bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3400e4cc7eb56c5e45c2f795b0464b42bf2e850c
crewli/api/app/Services/InvitationService.php
bert.hausmans 4b182b449a feat: person identity matching with detection, confirmation and audit trail 
Implements enterprise-grade identity resolution (detect → suggest → confirm)
for Person ↔ User linking. Matches are detected automatically on person
creation and user account creation, then surfaced to organisers for explicit
confirmation or dismissal. No silent auto-linking.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 12:50:25 +02:00

112 lines
3.5 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Services;
use App\Mail\InvitationMail;
use App\Models\Organisation;
use App\Models\User;
use App\Models\UserInvitation;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
use Spatie\Activitylog\Facades\LogActivity;
final class InvitationService
{
public function invite(Organisation $org, string $email, string $role, User $invitedBy): UserInvitation
{
$existingInvitation = UserInvitation::where('email', $email)
->where('organisation_id', $org->id)
->pending()
->where('expires_at', '>', now())
->first();
if ($existingInvitation) {
throw ValidationException::withMessages([
'email' => ['Er is al een openstaande uitnodiging voor dit e-mailadres.'],
]);
}
$existingMember = $org->users()->where('email', $email)->first();
if ($existingMember) {
throw ValidationException::withMessages([
'email' => ['Gebruiker is al lid van deze organisatie.'],
]);
}
$invitation = UserInvitation::create([
'email' => $email,
'invited_by_user_id' => $invitedBy->id,
'organisation_id' => $org->id,
'role' => $role,
'token' => strtolower((string) Str::ulid()),
'status' => 'pending',
'expires_at' => now()->addDays(7),
]);
Mail::to($email)->queue(new InvitationMail($invitation));
activity('invitation')
->performedOn($invitation)
->causedBy($invitedBy)
->withProperties(['email' => $email, 'role' => $role])
->log("Invited {$email} as {$role}");
return $invitation;
}
public function accept(UserInvitation $invitation, ?string $password = null): User
{
if (! $invitation->isPending() || $invitation->isExpired()) {
throw ValidationException::withMessages([
'token' => ['Deze uitnodiging is niet meer geldig.'],
]);
}
$user = User::where('email', $invitation->email)->first();
if (! $user) {
if (! $password) {
throw ValidationException::withMessages([
'password' => ['Een wachtwoord is vereist om een nieuw account aan te maken.'],
]);
}
$user = User::create([
'name' => Str::before($invitation->email, '@'),
'email' => $invitation->email,
'password' => $password,
'email_verified_at' => now(),
]);
app(PersonIdentityService::class)->detectMatchesForUser($user);
}
$organisation = $invitation->organisation;
if (! $organisation->users()->where('user_id', $user->id)->exists()) {
$organisation->users()->attach($user, ['role' => $invitation->role]);
}
$invitation->markAsAccepted();
activity('invitation')
->performedOn($invitation)
->causedBy($user)
->withProperties(['email' => $invitation->email])
->log("Accepted invitation for {$organisation->name}");
return $user;
}
public function expireOldInvitations(): int
{
return UserInvitation::where('status', 'pending')
->where('expires_at', '<', now())
->update(['status' => 'expired']);
}
}
Reference in New Issue View Git Blame Copy Permalink