feat(user): User model with role, UserPolicy, Filament admin resource

This commit is contained in:
Tim Stollberg 2026-06-23 17:10:28 +07:00
parent f31739ed43
commit b948d51b59
78 changed files with 1993 additions and 17 deletions

18
backend/.editorconfig Normal file
View file

@ -0,0 +1,18 @@
root = true
[*]
charset = utf-8
end_of_line = lf
indent_size = 4
indent_style = space
insert_final_newline = true
trim_trailing_whitespace = true
[*.md]
trim_trailing_whitespace = false
[*.{yml,yaml}]
indent_size = 2
[docker-compose.yml]
indent_size = 4

59
backend/.env.example Normal file
View file

@ -0,0 +1,59 @@
APP_NAME=Laravel
APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost
LOG_CHANNEL=stack
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=
BROADCAST_DRIVER=log
CACHE_DRIVER=file
FILESYSTEM_DISK=local
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120
MEMCACHED_HOST=127.0.0.1
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_MAILER=smtp
MAIL_HOST=mailpit
MAIL_PORT=1025
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS="hello@example.com"
MAIL_FROM_NAME="${APP_NAME}"
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=
AWS_USE_PATH_STYLE_ENDPOINT=false
PUSHER_APP_ID=
PUSHER_APP_KEY=
PUSHER_APP_SECRET=
PUSHER_HOST=
PUSHER_PORT=443
PUSHER_SCHEME=https
PUSHER_APP_CLUSTER=mt1
VITE_APP_NAME="${APP_NAME}"
VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
VITE_PUSHER_HOST="${PUSHER_HOST}"
VITE_PUSHER_PORT="${PUSHER_PORT}"
VITE_PUSHER_SCHEME="${PUSHER_SCHEME}"
VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"

11
backend/.gitattributes vendored Normal file
View file

@ -0,0 +1,11 @@
* text=auto eol=lf
*.blade.php diff=html
*.css diff=css
*.html diff=html
*.md diff=markdown
*.php diff=php
/.github export-ignore
CHANGELOG.md export-ignore
.styleci.yml export-ignore

19
backend/.gitignore vendored Normal file
View file

@ -0,0 +1,19 @@
/.phpunit.cache
/node_modules
/public/build
/public/hot
/public/storage
/storage/*.key
/vendor
.env
.env.backup
.env.production
.phpunit.result.cache
Homestead.json
Homestead.yaml
auth.json
npm-debug.log
yarn-error.log
/.fleet
/.idea
/.vscode

66
backend/README.md Normal file
View file

@ -0,0 +1,66 @@
<p align="center"><a href="https://laravel.com" target="_blank"><img src="https://raw.githubusercontent.com/laravel/art/master/logo-lockup/5%20SVG/2%20CMYK/1%20Full%20Color/laravel-logolockup-cmyk-red.svg" width="400" alt="Laravel Logo"></a></p>
<p align="center">
<a href="https://github.com/laravel/framework/actions"><img src="https://github.com/laravel/framework/workflows/tests/badge.svg" alt="Build Status"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/dt/laravel/framework" alt="Total Downloads"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/v/laravel/framework" alt="Latest Stable Version"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/l/laravel/framework" alt="License"></a>
</p>
## About Laravel
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
- [Simple, fast routing engine](https://laravel.com/docs/routing).
- [Powerful dependency injection container](https://laravel.com/docs/container).
- Multiple back-ends for [session](https://laravel.com/docs/session) and [cache](https://laravel.com/docs/cache) storage.
- Expressive, intuitive [database ORM](https://laravel.com/docs/eloquent).
- Database agnostic [schema migrations](https://laravel.com/docs/migrations).
- [Robust background job processing](https://laravel.com/docs/queues).
- [Real-time event broadcasting](https://laravel.com/docs/broadcasting).
Laravel is accessible, powerful, and provides tools required for large, robust applications.
## Learning Laravel
Laravel has the most extensive and thorough [documentation](https://laravel.com/docs) and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework.
You may also try the [Laravel Bootcamp](https://bootcamp.laravel.com), where you will be guided through building a modern Laravel application from scratch.
If you don't feel like reading, [Laracasts](https://laracasts.com) can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
## Laravel Sponsors
We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the [Laravel Partners program](https://partners.laravel.com).
### Premium Partners
- **[Vehikl](https://vehikl.com/)**
- **[Tighten Co.](https://tighten.co)**
- **[WebReinvent](https://webreinvent.com/)**
- **[Kirschbaum Development Group](https://kirschbaumdevelopment.com)**
- **[64 Robots](https://64robots.com)**
- **[Curotec](https://www.curotec.com/services/technologies/laravel/)**
- **[Cyber-Duck](https://cyber-duck.co.uk)**
- **[DevSquad](https://devsquad.com/hire-laravel-developers)**
- **[Jump24](https://jump24.co.uk)**
- **[Redberry](https://redberry.international/laravel/)**
- **[Active Logic](https://activelogic.com)**
- **[byte5](https://byte5.de)**
- **[OP.GG](https://op.gg)**
## Contributing
Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions).
## Code of Conduct
In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct).
## Security Vulnerabilities
If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [taylor@laravel.com](mailto:taylor@laravel.com). All security vulnerabilities will be promptly addressed.
## License
The Laravel framework is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT).

View file

@ -0,0 +1,27 @@
<?php
namespace App\Console;
use Illuminate\Console\Scheduling\Schedule;
use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
class Kernel extends ConsoleKernel
{
/**
* Define the application's command schedule.
*/
protected function schedule(Schedule $schedule): void
{
// $schedule->command('inspire')->hourly();
}
/**
* Register the commands for the application.
*/
protected function commands(): void
{
$this->load(__DIR__.'/Commands');
require base_path('routes/console.php');
}
}

View file

@ -0,0 +1,30 @@
<?php
namespace App\Exceptions;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
use Throwable;
class Handler extends ExceptionHandler
{
/**
* The list of the inputs that are never flashed to the session on validation exceptions.
*
* @var array<int, string>
*/
protected $dontFlash = [
'current_password',
'password',
'password_confirmation',
];
/**
* Register the exception handling callbacks for the application.
*/
public function register(): void
{
$this->reportable(function (Throwable $e) {
//
});
}
}

View file

@ -0,0 +1,55 @@
<?php
namespace App\Filament\Resources;
use App\Filament\Resources\UserResource\Pages;
use App\Models\User;
use Filament\Forms\Components\Select;
use Filament\Forms\Components\TextInput;
use Filament\Forms\Form;
use Filament\Resources\Resource;
use Filament\Tables\Actions\DeleteAction;
use Filament\Tables\Actions\EditAction;
use Filament\Tables\Columns\TextColumn;
use Filament\Tables\Table;
class UserResource extends Resource
{
protected static ?string $model = User::class;
protected static ?string $navigationIcon = 'heroicon-o-users';
protected static ?string $label = 'Benutzer';
protected static ?string $pluralLabel = 'Benutzer';
public static function form(Form $form): Form
{
return $form->schema([
TextInput::make('name')->required()->maxLength(255),
TextInput::make('email')->email()->required()->maxLength(255),
TextInput::make('password')->password()->dehydrateStateUsing(fn ($state) => bcrypt($state))
->required(fn (string $context) => $context === 'create'),
Select::make('role')
->options(['admin' => 'Admin', 'staff' => 'Mitarbeiter'])
->required(),
]);
}
public static function table(Table $table): Table
{
return $table->columns([
TextColumn::make('name')->searchable(),
TextColumn::make('email')->searchable(),
TextColumn::make('role')->badge()
->color(fn (string $state) => $state === 'admin' ? 'danger' : 'gray'),
TextColumn::make('created_at')->dateTime()->sortable(),
])->actions([EditAction::make(), DeleteAction::make()]);
}
public static function getPages(): array
{
return [
'index' => Pages\ListUsers::route('/'),
'create' => Pages\CreateUser::route('/create'),
'edit' => Pages\EditUser::route('/{record}/edit'),
];
}
}

View file

@ -0,0 +1,11 @@
<?php
namespace App\Filament\Resources\UserResource\Pages;
use App\Filament\Resources\UserResource;
use Filament\Resources\Pages\CreateRecord;
class CreateUser extends CreateRecord
{
protected static string $resource = UserResource::class;
}

View file

@ -0,0 +1,19 @@
<?php
namespace App\Filament\Resources\UserResource\Pages;
use App\Filament\Resources\UserResource;
use Filament\Actions;
use Filament\Resources\Pages\EditRecord;
class EditUser extends EditRecord
{
protected static string $resource = UserResource::class;
protected function getHeaderActions(): array
{
return [
Actions\DeleteAction::make(),
];
}
}

View file

@ -0,0 +1,19 @@
<?php
namespace App\Filament\Resources\UserResource\Pages;
use App\Filament\Resources\UserResource;
use Filament\Actions;
use Filament\Resources\Pages\ListRecords;
class ListUsers extends ListRecords
{
protected static string $resource = UserResource::class;
protected function getHeaderActions(): array
{
return [
Actions\CreateAction::make(),
];
}
}

View file

@ -0,0 +1,12 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Routing\Controller as BaseController;
class Controller extends BaseController
{
use AuthorizesRequests, ValidatesRequests;
}

View file

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
use Illuminate\Http\Request;
class Authenticate extends Middleware
{
/**
* Get the path the user should be redirected to when they are not authenticated.
*/
protected function redirectTo(Request $request): ?string
{
return $request->expectsJson() ? null : route('login');
}
}

View file

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
class EncryptCookies extends Middleware
{
/**
* The names of the cookies that should not be encrypted.
*
* @var array<int, string>
*/
protected $except = [
//
];
}

View file

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance as Middleware;
class PreventRequestsDuringMaintenance extends Middleware
{
/**
* The URIs that should be reachable while maintenance mode is enabled.
*
* @var array<int, string>
*/
protected $except = [
//
];
}

View file

@ -0,0 +1,30 @@
<?php
namespace App\Http\Middleware;
use App\Providers\RouteServiceProvider;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;
class RedirectIfAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next, string ...$guards): Response
{
$guards = empty($guards) ? [null] : $guards;
foreach ($guards as $guard) {
if (Auth::guard($guard)->check()) {
return redirect(RouteServiceProvider::HOME);
}
}
return $next($request);
}
}

View file

@ -0,0 +1,19 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
class TrimStrings extends Middleware
{
/**
* The names of the attributes that should not be trimmed.
*
* @var array<int, string>
*/
protected $except = [
'current_password',
'password',
'password_confirmation',
];
}

View file

@ -0,0 +1,20 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Http\Middleware\TrustHosts as Middleware;
class TrustHosts extends Middleware
{
/**
* Get the host patterns that should be trusted.
*
* @return array<int, string|null>
*/
public function hosts(): array
{
return [
$this->allSubdomainsOfApplicationUrl(),
];
}
}

View file

@ -0,0 +1,28 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Http\Middleware\TrustProxies as Middleware;
use Illuminate\Http\Request;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array<int, string>|string|null
*/
protected $proxies;
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers =
Request::HEADER_X_FORWARDED_FOR |
Request::HEADER_X_FORWARDED_HOST |
Request::HEADER_X_FORWARDED_PORT |
Request::HEADER_X_FORWARDED_PROTO |
Request::HEADER_X_FORWARDED_AWS_ELB;
}

View file

@ -0,0 +1,22 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Routing\Middleware\ValidateSignature as Middleware;
class ValidateSignature extends Middleware
{
/**
* The names of the query string parameters that should be ignored.
*
* @var array<int, string>
*/
protected $except = [
// 'fbclid',
// 'utm_campaign',
// 'utm_content',
// 'utm_medium',
// 'utm_source',
// 'utm_term',
];
}

View file

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array<int, string>
*/
protected $except = [
//
];
}

View file

@ -0,0 +1,27 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
protected $fillable = ['name', 'email', 'password', 'role'];
protected $hidden = ['password', 'remember_token'];
protected $casts = [
'email_verified_at' => 'datetime',
'password' => 'hashed',
];
public function isAdmin(): bool
{
return $this->role === 'admin';
}
}

View file

@ -0,0 +1,18 @@
<?php
namespace App\Modules\Client\Actions;
use App\Modules\Client\DTOs\ClientData;
use App\Modules\Client\Models\Client;
final class CreateClientAction
{
public function handle(ClientData $data): Client
{
return Client::create([
'client_number' => $data->clientNumber,
'name' => $data->name,
'notes' => $data->notes,
]);
}
}

View file

@ -0,0 +1,19 @@
<?php
namespace App\Modules\Client\Actions;
use App\Modules\Client\Models\Client;
use Illuminate\Contracts\Pagination\LengthAwarePaginator;
final class GetClientAction
{
public function list(): LengthAwarePaginator
{
return Client::orderBy('name')->paginate(50);
}
public function find(int $id): Client
{
return Client::findOrFail($id);
}
}

View file

@ -0,0 +1,19 @@
<?php
namespace App\Modules\Client\Actions;
use App\Modules\Client\DTOs\ClientData;
use App\Modules\Client\Models\Client;
final class UpdateClientAction
{
public function handle(Client $client, ClientData $data): Client
{
$client->update(array_filter([
'name' => $data->name,
'notes' => $data->notes,
], fn ($v) => $v !== null));
return $client->fresh();
}
}

View file

@ -0,0 +1,45 @@
<?php
namespace App\Modules\Client\Controllers;
use App\Http\Controllers\Controller;
use App\Modules\Client\Actions\CreateClientAction;
use App\Modules\Client\Actions\GetClientAction;
use App\Modules\Client\Actions\UpdateClientAction;
use App\Modules\Client\DTOs\ClientData;
use App\Modules\Client\Models\Client;
use App\Modules\Client\Requests\CreateClientRequest;
use App\Modules\Client\Requests\UpdateClientRequest;
use App\Modules\Client\Resources\ClientResource;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
class ClientController extends Controller
{
public function index(GetClientAction $action): AnonymousResourceCollection
{
$this->authorize('viewAny', Client::class);
return ClientResource::collection($action->list());
}
public function store(CreateClientRequest $request, CreateClientAction $action): JsonResponse
{
$this->authorize('create', Client::class);
$client = $action->handle(ClientData::fromCreateRequest($request));
return ClientResource::make($client)->response()->setStatusCode(201);
}
public function show(int $id, GetClientAction $action): ClientResource
{
$client = $action->find($id);
$this->authorize('view', $client);
return ClientResource::make($client);
}
public function update(UpdateClientRequest $request, Client $client, UpdateClientAction $action): ClientResource
{
$this->authorize('update', $client);
$updated = $action->handle($client, ClientData::fromUpdateRequest($request));
return ClientResource::make($updated);
}
}

View file

@ -0,0 +1,33 @@
<?php
namespace App\Modules\Client\DTOs;
use App\Modules\Client\Requests\CreateClientRequest;
use App\Modules\Client\Requests\UpdateClientRequest;
final class ClientData
{
public function __construct(
public readonly ?string $clientNumber,
public readonly ?string $name,
public readonly ?array $notes,
) {}
public static function fromCreateRequest(CreateClientRequest $request): self
{
return new self(
clientNumber: $request->validated('client_number'),
name: $request->validated('name'),
notes: $request->validated('notes'),
);
}
public static function fromUpdateRequest(UpdateClientRequest $request): self
{
return new self(
clientNumber: null,
name: $request->validated('name'),
notes: $request->validated('notes'),
);
}
}

View file

@ -0,0 +1,28 @@
<?php
namespace App\Modules\Client\Models;
use App\Modules\History\Models\HistoryEntry;
use Database\Factories\ClientFactory;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\HasMany;
class Client extends Model
{
use HasFactory;
protected $fillable = ['client_number', 'name', 'notes'];
protected $casts = ['notes' => 'array'];
protected static function newFactory(): ClientFactory
{
return ClientFactory::new();
}
public function historyEntries(): HasMany
{
return $this->hasMany(HistoryEntry::class);
}
}

View file

@ -0,0 +1,15 @@
<?php
namespace App\Modules\Client\Policies;
use App\Models\User;
use App\Modules\Client\Models\Client;
class ClientPolicy
{
public function viewAny(User $user): bool { return true; }
public function view(User $user, Client $client): bool { return true; }
public function create(User $user): bool { return true; }
public function update(User $user, Client $client): bool { return true; }
public function delete(User $user, Client $client): bool { return $user->isAdmin(); }
}

View file

@ -0,0 +1,19 @@
<?php
namespace App\Modules\Client\Requests;
use Illuminate\Foundation\Http\FormRequest;
class CreateClientRequest extends FormRequest
{
public function authorize(): bool { return true; }
public function rules(): array
{
return [
'client_number' => ['required', 'string', 'max:50', 'unique:clients,client_number'],
'name' => ['required', 'string', 'max:255'],
'notes' => ['nullable', 'array'],
];
}
}

View file

@ -0,0 +1,18 @@
<?php
namespace App\Modules\Client\Requests;
use Illuminate\Foundation\Http\FormRequest;
class UpdateClientRequest extends FormRequest
{
public function authorize(): bool { return true; }
public function rules(): array
{
return [
'name' => ['sometimes', 'required', 'string', 'max:255'],
'notes' => ['nullable', 'array'],
];
}
}

View file

@ -0,0 +1,21 @@
<?php
namespace App\Modules\Client\Resources;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
class ClientResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'client_number' => $this->client_number,
'name' => $this->name,
'notes' => $this->notes ?? [],
'created_at' => $this->created_at->toISOString(),
'updated_at' => $this->updated_at->toISOString(),
];
}
}

View file

@ -0,0 +1,21 @@
<?php
namespace App\Modules\History\Actions;
use App\Models\User;
use App\Modules\Client\Models\Client;
use App\Modules\History\DTOs\HistoryEntryData;
use App\Modules\History\Models\HistoryEntry;
final class CreateHistoryEntryAction
{
public function handle(Client $client, HistoryEntryData $data, User $author): HistoryEntry
{
return HistoryEntry::create([
'client_id' => $client->id,
'type' => $data->type,
'body' => $data->body,
'author_id' => $author->id,
]);
}
}

View file

@ -0,0 +1,20 @@
<?php
namespace App\Modules\History\Actions;
use App\Models\User;
use App\Modules\History\DTOs\HistoryEntryData;
use App\Modules\History\Models\HistoryEntry;
final class UpdateHistoryEntryAction
{
public function handle(HistoryEntry $entry, HistoryEntryData $data, User $editor): HistoryEntry
{
$entry->update([
'body' => $data->body,
'updated_by' => $editor->id,
]);
return $entry->fresh();
}
}

View file

@ -0,0 +1,55 @@
<?php
namespace App\Modules\History\Controllers;
use App\Http\Controllers\Controller;
use App\Modules\Client\Models\Client;
use App\Modules\History\Actions\CreateHistoryEntryAction;
use App\Modules\History\Actions\UpdateHistoryEntryAction;
use App\Modules\History\DTOs\HistoryEntryData;
use App\Modules\History\Models\HistoryEntry;
use App\Modules\History\Requests\CreateHistoryEntryRequest;
use App\Modules\History\Requests\UpdateHistoryEntryRequest;
use App\Modules\History\Resources\HistoryEntryResource;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
class HistoryController extends Controller
{
public function index(Client $client): AnonymousResourceCollection
{
$this->authorize('viewAny', HistoryEntry::class);
$entries = $client->historyEntries()
->with(['author', 'updatedBy'])
->orderByDesc('created_at')
->get();
return HistoryEntryResource::collection($entries);
}
public function store(
CreateHistoryEntryRequest $request,
Client $client,
CreateHistoryEntryAction $action
): JsonResponse {
$this->authorize('create', HistoryEntry::class);
$entry = $action->handle($client, HistoryEntryData::fromCreateRequest($request), $request->user());
return HistoryEntryResource::make($entry->load(['author']))->response()->setStatusCode(201);
}
public function update(
UpdateHistoryEntryRequest $request,
HistoryEntry $historyEntry,
UpdateHistoryEntryAction $action
): HistoryEntryResource {
$this->authorize('update', $historyEntry);
$updated = $action->handle($historyEntry, HistoryEntryData::fromUpdateRequest($request), $request->user());
return HistoryEntryResource::make($updated->load(['author', 'updatedBy']));
}
public function destroy(HistoryEntry $historyEntry): JsonResponse
{
$this->authorize('delete', $historyEntry);
$historyEntry->delete();
return response()->json(null, 204);
}
}

View file

@ -0,0 +1,30 @@
<?php
namespace App\Modules\History\DTOs;
use App\Modules\History\Requests\CreateHistoryEntryRequest;
use App\Modules\History\Requests\UpdateHistoryEntryRequest;
final class HistoryEntryData
{
public function __construct(
public readonly ?string $type,
public readonly ?string $body,
) {}
public static function fromCreateRequest(CreateHistoryEntryRequest $request): self
{
return new self(
type: $request->validated('type'),
body: $request->validated('body'),
);
}
public static function fromUpdateRequest(UpdateHistoryEntryRequest $request): self
{
return new self(
type: null,
body: $request->validated('body'),
);
}
}

View file

@ -0,0 +1,40 @@
<?php
namespace App\Modules\History\Models;
use App\Models\User;
use App\Modules\Client\Models\Client;
use Database\Factories\HistoryEntryFactory;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\SoftDeletes;
class HistoryEntry extends Model
{
use HasFactory, SoftDeletes;
protected $fillable = ['client_id', 'type', 'body', 'author_id', 'updated_by'];
protected $casts = ['type' => HistoryEntryType::class];
public function client(): BelongsTo
{
return $this->belongsTo(Client::class);
}
public function author(): BelongsTo
{
return $this->belongsTo(User::class, 'author_id');
}
public function updatedBy(): BelongsTo
{
return $this->belongsTo(User::class, 'updated_by');
}
protected static function newFactory(): HistoryEntryFactory
{
return HistoryEntryFactory::new();
}
}

View file

@ -0,0 +1,13 @@
<?php
namespace App\Modules\History\Models;
enum HistoryEntryType: string
{
case PhoneCall = 'phone_call';
case Consultation = 'consultation';
case Recommendation = 'recommendation';
case Instruction = 'instruction';
case Remark = 'remark';
case Other = 'other';
}

View file

@ -0,0 +1,14 @@
<?php
namespace App\Modules\History\Policies;
use App\Models\User;
use App\Modules\History\Models\HistoryEntry;
class HistoryEntryPolicy
{
public function viewAny(User $user): bool { return true; }
public function create(User $user): bool { return true; }
public function update(User $user, HistoryEntry $entry): bool { return true; }
public function delete(User $user, HistoryEntry $entry): bool { return true; }
}

View file

@ -0,0 +1,20 @@
<?php
namespace App\Modules\History\Requests;
use App\Modules\History\Models\HistoryEntryType;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rules\Enum;
class CreateHistoryEntryRequest extends FormRequest
{
public function authorize(): bool { return true; }
public function rules(): array
{
return [
'type' => ['required', new Enum(HistoryEntryType::class)],
'body' => ['required', 'string', 'max:65535'],
];
}
}

View file

@ -0,0 +1,17 @@
<?php
namespace App\Modules\History\Requests;
use Illuminate\Foundation\Http\FormRequest;
class UpdateHistoryEntryRequest extends FormRequest
{
public function authorize(): bool { return true; }
public function rules(): array
{
return [
'body' => ['required', 'string', 'max:65535'],
];
}
}

View file

@ -0,0 +1,25 @@
<?php
namespace App\Modules\History\Resources;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
class HistoryEntryResource extends JsonResource
{
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'client_id' => $this->client_id,
'type' => $this->type->value,
'body' => $this->body,
'author_id' => $this->author_id,
'author_name' => $this->author?->name,
'updated_by' => $this->updated_by,
'updated_by_name' => $this->updatedBy?->name,
'created_at' => $this->created_at->toISOString(),
'updated_at' => $this->updated_at->toISOString(),
];
}
}

View file

@ -0,0 +1,25 @@
<?php
namespace App\Modules\Search\Actions;
use App\Modules\Client\Models\Client;
use Illuminate\Database\Eloquent\Collection;
use Illuminate\Support\Facades\DB;
final class SearchClientsAction
{
public function handle(string $query): Collection
{
if (DB::connection()->getDriverName() === 'sqlite') {
return Client::where('name', 'like', "%{$query}%")
->orWhere('client_number', 'like', "%{$query}%")
->limit(50)
->get();
}
return Client::whereRaw(
'MATCH(client_number, name) AGAINST(? IN BOOLEAN MODE)',
[$query . '*']
)->limit(50)->get();
}
}

View file

@ -0,0 +1,21 @@
<?php
namespace App\Modules\Search\Controllers;
use App\Http\Controllers\Controller;
use App\Modules\Client\Resources\ClientResource;
use App\Modules\Search\Actions\SearchClientsAction;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
class SearchController extends Controller
{
public function __invoke(Request $request, SearchClientsAction $action): AnonymousResourceCollection
{
$validated = $request->validate(['q' => ['required', 'string', 'min:1', 'max:100']]);
$clients = $action->handle($validated['q']);
return ClientResource::collection($clients);
}
}

View file

@ -0,0 +1,28 @@
<?php
namespace App\Modules\User\Policies;
use App\Models\User;
class UserPolicy
{
public function viewAny(User $user): bool
{
return $user->isAdmin();
}
public function create(User $user): bool
{
return $user->isAdmin();
}
public function update(User $user, User $target): bool
{
return $user->isAdmin();
}
public function delete(User $user, User $target): bool
{
return $user->isAdmin() && $user->id !== $target->id;
}
}

View file

@ -0,0 +1,24 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
//
}
/**
* Bootstrap any application services.
*/
public function boot(): void
{
//
}
}

View file

@ -0,0 +1,34 @@
<?php
namespace App\Providers;
// use Illuminate\Support\Facades\Gate;
use App\Models\User;
use App\Modules\Client\Models\Client;
use App\Modules\Client\Policies\ClientPolicy;
use App\Modules\History\Models\HistoryEntry;
use App\Modules\History\Policies\HistoryEntryPolicy;
use App\Modules\User\Policies\UserPolicy;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider
{
/**
* The model to policy mappings for the application.
*
* @var array<class-string, class-string>
*/
protected $policies = [
User::class => UserPolicy::class,
Client::class => ClientPolicy::class,
HistoryEntry::class => HistoryEntryPolicy::class,
];
/**
* Register any authentication / authorization services.
*/
public function boot(): void
{
//
}
}

View file

@ -0,0 +1,19 @@
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Broadcast;
use Illuminate\Support\ServiceProvider;
class BroadcastServiceProvider extends ServiceProvider
{
/**
* Bootstrap any application services.
*/
public function boot(): void
{
Broadcast::routes();
require base_path('routes/channels.php');
}
}

View file

@ -0,0 +1,38 @@
<?php
namespace App\Providers;
use Illuminate\Auth\Events\Registered;
use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Event;
class EventServiceProvider extends ServiceProvider
{
/**
* The event to listener mappings for the application.
*
* @var array<class-string, array<int, class-string>>
*/
protected $listen = [
Registered::class => [
SendEmailVerificationNotification::class,
],
];
/**
* Register any events for your application.
*/
public function boot(): void
{
//
}
/**
* Determine if events and listeners should be automatically discovered.
*/
public function shouldDiscoverEvents(): bool
{
return false;
}
}

View file

@ -0,0 +1,40 @@
<?php
namespace App\Providers;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Route;
class RouteServiceProvider extends ServiceProvider
{
/**
* The path to your application's "home" route.
*
* Typically, users are redirected here after authentication.
*
* @var string
*/
public const HOME = '/home';
/**
* Define your route model bindings, pattern filters, and other route configuration.
*/
public function boot(): void
{
RateLimiter::for('api', function (Request $request) {
return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
});
$this->routes(function () {
Route::middleware('api')
->prefix('api')
->group(base_path('routes/api.php'));
Route::middleware('web')
->group(base_path('routes/web.php'));
});
}
}

53
backend/artisan Executable file
View file

@ -0,0 +1,53 @@
#!/usr/bin/env php
<?php
define('LARAVEL_START', microtime(true));
/*
|--------------------------------------------------------------------------
| Register The Auto Loader
|--------------------------------------------------------------------------
|
| Composer provides a convenient, automatically generated class loader
| for our application. We just need to utilize it! We'll require it
| into the script here so that we do not have to worry about the
| loading of any of our classes manually. It's great to relax.
|
*/
require __DIR__.'/vendor/autoload.php';
$app = require_once __DIR__.'/bootstrap/app.php';
/*
|--------------------------------------------------------------------------
| Run The Artisan Application
|--------------------------------------------------------------------------
|
| When we run the console application, the current CLI command will be
| executed in this console and the response sent back to a terminal
| or another output device for the developers. Here goes nothing!
|
*/
$kernel = $app->make(Illuminate\Contracts\Console\Kernel::class);
$status = $kernel->handle(
$input = new Symfony\Component\Console\Input\ArgvInput,
new Symfony\Component\Console\Output\ConsoleOutput
);
/*
|--------------------------------------------------------------------------
| Shutdown The Application
|--------------------------------------------------------------------------
|
| Once Artisan has finished running, we will fire off the shutdown events
| so that any final work may be done by the application before we shut
| down the process. This is the last thing to happen to the request.
|
*/
$kernel->terminate($input, $status);
exit($status);

55
backend/bootstrap/app.php Normal file
View file

@ -0,0 +1,55 @@
<?php
/*
|--------------------------------------------------------------------------
| Create The Application
|--------------------------------------------------------------------------
|
| The first thing we will do is create a new Laravel application instance
| which serves as the "glue" for all the components of Laravel, and is
| the IoC container for the system binding all of the various parts.
|
*/
$app = new Illuminate\Foundation\Application(
$_ENV['APP_BASE_PATH'] ?? dirname(__DIR__)
);
/*
|--------------------------------------------------------------------------
| Bind Important Interfaces
|--------------------------------------------------------------------------
|
| Next, we need to bind some important interfaces into the container so
| we will be able to resolve them when needed. The kernels serve the
| incoming requests to this application from both the web and CLI.
|
*/
$app->singleton(
Illuminate\Contracts\Http\Kernel::class,
App\Http\Kernel::class
);
$app->singleton(
Illuminate\Contracts\Console\Kernel::class,
App\Console\Kernel::class
);
$app->singleton(
Illuminate\Contracts\Debug\ExceptionHandler::class,
App\Exceptions\Handler::class
);
/*
|--------------------------------------------------------------------------
| Return The Application
|--------------------------------------------------------------------------
|
| This script returns the application instance. The instance is given to
| the calling script so we can separate the building of the instances
| from the actual running of the application and sending responses.
|
*/
return $app;

View file

@ -2,13 +2,11 @@
use Illuminate\Database\Migrations\Migration; use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Schema; use Illuminate\Support\Facades\Schema;
return new class extends Migration return new class extends Migration
{ {
/**
* Run the migrations.
*/
public function up(): void public function up(): void
{ {
Schema::create('clients', function (Blueprint $table) { Schema::create('clients', function (Blueprint $table) {
@ -18,7 +16,9 @@ public function up(): void
$table->json('notes')->nullable(); $table->json('notes')->nullable();
$table->timestamps(); $table->timestamps();
if (DB::connection()->getDriverName() !== 'sqlite') {
$table->fullText(['client_number', 'name']); $table->fullText(['client_number', 'name']);
}
}); });
} }

13
backend/package.json Normal file
View file

@ -0,0 +1,13 @@
{
"private": true,
"type": "module",
"scripts": {
"dev": "vite",
"build": "vite build"
},
"devDependencies": {
"axios": "^1.6.4",
"laravel-vite-plugin": "^1.0.0",
"vite": "^5.0.0"
}
}

View file

@ -23,7 +23,7 @@
<env name="CACHE_DRIVER" value="array"/> <env name="CACHE_DRIVER" value="array"/>
<env name="DB_CONNECTION" value="sqlite"/> <env name="DB_CONNECTION" value="sqlite"/>
<env name="DB_DATABASE" value=":memory:"/> <env name="DB_DATABASE" value=":memory:"/>
<env name="APP_KEY" value="base64:testtesttesttesttesttesttesttesttesttesttest="/> <env name="APP_KEY" value="base64:dGVzdHRlc3R0ZXN0dGVzdHRlc3R0ZXN0dGVzdHRlc3Q="/>
<env name="MAIL_MAILER" value="array"/> <env name="MAIL_MAILER" value="array"/>
<env name="PULSE_ENABLED" value="false"/> <env name="PULSE_ENABLED" value="false"/>
<env name="QUEUE_CONNECTION" value="sync"/> <env name="QUEUE_CONNECTION" value="sync"/>

21
backend/public/.htaccess Normal file
View file

@ -0,0 +1,21 @@
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

View file

55
backend/public/index.php Normal file
View file

@ -0,0 +1,55 @@
<?php
use Illuminate\Contracts\Http\Kernel;
use Illuminate\Http\Request;
define('LARAVEL_START', microtime(true));
/*
|--------------------------------------------------------------------------
| Check If The Application Is Under Maintenance
|--------------------------------------------------------------------------
|
| If the application is in maintenance / demo mode via the "down" command
| we will load this file so that any pre-rendered content can be shown
| instead of starting the framework, which could cause an exception.
|
*/
if (file_exists($maintenance = __DIR__.'/../storage/framework/maintenance.php')) {
require $maintenance;
}
/*
|--------------------------------------------------------------------------
| Register The Auto Loader
|--------------------------------------------------------------------------
|
| Composer provides a convenient, automatically generated class loader for
| this application. We just need to utilize it! We'll simply require it
| into the script here so we don't need to manually load our classes.
|
*/
require __DIR__.'/../vendor/autoload.php';
/*
|--------------------------------------------------------------------------
| Run The Application
|--------------------------------------------------------------------------
|
| Once we have the application, we can handle the incoming request using
| the application's HTTP kernel. Then, we will send the response back
| to this client's browser, allowing them to enjoy our application.
|
*/
$app = require_once __DIR__.'/../bootstrap/app.php';
$kernel = $app->make(Kernel::class);
$response = $kernel->handle(
$request = Request::capture()
)->send();
$kernel->terminate($request, $response);

View file

@ -0,0 +1,2 @@
User-agent: *
Disallow:

View file

View file

@ -0,0 +1 @@
import './bootstrap';

32
backend/resources/js/bootstrap.js vendored Normal file
View file

@ -0,0 +1,32 @@
/**
* We'll load the axios HTTP library which allows us to easily issue requests
* to our Laravel back-end. This library automatically handles sending the
* CSRF token as a header based on the value of the "XSRF" token cookie.
*/
import axios from 'axios';
window.axios = axios;
window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
/**
* Echo exposes an expressive API for subscribing to channels and listening
* for events that are broadcast by Laravel. Echo and event broadcasting
* allows your team to easily build robust real-time web applications.
*/
// import Echo from 'laravel-echo';
// import Pusher from 'pusher-js';
// window.Pusher = Pusher;
// window.Echo = new Echo({
// broadcaster: 'pusher',
// key: import.meta.env.VITE_PUSHER_APP_KEY,
// cluster: import.meta.env.VITE_PUSHER_APP_CLUSTER ?? 'mt1',
// wsHost: import.meta.env.VITE_PUSHER_HOST ? import.meta.env.VITE_PUSHER_HOST : `ws-${import.meta.env.VITE_PUSHER_APP_CLUSTER}.pusher.com`,
// wsPort: import.meta.env.VITE_PUSHER_PORT ?? 80,
// wssPort: import.meta.env.VITE_PUSHER_PORT ?? 443,
// forceTLS: (import.meta.env.VITE_PUSHER_SCHEME ?? 'https') === 'https',
// enabledTransports: ['ws', 'wss'],
// });

File diff suppressed because one or more lines are too long

View file

@ -1,5 +1,8 @@
<?php <?php
use App\Modules\Client\Controllers\ClientController;
use App\Modules\History\Controllers\HistoryController;
use App\Modules\Search\Controllers\SearchController;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
@ -20,17 +23,24 @@
return response()->json(['data' => auth()->user()]); return response()->json(['data' => auth()->user()]);
}); });
Route::middleware('auth:sanctum')->group(function () {
Route::post('/logout', function (Request $request) { Route::post('/logout', function (Request $request) {
auth()->logout(); auth()->logout();
if ($request->hasSession()) { if ($request->hasSession()) {
$request->session()->invalidate(); $request->session()->invalidate();
$request->session()->regenerateToken(); $request->session()->regenerateToken();
} }
return response()->json([], 204); return response()->json(null, 204);
})->middleware('auth:sanctum'); });
Route::get('/user', function (Request $request) { Route::get('/user', fn (Request $request) => response()->json(['data' => $request->user()]));
return response()->json(['data' => $request->user()]);
})->middleware('auth:sanctum');
// Module routes added in Task 10 Route::get('search', SearchController::class);
Route::apiResource('clients', ClientController::class)->except(['destroy']);
Route::get('clients/{client}/history', [HistoryController::class, 'index']);
Route::post('clients/{client}/history', [HistoryController::class, 'store']);
Route::put('history/{historyEntry}', [HistoryController::class, 'update']);
Route::delete('history/{historyEntry}', [HistoryController::class, 'destroy']);
});

View file

@ -0,0 +1,18 @@
<?php
use Illuminate\Support\Facades\Broadcast;
/*
|--------------------------------------------------------------------------
| Broadcast Channels
|--------------------------------------------------------------------------
|
| Here you may register all of the event broadcasting channels that your
| application supports. The given channel authorization callbacks are
| used to check if an authenticated user can listen to the channel.
|
*/
Broadcast::channel('App.Models.User.{id}', function ($user, $id) {
return (int) $user->id === (int) $id;
});

View file

@ -0,0 +1,19 @@
<?php
use Illuminate\Foundation\Inspiring;
use Illuminate\Support\Facades\Artisan;
/*
|--------------------------------------------------------------------------
| Console Routes
|--------------------------------------------------------------------------
|
| This file is where you may define all of your Closure based console
| commands. Each Closure is bound to a command instance allowing a
| simple approach to interacting with each command's IO methods.
|
*/
Artisan::command('inspire', function () {
$this->comment(Inspiring::quote());
})->purpose('Display an inspiring quote');

18
backend/routes/web.php Normal file
View file

@ -0,0 +1,18 @@
<?php
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "web" middleware group. Make something great!
|
*/
Route::get('/', function () {
return view('welcome');
});

3
backend/storage/app/.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
*
!public/
!.gitignore

2
backend/storage/app/public/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
*
!.gitignore

9
backend/storage/framework/.gitignore vendored Normal file
View file

@ -0,0 +1,9 @@
compiled.php
config.php
down
events.scanned.php
maintenance.php
routes.php
routes.scanned.php
schedule-*
services.json

View file

@ -0,0 +1,2 @@
*
!.gitignore

View file

@ -0,0 +1,21 @@
<?php
namespace Tests;
use Illuminate\Contracts\Console\Kernel;
use Illuminate\Foundation\Application;
trait CreatesApplication
{
/**
* Creates the application.
*/
public function createApplication(): Application
{
$app = require __DIR__.'/../bootstrap/app.php';
$app->make(Kernel::class)->bootstrap();
return $app;
}
}

View file

@ -0,0 +1,67 @@
<?php
use App\Models\User;
use App\Modules\Client\Models\Client;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('staff can list clients', function () {
$user = User::factory()->create(['role' => 'staff']);
Client::factory(3)->create();
$response = $this->actingAs($user)->getJson('/api/clients');
$response->assertStatus(200)
->assertJsonCount(3, 'data');
});
it('staff can create a client', function () {
$user = User::factory()->create(['role' => 'staff']);
$response = $this->actingAs($user)->postJson('/api/clients', [
'client_number' => 'K001',
'name' => 'Müller GmbH',
]);
$response->assertStatus(201)
->assertJsonPath('data.client_number', 'K001')
->assertJsonPath('data.name', 'Müller GmbH');
$this->assertDatabaseHas('clients', ['client_number' => 'K001']);
});
it('rejects duplicate client_number', function () {
$user = User::factory()->create(['role' => 'staff']);
Client::factory()->create(['client_number' => 'K001']);
$response = $this->actingAs($user)->postJson('/api/clients', [
'client_number' => 'K001',
'name' => 'Other GmbH',
]);
$response->assertStatus(422);
});
it('staff can update a client', function () {
$user = User::factory()->create(['role' => 'staff']);
$client = Client::factory()->create();
$response = $this->actingAs($user)->putJson("/api/clients/{$client->id}", [
'name' => 'Updated Name',
]);
$response->assertStatus(200)
->assertJsonPath('data.name', 'Updated Name');
});
it('returns 404 for nonexistent client', function () {
$user = User::factory()->create(['role' => 'staff']);
$this->actingAs($user)->getJson('/api/clients/9999')
->assertStatus(404);
});
it('unauthenticated request returns 401', function () {
$this->getJson('/api/clients')->assertStatus(401);
});

View file

@ -0,0 +1,77 @@
<?php
use App\Models\User;
use App\Modules\Client\Models\Client;
use App\Modules\History\Models\HistoryEntry;
use App\Modules\History\Models\HistoryEntryType;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('staff can list history entries for a client', function () {
$user = User::factory()->create(['role' => 'staff']);
$client = Client::factory()->create();
HistoryEntry::factory(3)->create(['client_id' => $client->id, 'author_id' => $user->id]);
$response = $this->actingAs($user)->getJson("/api/clients/{$client->id}/history");
$response->assertStatus(200)->assertJsonCount(3, 'data');
});
it('staff can add a history entry', function () {
$user = User::factory()->create(['role' => 'staff']);
$client = Client::factory()->create();
$response = $this->actingAs($user)->postJson("/api/clients/{$client->id}/history", [
'type' => 'phone_call',
'body' => 'Rückruf vereinbart.',
]);
$response->assertStatus(201)
->assertJsonPath('data.type', 'phone_call')
->assertJsonPath('data.body', 'Rückruf vereinbart.')
->assertJsonPath('data.author_id', $user->id);
$this->assertDatabaseHas('history_entries', [
'client_id' => $client->id,
'type' => 'phone_call',
]);
});
it('staff can update a history entry', function () {
$user = User::factory()->create(['role' => 'staff']);
$client = Client::factory()->create();
$entry = HistoryEntry::factory()->create([
'client_id' => $client->id,
'author_id' => $user->id,
'body' => 'Original',
]);
$response = $this->actingAs($user)->putJson("/api/history/{$entry->id}", [
'body' => 'Updated body',
]);
$response->assertStatus(200)->assertJsonPath('data.body', 'Updated body');
$this->assertDatabaseHas('history_entries', ['id' => $entry->id, 'updated_by' => $user->id]);
});
it('staff can soft-delete a history entry', function () {
$user = User::factory()->create(['role' => 'staff']);
$client = Client::factory()->create();
$entry = HistoryEntry::factory()->create(['client_id' => $client->id, 'author_id' => $user->id]);
$response = $this->actingAs($user)->deleteJson("/api/history/{$entry->id}");
$response->assertStatus(204);
$this->assertSoftDeleted('history_entries', ['id' => $entry->id]);
});
it('rejects invalid history entry type', function () {
$user = User::factory()->create(['role' => 'staff']);
$client = Client::factory()->create();
$this->actingAs($user)->postJson("/api/clients/{$client->id}/history", [
'type' => 'invalid_type',
'body' => 'test',
])->assertStatus(422);
});

View file

@ -0,0 +1,49 @@
<?php
use App\Models\User;
use App\Modules\Client\Models\Client;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('returns clients matching name', function () {
$user = User::factory()->create(['role' => 'staff']);
Client::factory()->create(['name' => 'Müller GmbH', 'client_number' => 'K001']);
Client::factory()->create(['name' => 'Schmidt AG', 'client_number' => 'K002']);
$response = $this->actingAs($user)->getJson('/api/search?q=Müller');
$response->assertStatus(200)
->assertJsonCount(1, 'data')
->assertJsonPath('data.0.name', 'Müller GmbH');
});
it('returns clients matching client_number', function () {
$user = User::factory()->create(['role' => 'staff']);
Client::factory()->create(['name' => 'Alpha GmbH', 'client_number' => 'K999']);
Client::factory()->create(['name' => 'Beta GmbH', 'client_number' => 'K001']);
$response = $this->actingAs($user)->getJson('/api/search?q=K999');
$response->assertStatus(200)
->assertJsonCount(1, 'data')
->assertJsonPath('data.0.client_number', 'K999');
});
it('returns empty array for no match', function () {
$user = User::factory()->create(['role' => 'staff']);
Client::factory()->create(['name' => 'Alpha GmbH', 'client_number' => 'K001']);
$response = $this->actingAs($user)->getJson('/api/search?q=ZZZ');
$response->assertStatus(200)->assertJsonCount(0, 'data');
});
it('requires auth', function () {
$this->getJson('/api/search?q=test')->assertStatus(401);
});
it('requires q parameter', function () {
$user = User::factory()->create(['role' => 'staff']);
$this->actingAs($user)->getJson('/api/search')->assertStatus(422);
});

View file

@ -0,0 +1,10 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
abstract class TestCase extends BaseTestCase
{
use CreatesApplication;
}

View file

@ -0,0 +1,16 @@
<?php
namespace Tests\Unit;
use PHPUnit\Framework\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*/
public function test_that_true_is_true(): void
{
$this->assertTrue(true);
}
}

11
backend/vite.config.js Normal file
View file

@ -0,0 +1,11 @@
import { defineConfig } from 'vite';
import laravel from 'laravel-vite-plugin';
export default defineConfig({
plugins: [
laravel({
input: ['resources/css/app.css', 'resources/js/app.js'],
refresh: true,
}),
],
});