bert.hausmans/band-management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: align codebase with EventCrew domain and trim legacy band stack

Browse Source 
- Update API: events, users, policies, routes, resources, migrations
- Remove deprecated models/resources (customers, setlists, invitations, etc.)
- Refresh admin app and docs; remove apps/band

Made-with: Cursor
This commit is contained in:
bert.hausmans
2026-03-29 23:19:06 +02:00
parent 34e12e00b3
commit 1cb7674d52
1034 changed files with 7453 additions and 8743 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
api/app/Policies/EventPolicy.php
View File

@@ -5,79 +5,44 @@ declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\Organisation;
use App\Models\User;
final class EventPolicy
{
/**
* Determine whether the user can view any events.
*/
public function viewAny(User $user): bool
public function viewAny(User $user, Organisation $organisation): bool
{
return true;
return $user->hasRole('super_admin')
|| $organisation->users()->where('user_id', $user->id)->exists();
}
/**
* Determine whether the user can view the event.
*/
public function view(User $user, Event $event): bool
{
// Admins and booking agents can view all events
if ($this->isAdminOrBookingAgent($user)) {
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
// Members can view events they're invited to
return $event->invitations()->where('user_id', $user->id)->exists();
return $organisation->users()
->where('user_id', $user->id)
->wherePivotIn('role', ['org_admin', 'org_member'])
->exists();
}
/**
* Determine whether the user can create events.
*/
public function create(User $user): bool
{
return $this->isAdminOrBookingAgent($user);
}
/**
* Determine whether the user can update the event.
*/
public function update(User $user, Event $event): bool
{
return $this->isAdminOrBookingAgent($user);
}
if ($user->hasRole('super_admin')) {
return true;
}
/**
* Determine whether the user can delete the event.
*/
public function delete(User $user, Event $event): bool
{
return $user->role === 'admin';
}
/**
* Determine whether the user can invite members to the event.
*/
public function invite(User $user, Event $event): bool
{
return $this->isAdminOrBookingAgent($user);
}
/**
* Determine whether the user can RSVP to the event.
*/
public function rsvp(User $user, Event $event): bool
{
// User must be invited to RSVP
return $event->invitations()->where('user_id', $user->id)->exists();
}
/**
* Check if the user is an admin or booking agent.
*/
private function isAdminOrBookingAgent(User $user): bool
{
return in_array($user->role, ['admin', 'booking_agent'], true);
return $event->organisation->users()
->where('user_id', $user->id)
->wherePivotIn('role', ['org_admin', 'org_member'])
->exists();
}
}

40
api/app/Policies/OrganisationPolicy.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Organisation;
use App\Models\User;
final class OrganisationPolicy
{
public function viewAny(User $user): bool
{
// All authenticated users can list their organisations
return true;
}
public function view(User $user, Organisation $organisation): bool
{
return $user->hasRole('super_admin')
|| $organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user): bool
{
return $user->hasRole('super_admin');
}
public function update(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
return $organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
}
}