feat: implement role synchronization and update roles endpoint in UserIdentityController

aspirantzhang · aspirantzhang · commit b8ff40507bde · 2025-03-10T21:44:56.000+08:00
diff --git a/contexts/Authorization/Application/Coordinators/UserIdentityCoordinator.php b/contexts/Authorization/Application/Coordinators/UserIdentityCoordinator.php
@@ -16,6 +16,8 @@
 use Contexts\Authorization\Domain\UserIdentity\Models\UserStatus;
 use Contexts\Authorization\Infrastructure\Repositories\UserRepository;
 use Illuminate\Contracts\Pagination\LengthAwarePaginator;
+use Contexts\Authorization\Domain\UserIdentity\Models\RoleIdCollection;
+use Contexts\Authorization\Domain\Role\Models\RoleId;
 
 class UserIdentityCoordinator extends BaseCoordinator
 {
@@ -91,4 +93,17 @@ public function changePassword(int $userId, string $newPassword)
 
         $this->repository->changePassword($user);
     }
+
+    public function syncRoles(int $userId, array $roleIds): void
+    {
+        $newRoles = new RoleIdCollection(
+            array_map(fn ($id) => RoleId::fromInt($id), $roleIds)
+        );
+
+        $user = $this->repository->getById(UserId::fromInt($userId));
+
+        $user->syncRoles($newRoles);
+
+        $this->repository->update($user);
+    }
 }
diff --git a/contexts/Authorization/Domain/UserIdentity/Events/RoleAssignedEvent.php b/contexts/Authorization/Domain/UserIdentity/Events/RoleAssignedEvent.php
@@ -0,0 +1,30 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Contexts\Authorization\Domain\UserIdentity\Events;
+
+use Contexts\Authorization\Domain\Role\Models\RoleId;
+use Contexts\Authorization\Domain\UserIdentity\Models\UserId;
+use Illuminate\Foundation\Events\Dispatchable;
+
+class RoleAssignedEvent
+{
+    use Dispatchable;
+
+    public function __construct(
+        private readonly UserId $userId,
+        private readonly RoleId $roleId
+    ) {
+    }
+
+    public function getUserId(): UserId
+    {
+        return $this->userId;
+    }
+
+    public function getRoleId(): RoleId
+    {
+        return $this->roleId;
+    }
+}
diff --git a/contexts/Authorization/Domain/UserIdentity/Events/RoleRemovedEvent.php b/contexts/Authorization/Domain/UserIdentity/Events/RoleRemovedEvent.php
@@ -0,0 +1,30 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Contexts\Authorization\Domain\UserIdentity\Events;
+
+use Contexts\Authorization\Domain\Role\Models\RoleId;
+use Contexts\Authorization\Domain\UserIdentity\Models\UserId;
+use Illuminate\Foundation\Events\Dispatchable;
+
+class RoleRemovedEvent
+{
+    use Dispatchable;
+
+    public function __construct(
+        private readonly UserId $userId,
+        private readonly RoleId $roleId
+    ) {
+    }
+
+    public function getUserId(): UserId
+    {
+        return $this->userId;
+    }
+
+    public function getRoleId(): RoleId
+    {
+        return $this->roleId;
+    }
+}
diff --git a/contexts/Authorization/Infrastructure/Migrations/2025_03_10_022301_create_pivot_user_role_table.php b/contexts/Authorization/Infrastructure/Migrations/2025_03_10_022301_create_pivot_user_role_table.php
@@ -0,0 +1,30 @@
+<?php
+
+declare(strict_types=1);
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class () extends Migration {
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('pivot_user_role', function (Blueprint $table) {
+            $table->increments('id');
+            $table->unsignedInteger('user_id');
+            $table->unsignedInteger('role_id');
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('roles');
+    }
+};
diff --git a/contexts/Authorization/Infrastructure/Routes.php b/contexts/Authorization/Infrastructure/Routes.php
@@ -12,6 +12,7 @@
         Route::get('', 'getUserList')->name('getUserList');
         Route::post('', 'createUser')->name('createUser');
         Route::patch('{id}/password', 'changePassword')->name('changePassword');
+        Route::put('{id}/roles', 'updateRoles')->name('updateRoles');
         Route::put('{id}/subspend', 'subspendUser')->name('subspendUser');
         Route::put('{id}', 'updateUser')->name('updateUser');
         Route::delete('{id}', 'deleteUser')->name('deleteUser');
diff --git a/contexts/Authorization/Presentation/Controllers/UserIdentityController.php b/contexts/Authorization/Presentation/Controllers/UserIdentityController.php
@@ -15,6 +15,7 @@
 use Contexts\Authorization\Presentation\Requests\User\UpdateUserRequest;
 use Contexts\Authorization\Presentation\Requests\User\UserIdRequest;
 use Contexts\Authorization\Presentation\Resources\UserResource;
+use Contexts\Authorization\Presentation\Requests\User\UpdateRolesRequest;
 
 class UserIdentityController extends BaseController
 {
@@ -90,4 +91,15 @@ public function changePassword(ChangePasswordRequest $request)
             ->message('Password changed successfully')
             ->send();
     }
+
+    public function updateRoles(UpdateRolesRequest $request)
+    {
+        $data = $request->validated();
+        $userId = (int) ($data['id']);
+        app(UserIdentityCoordinator::class)->syncRoles($userId, $data['role_ids']);
+
+        return $this->success()
+            ->message('Roles updated successfully')
+            ->send();
+    }
 }
diff --git a/contexts/Authorization/Presentation/Requests/User/UpdateRolesRequest.php b/contexts/Authorization/Presentation/Requests/User/UpdateRolesRequest.php
@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Contexts\Authorization\Presentation\Requests\User;
+
+use App\Http\Requests\BaseFormRequest;
+
+class UpdateRolesRequest extends BaseFormRequest
+{
+    public function rules(): array
+    {
+        return [
+            'id' => $this->idRule(),
+            'role_ids' => ['required', 'array'],
+            'role_ids.*' => ['required', 'integer', 'gt:0'],
+        ];
+    }
+}
diff --git a/contexts/Authorization/Tests/Feature/UserTest.php b/contexts/Authorization/Tests/Feature/UserTest.php
@@ -2,6 +2,8 @@
 
 declare(strict_types=1);
 
+use Contexts\Authorization\Infrastructure\Records\RoleRecord;
+
 it('can create active users via api', function () {
     $response = $this->postJson('users', [
         'email' => 'test@email.com',
@@ -142,3 +144,25 @@
 
     $response->assertStatus(200);
 });
+
+it('can update user roles via api', function () {
+    $response = $this->postJson('users', [
+        'email' => 'test@email.com',
+        'password' => 'password123',
+        'display_name' => 'My User',
+        'status' => 'active',
+    ]);
+
+    $response->assertStatus(201);
+
+    $id = (int) $response->json('data.id');
+
+    $roles = RoleRecord::factory()->count(2)->create();
+    $roleIds = $roles->pluck('id')->toArray();
+
+    $response = $this->putJson("users/{$id}/roles", [
+        'role_ids' => $roleIds
+    ]);
+
+    $response->assertStatus(200);
+});
