saufi/eCert-MBIP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c9b50ccc5e518c1cea93dcbaf79148368ce93103
eCert-MBIP/app/Http/Controllers/Admin/UserController.php
Saufi c9b50ccc5e feat: two-role system — super_admin & admin program (Fasa 12) 
- Replace is_admin boolean with role enum('super_admin','admin') via migration
- ProgramPolicy: admin program can only view/edit/delete own programs
- EnsureIsAdmin: accepts both roles; EnsureSuperAdmin: super_admin only
- UserController + views: super_admin can manage admin accounts
- Sidebar: user management link & role badge gated on isSuperAdmin()
- Fix Controller base class: add AuthorizesRequests trait
- Fix tests: replace nonAdmin() (invalid enum) with adminProgram() against super_admin-only route

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-18 08:47:58 +08:00

90 lines
2.7 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Models\User;
use App\Services\AuditLogService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Validation\Rules\Password;
use Illuminate\View\View;
class UserController extends Controller
{
public function index(): View
{
$users = User::withCount('programs')->latest()->paginate(20);
return view('admin.users.index', compact('users'));
}
public function create(): View
{
return view('admin.users.create');
}
public function store(Request $request): RedirectResponse
{
$data = $request->validate([
'name' => 'required|string|max:255',
'email' => 'required|email|max:255|unique:users,email',
'role' => 'required|in:super_admin,admin',
'password' => ['required', 'confirmed', Password::min(8)->mixedCase()->numbers()],
]);
$user = User::create($data);
AuditLogService::log('user.created', $user, [], ['email' => $user->email, 'role' => $user->role]);
return redirect()->route('admin.users.index')
->with('success', 'Pengguna "' . $user->name . '" berjaya ditambah.');
}
public function edit(User $user): View
{
return view('admin.users.edit', compact('user'));
}
public function update(Request $request, User $user): RedirectResponse
{
$rules = [
'name' => 'required|string|max:255',
'email' => 'required|email|max:255|unique:users,email,' . $user->id,
'role' => 'required|in:super_admin,admin',
];
if ($request->filled('password')) {
$rules['password'] = ['confirmed', Password::min(8)->mixedCase()->numbers()];
}
$data = $request->validate($rules);
if (! $request->filled('password')) {
unset($data['password']);
}
$old = $user->only(['name', 'email', 'role']);
$user->update($data);
AuditLogService::log('user.updated', $user, $old, $user->only(['name', 'email', 'role']));
return redirect()->route('admin.users.index')
->with('success', 'Maklumat pengguna "' . $user->name . '" berjaya dikemas kini.');
}
public function destroy(User $user): RedirectResponse
{
if ($user->id === auth()->id()) {
return back()->with('error', 'Anda tidak boleh padam akaun sendiri.');
}
$name = $user->name;
AuditLogService::log('user.deleted', $user);
$user->delete();
return redirect()->route('admin.users.index')
->with('success', 'Pengguna "' . $name . '" berjaya dipadam.');
}
}
Reference in New Issue View Git Blame Copy Permalink