')->with('success', 'Utilisateur mis à jour.'); return redirect()->route('users.index')->with('success', 'Utilisateur mis à jour.');

8
app/Policies/IntegrationRequestPolicy.php
View File

@@ -13,7 +13,7 @@ class IntegrationRequestPolicy
*/ */
public function viewAny(User $user): bool public function viewAny(User $user): bool
{ {
return $user->hasAnyRole(['Admin', 'RH', 'DSI', 'Batiment', 'Parc Auto']); return $user->hasRole('Admin') || $user->can('view dashboard');
} }
/** /**
@@ -21,7 +21,7 @@ class IntegrationRequestPolicy
*/ */
public function view(User $user, IntegrationRequest $integrationRequest): bool public function view(User $user, IntegrationRequest $integrationRequest): bool
{ {
if ($user->hasRole('Admin') || $user->hasRole('RH')) { if ($user->hasRole('Admin') || $user->can('validate rh')) {
return true; return true;
} }
@@ -36,7 +36,7 @@ class IntegrationRequestPolicy
*/ */
public function create(User $user): bool public function create(User $user): bool
{ {
return $user->hasAnyRole(['Admin', 'RH', 'Prescripteur', 'DSI', 'Batiment', 'Parc Auto']); return $user->hasRole('Admin') || $user->can('create integration');
} }
/** /**
@@ -44,7 +44,7 @@ class IntegrationRequestPolicy
*/ */
public function update(User $user, IntegrationRequest $integrationRequest): bool public function update(User $user, IntegrationRequest $integrationRequest): bool
{ {
return $user->hasAnyRole(['Admin', 'RH']); return $user->hasRole('Admin') || $user->can('validate rh');
} }
/** /**

4
app/Services/IntegrationService.php
View File

@@ -48,7 +48,7 @@ class IntegrationService
]); ]);
// Notify RH users about the new request // Notify RH users about the new request
$rhUsers = \App\Models\User::role('RH')->get(); $rhUsers = \App\Models\User::permission(['validate rh', 'create integration'])->get();
\Illuminate\Support\Facades\Notification::send($rhUsers, new \App\Notifications\NewIntegrationRequestNotification($request)); \Illuminate\Support\Facades\Notification::send($rhUsers, new \App\Notifications\NewIntegrationRequestNotification($request));
return $request; return $request;
@@ -110,7 +110,7 @@ class IntegrationService
$request->agent->update(['integration_status' => IntegrationStatus::Completed]); $request->agent->update(['integration_status' => IntegrationStatus::Completed]);
// Notify RH (Standard notification) // Notify RH (Standard notification)
$rhUsers = \App\Models\User::role('RH')->get(); $rhUsers = \App\Models\User::permission('validate rh')->get();
\Illuminate\Support\Facades\Notification::send($rhUsers, new \App\Notifications\ProcessCompletedNotification($request)); \Illuminate\Support\Facades\Notification::send($rhUsers, new \App\Notifications\ProcessCompletedNotification($request));
// Generate PDF for Prescriber and DSI // Generate PDF for Prescriber and DSI

2
app/Services/ServiceTaskManager.php
View File

@@ -56,7 +56,7 @@ class ServiceTaskManager
]); ]);
// Notify RH that a service has completed their task // Notify RH that a service has completed their task
$rhUsers = \App\Models\User::role('RH')->get(); $rhUsers = \App\Models\User::permission('validate rh')->get();
\Illuminate\Support\Facades\Notification::send($rhUsers, new \App\Notifications\ServiceTaskValidatedNotification($task)); \Illuminate\Support\Facades\Notification::send($rhUsers, new \App\Notifications\ServiceTaskValidatedNotification($task));
// Trigger check on the parent integration request // Trigger check on the parent integration request