- Remove Filament /admin panel completely (AdminPanelProvider, UserResource, routes) - Update composer.json to remove filament/filament dependency - Add User model soft deletes with SoftDeletes trait + migration - Strengthen UserPolicy::delete to prevent deleting last remaining admin - Build out User module following pattern: CreateUserAction, UpdateUserAction, GetUsersAction, UserResource, UserController, Create/UpdateUserRequest, UserData DTO - Add /api/users routes (index, store, update, destroy), all admin-gated via policy - Create frontend Settings > Accounts page (settings/accounts.vue) for admin user management - Add useUsers composable mirroring useClient pattern - Add "Benutzer" link to settings dropdown in clients/index.vue - All tests pass; User soft-delete and last-admin protection verified Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
34 lines
654 B
PHP
34 lines
654 B
PHP
<?php
|
|
|
|
namespace App\Modules\User\Policies;
|
|
|
|
use App\Models\User;
|
|
|
|
class UserPolicy
|
|
{
|
|
public function viewAny(User $user): bool
|
|
{
|
|
return $user->isAdmin();
|
|
}
|
|
|
|
public function create(User $user): bool
|
|
{
|
|
return $user->isAdmin();
|
|
}
|
|
|
|
public function update(User $user, User $target): bool
|
|
{
|
|
return $user->isAdmin();
|
|
}
|
|
|
|
public function delete(User $user, User $target): bool
|
|
{
|
|
if (! $user->isAdmin()) {
|
|
return false;
|
|
}
|
|
if ($target->isAdmin() && User::where('role', 'admin')->count() <= 1) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
}
|