106 lines
3.1 KiB
PHP
106 lines
3.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use Illuminate\Http\Request;
|
|
use Inertia\Inertia;
|
|
use Illuminate\Support\Facades\Hash;
|
|
|
|
class UserController extends Controller implements \Illuminate\Routing\Controllers\HasMiddleware
|
|
{
|
|
public static function middleware(): array
|
|
{
|
|
return [
|
|
function ($request, $next) {
|
|
if (! auth()->user() || ! auth()->user()->hasRole('Admin')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
return $next($request);
|
|
},
|
|
];
|
|
}
|
|
|
|
public function index()
|
|
{
|
|
return Inertia::render('User/Index', [
|
|
'users' => \App\Models\User::with('roles')->latest()->get(),
|
|
]);
|
|
}
|
|
|
|
public function create()
|
|
{
|
|
return Inertia::render('User/Edit', [
|
|
'roles' => \Spatie\Permission\Models\Role::all(),
|
|
]);
|
|
}
|
|
|
|
public function store(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => 'required|string|email|max:255|unique:users',
|
|
'password' => 'required|string|min:8',
|
|
'roles' => 'array',
|
|
]);
|
|
|
|
$user = \App\Models\User::create([
|
|
'name' => $validated['name'],
|
|
'email' => $validated['email'],
|
|
'password' => Hash::make($validated['password']),
|
|
]);
|
|
|
|
if (isset($validated['roles'])) {
|
|
$user->syncRoles($validated['roles']);
|
|
}
|
|
|
|
return redirect()->route('users.index')->with('success', 'Utilisateur créé avec succès.');
|
|
}
|
|
|
|
public function edit(\App\Models\User $user)
|
|
{
|
|
return Inertia::render('User/Edit', [
|
|
'user' => $user->load('roles'),
|
|
'roles' => \Spatie\Permission\Models\Role::all(),
|
|
]);
|
|
}
|
|
|
|
public function update(Request $request, \App\Models\User $user)
|
|
{
|
|
$validated = $request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => ['required', 'string', 'email', 'max:255', \Illuminate\Validation\Rule::unique('users')->ignore($user->id)],
|
|
'password' => 'nullable|string|min:8',
|
|
'roles' => 'array',
|
|
]);
|
|
|
|
$user->update([
|
|
'name' => $validated['name'],
|
|
'email' => $validated['email'],
|
|
]);
|
|
|
|
if (!empty($validated['password'])) {
|
|
$user->update([
|
|
'password' => Hash::make($validated['password']),
|
|
]);
|
|
}
|
|
|
|
if (isset($validated['roles'])) {
|
|
// Prevent removing own admin role if it's the only one left?
|
|
// For simplicity, just allow sync.
|
|
$user->syncRoles($validated['roles']);
|
|
}
|
|
|
|
return redirect()->route('users.index')->with('success', 'Utilisateur mis à jour.');
|
|
}
|
|
|
|
public function destroy(\App\Models\User $user)
|
|
{
|
|
if ($user->id === auth()->id()) {
|
|
return back()->with('error', 'Vous ne pouvez pas supprimer votre propre compte.');
|
|
}
|
|
|
|
$user->delete();
|
|
return redirect()->route('users.index')->with('success', 'Utilisateur supprimé.');
|
|
}
|
|
}
|