QT/InvoiceShelf
1
0
Fork 0
mirror of https://github.com/InvoiceShelf/InvoiceShelf.git synced 2026-04-15 17:24:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
92a1baced43fa464040e6d0b0943279f76381fc8
InvoiceShelf/app/Http/Controllers/Company/Settings/InvitationController.php
Darko Gjorgjijoski 92a1baced4 Add company invitation system (backend) 
New feature allowing company owners/admins to invite users by email with
a specific company-scoped role.

Database:
- New company_invitations table (company_id, email, role_id, token,
  status, invited_by, expires_at)

Backend:
- CompanyInvitation model with pending/forUser scopes
- InvitationService: invite, accept, decline, getPendingForUser
- CompanyInvitationMail with markdown email template
- InvitationController (company-scoped): list, send, cancel invitations
- InvitationResponseController (user-scoped): pending, accept, decline
- BootstrapController returns pending_invitations in response
- CompanyMiddleware handles zero-company users gracefully

Tests: 9 feature tests covering invite, accept, decline, cancel, expire,
duplicate prevention, and bootstrap integration.
2026-04-03 22:58:55 +02:00

70 lines
1.9 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Company\Settings;
use App\Http\Controllers\Controller;
use App\Http\Resources\CompanyInvitationResource;
use App\Models\Company;
use App\Models\CompanyInvitation;
use App\Services\InvitationService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class InvitationController extends Controller
{
public function __construct(
private readonly InvitationService $invitationService,
) {}
public function index(Request $request): JsonResponse
{
$company = Company::find($request->header('company'));
$invitations = CompanyInvitation::where('company_id', $company->id)
->pending()
->with(['role', 'invitedBy'])
->latest()
->get();
return response()->json([
'invitations' => CompanyInvitationResource::collection($invitations),
]);
}
public function store(Request $request): JsonResponse
{
$request->validate([
'email' => 'required|email',
'role_id' => 'required|exists:roles,id',
]);
$company = Company::find($request->header('company'));
$invitation = $this->invitationService->invite(
$company,
$request->email,
$request->role_id,
$request->user()
);
return response()->json([
'success' => true,
'invitation' => new CompanyInvitationResource($invitation->load(['company', 'role', 'invitedBy'])),
]);
}
public function destroy(CompanyInvitation $companyInvitation): JsonResponse
{
if ($companyInvitation->status !== CompanyInvitation::STATUS_PENDING) {
return response()->json([
'success' => false,
'message' => 'Only pending invitations can be cancelled.',
], 422);
}
$companyInvitation->delete();
return response()->json(['success' => true]);
}
}
Reference in New Issue View Git Blame Copy Permalink