mirror of
https://github.com/InvoiceShelf/InvoiceShelf.git
synced 2026-04-07 05:31:24 +00:00
7d9fdb79cc
Add scopeWhereCompany() to User model using whereHas through the user_company pivot table. Apply it in UsersController::index() and SearchController so users only see members of their current company. Previously, the users page showed ALL users across all companies. Ref #574
101 lines
2.3 KiB
PHP
101 lines
2.3 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\V1\Admin\Users;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Http\Requests\DeleteUserRequest;
|
|
use App\Http\Requests\UserRequest;
|
|
use App\Http\Resources\UserResource;
|
|
use App\Models\User;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
|
|
class UsersController extends Controller
|
|
{
|
|
/**
|
|
* Display a listing of the resource.
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function index(Request $request)
|
|
{
|
|
$this->authorize('viewAny', User::class);
|
|
|
|
$limit = $request->has('limit') ? $request->limit : 10;
|
|
|
|
$user = $request->user();
|
|
|
|
$users = User::whereCompany()
|
|
->applyFilters($request->all())
|
|
->where('id', '<>', $user->id)
|
|
->latest()
|
|
->paginate($limit);
|
|
|
|
return UserResource::collection($users)
|
|
->additional(['meta' => [
|
|
'user_total_count' => User::whereCompany()->count(),
|
|
]]);
|
|
}
|
|
|
|
/**
|
|
* Store a newly created resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\UserRequest $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function store(UserRequest $request)
|
|
{
|
|
$this->authorize('create', User::class);
|
|
|
|
$user = User::createFromRequest($request);
|
|
|
|
return new UserResource($user);
|
|
}
|
|
|
|
/**
|
|
* Display the specified resource.
|
|
*
|
|
* @return JsonResponse
|
|
*/
|
|
public function show(User $user)
|
|
{
|
|
$this->authorize('view', $user);
|
|
|
|
return new UserResource($user);
|
|
}
|
|
|
|
/**
|
|
* Update the specified resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\UserRequest $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function update(UserRequest $request, User $user)
|
|
{
|
|
$this->authorize('update', $user);
|
|
|
|
$user->updateFromRequest($request);
|
|
|
|
return new UserResource($user);
|
|
}
|
|
|
|
/**
|
|
* Display a listing of the resource.
|
|
*
|
|
* @param Request $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function delete(DeleteUserRequest $request)
|
|
{
|
|
$this->authorize('delete multiple users', User::class);
|
|
|
|
if ($request->users) {
|
|
User::deleteUsers($request->users);
|
|
}
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
]);
|
|
}
|
|
}
|