bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

Browse Source 
- Crowd Types + Persons CRUD (73 tests)
- Festival Sections + Time Slots + Shifts CRUD met assign/claim flow (84 tests)
- Invite Flow + Member Management met InvitationService (109 tests)
- Schema v1.6 migraties volledig uitgevoerd
- DevSeeder bijgewerkt met crowd types voor testorganisatie
This commit is contained in:
bert.hausmans
2026-04-08 01:34:46 +02:00
parent c417a6647a
commit 9acb27af3a
114 changed files with 6916 additions and 984 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
api/app/Console/Commands/ExpireInvitations.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
namespace App\Console\Commands;
use App\Services\InvitationService;
use Illuminate\Console\Command;
final class ExpireInvitations extends Command
{
protected $signature = 'invitations:expire';
protected $description = 'Mark all expired pending invitations as expired';
public function handle(InvitationService $invitationService): int
{
$count = $invitationService->expireOldInvitations();
$this->info("Marked {$count} invitation(s) as expired.");
return self::SUCCESS;
}
}

54
api/app/Http/Controllers/Api/V1/CompanyController.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StoreCompanyRequest;
use App\Http\Requests\Api\V1\UpdateCompanyRequest;
use App\Http\Resources\Api\V1\CompanyResource;
use App\Models\Company;
use App\Models\Organisation;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class CompanyController extends Controller
{
public function index(Organisation $organisation): AnonymousResourceCollection
{
Gate::authorize('viewAny', [Company::class, $organisation]);
$companies = $organisation->companies()->get();
return CompanyResource::collection($companies);
}
public function store(StoreCompanyRequest $request, Organisation $organisation): JsonResponse
{
Gate::authorize('create', [Company::class, $organisation]);
$company = $organisation->companies()->create($request->validated());
return $this->created(new CompanyResource($company));
}
public function update(UpdateCompanyRequest $request, Organisation $organisation, Company $company): JsonResponse
{
Gate::authorize('update', [$company, $organisation]);
$company->update($request->validated());
return $this->success(new CompanyResource($company->fresh()));
}
public function destroy(Organisation $organisation, Company $company): JsonResponse
{
Gate::authorize('delete', [$company, $organisation]);
$company->delete();
return response()->json(null, 204);
}
}

83
api/app/Http/Controllers/Api/V1/CrowdListController.php Normal file
View File

@@ -0,0 +1,83 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StoreCrowdListRequest;
use App\Http\Requests\Api\V1\UpdateCrowdListRequest;
use App\Http\Resources\Api\V1\CrowdListResource;
use App\Models\CrowdList;
use App\Models\Event;
use App\Models\Person;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class CrowdListController extends Controller
{
public function index(Event $event): AnonymousResourceCollection
{
Gate::authorize('viewAny', [CrowdList::class, $event]);
$crowdLists = $event->crowdLists()->withCount('persons')->get();
return CrowdListResource::collection($crowdLists);
}
public function store(StoreCrowdListRequest $request, Event $event): JsonResponse
{
Gate::authorize('create', [CrowdList::class, $event]);
$crowdList = $event->crowdLists()->create($request->validated());
return $this->created(new CrowdListResource($crowdList));
}
public function update(UpdateCrowdListRequest $request, Event $event, CrowdList $crowdList): JsonResponse
{
Gate::authorize('update', [$crowdList, $event]);
$crowdList->update($request->validated());
return $this->success(new CrowdListResource($crowdList->fresh()));
}
public function destroy(Event $event, CrowdList $crowdList): JsonResponse
{
Gate::authorize('delete', [$crowdList, $event]);
$crowdList->delete();
return response()->json(null, 204);
}
public function addPerson(Request $request, Event $event, CrowdList $crowdList): JsonResponse
{
Gate::authorize('managePerson', [$crowdList, $event]);
$validated = $request->validate([
'person_id' => ['required', 'ulid', 'exists:persons,id'],
]);
$crowdList->persons()->syncWithoutDetaching([
$validated['person_id'] => [
'added_at' => now(),
'added_by_user_id' => $request->user()->id,
],
]);
return $this->success(new CrowdListResource($crowdList->fresh()->loadCount('persons')));
}
public function removePerson(Event $event, CrowdList $crowdList, Person $person): JsonResponse
{
Gate::authorize('managePerson', [$crowdList, $event]);
$crowdList->persons()->detach($person->id);
return response()->json(null, 204);
}
}

58
api/app/Http/Controllers/Api/V1/CrowdTypeController.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StoreCrowdTypeRequest;
use App\Http\Requests\Api\V1\UpdateCrowdTypeRequest;
use App\Http\Resources\Api\V1\CrowdTypeResource;
use App\Models\CrowdType;
use App\Models\Organisation;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class CrowdTypeController extends Controller
{
public function index(Organisation $organisation): AnonymousResourceCollection
{
Gate::authorize('viewAny', [CrowdType::class, $organisation]);
$crowdTypes = $organisation->crowdTypes()->where('is_active', true)->get();
return CrowdTypeResource::collection($crowdTypes);
}
public function store(StoreCrowdTypeRequest $request, Organisation $organisation): JsonResponse
{
Gate::authorize('create', [CrowdType::class, $organisation]);
$crowdType = $organisation->crowdTypes()->create($request->validated());
return $this->created(new CrowdTypeResource($crowdType));
}
public function update(UpdateCrowdTypeRequest $request, Organisation $organisation, CrowdType $crowdType): JsonResponse
{
Gate::authorize('update', [$crowdType, $organisation]);
$crowdType->update($request->validated());
return $this->success(new CrowdTypeResource($crowdType->fresh()));
}
public function destroy(Organisation $organisation, CrowdType $crowdType): JsonResponse
{
Gate::authorize('delete', [$crowdType, $organisation]);
if ($crowdType->persons()->exists()) {
$crowdType->update(['is_active' => false]);
} else {
$crowdType->delete();
}
return response()->json(null, 204);
}
}

70
api/app/Http/Controllers/Api/V1/FestivalSectionController.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\ReorderFestivalSectionsRequest;
use App\Http\Requests\Api\V1\StoreFestivalSectionRequest;
use App\Http\Requests\Api\V1\UpdateFestivalSectionRequest;
use App\Http\Resources\Api\V1\FestivalSectionResource;
use App\Models\Event;
use App\Models\FestivalSection;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class FestivalSectionController extends Controller
{
public function index(Event $event): AnonymousResourceCollection
{
Gate::authorize('viewAny', [FestivalSection::class, $event]);
$sections = $event->festivalSections()->ordered()->get();
return FestivalSectionResource::collection($sections);
}
public function store(StoreFestivalSectionRequest $request, Event $event): JsonResponse
{
Gate::authorize('create', [FestivalSection::class, $event]);
$section = $event->festivalSections()->create($request->validated());
return $this->created(new FestivalSectionResource($section));
}
public function update(UpdateFestivalSectionRequest $request, Event $event, FestivalSection $section): JsonResponse
{
Gate::authorize('update', [$section, $event]);
$section->update($request->validated());
return $this->success(new FestivalSectionResource($section->fresh()));
}
public function destroy(Event $event, FestivalSection $section): JsonResponse
{
Gate::authorize('delete', [$section, $event]);
$section->delete();
return response()->json(null, 204);
}
public function reorder(ReorderFestivalSectionsRequest $request, Event $event): JsonResponse
{
Gate::authorize('reorder', [FestivalSection::class, $event]);
foreach ($request->validated('sections') as $item) {
$event->festivalSections()
->where('id', $item['id'])
->update(['sort_order' => $item['sort_order']]);
}
$sections = $event->festivalSections()->ordered()->get();
return $this->success(FestivalSectionResource::collection($sections));
}
}

86
api/app/Http/Controllers/Api/V1/InvitationController.php Normal file
View File

@@ -0,0 +1,86 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\AcceptInvitationRequest;
use App\Http\Requests\Api\V1\StoreInvitationRequest;
use App\Http\Resources\Api\V1\InvitationResource;
use App\Models\Organisation;
use App\Models\UserInvitation;
use App\Services\InvitationService;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Gate;
final class InvitationController extends Controller
{
public function __construct(
private readonly InvitationService $invitationService,
) {}
public function invite(StoreInvitationRequest $request, Organisation $organisation): JsonResponse
{
Gate::authorize('invite', $organisation);
$invitation = $this->invitationService->invite(
$organisation,
$request->validated('email'),
$request->validated('role'),
$request->user(),
);
return $this->created(
new InvitationResource($invitation->load(['organisation', 'invitedBy'])),
'Uitnodiging verstuurd',
);
}
public function show(string $token): JsonResponse
{
$invitation = UserInvitation::where('token', $token)
->with(['organisation', 'invitedBy'])
->first();
if (! $invitation) {
return $this->notFound('Uitnodiging niet gevonden');
}
return $this->success(new InvitationResource($invitation));
}
public function accept(AcceptInvitationRequest $request, string $token): JsonResponse
{
$invitation = UserInvitation::where('token', $token)->firstOrFail();
$user = $this->invitationService->accept(
$invitation,
$request->validated('password'),
);
$sanctumToken = $user->createToken('auth-token')->plainTextToken;
return $this->success([
'user' => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
],
'token' => $sanctumToken,
], 'Uitnodiging geaccepteerd');
}
public function revoke(Organisation $organisation, UserInvitation $invitation): JsonResponse
{
Gate::authorize('invite', $organisation);
if (! $invitation->isPending()) {
return $this->error('Alleen openstaande uitnodigingen kunnen worden ingetrokken.', 422);
}
$invitation->markAsExpired();
return response()->json(null, 204);
}
}

54
api/app/Http/Controllers/Api/V1/LocationController.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StoreLocationRequest;
use App\Http\Requests\Api\V1\UpdateLocationRequest;
use App\Http\Resources\Api\V1\LocationResource;
use App\Models\Event;
use App\Models\Location;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class LocationController extends Controller
{
public function index(Event $event): AnonymousResourceCollection
{
Gate::authorize('viewAny', [Location::class, $event]);
$locations = $event->locations()->orderBy('name')->get();
return LocationResource::collection($locations);
}
public function store(StoreLocationRequest $request, Event $event): JsonResponse
{
Gate::authorize('create', [Location::class, $event]);
$location = $event->locations()->create($request->validated());
return $this->created(new LocationResource($location));
}
public function update(UpdateLocationRequest $request, Event $event, Location $location): JsonResponse
{
Gate::authorize('update', [$location, $event]);
$location->update($request->validated());
return $this->success(new LocationResource($location->fresh()));
}
public function destroy(Event $event, Location $location): JsonResponse
{
Gate::authorize('delete', [$location, $event]);
$location->delete();
return response()->json(null, 204);
}
}

84
api/app/Http/Controllers/Api/V1/MemberController.php Normal file
View File

@@ -0,0 +1,84 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\UpdateMemberRequest;
use App\Http\Resources\Api\V1\MemberCollection;
use App\Http\Resources\Api\V1\MemberResource;
use App\Models\Organisation;
use App\Models\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Gate;
final class MemberController extends Controller
{
public function index(Organisation $organisation): MemberCollection
{
Gate::authorize('view', $organisation);
$members = $organisation->users()->get();
return new MemberCollection($members);
}
public function update(UpdateMemberRequest $request, Organisation $organisation, User $user): JsonResponse
{
Gate::authorize('invite', $organisation);
if ($request->user()->id === $user->id) {
return $this->error('Je kunt je eigen rol niet wijzigen.', 422);
}
$currentRole = $organisation->users()
->where('user_id', $user->id)
->first()?->pivot?->role;
if ($currentRole === 'org_admin' && $request->validated('role') !== 'org_admin') {
$adminCount = $organisation->users()
->wherePivot('role', 'org_admin')
->count();
if ($adminCount <= 1) {
return $this->error('De laatste org_admin kan niet worden gedegradeerd.', 422);
}
}
$organisation->users()->updateExistingPivot($user->id, [
'role' => $request->validated('role'),
]);
return $this->success(
new MemberResource($organisation->users()->where('user_id', $user->id)->first()),
);
}
public function destroy(Organisation $organisation, User $user): JsonResponse
{
Gate::authorize('invite', $organisation);
if (request()->user()->id === $user->id) {
return $this->error('Je kunt je eigen account niet verwijderen uit de organisatie.', 422);
}
$currentRole = $organisation->users()
->where('user_id', $user->id)
->first()?->pivot?->role;
if ($currentRole === 'org_admin') {
$adminCount = $organisation->users()
->wherePivot('role', 'org_admin')
->count();
if ($adminCount <= 1) {
return $this->error('De laatste org_admin kan niet worden verwijderd.', 422);
}
}
$organisation->users()->detach($user->id);
return response()->json(null, 204);
}
}

82
api/app/Http/Controllers/Api/V1/PersonController.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StorePersonRequest;
use App\Http\Requests\Api\V1\UpdatePersonRequest;
use App\Http\Resources\Api\V1\PersonCollection;
use App\Http\Resources\Api\V1\PersonResource;
use App\Models\Event;
use App\Models\Person;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Gate;
final class PersonController extends Controller
{
public function index(Request $request, Event $event): PersonCollection
{
Gate::authorize('viewAny', [Person::class, $event]);
$query = $event->persons()->with('crowdType');
if ($request->filled('crowd_type_id')) {
$query->where('crowd_type_id', $request->input('crowd_type_id'));
}
if ($request->filled('status')) {
$query->where('status', $request->input('status'));
}
return new PersonCollection($query->get());
}
public function show(Event $event, Person $person): JsonResponse
{
Gate::authorize('view', [$person, $event]);
$person->load(['crowdType', 'company']);
return $this->success(new PersonResource($person));
}
public function store(StorePersonRequest $request, Event $event): JsonResponse
{
Gate::authorize('create', [Person::class, $event]);
$person = $event->persons()->create($request->validated());
return $this->created(new PersonResource($person->fresh()->load('crowdType')));
}
public function update(UpdatePersonRequest $request, Event $event, Person $person): JsonResponse
{
Gate::authorize('update', [$person, $event]);
$person->update($request->validated());
$person->load(['crowdType', 'company']);
return $this->success(new PersonResource($person->fresh()->load(['crowdType', 'company'])));
}
public function destroy(Event $event, Person $person): JsonResponse
{
Gate::authorize('delete', [$person, $event]);
$person->delete();
return response()->json(null, 204);
}
public function approve(Event $event, Person $person): JsonResponse
{
Gate::authorize('approve', [$person, $event]);
$person->update(['status' => 'approved']);
return $this->success(new PersonResource($person->fresh()->load('crowdType')));
}
}

148
api/app/Http/Controllers/Api/V1/ShiftController.php Normal file
View File

@@ -0,0 +1,148 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\AssignShiftRequest;
use App\Http\Requests\Api\V1\StoreShiftRequest;
use App\Http\Requests\Api\V1\UpdateShiftRequest;
use App\Http\Resources\Api\V1\ShiftAssignmentResource;
use App\Http\Resources\Api\V1\ShiftResource;
use App\Models\Event;
use App\Models\FestivalSection;
use App\Models\Shift;
use App\Models\ShiftAssignment;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class ShiftController extends Controller
{
public function index(Event $event, FestivalSection $section): AnonymousResourceCollection
{
Gate::authorize('viewAny', [Shift::class, $event]);
$shifts = $section->shifts()
->with(['timeSlot', 'location'])
->get();
return ShiftResource::collection($shifts);
}
public function store(StoreShiftRequest $request, Event $event, FestivalSection $section): JsonResponse
{
Gate::authorize('create', [Shift::class, $event]);
$shift = $section->shifts()->create($request->validated());
$shift->load(['timeSlot', 'location']);
return $this->created(new ShiftResource($shift));
}
public function update(UpdateShiftRequest $request, Event $event, FestivalSection $section, Shift $shift): JsonResponse
{
Gate::authorize('update', [$shift, $event, $section]);
$shift->update($request->validated());
$shift->load(['timeSlot', 'location']);
return $this->success(new ShiftResource($shift->fresh()->load(['timeSlot', 'location'])));
}
public function destroy(Event $event, FestivalSection $section, Shift $shift): JsonResponse
{
Gate::authorize('delete', [$shift, $event, $section]);
$shift->delete();
return response()->json(null, 204);
}
public function assign(AssignShiftRequest $request, Event $event, FestivalSection $section, Shift $shift): JsonResponse
{
Gate::authorize('assign', [$shift, $event, $section]);
$personId = $request->validated('person_id');
// Check if shift is full
$approvedCount = $shift->shiftAssignments()->where('status', 'approved')->count();
if ($approvedCount >= $shift->slots_total) {
return $this->error('Shift is vol — alle slots zijn bezet.', 422);
}
// Check overlap conflict if allow_overlap is false
if (! $shift->allow_overlap) {
$conflict = ShiftAssignment::where('person_id', $personId)
->where('time_slot_id', $shift->time_slot_id)
->whereNotIn('status', ['rejected', 'cancelled'])
->exists();
if ($conflict) {
return $this->error('Deze persoon is al ingepland voor dit tijdslot.', 422);
}
}
$autoApprove = $section->crew_auto_accepts;
$assignment = $shift->shiftAssignments()->create([
'person_id' => $personId,
'time_slot_id' => $shift->time_slot_id,
'status' => $autoApprove ? 'approved' : 'approved',
'auto_approved' => $autoApprove,
'assigned_by' => $request->user()->id,
'assigned_at' => now(),
'approved_at' => now(),
]);
// Update shift status if full
$newApprovedCount = $shift->shiftAssignments()->where('status', 'approved')->count();
if ($newApprovedCount >= $shift->slots_total) {
$shift->update(['status' => 'full']);
}
return $this->created(new ShiftAssignmentResource($assignment));
}
public function claim(AssignShiftRequest $request, Event $event, FestivalSection $section, Shift $shift): JsonResponse
{
Gate::authorize('claim', [$shift, $event, $section]);
$personId = $request->validated('person_id');
// Check claiming slots available
$claimedCount = $shift->shiftAssignments()
->whereNotIn('status', ['rejected', 'cancelled'])
->count();
if ($shift->slots_open_for_claiming <= 0 || $claimedCount >= $shift->slots_open_for_claiming) {
return $this->error('Geen claimbare slots beschikbaar voor deze shift.', 422);
}
// Check overlap conflict if allow_overlap is false
if (! $shift->allow_overlap) {
$conflict = ShiftAssignment::where('person_id', $personId)
->where('time_slot_id', $shift->time_slot_id)
->whereNotIn('status', ['rejected', 'cancelled'])
->exists();
if ($conflict) {
return $this->error('Deze persoon is al ingepland voor dit tijdslot.', 422);
}
}
$autoApprove = $section->crew_auto_accepts;
$assignment = $shift->shiftAssignments()->create([
'person_id' => $personId,
'time_slot_id' => $shift->time_slot_id,
'status' => $autoApprove ? 'approved' : 'pending_approval',
'auto_approved' => $autoApprove,
'assigned_at' => now(),
'approved_at' => $autoApprove ? now() : null,
]);
return $this->created(new ShiftAssignmentResource($assignment));
}
}

54
api/app/Http/Controllers/Api/V1/TimeSlotController.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StoreTimeSlotRequest;
use App\Http\Requests\Api\V1\UpdateTimeSlotRequest;
use App\Http\Resources\Api\V1\TimeSlotResource;
use App\Models\Event;
use App\Models\TimeSlot;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class TimeSlotController extends Controller
{
public function index(Event $event): AnonymousResourceCollection
{
Gate::authorize('viewAny', [TimeSlot::class, $event]);
$timeSlots = $event->timeSlots()->orderBy('date')->orderBy('start_time')->get();
return TimeSlotResource::collection($timeSlots);
}
public function store(StoreTimeSlotRequest $request, Event $event): JsonResponse
{
Gate::authorize('create', [TimeSlot::class, $event]);
$timeSlot = $event->timeSlots()->create($request->validated());
return $this->created(new TimeSlotResource($timeSlot));
}
public function update(UpdateTimeSlotRequest $request, Event $event, TimeSlot $timeSlot): JsonResponse
{
Gate::authorize('update', [$timeSlot, $event]);
$timeSlot->update($request->validated());
return $this->success(new TimeSlotResource($timeSlot->fresh()));
}
public function destroy(Event $event, TimeSlot $timeSlot): JsonResponse
{
Gate::authorize('delete', [$timeSlot, $event]);
$timeSlot->delete();
return response()->json(null, 204);
}
}

29
api/app/Http/Requests/Api/V1/AcceptInvitationRequest.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use App\Models\User;
use App\Models\UserInvitation;
use Illuminate\Foundation\Http\FormRequest;
final class AcceptInvitationRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
$invitation = UserInvitation::where('token', $this->route('token'))->first();
$userExists = $invitation && User::where('email', $invitation->email)->exists();
return [
'name' => [$userExists ? 'nullable' : 'required', 'string', 'max:255'],
'password' => [$userExists ? 'nullable' : 'required', 'string', 'min:8', 'confirmed'],
];
}
}

23
api/app/Http/Requests/Api/V1/AssignShiftRequest.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class AssignShiftRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'person_id' => ['required', 'ulid', 'exists:persons,id'],
];
}
}

25
api/app/Http/Requests/Api/V1/ReorderFestivalSectionsRequest.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class ReorderFestivalSectionsRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'sections' => ['required', 'array'],
'sections.*.id' => ['required', 'ulid'],
'sections.*.sort_order' => ['required', 'integer', 'min:0'],
];
}
}

27
api/app/Http/Requests/Api/V1/StoreCompanyRequest.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreCompanyRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'type' => ['required', 'in:supplier,partner,agency,venue,other'],
'contact_name' => ['nullable', 'string', 'max:255'],
'contact_email' => ['nullable', 'email', 'max:255'],
'contact_phone' => ['nullable', 'string', 'max:30'],
];
}
}

28
api/app/Http/Requests/Api/V1/StoreCrowdListRequest.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreCrowdListRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'crowd_type_id' => ['required', 'ulid', 'exists:crowd_types,id'],
'name' => ['required', 'string', 'max:255'],
'type' => ['required', 'in:internal,external'],
'recipient_company_id' => ['nullable', 'ulid', 'exists:companies,id'],
'auto_approve' => ['sometimes', 'boolean'],
'max_persons' => ['nullable', 'integer', 'min:1'],
];
}
}

26
api/app/Http/Requests/Api/V1/StoreCrowdTypeRequest.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreCrowdTypeRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:100'],
'system_type' => ['required', 'in:CREW,GUEST,ARTIST,VOLUNTEER,PRESS,PARTNER,SUPPLIER'],
'color' => ['required', 'regex:/^#[0-9A-Fa-f]{6}$/'],
'icon' => ['nullable', 'string', 'max:50'],
];
}
}

27
api/app/Http/Requests/Api/V1/StoreFestivalSectionRequest.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreFestivalSectionRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'sort_order' => ['nullable', 'integer', 'min:0'],
'type' => ['nullable', 'in:standard,cross_event'],
'crew_auto_accepts' => ['nullable', 'boolean'],
'responder_self_checkin' => ['nullable', 'boolean'],
];
}
}

24
api/app/Http/Requests/Api/V1/StoreInvitationRequest.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreInvitationRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'email' => ['required', 'email', 'max:255'],
'role' => ['required', 'in:org_admin,org_member,event_manager,staff_coordinator,volunteer_coordinator'],
];
}
}

28
api/app/Http/Requests/Api/V1/StoreLocationRequest.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreLocationRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'address' => ['nullable', 'string', 'max:255'],
'lat' => ['nullable', 'numeric', 'between:-90,90'],
'lng' => ['nullable', 'numeric', 'between:-180,180'],
'description' => ['nullable', 'string'],
'access_instructions' => ['nullable', 'string'],
];
}
}

29
api/app/Http/Requests/Api/V1/StorePersonRequest.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StorePersonRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'crowd_type_id' => ['required', 'ulid', 'exists:crowd_types,id'],
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'email', 'max:255'],
'phone' => ['nullable', 'string', 'max:30'],
'company_id' => ['nullable', 'ulid', 'exists:companies,id'],
'status' => ['nullable', 'in:invited,applied,pending,approved,rejected,no_show'],
'custom_fields' => ['nullable', 'array'],
];
}
}

36
api/app/Http/Requests/Api/V1/StoreShiftRequest.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreShiftRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'time_slot_id' => ['required', 'ulid', 'exists:time_slots,id'],
'location_id' => ['nullable', 'ulid', 'exists:locations,id'],
'title' => ['nullable', 'string', 'max:255'],
'description' => ['nullable', 'string'],
'instructions' => ['nullable', 'string'],
'coordinator_notes' => ['nullable', 'string'],
'slots_total' => ['required', 'integer', 'min:1'],
'slots_open_for_claiming' => ['required', 'integer', 'min:0', 'lte:slots_total'],
'report_time' => ['nullable', 'date_format:H:i'],
'actual_start_time' => ['nullable', 'date_format:H:i'],
'actual_end_time' => ['nullable', 'date_format:H:i'],
'is_lead_role' => ['nullable', 'boolean'],
'allow_overlap' => ['nullable', 'boolean'],
'status' => ['nullable', 'in:draft,open,full,in_progress,completed,cancelled'],
];
}
}

28
api/app/Http/Requests/Api/V1/StoreTimeSlotRequest.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class StoreTimeSlotRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'person_type' => ['required', 'in:CREW,VOLUNTEER,PRESS,PHOTO,PARTNER'],
'date' => ['required', 'date'],
'start_time' => ['required', 'date_format:H:i'],
'end_time' => ['required', 'date_format:H:i'],
'duration_hours' => ['nullable', 'numeric', 'min:0.5', 'max:24'],
];
}
}

27
api/app/Http/Requests/Api/V1/UpdateCompanyRequest.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateCompanyRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['sometimes', 'string', 'max:255'],
'type' => ['sometimes', 'in:supplier,partner,agency,venue,other'],
'contact_name' => ['nullable', 'string', 'max:255'],
'contact_email' => ['nullable', 'email', 'max:255'],
'contact_phone' => ['nullable', 'string', 'max:30'],
];
}
}

28
api/app/Http/Requests/Api/V1/UpdateCrowdListRequest.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateCrowdListRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'crowd_type_id' => ['sometimes', 'ulid', 'exists:crowd_types,id'],
'name' => ['sometimes', 'string', 'max:255'],
'type' => ['sometimes', 'in:internal,external'],
'recipient_company_id' => ['nullable', 'ulid', 'exists:companies,id'],
'auto_approve' => ['sometimes', 'boolean'],
'max_persons' => ['nullable', 'integer', 'min:1'],
];
}
}

26
api/app/Http/Requests/Api/V1/UpdateCrowdTypeRequest.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateCrowdTypeRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['sometimes', 'string', 'max:100'],
'color' => ['sometimes', 'regex:/^#[0-9A-Fa-f]{6}$/'],
'icon' => ['nullable', 'string', 'max:50'],
'is_active' => ['sometimes', 'boolean'],
];
}
}

33
api/app/Http/Requests/Api/V1/UpdateFestivalSectionRequest.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateFestivalSectionRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['sometimes', 'string', 'max:255'],
'sort_order' => ['sometimes', 'integer', 'min:0'],
'type' => ['sometimes', 'in:standard,cross_event'],
'crew_auto_accepts' => ['sometimes', 'boolean'],
'responder_self_checkin' => ['sometimes', 'boolean'],
'crew_need' => ['nullable', 'integer', 'min:0'],
'crew_invited_to_events' => ['sometimes', 'boolean'],
'added_to_timeline' => ['sometimes', 'boolean'],
'timed_accreditations' => ['sometimes', 'boolean'],
'crew_accreditation_level' => ['nullable', 'string', 'max:50'],
'public_form_accreditation_level' => ['nullable', 'string', 'max:50'],
];
}
}

28
api/app/Http/Requests/Api/V1/UpdateLocationRequest.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateLocationRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['sometimes', 'string', 'max:255'],
'address' => ['nullable', 'string', 'max:255'],
'lat' => ['nullable', 'numeric', 'between:-90,90'],
'lng' => ['nullable', 'numeric', 'between:-180,180'],
'description' => ['nullable', 'string'],
'access_instructions' => ['nullable', 'string'],
];
}
}

23
api/app/Http/Requests/Api/V1/UpdateMemberRequest.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateMemberRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'role' => ['required', 'in:org_admin,org_member,event_manager,staff_coordinator,volunteer_coordinator'],
];
}
}

31
api/app/Http/Requests/Api/V1/UpdatePersonRequest.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdatePersonRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'crowd_type_id' => ['sometimes', 'ulid', 'exists:crowd_types,id'],
'name' => ['sometimes', 'string', 'max:255'],
'email' => ['sometimes', 'email', 'max:255'],
'phone' => ['nullable', 'string', 'max:30'],
'company_id' => ['nullable', 'ulid', 'exists:companies,id'],
'status' => ['sometimes', 'in:invited,applied,pending,approved,rejected,no_show'],
'is_blacklisted' => ['sometimes', 'boolean'],
'admin_notes' => ['nullable', 'string'],
'custom_fields' => ['nullable', 'array'],
];
}
}

36
api/app/Http/Requests/Api/V1/UpdateShiftRequest.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateShiftRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'time_slot_id' => ['sometimes', 'ulid', 'exists:time_slots,id'],
'location_id' => ['nullable', 'ulid', 'exists:locations,id'],
'title' => ['nullable', 'string', 'max:255'],
'description' => ['nullable', 'string'],
'instructions' => ['nullable', 'string'],
'coordinator_notes' => ['nullable', 'string'],
'slots_total' => ['sometimes', 'integer', 'min:1'],
'slots_open_for_claiming' => ['sometimes', 'integer', 'min:0'],
'report_time' => ['nullable', 'date_format:H:i'],
'actual_start_time' => ['nullable', 'date_format:H:i'],
'actual_end_time' => ['nullable', 'date_format:H:i'],
'is_lead_role' => ['nullable', 'boolean'],
'allow_overlap' => ['nullable', 'boolean'],
'status' => ['sometimes', 'in:draft,open,full,in_progress,completed,cancelled'],
];
}
}

28
api/app/Http/Requests/Api/V1/UpdateTimeSlotRequest.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
namespace App\Http\Requests\Api\V1;
use Illuminate\Foundation\Http\FormRequest;
final class UpdateTimeSlotRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
/** @return array<string, mixed> */
public function rules(): array
{
return [
'name' => ['sometimes', 'string', 'max:255'],
'person_type' => ['sometimes', 'in:CREW,VOLUNTEER,PRESS,PHOTO,PARTNER'],
'date' => ['sometimes', 'date'],
'start_time' => ['sometimes', 'date_format:H:i'],
'end_time' => ['sometimes', 'date_format:H:i'],
'duration_hours' => ['nullable', 'numeric', 'min:0.5', 'max:24'],
];
}
}

25
api/app/Http/Resources/Api/V1/CompanyResource.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class CompanyResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'organisation_id' => $this->organisation_id,
'name' => $this->name,
'type' => $this->type,
'contact_name' => $this->contact_name,
'contact_email' => $this->contact_email,
'contact_phone' => $this->contact_phone,
'created_at' => $this->created_at->toIso8601String(),
];
}
}

27
api/app/Http/Resources/Api/V1/CrowdListResource.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class CrowdListResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'event_id' => $this->event_id,
'crowd_type_id' => $this->crowd_type_id,
'name' => $this->name,
'type' => $this->type,
'recipient_company_id' => $this->recipient_company_id,
'auto_approve' => $this->auto_approve,
'max_persons' => $this->max_persons,
'created_at' => $this->created_at->toIso8601String(),
'persons_count' => $this->whenCounted('persons'),
];
}
}

24
api/app/Http/Resources/Api/V1/CrowdTypeResource.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class CrowdTypeResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'organisation_id' => $this->organisation_id,
'name' => $this->name,
'system_type' => $this->system_type,
'color' => $this->color,
'icon' => $this->icon,
'is_active' => $this->is_active,
];
}
}

29
api/app/Http/Resources/Api/V1/FestivalSectionResource.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class FestivalSectionResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'event_id' => $this->event_id,
'name' => $this->name,
'type' => $this->type,
'sort_order' => $this->sort_order,
'crew_need' => $this->crew_need,
'crew_auto_accepts' => $this->crew_auto_accepts,
'responder_self_checkin' => $this->responder_self_checkin,
'added_to_timeline' => $this->added_to_timeline,
'crew_accreditation_level' => $this->crew_accreditation_level,
'created_at' => $this->created_at->toIso8601String(),
'shifts_count' => $this->whenCounted('shifts'),
];
}
}

29
api/app/Http/Resources/Api/V1/InvitationResource.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class InvitationResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'email' => $this->email,
'role' => $this->role,
'status' => $this->isExpired() && $this->isPending() ? 'expired' : $this->status,
'expires_at' => $this->expires_at->toIso8601String(),
'created_at' => $this->created_at->toIso8601String(),
'organisation' => $this->whenLoaded('organisation', fn () => [
'name' => $this->organisation->name,
]),
'invited_by' => $this->whenLoaded('invitedBy', fn () => [
'name' => $this->invitedBy?->name,
]),
];
}
}

26
api/app/Http/Resources/Api/V1/LocationResource.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class LocationResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'event_id' => $this->event_id,
'name' => $this->name,
'address' => $this->address,
'lat' => $this->lat,
'lng' => $this->lng,
'description' => $this->description,
'access_instructions' => $this->access_instructions,
'created_at' => $this->created_at->toIso8601String(),
];
}
}

37
api/app/Http/Resources/Api/V1/MemberCollection.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use App\Models\UserInvitation;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\ResourceCollection;
final class MemberCollection extends ResourceCollection
{
public $collects = MemberResource::class;
public function toArray(Request $request): array
{
return [
'data' => $this->collection,
];
}
/** @return array<string, mixed> */
public function with(Request $request): array
{
$organisation = $request->route('organisation');
return [
'meta' => [
'total_members' => $this->collection->count(),
'pending_invitations_count' => UserInvitation::where('organisation_id', $organisation->id)
->pending()
->where('expires_at', '>', now())
->count(),
],
];
}
}

29
api/app/Http/Resources/Api/V1/MemberResource.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class MemberResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'name' => $this->name,
'email' => $this->email,
'role' => $this->pivot?->role,
'avatar' => $this->avatar,
'event_roles' => $this->whenLoaded('events', fn () =>
$this->events->map(fn ($event) => [
'event_id' => $event->id,
'event_name' => $event->name,
'role' => $event->pivot->role,
])
),
];
}
}

44
api/app/Http/Resources/Api/V1/PersonCollection.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\ResourceCollection;
final class PersonCollection extends ResourceCollection
{
public $collects = PersonResource::class;
public function toArray(Request $request): array
{
return [
'data' => $this->collection,
];
}
public function with(Request $request): array
{
$persons = $this->collection;
$byCrowdType = $persons->groupBy(fn ($person) => $person->crowd_type_id);
$crowdTypeMeta = [];
foreach ($byCrowdType as $crowdTypeId => $group) {
$crowdTypeMeta[$crowdTypeId] = [
'approved_count' => $group->where('status', 'approved')->count(),
'pending_count' => $group->where('status', 'pending')->count(),
];
}
return [
'meta' => [
'total' => $persons->count(),
'approved_count' => $persons->where('status', 'approved')->count(),
'pending_count' => $persons->where('status', 'pending')->count(),
'by_crowd_type' => $crowdTypeMeta,
],
];
}
}

29
api/app/Http/Resources/Api/V1/PersonResource.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class PersonResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'event_id' => $this->event_id,
'name' => $this->name,
'email' => $this->email,
'phone' => $this->phone,
'status' => $this->status,
'is_blacklisted' => $this->is_blacklisted,
'admin_notes' => $this->admin_notes,
'custom_fields' => $this->custom_fields,
'created_at' => $this->created_at->toIso8601String(),
'crowd_type' => new CrowdTypeResource($this->whenLoaded('crowdType')),
'company' => new CompanyResource($this->whenLoaded('company')),
];
}
}

24
api/app/Http/Resources/Api/V1/ShiftAssignmentResource.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class ShiftAssignmentResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'shift_id' => $this->shift_id,
'person_id' => $this->person_id,
'status' => $this->status,
'auto_approved' => $this->auto_approved,
'assigned_at' => $this->assigned_at?->toIso8601String(),
'approved_at' => $this->approved_at?->toIso8601String(),
];
}
}

71
api/app/Http/Resources/Api/V1/ShiftResource.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class ShiftResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'festival_section_id' => $this->festival_section_id,
'time_slot_id' => $this->time_slot_id,
'location_id' => $this->location_id,
'title' => $this->title,
'description' => $this->description,
'instructions' => $this->instructions,
'coordinator_notes' => $this->when(
$this->shouldShowCoordinatorNotes($request),
$this->coordinator_notes,
),
'slots_total' => $this->slots_total,
'slots_open_for_claiming' => $this->slots_open_for_claiming,
'is_lead_role' => $this->is_lead_role,
'report_time' => $this->report_time,
'actual_start_time' => $this->actual_start_time,
'actual_end_time' => $this->actual_end_time,
'allow_overlap' => $this->allow_overlap,
'status' => $this->status,
'filled_slots' => $this->filled_slots,
'fill_rate' => $this->fill_rate,
'effective_start_time' => $this->effective_start_time,
'effective_end_time' => $this->effective_end_time,
'created_at' => $this->created_at->toIso8601String(),
'time_slot' => new TimeSlotResource($this->whenLoaded('timeSlot')),
'location' => new LocationResource($this->whenLoaded('location')),
'festival_section' => new FestivalSectionResource($this->whenLoaded('festivalSection')),
];
}
private function shouldShowCoordinatorNotes(Request $request): bool
{
$user = $request->user();
if (! $user) {
return false;
}
if ($user->hasRole('super_admin')) {
return true;
}
$shift = $this->resource;
$event = $shift->festivalSection?->event;
if (! $event) {
return false;
}
return $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists()
|| $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

26
api/app/Http/Resources/Api/V1/TimeSlotResource.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
namespace App\Http\Resources\Api\V1;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
final class TimeSlotResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'event_id' => $this->event_id,
'name' => $this->name,
'person_type' => $this->person_type,
'date' => $this->date->toDateString(),
'start_time' => $this->start_time,
'end_time' => $this->end_time,
'duration_hours' => $this->duration_hours,
'created_at' => $this->created_at->toIso8601String(),
];
}
}

44
api/app/Mail/InvitationMail.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
declare(strict_types=1);
namespace App\Mail;
use App\Models\UserInvitation;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Mail\Mailable;
use Illuminate\Mail\Mailables\Content;
use Illuminate\Mail\Mailables\Envelope;
use Illuminate\Queue\SerializesModels;
final class InvitationMail extends Mailable implements ShouldQueue
{
use Queueable;
use SerializesModels;
public function __construct(
public readonly UserInvitation $invitation,
) {}
public function envelope(): Envelope
{
return new Envelope(
subject: "Je bent uitgenodigd voor {$this->invitation->organisation->name}",
);
}
public function content(): Content
{
return new Content(
markdown: 'emails.invitation',
with: [
'acceptUrl' => config('app.frontend_app_url') . '/invitations/' . $this->invitation->token . '/accept',
'organisationName' => $this->invitation->organisation->name,
'inviterName' => $this->invitation->invitedBy?->name ?? 'Een beheerder',
'role' => $this->invitation->role,
'expiresAt' => $this->invitation->expires_at,
],
);
}
}

38
api/app/Models/Company.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\SoftDeletes;
final class Company extends Model
{
use HasFactory;
use HasUlids;
use SoftDeletes;
protected $fillable = [
'organisation_id',
'name',
'type',
'contact_name',
'contact_email',
'contact_phone',
];
public function organisation(): BelongsTo
{
return $this->belongsTo(Organisation::class);
}
public function persons(): HasMany
{
return $this->hasMany(Person::class);
}
}

56
api/app/Models/CrowdList.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
final class CrowdList extends Model
{
use HasFactory;
use HasUlids;
protected $fillable = [
'event_id',
'crowd_type_id',
'name',
'type',
'recipient_company_id',
'auto_approve',
'max_persons',
];
protected function casts(): array
{
return [
'auto_approve' => 'boolean',
'max_persons' => 'integer',
];
}
public function event(): BelongsTo
{
return $this->belongsTo(Event::class);
}
public function crowdType(): BelongsTo
{
return $this->belongsTo(CrowdType::class);
}
public function recipientCompany(): BelongsTo
{
return $this->belongsTo(Company::class, 'recipient_company_id');
}
public function persons(): BelongsToMany
{
return $this->belongsToMany(Person::class, 'crowd_list_persons')
->withPivot('added_at', 'added_by_user_id');
}
}

43
api/app/Models/CrowdType.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
final class CrowdType extends Model
{
use HasFactory;
use HasUlids;
protected $fillable = [
'organisation_id',
'name',
'system_type',
'color',
'icon',
'is_active',
];
protected function casts(): array
{
return [
'is_active' => 'boolean',
];
}
public function organisation(): BelongsTo
{
return $this->belongsTo(Organisation::class);
}
public function persons(): HasMany
{
return $this->hasMany(Person::class);
}
}

25
api/app/Models/Event.php
View File

@@ -54,6 +54,31 @@ final class Event extends Model
return $this->hasMany(UserInvitation::class);
}
public function locations(): HasMany
{
return $this->hasMany(Location::class);
}
public function festivalSections(): HasMany
{
return $this->hasMany(FestivalSection::class);
}
public function timeSlots(): HasMany
{
return $this->hasMany(TimeSlot::class);
}
public function persons(): HasMany
{
return $this->hasMany(Person::class);
}
public function crowdLists(): HasMany
{
return $this->hasMany(CrowdList::class);
}
public function scopeDraft(Builder $query): Builder
{
return $query->where('status', 'draft');

61
api/app/Models/FestivalSection.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\SoftDeletes;
final class FestivalSection extends Model
{
use HasFactory;
use HasUlids;
use SoftDeletes;
protected $fillable = [
'event_id',
'name',
'type',
'sort_order',
'crew_need',
'crew_auto_accepts',
'crew_invited_to_events',
'added_to_timeline',
'responder_self_checkin',
'crew_accreditation_level',
'public_form_accreditation_level',
'timed_accreditations',
];
protected function casts(): array
{
return [
'crew_auto_accepts' => 'boolean',
'crew_invited_to_events' => 'boolean',
'added_to_timeline' => 'boolean',
'responder_self_checkin' => 'boolean',
'timed_accreditations' => 'boolean',
];
}
public function event(): BelongsTo
{
return $this->belongsTo(Event::class);
}
public function shifts(): HasMany
{
return $this->hasMany(Shift::class);
}
public function scopeOrdered(Builder $query): Builder
{
return $query->orderBy('sort_order');
}
}

31
api/app/Models/Location.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
final class Location extends Model
{
use HasFactory;
use HasUlids;
protected $fillable = [
'event_id',
'name',
'address',
'lat',
'lng',
'description',
'access_instructions',
];
public function event(): BelongsTo
{
return $this->belongsTo(Event::class);
}
}

10
api/app/Models/Organisation.php
View File

@@ -47,4 +47,14 @@ final class Organisation extends Model
{
return $this->hasMany(UserInvitation::class);
}
public function crowdTypes(): HasMany
{
return $this->hasMany(CrowdType::class);
}
public function companies(): HasMany
{
return $this->hasMany(Company::class);
}
}

91
api/app/Models/Person.php Normal file
View File

@@ -0,0 +1,91 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\SoftDeletes;
final class Person extends Model
{
use HasFactory;
use HasUlids;
use SoftDeletes;
protected $table = 'persons';
protected $fillable = [
'user_id',
'event_id',
'crowd_type_id',
'company_id',
'name',
'email',
'phone',
'status',
'is_blacklisted',
'admin_notes',
'custom_fields',
];
protected function casts(): array
{
return [
'is_blacklisted' => 'boolean',
'custom_fields' => 'array',
];
}
public function event(): BelongsTo
{
return $this->belongsTo(Event::class);
}
public function crowdType(): BelongsTo
{
return $this->belongsTo(CrowdType::class);
}
public function company(): BelongsTo
{
return $this->belongsTo(Company::class);
}
public function user(): BelongsTo
{
return $this->belongsTo(User::class);
}
public function crowdLists(): BelongsToMany
{
return $this->belongsToMany(CrowdList::class, 'crowd_list_persons')
->withPivot('added_at', 'added_by_user_id');
}
public function shiftAssignments(): HasMany
{
return $this->hasMany(ShiftAssignment::class);
}
public function scopeApproved(Builder $query): Builder
{
return $query->where('status', 'approved');
}
public function scopePending(Builder $query): Builder
{
return $query->where('status', 'pending');
}
public function scopeForCrowdType(Builder $query, string $type): Builder
{
return $query->whereHas('crowdType', fn (Builder $q) => $q->where('system_type', $type));
}
}

124
api/app/Models/Shift.php Normal file
View File

@@ -0,0 +1,124 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Casts\Attribute;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\SoftDeletes;
final class Shift extends Model
{
use HasFactory;
use HasUlids;
use SoftDeletes;
protected $fillable = [
'festival_section_id',
'time_slot_id',
'location_id',
'title',
'description',
'instructions',
'coordinator_notes',
'slots_total',
'slots_open_for_claiming',
'is_lead_role',
'report_time',
'actual_start_time',
'actual_end_time',
'end_date',
'allow_overlap',
'assigned_crew_id',
'events_during_shift',
'status',
];
protected function casts(): array
{
return [
'is_lead_role' => 'boolean',
'allow_overlap' => 'boolean',
'events_during_shift' => 'array',
'slots_total' => 'integer',
'slots_open_for_claiming' => 'integer',
];
}
public function festivalSection(): BelongsTo
{
return $this->belongsTo(FestivalSection::class);
}
public function timeSlot(): BelongsTo
{
return $this->belongsTo(TimeSlot::class);
}
public function location(): BelongsTo
{
return $this->belongsTo(Location::class);
}
public function assignedCrew(): BelongsTo
{
return $this->belongsTo(User::class, 'assigned_crew_id');
}
public function shiftAssignments(): HasMany
{
return $this->hasMany(ShiftAssignment::class);
}
public function waitlist(): HasMany
{
return $this->hasMany(ShiftWaitlist::class);
}
protected function effectiveStartTime(): Attribute
{
return Attribute::get(fn () => $this->actual_start_time ?? $this->timeSlot?->start_time);
}
protected function effectiveEndTime(): Attribute
{
return Attribute::get(fn () => $this->actual_end_time ?? $this->timeSlot?->end_time);
}
protected function filledSlots(): Attribute
{
return Attribute::get(fn () => $this->shiftAssignments()->where('status', 'approved')->count());
}
protected function fillRate(): Attribute
{
return Attribute::get(function () {
if ($this->slots_total === 0) {
return 0;
}
return round($this->filled_slots / $this->slots_total, 2);
});
}
public function scopeOpen(Builder $query): Builder
{
return $query->where('status', 'open');
}
public function scopeDraft(Builder $query): Builder
{
return $query->where('status', 'draft');
}
public function scopeFull(Builder $query): Builder
{
return $query->where('status', 'full');
}
}

61
api/app/Models/ShiftAssignment.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\SoftDeletes;
final class ShiftAssignment extends Model
{
use HasFactory;
use HasUlids;
use SoftDeletes;
protected $fillable = [
'shift_id',
'person_id',
'time_slot_id',
'status',
'auto_approved',
'assigned_by',
'assigned_at',
'approved_by',
'approved_at',
'rejection_reason',
'hours_expected',
'hours_completed',
'checked_in_at',
'checked_out_at',
];
protected function casts(): array
{
return [
'auto_approved' => 'boolean',
'assigned_at' => 'datetime',
'approved_at' => 'datetime',
'checked_in_at' => 'datetime',
'checked_out_at' => 'datetime',
];
}
public function shift(): BelongsTo
{
return $this->belongsTo(Shift::class);
}
public function person(): BelongsTo
{
return $this->belongsTo(Person::class);
}
public function timeSlot(): BelongsTo
{
return $this->belongsTo(TimeSlot::class);
}
}

46
api/app/Models/ShiftWaitlist.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
final class ShiftWaitlist extends Model
{
use HasFactory;
use HasUlids;
public $timestamps = false;
protected $table = 'shift_waitlist';
protected $fillable = [
'shift_id',
'person_id',
'position',
'added_at',
'notified_at',
];
protected function casts(): array
{
return [
'added_at' => 'datetime',
'notified_at' => 'datetime',
];
}
public function shift(): BelongsTo
{
return $this->belongsTo(Shift::class);
}
public function person(): BelongsTo
{
return $this->belongsTo(Person::class);
}
}

57
api/app/Models/TimeSlot.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
declare(strict_types=1);
namespace App\Models;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Concerns\HasUlids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Support\Carbon;
final class TimeSlot extends Model
{
use HasFactory;
use HasUlids;
protected $fillable = [
'event_id',
'name',
'person_type',
'date',
'start_time',
'end_time',
'duration_hours',
];
protected function casts(): array
{
return [
'date' => 'date',
'person_type' => 'string',
];
}
public function event(): BelongsTo
{
return $this->belongsTo(Event::class);
}
public function shifts(): HasMany
{
return $this->hasMany(Shift::class);
}
public function scopeForType(Builder $query, string $type): Builder
{
return $query->where('person_type', $type);
}
public function scopeForDate(Builder $query, Carbon $date): Builder
{
return $query->whereDate('date', $date);
}
}

20
api/app/Models/UserInvitation.php
View File

@@ -48,6 +48,26 @@ final class UserInvitation extends Model
return $this->belongsTo(Event::class);
}
public function isExpired(): bool
{
return $this->expires_at->isPast();
}
public function isPending(): bool
{
return $this->status === 'pending';
}
public function markAsAccepted(): void
{
$this->update(['status' => 'accepted']);
}
public function markAsExpired(): void
{
$this->update(['status' => 'expired']);
}
public function scopePending(Builder $query): Builder
{
return $query->where('status', 'pending');

53
api/app/Policies/CompanyPolicy.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Company;
use App\Models\Organisation;
use App\Models\User;
final class CompanyPolicy
{
public function viewAny(User $user, Organisation $organisation): bool
{
return $user->hasRole('super_admin')
|| $organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Organisation $organisation): bool
{
return $this->canManageOrganisation($user, $organisation);
}
public function update(User $user, Company $company, Organisation $organisation): bool
{
if ($company->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
public function delete(User $user, Company $company, Organisation $organisation): bool
{
if ($company->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
private function canManageOrganisation(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
return $organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
}
}

71
api/app/Policies/CrowdListPolicy.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\CrowdList;
use App\Models\Event;
use App\Models\User;
final class CrowdListPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, CrowdList $crowdList, Event $event): bool
{
if ($crowdList->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, CrowdList $crowdList, Event $event): bool
{
if ($crowdList->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function managePerson(User $user, CrowdList $crowdList, Event $event): bool
{
if ($crowdList->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

53
api/app/Policies/CrowdTypePolicy.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\CrowdType;
use App\Models\Organisation;
use App\Models\User;
final class CrowdTypePolicy
{
public function viewAny(User $user, Organisation $organisation): bool
{
return $user->hasRole('super_admin')
|| $organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Organisation $organisation): bool
{
return $this->canManageOrganisation($user, $organisation);
}
public function update(User $user, CrowdType $crowdType, Organisation $organisation): bool
{
if ($crowdType->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
public function delete(User $user, CrowdType $crowdType, Organisation $organisation): bool
{
if ($crowdType->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
private function canManageOrganisation(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
return $organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
}
}

67
api/app/Policies/FestivalSectionPolicy.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\FestivalSection;
use App\Models\User;
final class FestivalSectionPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, FestivalSection $section, Event $event): bool
{
if ($section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, FestivalSection $section, Event $event): bool
{
if ($section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function reorder(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

62
api/app/Policies/LocationPolicy.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\Location;
use App\Models\User;
final class LocationPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, Location $location, Event $event): bool
{
if ($location->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, Location $location, Event $event): bool
{
if ($location->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

12
api/app/Policies/OrganisationPolicy.php
View File

@@ -37,4 +37,16 @@ final class OrganisationPolicy
->wherePivot('role', 'org_admin')
->exists();
}
public function invite(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
return $organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
}
}

81
api/app/Policies/PersonPolicy.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\Person;
use App\Models\User;
final class PersonPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function view(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function approve(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

82
api/app/Policies/ShiftPolicy.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\FestivalSection;
use App\Models\Shift;
use App\Models\User;
final class ShiftPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function assign(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function claim(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

62
api/app/Policies/TimeSlotPolicy.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\TimeSlot;
use App\Models\User;
final class TimeSlotPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, TimeSlot $timeSlot, Event $event): bool
{
if ($timeSlot->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, TimeSlot $timeSlot, Event $event): bool
{
if ($timeSlot->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

109
api/app/Services/InvitationService.php Normal file
View File

@@ -0,0 +1,109 @@
<?php
declare(strict_types=1);
namespace App\Services;
use App\Mail\InvitationMail;
use App\Models\Organisation;
use App\Models\User;
use App\Models\UserInvitation;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
use Spatie\Activitylog\Facades\LogActivity;
final class InvitationService
{
public function invite(Organisation $org, string $email, string $role, User $invitedBy): UserInvitation
{
$existingInvitation = UserInvitation::where('email', $email)
->where('organisation_id', $org->id)
->pending()
->where('expires_at', '>', now())
->first();
if ($existingInvitation) {
throw ValidationException::withMessages([
'email' => ['Er is al een openstaande uitnodiging voor dit e-mailadres.'],
]);
}
$existingMember = $org->users()->where('email', $email)->first();
if ($existingMember) {
throw ValidationException::withMessages([
'email' => ['Gebruiker is al lid van deze organisatie.'],
]);
}
$invitation = UserInvitation::create([
'email' => $email,
'invited_by_user_id' => $invitedBy->id,
'organisation_id' => $org->id,
'role' => $role,
'token' => strtolower((string) Str::ulid()),
'status' => 'pending',
'expires_at' => now()->addDays(7),
]);
Mail::to($email)->queue(new InvitationMail($invitation));
activity('invitation')
->performedOn($invitation)
->causedBy($invitedBy)
->withProperties(['email' => $email, 'role' => $role])
->log("Invited {$email} as {$role}");
return $invitation;
}
public function accept(UserInvitation $invitation, ?string $password = null): User
{
if (! $invitation->isPending() || $invitation->isExpired()) {
throw ValidationException::withMessages([
'token' => ['Deze uitnodiging is niet meer geldig.'],
]);
}
$user = User::where('email', $invitation->email)->first();
if (! $user) {
if (! $password) {
throw ValidationException::withMessages([
'password' => ['Een wachtwoord is vereist om een nieuw account aan te maken.'],
]);
}
$user = User::create([
'name' => Str::before($invitation->email, '@'),
'email' => $invitation->email,
'password' => $password,
'email_verified_at' => now(),
]);
}
$organisation = $invitation->organisation;
if (! $organisation->users()->where('user_id', $user->id)->exists()) {
$organisation->users()->attach($user, ['role' => $invitation->role]);
}
$invitation->markAsAccepted();
activity('invitation')
->performedOn($invitation)
->causedBy($user)
->withProperties(['email' => $invitation->email])
->log("Accepted invitation for {$organisation->name}");
return $user;
}
public function expireOldInvitations(): int
{
return UserInvitation::where('status', 'pending')
->where('expires_at', '<', now())
->update(['status' => 'expired']);
}
}

2
api/config/app.php
View File

@@ -123,4 +123,6 @@ return [
'store' => env('APP_MAINTENANCE_STORE', 'database'),
],
'frontend_app_url' => env('FRONTEND_APP_URL', 'http://localhost:5174'),
];

26
api/database/factories/CompanyFactory.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
namespace Database\Factories;
use App\Models\Company;
use App\Models\Organisation;
use Illuminate\Database\Eloquent\Factories\Factory;
/** @extends Factory<Company> */
final class CompanyFactory extends Factory
{
/** @return array<string, mixed> */
public function definition(): array
{
return [
'organisation_id' => Organisation::factory(),
'name' => fake('nl_NL')->company(),
'type' => fake()->randomElement(['supplier', 'partner', 'agency', 'venue', 'other']),
'contact_name' => fake('nl_NL')->name(),
'contact_email' => fake()->companyEmail(),
'contact_phone' => fake('nl_NL')->phoneNumber(),
];
}
}

50
api/database/factories/CrowdTypeFactory.php Normal file
View File

@@ -0,0 +1,50 @@
<?php
declare(strict_types=1);
namespace Database\Factories;
use App\Models\CrowdType;
use App\Models\Organisation;
use Illuminate\Database\Eloquent\Factories\Factory;
/** @extends Factory<CrowdType> */
final class CrowdTypeFactory extends Factory
{
private const TYPES = [
'CREW' => ['name' => 'Crew', 'color' => '#3b82f6'],
'VOLUNTEER' => ['name' => 'Vrijwilliger', 'color' => '#10b981'],
'ARTIST' => ['name' => 'Artiest', 'color' => '#8b5cf6'],
'GUEST' => ['name' => 'Gast', 'color' => '#f59e0b'],
'PRESS' => ['name' => 'Pers', 'color' => '#6366f1'],
'PARTNER' => ['name' => 'Partner', 'color' => '#ec4899'],
'SUPPLIER' => ['name' => 'Leverancier', 'color' => '#64748b'],
];
/** @return array<string, mixed> */
public function definition(): array
{
$systemType = fake()->randomElement(array_keys(self::TYPES));
$typeConfig = self::TYPES[$systemType];
return [
'organisation_id' => Organisation::factory(),
'name' => $typeConfig['name'],
'system_type' => $systemType,
'color' => $typeConfig['color'],
'icon' => null,
'is_active' => true,
];
}
public function systemType(string $type): static
{
$config = self::TYPES[$type];
return $this->state(fn () => [
'system_type' => $type,
'name' => $config['name'],
'color' => $config['color'],
]);
}
}

43
api/database/factories/FestivalSectionFactory.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
declare(strict_types=1);
namespace Database\Factories;
use App\Models\Event;
use App\Models\FestivalSection;
use Illuminate\Database\Eloquent\Factories\Factory;
/** @extends Factory<FestivalSection> */
final class FestivalSectionFactory extends Factory
{
/** @return array<string, mixed> */
public function definition(): array
{
return [
'event_id' => Event::factory(),
'name' => fake()->randomElement([
'Horeca',
'Backstage',
'Overig',
'Entertainment',
'Security',
'Techniek',
]),
'type' => 'standard',
'sort_order' => fake()->numberBetween(1, 5),
'responder_self_checkin' => true,
'crew_auto_accepts' => false,
];
}
public function withSortOrder(int $order): static
{
return $this->state(fn () => ['sort_order' => $order]);
}
public function crossEvent(): static
{
return $this->state(fn () => ['type' => 'cross_event']);
}
}

34
api/database/factories/LocationFactory.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
declare(strict_types=1);
namespace Database\Factories;
use App\Models\Event;
use App\Models\Location;
use Illuminate\Database\Eloquent\Factories\Factory;
/** @extends Factory<Location> */
final class LocationFactory extends Factory
{
/** @return array<string, mixed> */
public function definition(): array
{
return [
'event_id' => Event::factory(),
'name' => fake()->randomElement([
'Hoofdpodium',
'Bar Noord',
'Bar Zuid',
'Security Gate A',
'Backstage',
'Hospitality Tent',
]),
'address' => null,
'lat' => null,
'lng' => null,
'description' => null,
'access_instructions' => null,
];
}
}

34
api/database/factories/PersonFactory.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
declare(strict_types=1);
namespace Database\Factories;
use App\Models\CrowdType;
use App\Models\Event;
use App\Models\Person;
use Illuminate\Database\Eloquent\Factories\Factory;
/** @extends Factory<Person> */
final class PersonFactory extends Factory
{
/** @return array<string, mixed> */
public function definition(): array
{
return [
'event_id' => Event::factory(),
'crowd_type_id' => CrowdType::factory(),
'name' => fake('nl_NL')->name(),
'email' => fake()->unique()->safeEmail(),
'phone' => fake('nl_NL')->phoneNumber(),
'status' => 'pending',
'is_blacklisted' => false,
'custom_fields' => null,
];
}
public function approved(): static
{
return $this->state(fn () => ['status' => 'approved']);
}
}

52
api/database/factories/ShiftFactory.php Normal file
View File

@@ -0,0 +1,52 @@
<?php
declare(strict_types=1);
namespace Database\Factories;
use App\Models\FestivalSection;
use App\Models\Shift;
use App\Models\TimeSlot;
use Illuminate\Database\Eloquent\Factories\Factory;
/** @extends Factory<Shift> */
final class ShiftFactory extends Factory
{
/** @return array<string, mixed> */
public function definition(): array
{
return [
'festival_section_id' => FestivalSection::factory(),
'time_slot_id' => TimeSlot::factory(),
'title' => fake()->randomElement([
'Tapper',
'Tussenbuffet',
'Barhoofd',
'Stage Manager',
'Stagehand',
'Coördinator',
'Runner',
]),
'slots_total' => fake()->numberBetween(1, 10),
'slots_open_for_claiming' => 0,
'status' => 'draft',
'is_lead_role' => false,
'allow_overlap' => false,
];
}
public function open(): static
{
return $this->state(fn () => ['status' => 'open']);
}
public function withClaiming(int $slots): static
{
return $this->state(fn () => ['slots_open_for_claiming' => $slots]);
}
public function allowOverlap(): static
{
return $this->state(fn () => ['allow_overlap' => true]);
}
}

33
api/database/factories/TimeSlotFactory.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
declare(strict_types=1);
namespace Database\Factories;
use App\Models\Event;
use App\Models\TimeSlot;
use Illuminate\Database\Eloquent\Factories\Factory;
/** @extends Factory<TimeSlot> */
final class TimeSlotFactory extends Factory
{
/** @return array<string, mixed> */
public function definition(): array
{
return [
'event_id' => Event::factory(),
'name' => fake()->randomElement([
'Vrijdag Avond',
'Zaterdag Dag',
'Zaterdag Avond',
'Zondag',
'Opbouw',
]),
'person_type' => 'VOLUNTEER',
'date' => fake()->dateTimeBetween('+1 month', '+3 months'),
'start_time' => '18:00:00',
'end_time' => '02:00:00',
'duration_hours' => 8.00,
];
}
}

32
api/database/migrations/2026_04_07_260000_create_locations_table.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('locations', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('event_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->string('address')->nullable();
$table->decimal('lat', 10, 8)->nullable();
$table->decimal('lng', 11, 8)->nullable();
$table->text('description')->nullable();
$table->text('access_instructions')->nullable();
$table->timestamps();
$table->index('event_id');
});
}
public function down(): void
{
Schema::dropIfExists('locations');
}
};

29
api/database/migrations/2026_04_07_270000_create_festival_sections_table.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('festival_sections', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('event_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->unsignedInteger('sort_order')->default(0);
$table->timestamps();
$table->softDeletes();
$table->index(['event_id', 'sort_order']);
});
}
public function down(): void
{
Schema::dropIfExists('festival_sections');
}
};

32
api/database/migrations/2026_04_07_280000_create_time_slots_table.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('time_slots', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('event_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->enum('person_type', ['CREW', 'VOLUNTEER', 'PRESS', 'PHOTO', 'PARTNER'])->default('VOLUNTEER');
$table->date('date');
$table->time('start_time');
$table->time('end_time');
$table->decimal('duration_hours', 4, 2)->nullable();
$table->timestamps();
$table->index(['event_id', 'person_type', 'date']);
});
}
public function down(): void
{
Schema::dropIfExists('time_slots');
}
};

28
api/database/migrations/2026_04_08_100000_remove_volunteer_min_hours_from_events.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::table('events', function (Blueprint $table) {
if (Schema::hasColumn('events', 'volunteer_min_hours_for_pass')) {
$table->dropColumn('volunteer_min_hours_for_pass');
}
});
}
public function down(): void
{
Schema::table('events', function (Blueprint $table) {
if (! Schema::hasColumn('events', 'volunteer_min_hours_for_pass')) {
$table->decimal('volunteer_min_hours_for_pass', 4, 2)->nullable()->after('status');
}
});
}
};

28
api/database/migrations/2026_04_08_110000_remove_route_geojson_from_locations.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::table('locations', function (Blueprint $table) {
if (Schema::hasColumn('locations', 'route_geojson')) {
$table->dropColumn('route_geojson');
}
});
}
public function down(): void
{
Schema::table('locations', function (Blueprint $table) {
if (! Schema::hasColumn('locations', 'route_geojson')) {
$table->json('route_geojson')->nullable()->after('access_instructions');
}
});
}
};

42
api/database/migrations/2026_04_08_120000_add_section_settings_to_festival_sections.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::table('festival_sections', function (Blueprint $table) {
$table->enum('type', ['standard', 'cross_event'])->default('standard')->after('name');
$table->unsignedInteger('crew_need')->nullable()->after('type');
$table->boolean('crew_auto_accepts')->default(false)->after('sort_order');
$table->boolean('crew_invited_to_events')->default(false)->after('crew_auto_accepts');
$table->boolean('added_to_timeline')->default(false)->after('crew_invited_to_events');
$table->boolean('responder_self_checkin')->default(true)->after('added_to_timeline');
$table->string('crew_accreditation_level')->nullable()->after('responder_self_checkin');
$table->string('public_form_accreditation_level')->nullable()->after('crew_accreditation_level');
$table->boolean('timed_accreditations')->default(false)->after('public_form_accreditation_level');
});
}
public function down(): void
{
Schema::table('festival_sections', function (Blueprint $table) {
$table->dropColumn([
'type',
'crew_need',
'crew_auto_accepts',
'crew_invited_to_events',
'added_to_timeline',
'responder_self_checkin',
'crew_accreditation_level',
'public_form_accreditation_level',
'timed_accreditations',
]);
});
}
};

44
api/database/migrations/2026_04_08_130000_create_shifts_table.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('shifts', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('festival_section_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('time_slot_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('location_id')->nullable()->constrained()->nullOnDelete();
$table->time('report_time')->nullable();
$table->string('title')->nullable();
$table->text('description')->nullable();
$table->text('instructions')->nullable();
$table->text('coordinator_notes')->nullable();
$table->unsignedInteger('slots_total');
$table->unsignedInteger('slots_open_for_claiming');
$table->boolean('is_lead_role')->default(false);
$table->time('actual_start_time')->nullable();
$table->time('actual_end_time')->nullable();
$table->date('end_date')->nullable();
$table->boolean('allow_overlap')->default(false);
$table->json('events_during_shift')->nullable();
$table->enum('status', ['draft', 'open', 'full', 'in_progress', 'completed', 'cancelled'])->default('draft');
$table->timestamps();
$table->softDeletes();
$table->index(['festival_section_id', 'time_slot_id']);
$table->index(['time_slot_id', 'status']);
});
}
public function down(): void
{
Schema::dropIfExists('shifts');
}
};

42
api/database/migrations/2026_04_08_140000_create_shift_assignments_table.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('shift_assignments', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('shift_id')->constrained()->cascadeOnDelete();
$table->char('person_id', 26);
$table->foreignUlid('time_slot_id')->constrained()->cascadeOnDelete();
$table->enum('status', ['pending_approval', 'approved', 'rejected', 'cancelled', 'completed'])->default('pending_approval');
$table->boolean('auto_approved')->default(false);
$table->foreignUlid('assigned_by')->nullable()->constrained('users')->nullOnDelete();
$table->timestamp('assigned_at')->nullable();
$table->foreignUlid('approved_by')->nullable()->constrained('users')->nullOnDelete();
$table->timestamp('approved_at')->nullable();
$table->text('rejection_reason')->nullable();
$table->decimal('hours_expected', 4, 2)->nullable();
$table->decimal('hours_completed', 4, 2)->nullable();
$table->timestamp('checked_in_at')->nullable();
$table->timestamp('checked_out_at')->nullable();
$table->timestamps();
$table->softDeletes();
$table->unique(['person_id', 'time_slot_id']);
$table->index(['shift_id', 'status']);
$table->index(['person_id', 'status']);
});
}
public function down(): void
{
Schema::dropIfExists('shift_assignments');
}
};

33
api/database/migrations/2026_04_08_150000_create_shift_check_ins_table.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('shift_check_ins', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('shift_assignment_id')->constrained()->cascadeOnDelete();
$table->char('person_id', 26);
$table->foreignUlid('shift_id')->constrained()->cascadeOnDelete();
$table->timestamp('checked_in_at');
$table->timestamp('checked_out_at')->nullable();
$table->foreignUlid('checked_in_by_user_id')->nullable()->constrained('users')->nullOnDelete();
$table->enum('method', ['qr', 'manual']);
$table->index('shift_assignment_id');
$table->index(['shift_id', 'checked_in_at']);
$table->index(['person_id', 'checked_in_at']);
});
}
public function down(): void
{
Schema::dropIfExists('shift_check_ins');
}
};

29
api/database/migrations/2026_04_08_160000_create_volunteer_availabilities_table.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('volunteer_availabilities', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->char('person_id', 26);
$table->foreignUlid('time_slot_id')->constrained()->cascadeOnDelete();
$table->tinyInteger('preference_level')->default(3);
$table->timestamp('submitted_at');
$table->unique(['person_id', 'time_slot_id']);
$table->index('time_slot_id');
});
}
public function down(): void
{
Schema::dropIfExists('volunteer_availabilities');
}
};

43
api/database/migrations/2026_04_08_170000_create_artists_table.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('artists', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('event_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->enum('booking_status', ['concept', 'requested', 'option', 'confirmed', 'contracted', 'cancelled'])->default('concept');
$table->tinyInteger('star_rating')->default(1);
$table->foreignUlid('project_leader_id')->nullable()->constrained('users')->nullOnDelete();
$table->boolean('milestone_offer_in')->default(false);
$table->boolean('milestone_offer_agreed')->default(false);
$table->boolean('milestone_confirmed')->default(false);
$table->boolean('milestone_announced')->default(false);
$table->boolean('milestone_schedule_confirmed')->default(false);
$table->boolean('milestone_itinerary_sent')->default(false);
$table->boolean('milestone_advance_sent')->default(false);
$table->boolean('milestone_advance_received')->default(false);
$table->datetime('advance_open_from')->nullable();
$table->datetime('advance_open_to')->nullable();
$table->boolean('show_advance_share_page')->default(true);
$table->char('portal_token', 26)->unique();
$table->timestamps();
$table->softDeletes();
$table->index('event_id');
});
}
public function down(): void
{
Schema::dropIfExists('artists');
}
};

37
api/database/migrations/2026_04_08_180000_create_advance_sections_table.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('advance_sections', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('artist_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->enum('type', ['guest_list', 'contacts', 'production', 'custom']);
$table->boolean('is_open')->default(false);
$table->datetime('open_from')->nullable();
$table->datetime('open_to')->nullable();
$table->unsignedInteger('sort_order')->default(0);
$table->enum('submission_status', ['open', 'pending', 'submitted', 'approved', 'declined'])->default('open');
$table->timestamp('last_submitted_at')->nullable();
$table->string('last_submitted_by')->nullable();
$table->json('submission_diff')->nullable();
$table->timestamps();
$table->index(['artist_id', 'is_open']);
$table->index(['artist_id', 'submission_status']);
});
}
public function down(): void
{
Schema::dropIfExists('advance_sections');
}
};

31
api/database/migrations/2026_04_08_200000_create_crowd_types_table.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('crowd_types', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('organisation_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->enum('system_type', ['CREW', 'GUEST', 'ARTIST', 'VOLUNTEER', 'PRESS', 'PARTNER', 'SUPPLIER']);
$table->string('color')->default('#6366f1');
$table->string('icon')->nullable();
$table->boolean('is_active')->default(true);
$table->timestamps();
$table->index(['organisation_id', 'system_type']);
});
}
public function down(): void
{
Schema::dropIfExists('crowd_types');
}
};

32
api/database/migrations/2026_04_08_210000_create_companies_table.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('companies', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('organisation_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->enum('type', ['supplier', 'partner', 'agency', 'venue', 'other']);
$table->string('contact_name')->nullable();
$table->string('contact_email')->nullable();
$table->string('contact_phone')->nullable();
$table->timestamps();
$table->softDeletes();
$table->index('organisation_id');
});
}
public function down(): void
{
Schema::dropIfExists('companies');
}
};

44
api/database/migrations/2026_04_08_220000_create_persons_table.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('persons', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('user_id')->nullable()->constrained()->nullOnDelete();
$table->foreignUlid('event_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('crowd_type_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('company_id')->nullable()->constrained()->nullOnDelete();
$table->string('name');
$table->string('email');
$table->string('phone')->nullable();
$table->enum('status', ['invited', 'applied', 'pending', 'approved', 'rejected', 'no_show'])->default('pending');
$table->boolean('is_blacklisted')->default(false);
$table->text('admin_notes')->nullable();
$table->json('custom_fields')->nullable();
$table->timestamps();
$table->softDeletes();
$table->index(['event_id', 'crowd_type_id', 'status']);
$table->index(['email', 'event_id']);
$table->index(['user_id', 'event_id']);
});
// Conditional unique: one user can only appear once per event
// MySQL doesn't support partial indexes, so we use a unique index
// that only fires when user_id is not null (handled at application level)
// The composite index (user_id, event_id) already exists above
}
public function down(): void
{
Schema::dropIfExists('persons');
}
};

32
api/database/migrations/2026_04_08_230000_create_crowd_lists_table.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('crowd_lists', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('event_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('crowd_type_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->enum('type', ['internal', 'external']);
$table->foreignUlid('recipient_company_id')->nullable()->constrained('companies')->nullOnDelete();
$table->boolean('auto_approve')->default(false);
$table->unsignedInteger('max_persons')->nullable();
$table->timestamps();
$table->index(['event_id', 'type']);
});
}
public function down(): void
{
Schema::dropIfExists('crowd_lists');
}
};

29
api/database/migrations/2026_04_08_240000_create_crowd_list_persons_table.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::create('crowd_list_persons', function (Blueprint $table) {
$table->id();
$table->foreignUlid('crowd_list_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('person_id')->constrained('persons')->cascadeOnDelete();
$table->timestamp('added_at');
$table->foreignUlid('added_by_user_id')->nullable()->constrained('users')->nullOnDelete();
$table->unique(['crowd_list_id', 'person_id']);
$table->index('person_id');
});
}
public function down(): void
{
Schema::dropIfExists('crowd_list_persons');
}
};

41
api/database/migrations/2026_04_08_250000_add_person_foreign_keys_to_existing_tables.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::table('shift_assignments', function (Blueprint $table) {
$table->foreign('person_id')->references('id')->on('persons')->cascadeOnDelete();
});
Schema::table('shift_check_ins', function (Blueprint $table) {
$table->foreign('person_id')->references('id')->on('persons')->cascadeOnDelete();
});
Schema::table('volunteer_availabilities', function (Blueprint $table) {
$table->foreign('person_id')->references('id')->on('persons')->cascadeOnDelete();
});
}
public function down(): void
{
Schema::table('shift_assignments', function (Blueprint $table) {
$table->dropForeign(['person_id']);
});
Schema::table('shift_check_ins', function (Blueprint $table) {
$table->dropForeign(['person_id']);
});
Schema::table('volunteer_availabilities', function (Blueprint $table) {
$table->dropForeign(['person_id']);
});
}
};

72
api/database/migrations/2026_04_08_300000_add_shifts_extras_and_waitlist_tables.php Normal file
View File

@@ -0,0 +1,72 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
// Add assigned_crew_id to shifts
Schema::table('shifts', function (Blueprint $table) {
$table->foreignUlid('assigned_crew_id')->nullable()->after('allow_overlap')->constrained('users')->nullOnDelete();
});
// Shift waitlist
Schema::create('shift_waitlist', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('shift_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('person_id')->constrained('persons')->cascadeOnDelete();
$table->unsignedInteger('position');
$table->timestamp('added_at');
$table->timestamp('notified_at')->nullable();
$table->unique(['shift_id', 'person_id']);
$table->index(['shift_id', 'position']);
});
// Shift absences
Schema::create('shift_absences', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('shift_assignment_id')->constrained()->cascadeOnDelete();
$table->foreignUlid('person_id')->constrained('persons')->cascadeOnDelete();
$table->enum('reason', ['sick', 'personal', 'other']);
$table->timestamp('reported_at');
$table->enum('status', ['open', 'filled', 'closed'])->default('open');
$table->timestamp('closed_at')->nullable();
$table->index('shift_assignment_id');
$table->index('status');
});
// Shift swap requests
Schema::create('shift_swap_requests', function (Blueprint $table) {
$table->ulid('id')->primary();
$table->foreignUlid('from_assignment_id')->constrained('shift_assignments')->cascadeOnDelete();
$table->foreignUlid('to_person_id')->constrained('persons')->cascadeOnDelete();
$table->text('message')->nullable();
$table->enum('status', ['pending', 'accepted', 'rejected', 'cancelled', 'completed'])->default('pending');
$table->foreignUlid('reviewed_by')->nullable()->constrained('users')->nullOnDelete();
$table->timestamp('reviewed_at')->nullable();
$table->boolean('auto_approved')->default(false);
$table->index('from_assignment_id');
$table->index(['to_person_id', 'status']);
});
}
public function down(): void
{
Schema::dropIfExists('shift_swap_requests');
Schema::dropIfExists('shift_absences');
Schema::dropIfExists('shift_waitlist');
Schema::table('shifts', function (Blueprint $table) {
$table->dropForeign(['assigned_crew_id']);
$table->dropColumn('assigned_crew_id');
});
}
};

36
api/database/migrations/2026_04_08_310000_drop_unique_person_timeslot_on_shift_assignments.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
declare(strict_types=1);
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
/**
* Drop the UNIQUE(person_id, time_slot_id) constraint on shift_assignments.
*
* Reason: shifts.allow_overlap = true must allow a person to be assigned
* to multiple shifts in the same time slot. MySQL doesn't support partial
* unique indexes, so conflict detection is handled in application code.
*
* @see SCHEMA.md section 3.5.3 shift_assignments
*/
return new class extends Migration
{
public function up(): void
{
Schema::table('shift_assignments', function (Blueprint $table) {
$table->dropUnique(['person_id', 'time_slot_id']);
// Keep the composite index for query performance
$table->index(['person_id', 'time_slot_id']);
});
}
public function down(): void
{
Schema::table('shift_assignments', function (Blueprint $table) {
$table->dropIndex(['person_id', 'time_slot_id']);
$table->unique(['person_id', 'time_slot_id']);
});
}
};

23
api/database/seeders/DevSeeder.php
View File

@@ -4,6 +4,7 @@ declare(strict_types=1);
namespace Database\Seeders;
use App\Models\CrowdType;
use App\Models\Organisation;
use App\Models\User;
use Illuminate\Database\Seeder;
@@ -76,5 +77,27 @@ class DevSeeder extends Seeder
if (!$org->users()->where('user_id', $member->id)->exists()) {
$org->users()->attach($member, ['role' => 'org_member']);
}
// 4. Default Crowd Types for Test Festival BV
$crowdTypes = [
['name' => 'Crew', 'system_type' => 'CREW', 'color' => '#3b82f6'],
['name' => 'Vrijwilliger', 'system_type' => 'VOLUNTEER', 'color' => '#10b981'],
['name' => 'Artiest', 'system_type' => 'ARTIST', 'color' => '#8b5cf6'],
['name' => 'Gast', 'system_type' => 'GUEST', 'color' => '#f59e0b'],
['name' => 'Pers', 'system_type' => 'PRESS', 'color' => '#6366f1'],
];
foreach ($crowdTypes as $ct) {
CrowdType::firstOrCreate(
[
'organisation_id' => $org->id,
'system_type' => $ct['system_type'],
],
[
'name' => $ct['name'],
'color' => $ct['color'],
],
);
}
}
}

16
api/resources/views/emails/invitation.blade.php Normal file
View File

@@ -0,0 +1,16 @@
<x-mail::message>
# Je bent uitgenodigd voor {{ $organisationName }}
{{ $inviterName }} heeft je uitgenodigd om deel te nemen als **{{ $role }}**.
<x-mail::button :url="$acceptUrl">
Uitnodiging accepteren
</x-mail::button>
Deze uitnodiging verloopt op **{{ $expiresAt->format('d-m-Y H:i') }}** (over 7 dagen).
Als je deze uitnodiging niet verwacht hebt, kun je deze e-mail negeren.
Met vriendelijke groet,<br>
{{ config('app.name') }}
</x-mail::message>

55
api/routes/api.php
View File

@@ -2,11 +2,21 @@
declare(strict_types=1);
use App\Http\Controllers\Api\V1\CompanyController;
use App\Http\Controllers\Api\V1\CrowdListController;
use App\Http\Controllers\Api\V1\CrowdTypeController;
use App\Http\Controllers\Api\V1\EventController;
use App\Http\Controllers\Api\V1\FestivalSectionController;
use App\Http\Controllers\Api\V1\InvitationController;
use App\Http\Controllers\Api\V1\LocationController;
use App\Http\Controllers\Api\V1\LoginController;
use App\Http\Controllers\Api\V1\LogoutController;
use App\Http\Controllers\Api\V1\MeController;
use App\Http\Controllers\Api\V1\MemberController;
use App\Http\Controllers\Api\V1\OrganisationController;
use App\Http\Controllers\Api\V1\PersonController;
use App\Http\Controllers\Api\V1\ShiftController;
use App\Http\Controllers\Api\V1\TimeSlotController;
use Illuminate\Support\Facades\Route;
/*
@@ -28,6 +38,10 @@ Route::get('/', fn () => response()->json([
// Public auth routes
Route::post('auth/login', LoginController::class);
// Public invitation routes (no auth required)
Route::get('invitations/{token}', [InvitationController::class, 'show']);
Route::post('invitations/{token}/accept', [InvitationController::class, 'accept']);
// Protected routes
Route::middleware('auth:sanctum')->group(function () {
// Auth
@@ -41,4 +55,45 @@ Route::middleware('auth:sanctum')->group(function () {
// Events (nested under organisations)
Route::apiResource('organisations.events', EventController::class)
->only(['index', 'show', 'store', 'update']);
// Organisation-scoped resources
Route::prefix('organisations/{organisation}')->group(function () {
Route::apiResource('crowd-types', CrowdTypeController::class)
->except(['show']);
Route::apiResource('companies', CompanyController::class)
->except(['show']);
// Invitations & Members
Route::post('invite', [InvitationController::class, 'invite']);
Route::delete('invitations/{invitation}', [InvitationController::class, 'revoke']);
Route::get('members', [MemberController::class, 'index']);
Route::put('members/{user}', [MemberController::class, 'update']);
Route::delete('members/{user}', [MemberController::class, 'destroy']);
});
// Event-scoped resources
Route::prefix('events/{event}')->group(function () {
Route::apiResource('locations', LocationController::class)
->except(['show']);
Route::apiResource('sections', FestivalSectionController::class)
->except(['show']);
Route::post('sections/reorder', [FestivalSectionController::class, 'reorder']);
Route::apiResource('time-slots', TimeSlotController::class)
->except(['show']);
// Shifts nested under sections
Route::prefix('sections/{section}')->group(function () {
Route::apiResource('shifts', ShiftController::class)
->except(['show']);
Route::post('shifts/{shift}/assign', [ShiftController::class, 'assign']);
Route::post('shifts/{shift}/claim', [ShiftController::class, 'claim']);
});
Route::apiResource('persons', PersonController::class);
Route::post('persons/{person}/approve', [PersonController::class, 'approve']);
Route::apiResource('crowd-lists', CrowdListController::class)
->except(['show']);
Route::post('crowd-lists/{crowdList}/persons', [CrowdListController::class, 'addPerson']);
Route::delete('crowd-lists/{crowdList}/persons/{person}', [CrowdListController::class, 'removePerson']);
});
});

Some files were not shown because too many files have changed in this diff Show More