bert.hausmans
7932e53daf
Move all authenticated organiser-facing event sub-resource routes from
/events/{event}/... to /organisations/{organisation}/events/{event}/...
to enforce multi-tenancy at the routing layer.
Changes:
- Routes: restructured api.php to nest all event sub-resources under
the existing organisation prefix group
- Controllers: added Organisation parameter and VerifiesOrganisationEvent
trait to all 12 affected controllers (sections, time-slots, shifts,
persons, crowd-lists, locations, shift-assignments, registration-fields,
availabilities, field-values, section-preferences, stats)
- Tests: updated all 20 feature test files with new route paths
- Frontend: updated 8 API composables and 20 Vue components/pages
- API.md: updated documentation to reflect new route structure
Portal routes, public routes (volunteer-register), and invitation routes
remain unchanged as they operate without organisation context.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
112 lines
4.1 KiB
PHP
112 lines
4.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Http\Controllers\Api\V1;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Http\Controllers\Api\V1\Traits\VerifiesOrganisationEvent;
|
|
use App\Http\Requests\Api\V1\SyncVolunteerAvailabilityRequest;
|
|
use App\Models\Event;
|
|
use App\Models\Organisation;
|
|
use App\Models\Person;
|
|
use App\Models\TimeSlot;
|
|
use App\Models\VolunteerAvailability;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Support\Facades\Gate;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
final class VolunteerAvailabilityController extends Controller
|
|
{
|
|
use VerifiesOrganisationEvent;
|
|
|
|
public function index(Organisation $organisation, Event $event, Person $person): JsonResponse
|
|
{
|
|
$this->verifyEventBelongsToOrganisation($organisation, $event);
|
|
Gate::authorize('view', [$person, $event]);
|
|
|
|
$availabilities = VolunteerAvailability::where('person_id', $person->id)
|
|
->with('timeSlot')
|
|
->get()
|
|
->map(fn (VolunteerAvailability $a) => [
|
|
'id' => $a->id,
|
|
'time_slot_id' => $a->time_slot_id,
|
|
'preference_level' => $a->preference_level,
|
|
'submitted_at' => $a->submitted_at?->toIso8601String(),
|
|
'time_slot' => $a->timeSlot ? [
|
|
'id' => $a->timeSlot->id,
|
|
'name' => $a->timeSlot->name,
|
|
'date' => $a->timeSlot->date?->toDateString(),
|
|
'start_time' => $a->timeSlot->start_time,
|
|
'end_time' => $a->timeSlot->end_time,
|
|
] : null,
|
|
]);
|
|
|
|
return response()->json(['data' => $availabilities]);
|
|
}
|
|
|
|
/**
|
|
* @throws ValidationException
|
|
*/
|
|
public function sync(SyncVolunteerAvailabilityRequest $request, Organisation $organisation, Event $event, Person $person): JsonResponse
|
|
{
|
|
$this->verifyEventBelongsToOrganisation($organisation, $event);
|
|
Gate::authorize('update', [$person, $event]);
|
|
|
|
$availabilities = $request->validated('availabilities');
|
|
|
|
// Validate all time_slot_ids belong to the event (or parent festival)
|
|
$validTimeSlotIds = $event->getAllRelevantTimeSlots()->pluck('id')->toArray();
|
|
|
|
$invalidSlots = collect($availabilities)
|
|
->pluck('time_slot_id')
|
|
->diff($validTimeSlotIds);
|
|
|
|
if ($invalidSlots->isNotEmpty()) {
|
|
throw ValidationException::withMessages([
|
|
'availabilities' => ['Een of meer tijdsloten behoren niet tot dit evenement.'],
|
|
]);
|
|
}
|
|
|
|
// Validate time slots have person_type matching the person's crowd_type system_type
|
|
$personSystemType = $person->crowdType?->system_type;
|
|
if ($personSystemType !== null) {
|
|
$requestedSlotIds = collect($availabilities)->pluck('time_slot_id')->toArray();
|
|
$mismatchedSlots = TimeSlot::whereIn('id', $requestedSlotIds)
|
|
->where('person_type', '!=', $personSystemType)
|
|
->exists();
|
|
|
|
if ($mismatchedSlots) {
|
|
throw ValidationException::withMessages([
|
|
'availabilities' => ['Een of meer tijdsloten komen niet overeen met het type van deze persoon.'],
|
|
]);
|
|
}
|
|
}
|
|
|
|
// Delete existing availabilities for this person
|
|
VolunteerAvailability::where('person_id', $person->id)->delete();
|
|
|
|
// Create new availabilities
|
|
$now = now();
|
|
foreach ($availabilities as $item) {
|
|
VolunteerAvailability::create([
|
|
'person_id' => $person->id,
|
|
'time_slot_id' => $item['time_slot_id'],
|
|
'preference_level' => $item['preference_level'] ?? 3,
|
|
'submitted_at' => $now,
|
|
]);
|
|
}
|
|
|
|
activity('volunteer_availability')
|
|
->causedBy($request->user())
|
|
->performedOn($person)
|
|
->withProperties([
|
|
'count' => count($availabilities),
|
|
'time_slot_ids' => collect($availabilities)->pluck('time_slot_id')->toArray(),
|
|
])
|
|
->log('volunteer_availability.synced');
|
|
|
|
return $this->success(null, 'Beschikbaarheid opgeslagen.');
|
|
}
|
|
}
|