2026-06-23 10:10:28 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Modules\User\Policies;
|
|
|
|
|
|
|
|
|
|
use App\Models\User;
|
|
|
|
|
|
|
|
|
|
class UserPolicy
|
|
|
|
|
{
|
|
|
|
|
public function viewAny(User $user): bool
|
|
|
|
|
{
|
|
|
|
|
return $user->isAdmin();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function create(User $user): bool
|
|
|
|
|
{
|
|
|
|
|
return $user->isAdmin();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function update(User $user, User $target): bool
|
|
|
|
|
{
|
|
|
|
|
return $user->isAdmin();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function delete(User $user, User $target): bool
|
|
|
|
|
{
|
feat: remove Filament, add user account management
- Remove Filament /admin panel completely (AdminPanelProvider, UserResource, routes)
- Update composer.json to remove filament/filament dependency
- Add User model soft deletes with SoftDeletes trait + migration
- Strengthen UserPolicy::delete to prevent deleting last remaining admin
- Build out User module following pattern: CreateUserAction, UpdateUserAction, GetUsersAction,
UserResource, UserController, Create/UpdateUserRequest, UserData DTO
- Add /api/users routes (index, store, update, destroy), all admin-gated via policy
- Create frontend Settings > Accounts page (settings/accounts.vue) for admin user management
- Add useUsers composable mirroring useClient pattern
- Add "Benutzer" link to settings dropdown in clients/index.vue
- All tests pass; User soft-delete and last-admin protection verified
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-07-13 06:05:40 +00:00
|
|
|
if (! $user->isAdmin()) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if ($target->isAdmin() && User::where('role', 'admin')->count() <= 1) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
2026-06-23 10:10:28 +00:00
|
|
|
}
|
|
|
|
|
}
|