157 lines
4.2 KiB
PHP
157 lines
4.2 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\User;
|
|
use App\Models\Tenant;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\RedirectResponse;
|
|
use Illuminate\View\View;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
class UserController extends Controller
|
|
{
|
|
/**
|
|
* Zeige alle Benutzer
|
|
*/
|
|
public function index(): View
|
|
{
|
|
$user = Auth::user();
|
|
|
|
if (!$user->isSuperAdmin()) {
|
|
abort(403, 'Nicht autorisiert');
|
|
}
|
|
|
|
$users = User::with('tenant')->orderBy('name')->paginate(15);
|
|
|
|
return view('admin.users.index', compact('users'));
|
|
}
|
|
|
|
/**
|
|
* Zeige Formular zum Erstellen eines neuen Benutzers
|
|
*/
|
|
public function create(): View
|
|
{
|
|
$user = Auth::user();
|
|
|
|
if (!$user->isSuperAdmin()) {
|
|
abort(403, 'Nicht autorisiert');
|
|
}
|
|
|
|
$tenants = Tenant::orderBy('name')->get();
|
|
|
|
return view('admin.users.create', compact('tenants'));
|
|
}
|
|
|
|
/**
|
|
* Speichere einen neuen Benutzer
|
|
*/
|
|
public function store(Request $request): RedirectResponse
|
|
{
|
|
$user = Auth::user();
|
|
|
|
if (!$user->isSuperAdmin()) {
|
|
abort(403, 'Nicht autorisiert');
|
|
}
|
|
|
|
$validated = $request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => 'required|string|email|max:255|unique:users,email',
|
|
'password' => 'required|string|min:8|confirmed',
|
|
'tenant_id' => 'nullable|exists:tenants,id',
|
|
'role' => 'required|in:tenant_admin,super_admin'
|
|
]);
|
|
|
|
$validated['password'] = Hash::make($validated['password']);
|
|
|
|
User::create($validated);
|
|
|
|
return redirect()->route('admin.users.index')
|
|
->with('success', 'Benutzer erfolgreich erstellt.');
|
|
}
|
|
|
|
/**
|
|
* Zeige einen spezifischen Benutzer
|
|
*/
|
|
public function show(User $user): View
|
|
{
|
|
$authUser = Auth::user();
|
|
|
|
if (!$authUser->isSuperAdmin()) {
|
|
abort(403, 'Nicht autorisiert');
|
|
}
|
|
|
|
return view('admin.users.show', compact('user'));
|
|
}
|
|
|
|
/**
|
|
* Zeige Formular zum Bearbeiten eines Benutzers
|
|
*/
|
|
public function edit(User $user): View
|
|
{
|
|
$authUser = Auth::user();
|
|
|
|
if (!$authUser->isSuperAdmin()) {
|
|
abort(403, 'Nicht autorisiert');
|
|
}
|
|
|
|
$tenants = Tenant::orderBy('name')->get();
|
|
|
|
return view('admin.users.edit', compact('user', 'tenants'));
|
|
}
|
|
|
|
/**
|
|
* Aktualisiere einen Benutzer
|
|
*/
|
|
public function update(Request $request, User $user): RedirectResponse
|
|
{
|
|
$authUser = Auth::user();
|
|
|
|
if (!$authUser->isSuperAdmin()) {
|
|
abort(403, 'Nicht autorisiert');
|
|
}
|
|
|
|
$validated = $request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => 'required|string|email|max:255|unique:users,email,' . $user->id,
|
|
'password' => 'nullable|string|min:8|confirmed',
|
|
'tenant_id' => 'nullable|exists:tenants,id',
|
|
'role' => 'required|in:tenant_admin,super_admin'
|
|
]);
|
|
|
|
if (!empty($validated['password'])) {
|
|
$validated['password'] = Hash::make($validated['password']);
|
|
} else {
|
|
unset($validated['password']);
|
|
}
|
|
|
|
$user->update($validated);
|
|
|
|
return redirect()->route('admin.users.index')
|
|
->with('success', 'Benutzer erfolgreich aktualisiert.');
|
|
}
|
|
|
|
/**
|
|
* Lösche einen Benutzer
|
|
*/
|
|
public function destroy(User $user): RedirectResponse
|
|
{
|
|
$authUser = Auth::user();
|
|
|
|
if (!$authUser->isSuperAdmin()) {
|
|
abort(403, 'Nicht autorisiert');
|
|
}
|
|
|
|
// Verhindere, dass sich der Benutzer selbst löscht
|
|
if ($user->id === $authUser->id) {
|
|
return redirect()->route('admin.users.index')
|
|
->with('error', 'Sie können sich nicht selbst löschen.');
|
|
}
|
|
|
|
$user->delete();
|
|
|
|
return redirect()->route('admin.users.index')
|
|
->with('success', 'Benutzer erfolgreich gelöscht.');
|
|
}
|
|
} |