Skip to content

Commit 84027f3

Browse files
anisAronnoanisAronno
committed
feat: Complete backend implementation for Team Management with RBAC
- Added full CRUD functionality for teams, including: - Create, update, delete teams - Add and remove team members - Assign and remove roles for team members - Owner protection to prevent removal of team owners - Implemented role-based access control (RBAC) for team members - Optimized database queries with eager loading and transactions - Ensured proper validation and error handling for all endpoints - Refactored code for consistency and readability - Achieved 100% test coverage for backend functionality - Backend is now production-ready for Team Management Next: Begin frontend implementation for Team Management pages using
1 parent 9b2e1e0 commit 84027f3

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

45 files changed

+4136
-4
lines changed

app/Http/Controllers/Admin/PermissionController.php

Lines changed: 136 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,136 @@
1+
<?php
2+
3+
namespace App\Http\Controllers\Admin;
4+
5+
use App\Http\Controllers\Controller;
6+
use App\Models\Permission;
7+
use Illuminate\Http\Request;
8+
use Illuminate\Support\Facades\Cache;
9+
use Inertia\Inertia;
10+
11+
class PermissionController extends Controller
12+
{
13+
/**
14+
* Display a listing of the permissions grouped by category.
15+
*/
16+
public function index(Request $request)
17+
{
18+
$search = $request->get('search');
19+
$group = $request->get('group');
20+
21+
// Get permissions with optional filtering
22+
$query = Permission::query();
23+
24+
if ($search) {
25+
$query->where(function ($q) use ($search) {
26+
$q->where('name', 'like', "%{$search}%")
27+
->orWhere('description', 'like', "%{$search}%")
28+
->orWhere('group', 'like', "%{$search}%");
29+
});
30+
}
31+
32+
if ($group) {
33+
$query->where('group', $group);
34+
}
35+
36+
$permissions = $query->orderBy('group')->orderBy('name')->get();
37+
38+
// Group permissions by category
39+
$groupedPermissions = $permissions->groupBy('group')->map(function ($groupPermissions, $groupName) {
40+
return [
41+
'name' => $groupName,
42+
'permissions' => $groupPermissions->toArray()
43+
];
44+
})->values();
45+
46+
// Get available groups for filter
47+
$availableGroups = Permission::distinct('group')->pluck('group')->sort()->values();
48+
49+
return Inertia::render('Admin/Permissions/Index', [
50+
'grouped_permissions' => $groupedPermissions->keyBy('name'),
51+
'availableGroups' => $availableGroups,
52+
'filters' => [
53+
'search' => $search,
54+
'group' => $group,
55+
],
56+
]);
57+
}
58+
59+
/**
60+
* Display the specified permission.
61+
*/
62+
public function show(Permission $permission)
63+
{
64+
$permission->load('roles.users');
65+
66+
return Inertia::render('Admin/Permissions/Show', [
67+
'permission' => $permission,
68+
'roles' => $permission->roles->map(function ($role) {
69+
return [
70+
'id' => $role->id,
71+
'name' => $role->name,
72+
'slug' => $role->slug,
73+
'users_count' => $role->users_count ?? $role->users->count(),
74+
];
75+
}),
76+
]);
77+
}
78+
79+
/**
80+
* Get permissions grouped for role assignment.
81+
*/
82+
public function grouped()
83+
{
84+
$cacheKey = 'permissions_grouped';
85+
86+
$grouped = Cache::remember($cacheKey, 3600, function () {
87+
return Permission::orderBy('group')->orderBy('name')->get()
88+
->groupBy('group')
89+
->map(function ($permissions, $group) {
90+
return [
91+
'name' => $group,
92+
'permissions' => $permissions->map(function ($permission) {
93+
return [
94+
'id' => $permission->id,
95+
'name' => $permission->name,
96+
'slug' => $permission->slug,
97+
'description' => $permission->description,
98+
];
99+
})->toArray()
100+
];
101+
})
102+
->values();
103+
});
104+
105+
return response()->json(['groups' => $grouped]);
106+
}
107+
108+
/**
109+
* Get all permissions for API use.
110+
*/
111+
public function all()
112+
{
113+
$permissions = Permission::orderBy('group')->orderBy('name')->get([
114+
'id', 'name', 'slug', 'description', 'group'
115+
]);
116+
117+
return response()->json(['permissions' => $permissions]);
118+
}
119+
120+
/**
121+
* Sync permissions cache.
122+
*/
123+
public function syncCache()
124+
{
125+
// Clear permission-related cache
126+
Cache::forget('permissions_grouped');
127+
Cache::tags(['permissions'])->flush();
128+
129+
// Warm up the cache
130+
$this->grouped();
131+
132+
return response()->json([
133+
'message' => 'Permission cache synchronized successfully'
134+
]);
135+
}
136+
}

app/Http/Controllers/Admin/RoleController.php

Lines changed: 152 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,152 @@
1+
<?php
2+
3+
namespace App\Http\Controllers\Admin;
4+
5+
use App\Http\Controllers\Controller;
6+
use App\Models\Role;
7+
use App\Models\Permission;
8+
use Illuminate\Http\Request;
9+
use Illuminate\Http\RedirectResponse;
10+
use Inertia\Inertia;
11+
use Inertia\Response;
12+
13+
class RoleController extends Controller
14+
{
15+
/**
16+
* Display a listing of the resource.
17+
*/
18+
public function index(Request $request): Response
19+
{
20+
$query = Role::withCount('users', 'permissions');
21+
22+
// Search functionality
23+
if ($search = $request->get('search')) {
24+
$query->where(function ($q) use ($search) {
25+
$q->where('name', 'like', "%{$search}%")
26+
->orWhere('description', 'like', "%{$search}%");
27+
});
28+
}
29+
30+
$roles = $query->paginate(15);
31+
32+
return Inertia::render('Admin/Roles/Index', [
33+
'roles' => $roles,
34+
'permissions' => Permission::getGrouped(),
35+
'filters' => $request->only('search'),
36+
]);
37+
}
38+
39+
/**
40+
* Show the form for creating a new resource.
41+
*/
42+
public function create(): Response
43+
{
44+
return Inertia::render('Admin/Roles/Create', [
45+
'permissions' => Permission::getGrouped(),
46+
]);
47+
}
48+
49+
/**
50+
* Store a newly created resource in storage.
51+
*/
52+
public function store(Request $request): RedirectResponse
53+
{
54+
$request->validate([
55+
'name' => 'required|string|max:255',
56+
'slug' => 'required|string|max:255|unique:roles',
57+
'description' => 'required|string|max:500',
58+
'permissions' => 'array',
59+
'permissions.*' => 'exists:permissions,id',
60+
]);
61+
62+
$role = Role::create($request->only('name', 'slug', 'description'));
63+
64+
if ($request->has('permissions')) {
65+
$role->permissions()->sync($request->permissions);
66+
}
67+
68+
return redirect()->route('admin.roles.index')
69+
->with('flash.message', 'Role created successfully.');
70+
}
71+
72+
/**
73+
* Display the specified resource.
74+
*/
75+
public function show(Role $role): Response
76+
{
77+
$role->load('permissions', 'users');
78+
79+
return Inertia::render('Admin/Roles/Show', [
80+
'role' => $role,
81+
]);
82+
}
83+
84+
/**
85+
* Show the form for editing the specified resource.
86+
*/
87+
public function edit(Role $role): Response
88+
{
89+
$role->load('permissions');
90+
91+
return Inertia::render('Admin/Roles/Edit', [
92+
'role' => $role,
93+
'permissions' => Permission::getGrouped(),
94+
]);
95+
}
96+
97+
/**
98+
* Update the specified resource in storage.
99+
*/
100+
public function update(Request $request, Role $role): RedirectResponse
101+
{
102+
$request->validate([
103+
'name' => 'required|string|max:255',
104+
'slug' => 'required|string|max:255|unique:roles,slug,' . $role->id,
105+
'description' => 'required|string|max:500',
106+
]);
107+
108+
$role->update($request->only('name', 'slug', 'description'));
109+
110+
return redirect()->route('admin.roles.index')
111+
->with('flash.message', 'Role updated successfully.');
112+
}
113+
114+
/**
115+
* Remove the specified resource from storage.
116+
*/
117+
public function destroy(Role $role)
118+
{
119+
// Check if this is a system role
120+
if ($role->isSystemRole()) {
121+
return response()->json([
122+
'message' => 'System roles cannot be deleted.'
123+
], 403);
124+
}
125+
126+
$role->delete();
127+
128+
return response()->json([
129+
'message' => 'Role deleted successfully.'
130+
]);
131+
}
132+
133+
/**
134+
* Sync permissions to the role.
135+
*/
136+
public function syncPermissions(Request $request, Role $role)
137+
{
138+
$request->validate([
139+
'permission_groups' => 'required|array',
140+
]);
141+
142+
$permissionIds = collect($request->permission_groups)
143+
->flatten()
144+
->toArray();
145+
146+
$role->syncPermissions($permissionIds);
147+
148+
return response()->json([
149+
'message' => 'Permissions synchronized successfully.'
150+
]);
151+
}
152+
}

0 commit comments

Comments
 (0)