bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: fase 2 backend — crowd types, persons, sections, shifts, invite flow

Browse Source 
- Crowd Types + Persons CRUD (73 tests)
- Festival Sections + Time Slots + Shifts CRUD met assign/claim flow (84 tests)
- Invite Flow + Member Management met InvitationService (109 tests)
- Schema v1.6 migraties volledig uitgevoerd
- DevSeeder bijgewerkt met crowd types voor testorganisatie
This commit is contained in:
bert.hausmans
2026-04-08 01:34:46 +02:00
parent c417a6647a
commit 9acb27af3a
114 changed files with 6916 additions and 984 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
api/app/Policies/CompanyPolicy.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Company;
use App\Models\Organisation;
use App\Models\User;
final class CompanyPolicy
{
public function viewAny(User $user, Organisation $organisation): bool
{
return $user->hasRole('super_admin')
|| $organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Organisation $organisation): bool
{
return $this->canManageOrganisation($user, $organisation);
}
public function update(User $user, Company $company, Organisation $organisation): bool
{
if ($company->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
public function delete(User $user, Company $company, Organisation $organisation): bool
{
if ($company->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
private function canManageOrganisation(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
return $organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
}
}

71
api/app/Policies/CrowdListPolicy.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\CrowdList;
use App\Models\Event;
use App\Models\User;
final class CrowdListPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, CrowdList $crowdList, Event $event): bool
{
if ($crowdList->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, CrowdList $crowdList, Event $event): bool
{
if ($crowdList->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function managePerson(User $user, CrowdList $crowdList, Event $event): bool
{
if ($crowdList->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

53
api/app/Policies/CrowdTypePolicy.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\CrowdType;
use App\Models\Organisation;
use App\Models\User;
final class CrowdTypePolicy
{
public function viewAny(User $user, Organisation $organisation): bool
{
return $user->hasRole('super_admin')
|| $organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Organisation $organisation): bool
{
return $this->canManageOrganisation($user, $organisation);
}
public function update(User $user, CrowdType $crowdType, Organisation $organisation): bool
{
if ($crowdType->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
public function delete(User $user, CrowdType $crowdType, Organisation $organisation): bool
{
if ($crowdType->organisation_id !== $organisation->id) {
return false;
}
return $this->canManageOrganisation($user, $organisation);
}
private function canManageOrganisation(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
return $organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
}
}

67
api/app/Policies/FestivalSectionPolicy.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\FestivalSection;
use App\Models\User;
final class FestivalSectionPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, FestivalSection $section, Event $event): bool
{
if ($section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, FestivalSection $section, Event $event): bool
{
if ($section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function reorder(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

62
api/app/Policies/LocationPolicy.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\Location;
use App\Models\User;
final class LocationPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, Location $location, Event $event): bool
{
if ($location->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, Location $location, Event $event): bool
{
if ($location->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

12
api/app/Policies/OrganisationPolicy.php
View File

@@ -37,4 +37,16 @@ final class OrganisationPolicy
->wherePivot('role', 'org_admin')
->exists();
}
public function invite(User $user, Organisation $organisation): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
return $organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
}
}

81
api/app/Policies/PersonPolicy.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\Person;
use App\Models\User;
final class PersonPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function view(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function approve(User $user, Person $person, Event $event): bool
{
if ($person->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

82
api/app/Policies/ShiftPolicy.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\FestivalSection;
use App\Models\Shift;
use App\Models\User;
final class ShiftPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function assign(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function claim(User $user, Shift $shift, Event $event, FestivalSection $section): bool
{
if ($shift->festival_section_id !== $section->id || $section->event_id !== $event->id) {
return false;
}
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}

62
api/app/Policies/TimeSlotPolicy.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use App\Models\Event;
use App\Models\TimeSlot;
use App\Models\User;
final class TimeSlotPolicy
{
public function viewAny(User $user, Event $event): bool
{
return $user->hasRole('super_admin')
|| $event->organisation->users()->where('user_id', $user->id)->exists();
}
public function create(User $user, Event $event): bool
{
return $this->canManageEvent($user, $event);
}
public function update(User $user, TimeSlot $timeSlot, Event $event): bool
{
if ($timeSlot->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
public function delete(User $user, TimeSlot $timeSlot, Event $event): bool
{
if ($timeSlot->event_id !== $event->id) {
return false;
}
return $this->canManageEvent($user, $event);
}
private function canManageEvent(User $user, Event $event): bool
{
if ($user->hasRole('super_admin')) {
return true;
}
$isOrgAdmin = $event->organisation->users()
->where('user_id', $user->id)
->wherePivot('role', 'org_admin')
->exists();
if ($isOrgAdmin) {
return true;
}
return $event->users()
->where('user_id', $user->id)
->wherePivot('role', 'event_manager')
->exists();
}
}