mandant-crm/backend/app/Modules/User/Controllers/UserController.php
Tim Stollberg 71730fef06 feat: remove Filament, add user account management
- Remove Filament /admin panel completely (AdminPanelProvider, UserResource, routes)
- Update composer.json to remove filament/filament dependency
- Add User model soft deletes with SoftDeletes trait + migration
- Strengthen UserPolicy::delete to prevent deleting last remaining admin
- Build out User module following pattern: CreateUserAction, UpdateUserAction, GetUsersAction,
  UserResource, UserController, Create/UpdateUserRequest, UserData DTO
- Add /api/users routes (index, store, update, destroy), all admin-gated via policy
- Create frontend Settings > Accounts page (settings/accounts.vue) for admin user management
- Add useUsers composable mirroring useClient pattern
- Add "Benutzer" link to settings dropdown in clients/index.vue
- All tests pass; User soft-delete and last-admin protection verified

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-07-13 13:05:40 +07:00

45 lines
1.5 KiB
PHP

<?php
namespace App\Modules\User\Controllers;
use App\Http\Controllers\Controller;
use App\Models\User;
use App\Modules\User\Actions\CreateUserAction;
use App\Modules\User\Actions\GetUsersAction;
use App\Modules\User\Actions\UpdateUserAction;
use App\Modules\User\DTOs\UserData;
use App\Modules\User\Requests\CreateUserRequest;
use App\Modules\User\Requests\UpdateUserRequest;
use App\Modules\User\Resources\UserResource;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
class UserController extends Controller
{
public function index(GetUsersAction $action): AnonymousResourceCollection
{
$this->authorize('viewAny', User::class);
return UserResource::collection($action->list());
}
public function store(CreateUserRequest $request, CreateUserAction $action): JsonResponse
{
$this->authorize('create', User::class);
$user = $action->handle(UserData::fromCreateRequest($request));
return UserResource::make($user)->response()->setStatusCode(201);
}
public function update(UpdateUserRequest $request, User $user, UpdateUserAction $action): UserResource
{
$this->authorize('update', $user);
$updated = $action->handle($user, UserData::fromUpdateRequest($request));
return UserResource::make($updated);
}
public function destroy(User $user): JsonResponse
{
$this->authorize('delete', $user);
$user->delete();
return response()->json(null, 204);
}
}