bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
036fb3002fc60543a3657df9f9b3549b9738ebf5
crewli/api/app/Http/Controllers/Api/V1/PersonController.php
bert.hausmans c4a23b6763 feat: passwordless registration — defer account creation to approval 
Removes password from the volunteer registration form. Account
creation is now deferred to the approval step:

Backend:
- Registration creates Person without User (user_id=null)
- On approval, system finds or creates User by person.email
- New accounts get a "set password" email with activation link
- Existing accounts get a portal link email
- Added registration_source column to persons (self/organizer)
- Fuzzy name matching skipped for self-registered persons
- person.email is always source of truth for account linking

Frontend:
- Registration form no longer collects password
- Email check shows info alert with login suggestion
- New wachtwoord-instellen.vue page for account activation
- PasswordRequirements.vue component (reused on reset page)
- Success page updated with activation messaging

Tests: 837 passed (all updated for new flow)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 03:27:47 +02:00

260 lines
9.7 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Enums\EmailTemplateType;
use App\Enums\PersonStatus;
use App\Http\Controllers\Controller;
use App\Http\Controllers\Api\V1\Traits\VerifiesOrganisationEvent;
use App\Http\Requests\Api\V1\StorePersonFromMemberRequest;
use App\Http\Requests\Api\V1\StorePersonRequest;
use App\Http\Requests\Api\V1\UpdatePersonRequest;
use App\Http\Resources\Api\V1\PersonCollection;
use App\Http\Resources\Api\V1\PersonResource;
use App\Models\Event;
use App\Models\Organisation;
use App\Models\Person;
use App\Models\User;
use App\Services\EmailService;
use App\Services\PersonIdentityService;
use App\Services\TagSyncService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Gate;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
final class PersonController extends Controller
{
use VerifiesOrganisationEvent;
public function __construct(
private readonly PersonIdentityService $identityService,
private readonly TagSyncService $tagSyncService,
private readonly EmailService $emailService,
) {}
public function index(Request $request, Organisation $organisation, Event $event): PersonCollection
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('viewAny', [Person::class, $event]);
$query = $event->persons()->with(['crowdType', 'pendingIdentityMatch.matchedUser', 'user']);
if ($request->filled('crowd_type_id')) {
$query->where('crowd_type_id', $request->input('crowd_type_id'));
}
if ($request->filled('status')) {
$query->where('status', $request->input('status'));
}
if ($request->filled('tag')) {
$organisation = $event->organisation;
$query->whereHas('user', function ($q) use ($request, $organisation) {
$q->whereHas('organisationTags', function ($q2) use ($request, $organisation) {
$q2->where('organisation_id', $organisation->id)
->where('person_tag_id', $request->input('tag'));
});
});
}
if ($request->filled('tags')) {
$organisation = $event->organisation;
$tagIds = explode(',', $request->input('tags'));
foreach ($tagIds as $tagId) {
$query->whereHas('user', function ($q) use ($tagId, $organisation) {
$q->whereHas('organisationTags', function ($q2) use ($tagId, $organisation) {
$q2->where('organisation_id', $organisation->id)
->where('person_tag_id', $tagId);
});
});
}
}
return new PersonCollection($query->get());
}
public function show(Organisation $organisation, Event $event, Person $person): JsonResponse
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('view', [$person, $event]);
$person->load(['crowdType', 'company', 'user', 'pendingIdentityMatch.matchedUser']);
return $this->success(new PersonResource($person));
}
public function store(StorePersonRequest $request, Organisation $organisation, Event $event): JsonResponse
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('create', [Person::class, $event]);
$person = $event->persons()->create($request->validated());
// Identity match detection is handled automatically by PersonObserver
return $this->created(new PersonResource($person->fresh()->load('crowdType')));
}
public function update(UpdatePersonRequest $request, Organisation $organisation, Event $event, Person $person): JsonResponse
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('update', [$person, $event]);
$person->update($request->validated());
$person->load(['crowdType', 'company']);
return $this->success(new PersonResource($person->fresh()->load(['crowdType', 'company'])));
}
public function destroy(Organisation $organisation, Event $event, Person $person): JsonResponse
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('delete', [$person, $event]);
$person->delete();
return response()->json(null, 204);
}
public function createFromMember(StorePersonFromMemberRequest $request, Organisation $organisation, Event $event): JsonResponse
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('create', [Person::class, $event]);
$user = User::findOrFail($request->validated('user_id'));
if (Person::withoutGlobalScopes()->where('event_id', $event->id)->where('user_id', $user->id)->exists()) {
throw ValidationException::withMessages([
'user_id' => ['Dit lid is al toegevoegd aan dit evenement.'],
]);
}
if (!$user->organisations()->where('organisations.id', $event->organisation_id)->exists()) {
throw ValidationException::withMessages([
'user_id' => ['Dit lid behoort niet tot deze organisatie.'],
]);
}
$person = Person::create([
'event_id' => $event->id,
'crowd_type_id' => $request->validated('crowd_type_id'),
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'email' => $user->email,
'status' => PersonStatus::APPROVED->value,
]);
$person->user_id = $user->id;
$person->save();
activity()
->causedBy(auth()->user())
->performedOn($person)
->withProperties(['source' => 'from_member', 'user_name' => $user->full_name])
->log('person.created_from_member');
return $this->created(new PersonResource($person->load('crowdType')));
}
public function approve(Organisation $organisation, Event $event, Person $person): JsonResponse
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('approve', [$person, $event]);
$person->update(['status' => 'approved']);
// Link person to user account (create if needed) using person.email as source of truth
$userCreated = false;
if ($person->email && ! $person->user_id) {
$user = User::where('email', strtolower($person->email))->first();
if (! $user) {
$user = User::create([
'first_name' => $person->first_name,
'last_name' => $person->last_name,
'email' => strtolower($person->email),
'password' => Hash::make(Str::random(40)),
]);
$userCreated = true;
}
$person->user_id = $user->id;
$person->save();
}
$this->tagSyncService->syncFromRegistration($person);
if ($person->email) {
$portalUrl = config('app.frontend_portal_url');
if ($userCreated) {
// New account — send "set password" email with token
$user = User::find($person->user_id);
$token = Password::broker()->createToken($user);
$actionUrl = $portalUrl . '/wachtwoord-instellen?token=' . $token . '&email=' . urlencode($user->email);
} else {
// Existing account — send portal link
$actionUrl = $portalUrl . '/evenementen';
}
$this->emailService->send(
type: EmailTemplateType::REGISTRATION_APPROVED,
recipientEmail: $person->email,
recipientName: trim($person->first_name . ' ' . $person->last_name),
variables: [
'event_name' => $event->name,
'organisation_name' => $organisation->name,
],
actionUrl: $actionUrl,
organisation: $organisation,
eventId: $event->id,
personId: $person->id,
triggeredByUserId: auth()->id(),
);
}
activity('registration')
->causedBy(auth()->user())
->performedOn($person)
->withProperties([
'user_created' => $userCreated,
'user_email' => $person->email,
])
->log('person.approved');
return $this->success(new PersonResource($person->fresh()->load('crowdType')));
}
public function reject(Request $request, Organisation $organisation, Event $event, Person $person): JsonResponse
{
$this->verifyEventBelongsToOrganisation($organisation, $event);
Gate::authorize('approve', [$person, $event]);
$person->update(['status' => 'rejected']);
if ($person->email) {
$this->emailService->send(
type: EmailTemplateType::REGISTRATION_REJECTED,
recipientEmail: $person->email,
recipientName: trim($person->first_name . ' ' . $person->last_name),
variables: [
'event_name' => $event->name,
'organisation_name' => $organisation->name,
],
organisation: $organisation,
eventId: $event->id,
personId: $person->id,
triggeredByUserId: auth()->id(),
);
}
return $this->success(new PersonResource($person->fresh()->load('crowdType')));
}
}
Reference in New Issue View Git Blame Copy Permalink