181 lines
6.1 KiB
PHP
181 lines
6.1 KiB
PHP
<?php
|
||
|
||
namespace App\Http\Controllers\Api\Admin;
|
||
|
||
use App\Http\Controllers\Controller;
|
||
use App\Http\Requests\Role\StoreRoleRequest;
|
||
use App\Http\Requests\Role\UpdateRoleRequest;
|
||
use App\Http\Resources\RoleResource;
|
||
use Illuminate\Http\JsonResponse;
|
||
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
|
||
use OpenApi\Attributes as OA;
|
||
use Spatie\Permission\Models\Permission;
|
||
use Spatie\Permission\Models\Role;
|
||
|
||
class RoleController extends Controller
|
||
{
|
||
#[OA\Get(
|
||
path: '/api/admin/roles',
|
||
summary: 'Rolleri listele',
|
||
tags: ['Admin - Roles'],
|
||
security: [['sanctum' => []]],
|
||
responses: [new OA\Response(response: 200, description: 'Rol listesi')],
|
||
)]
|
||
public function index(): AnonymousResourceCollection
|
||
{
|
||
$roles = Role::query()
|
||
->with('permissions')
|
||
->get()
|
||
->loadCount('users');
|
||
|
||
return RoleResource::collection($roles);
|
||
}
|
||
|
||
#[OA\Post(
|
||
path: '/api/admin/roles',
|
||
summary: 'Yeni rol oluştur',
|
||
tags: ['Admin - Roles'],
|
||
security: [['sanctum' => []]],
|
||
requestBody: new OA\RequestBody(
|
||
required: true,
|
||
content: new OA\JsonContent(
|
||
required: ['name', 'permissions'],
|
||
properties: [
|
||
new OA\Property(property: 'name', type: 'string', example: 'moderator'),
|
||
new OA\Property(property: 'permissions', type: 'array', items: new OA\Items(type: 'string'), example: ['view-category', 'view-course']),
|
||
],
|
||
),
|
||
),
|
||
responses: [
|
||
new OA\Response(response: 201, description: 'Rol oluşturuldu'),
|
||
new OA\Response(response: 422, description: 'Validasyon hatası'),
|
||
],
|
||
)]
|
||
public function store(StoreRoleRequest $request): JsonResponse
|
||
{
|
||
$role = Role::create([
|
||
'name' => $request->validated('name'),
|
||
'guard_name' => 'web',
|
||
]);
|
||
|
||
$role->syncPermissions($request->validated('permissions'));
|
||
$role->load('permissions');
|
||
|
||
return (new RoleResource($role))
|
||
->response()
|
||
->setStatusCode(201);
|
||
}
|
||
|
||
#[OA\Get(
|
||
path: '/api/admin/roles/{role}',
|
||
summary: 'Rol detayı',
|
||
tags: ['Admin - Roles'],
|
||
security: [['sanctum' => []]],
|
||
parameters: [new OA\Parameter(name: 'role', in: 'path', required: true, schema: new OA\Schema(type: 'integer'))],
|
||
responses: [
|
||
new OA\Response(response: 200, description: 'Rol detayı'),
|
||
new OA\Response(response: 404, description: 'Bulunamadı'),
|
||
],
|
||
)]
|
||
public function show(Role $role): RoleResource
|
||
{
|
||
$role->load('permissions');
|
||
$role->loadCount('users');
|
||
|
||
return new RoleResource($role);
|
||
}
|
||
|
||
#[OA\Put(
|
||
path: '/api/admin/roles/{role}',
|
||
summary: 'Rol güncelle',
|
||
tags: ['Admin - Roles'],
|
||
security: [['sanctum' => []]],
|
||
parameters: [new OA\Parameter(name: 'role', in: 'path', required: true, schema: new OA\Schema(type: 'integer'))],
|
||
requestBody: new OA\RequestBody(required: true, content: new OA\JsonContent(
|
||
properties: [
|
||
new OA\Property(property: 'name', type: 'string', example: 'moderator'),
|
||
new OA\Property(property: 'permissions', type: 'array', items: new OA\Items(type: 'string')),
|
||
],
|
||
)),
|
||
responses: [
|
||
new OA\Response(response: 200, description: 'Rol güncellendi'),
|
||
new OA\Response(response: 422, description: 'Validasyon hatası'),
|
||
],
|
||
)]
|
||
public function update(UpdateRoleRequest $request, Role $role): RoleResource
|
||
{
|
||
$validated = $request->validated();
|
||
|
||
if (isset($validated['name'])) {
|
||
$role->update(['name' => $validated['name']]);
|
||
}
|
||
|
||
if (isset($validated['permissions'])) {
|
||
$role->syncPermissions($validated['permissions']);
|
||
}
|
||
|
||
$role->load('permissions');
|
||
|
||
return new RoleResource($role);
|
||
}
|
||
|
||
#[OA\Delete(
|
||
path: '/api/admin/roles/{role}',
|
||
summary: 'Rol sil',
|
||
tags: ['Admin - Roles'],
|
||
security: [['sanctum' => []]],
|
||
parameters: [new OA\Parameter(name: 'role', in: 'path', required: true, schema: new OA\Schema(type: 'integer'))],
|
||
responses: [
|
||
new OA\Response(response: 200, description: 'Rol silindi'),
|
||
new OA\Response(response: 403, description: 'Varsayılan roller silinemez'),
|
||
new OA\Response(response: 404, description: 'Bulunamadı'),
|
||
],
|
||
)]
|
||
public function destroy(Role $role): JsonResponse
|
||
{
|
||
if (in_array($role->name, ['super-admin', 'editor'])) {
|
||
return response()->json(['message' => 'Varsayılan roller silinemez.'], 403);
|
||
}
|
||
|
||
if ($role->users()->count() > 0) {
|
||
return response()->json(['message' => 'Bu role atanmış kullanıcılar var. Önce kullanıcıların rollerini değiştirin.'], 422);
|
||
}
|
||
|
||
$role->delete();
|
||
|
||
return response()->json(['message' => 'Rol başarıyla silindi.']);
|
||
}
|
||
|
||
#[OA\Get(
|
||
path: '/api/admin/permissions',
|
||
summary: 'Tüm yetkileri listele',
|
||
description: 'Rol oluştururken/düzenlerken kullanılacak tüm mevcut yetkileri modül bazlı gruplandırarak döner.',
|
||
tags: ['Admin - Roles'],
|
||
security: [['sanctum' => []]],
|
||
responses: [new OA\Response(response: 200, description: 'Yetki listesi')],
|
||
)]
|
||
public function permissions(): JsonResponse
|
||
{
|
||
$permissions = Permission::query()
|
||
->where('guard_name', 'web')
|
||
->orderBy('name')
|
||
->pluck('name');
|
||
|
||
// Modül bazlı gruplandırma
|
||
$grouped = [];
|
||
foreach ($permissions as $permission) {
|
||
$parts = explode('-', $permission, 2);
|
||
if (count($parts) === 2) {
|
||
$grouped[$parts[1]][] = $permission;
|
||
}
|
||
}
|
||
|
||
return response()->json([
|
||
'data' => [
|
||
'all' => $permissions,
|
||
'grouped' => $grouped,
|
||
],
|
||
]);
|
||
}
|
||
}
|