bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0d24506c8980f69263a2069c83cc7c276f668223
crewli/api/app/Http/Controllers/Api/V1/EventController.php
bert.hausmans 0d24506c89 feat: consolidate frontend API layer, add query-client, and harden backend Fase 1 
Frontend:
- Consolidate duplicate API layers into single src/lib/axios.ts per app
- Remove src/lib/api-client.ts and src/utils/api.ts (admin)
- Add src/lib/query-client.ts with TanStack Query config per app
- Update all imports and auto-import config

Backend:
- Fix organisations.billing_status default to 'trial'
- Fix user_invitations.invited_by_user_id to nullOnDelete
- Add MeResource with separated app_roles and pivot-based org roles
- Add cross-org check to EventPolicy view() and update()
- Restrict EventPolicy create/update to org_admin/event_manager (not org_member)
- Attach creator as org_admin on organisation store
- Add query scopes to Event and UserInvitation models
- Improve factories with Dutch test data
- Expand test suite from 29 to 41 tests (90 assertions)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 17:35:34 +02:00

55 lines
1.6 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StoreEventRequest;
use App\Http\Requests\Api\V1\UpdateEventRequest;
use App\Http\Resources\Api\V1\EventResource;
use App\Models\Event;
use App\Models\Organisation;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Support\Facades\Gate;
final class EventController extends Controller
{
public function index(Organisation $organisation): AnonymousResourceCollection
{
Gate::authorize('viewAny', [Event::class, $organisation]);
$events = $organisation->events()
->latest('start_date')
->paginate();
return EventResource::collection($events);
}
public function show(Organisation $organisation, Event $event): JsonResponse
{
Gate::authorize('view', [$event, $organisation]);
return $this->success(new EventResource($event->load('organisation')));
}
public function store(StoreEventRequest $request, Organisation $organisation): JsonResponse
{
Gate::authorize('create', [Event::class, $organisation]);
$event = $organisation->events()->create($request->validated());
return $this->created(new EventResource($event));
}
public function update(UpdateEventRequest $request, Organisation $organisation, Event $event): JsonResponse
{
Gate::authorize('update', [$event, $organisation]);
$event->update($request->validated());
return $this->success(new EventResource($event->fresh()));
}
}
Reference in New Issue View Git Blame Copy Permalink