Merge pull request #33 from envor/main

improve invitation-only-super-admin

CHANGELOG.md

@@ -2,6 +2,14 @@
 
 All notable changes to `one-app` will be documented in this file.
 
+## v1.0.25 - 2024-06-25
+
+### What's Changed
+
+* use team not team uuid to override default jetstream route by @inmanturbo in https://github.com/envor/one-app/pull/32
+
+**Full Changelog**: https://github.com/envor/one-app/compare/v1.0.24...v1.0.25
+
 ## v1.0.24 - 2024-06-24
 
 ### What's Changed

stubs/invitation-only-super-admin/app/Models/UpgradedUser.php

@@ -0,0 +1,12 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Parental\HasParent;
+
+class UpgradedUser extends User
+{
+    use HasFactory;
+    use HasParent;
+}

stubs/invitation-only-super-admin/app/Policies/TeamPolicy.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\Team;
+use App\Models\User;
+use App\UserType;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class TeamPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Determine whether the user can view any models.
+     */
+    public function viewAny(User $user): bool
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     */
+    public function view(User $user, Team $team): bool
+    {
+        return $user->belongsToTeam($team);
+    }
+
+    /**
+     * Determine whether the user can create models.
+     */
+    public function create(User $user): bool
+    {
+        return $user->type === UserType::SuperAdmin || $user->type === UserType::UpgradedUser;
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     */
+    public function update(User $user, Team $team): bool
+    {
+        return $user->ownsTeam($team) && cache()->get('team:lock_db:'.$team->uuid, false) === false;
+    }
+
+    /**
+     * Determine whether the user can add team members.
+     */
+    public function addTeamMember(User $user, Team $team): bool
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can update team member permissions.
+     */
+    public function updateTeamMember(User $user, Team $team): bool
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can remove team members.
+     */
+    public function removeTeamMember(User $user, Team $team): bool
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     */
+    public function delete(User $user, Team $team): bool
+    {
+        return $user->ownsTeam($team);
+    }
+}

stubs/invitation-only-super-admin/app/UserType.php

@@ -9,4 +9,5 @@ enum UserType: string
 {
     case User = User::class;
     case SuperAdmin = SuperAdmin::class;
+    case UpgradedUser = UpgradedUser::class;
 }

stubs/invitation-only-super-admin/resources/views/livewire/one-app-user-type-form.blade.php

@@ -0,0 +1,74 @@
+<?php
+
+use App\Models\User;
+use Envor\Datastore\Models\Datastore;
+use Illuminate\Validation\Rule;
+
+use function Livewire\Volt\{computed, state, mount};
+
+state([
+    'user' => null,
+    'data' => [],
+]);
+
+mount(
+    function ($user) {
+        $this->user = $user;
+
+        $this->data['user_type'] = $user->type->name;
+    }
+);
+
+$availableTypes = computed(fn() => (new User)->childTypes());
+
+$updateUserType = function () {
+
+    $this->resetErrorBag();
+
+    $this->validate([
+        'data.user_type' => [Rule::in(array_keys((new User)->childTypes()))],
+    ]);
+
+    $this->user->forceFill([
+        'type' => $this->data['user_type'],
+    ])->save();
+
+
+    $this->dispatch('saved');
+};?>
+
+<x-form-section submit="updateUserType">
+    <x-slot name="title">
+        {{ __('User Type') }}
+    </x-slot>
+
+    <x-slot name="description">
+        {{ __('The Type of user') }}
+    </x-slot>
+
+    <x-slot name="form">
+
+        <div class="col-span-6 sm:col-span-4">
+            <x-label for="name" value="{{ __('User Type') }}" />
+
+            <x-select id="name" type="text" class="block w-full mt-1" wire:model="data.user_type" autofocus>
+                @foreach ($this->availableTypes as $key => $label)
+                    <option value="{{ $key }}">{{ $label }}</option>
+                @endforeach
+            </x-select>
+
+            <x-input-error for="data.user_type" class="mt-2" />
+        </div>
+
+    </x-slot>
+
+    <x-slot name="actions">
+        <x-action-message class="me-3" on="saved">
+            {{ __('Saved.') }}
+        </x-action-message>
+
+        <x-button>
+            {{ __('Save') }}
+        </x-button>
+    </x-slot>
+</x-form-section>

stubs/invitation-only-super-admin/resources/views/profile/show.blade.php

@@ -0,0 +1,52 @@
+<x-app-layout>
+    <x-slot name="header">
+        <h2 class="text-xl font-semibold leading-tight text-gray-800 dark:text-gray-200">
+            {{ __('Profile') }}
+        </h2>
+    </x-slot>
+
+    <div>
+        <div class="py-10 mx-auto max-w-7xl sm:px-6 lg:px-8">
+            @if (Laravel\Fortify\Features::canUpdateProfileInformation())
+                @livewire('profile.update-profile-information-form')
+
+                <x-section-border />
+            @endif
+
+            @isLoggedInByMasterPass
+
+                @livewire('one-app-user-type-form', ['user' => Auth::user()])
+                <x-section-border />
+
+            @endif
+
+            @if (Laravel\Fortify\Features::enabled(Laravel\Fortify\Features::updatePasswords()))
+                <div class="mt-10 sm:mt-0">
+                    @livewire('profile.update-password-form')
+                </div>
+
+                <x-section-border />
+            @endif
+
+            @if (Laravel\Fortify\Features::canManageTwoFactorAuthentication())
+                <div class="mt-10 sm:mt-0">
+                    @livewire('profile.two-factor-authentication-form')
+                </div>
+
+                <x-section-border />
+            @endif
+
+            <div class="mt-10 sm:mt-0">
+                @livewire('profile.logout-other-browser-sessions-form')
+            </div>
+
+            @if (Laravel\Jetstream\Jetstream::hasAccountDeletionFeatures())
+                <x-section-border />
+
+                <div class="mt-10 sm:mt-0">
+                    @livewire('profile.delete-user-form')
+                </div>
+            @endif
+        </div>
+    </div>
+</x-app-layout>

stubs/navigation/app/Http/Controllers/TeamController.php

@@ -23,6 +23,10 @@ public function show(Request $request, $team)
             abort(403);
         }
 
+        if ($team->uuid != $request->user()->currentTeam->uuid) {
+            return redirect()->route('teams.show', $request->user()->currentTeam->uuid);
+        }
+
         return view('teams.show', [
             'user' => $request->user(),
             'team' => $team,