soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat: harden tenant settings and import pipeline

Browse Source
This commit is contained in:
SEB Fotografie - soeren
2025-09-25 11:50:18 +02:00
parent b22d91ed32
commit 9248d7a3f5
29 changed files with 577 additions and 293 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
app/Http/Controllers/Api/Tenant/SettingsController.php
View File

@@ -5,21 +5,18 @@ namespace App\Http\Controllers\Api\Tenant;
use App\Http\Controllers\Controller;
use App\Http\Requests\Tenant\SettingsStoreRequest;
use App\Models\Tenant;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class SettingsController extends Controller
{
/**
* Get the tenant's settings.
*
* @param Request $request
* @return JsonResponse
*/
public function index(Request $request): JsonResponse
{
$tenant = $request->tenant;
return response()->json([
'message' => 'Settings erfolgreich abgerufen.',
'data' => [
@@ -32,20 +29,14 @@ class SettingsController extends Controller
/**
* Update the tenant's settings.
*
* @param SettingsStoreRequest $request
* @return JsonResponse
*/
public function update(SettingsStoreRequest $request): JsonResponse
{
$tenant = $request->tenant;
// Merge new settings with existing ones
$currentSettings = $tenant->settings ?? [];
$newSettings = array_merge($currentSettings, $request->validated()['settings']);
$settings = $request->validated()['settings'];
$tenant->update([
'settings' => $newSettings,
'settings' => $settings,
'settings_updated_at' => now(),
]);
@@ -53,7 +44,7 @@ class SettingsController extends Controller
'message' => 'Settings erfolgreich aktualisiert.',
'data' => [
'id' => $tenant->id,
'settings' => $newSettings,
'settings' => $settings,
'updated_at' => now()->toISOString(),
],
]);
@@ -61,14 +52,11 @@ class SettingsController extends Controller
/**
* Reset tenant settings to defaults.
*
* @param Request $request
* @return JsonResponse
*/
public function reset(Request $request): JsonResponse
{
$tenant = $request->tenant;
$defaultSettings = [
'branding' => [
'logo_url' => null,
@@ -93,7 +81,7 @@ class SettingsController extends Controller
]);
return response()->json([
'message' => 'Settings auf Standardwerte zurückgesetzt.',
'message' => 'Settings auf Standardwerte zurueckgesetzt.',
'data' => [
'id' => $tenant->id,
'settings' => $defaultSettings,
@@ -104,32 +92,34 @@ class SettingsController extends Controller
/**
* Validate custom domain availability.
*
* @param Request $request
* @return JsonResponse
*/
public function validateDomain(Request $request): JsonResponse
{
$domain = $request->input('domain');
if (!$domain) {
if (! $domain) {
return response()->json(['error' => 'Domain ist erforderlich.'], 400);
}
// Simple validation - in production, check DNS records or database uniqueness
if (!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9]\.[a-zA-Z]{2,}$/', $domain)) {
if (! $this->isValidDomain($domain)) {
return response()->json([
'available' => false,
'message' => 'Ungültiges Domain-Format.',
'message' => 'Ungueltiges Domain-Format.',
]);
}
// Check if domain is already taken by another tenant
$taken = Tenant::where('custom_domain', $domain)->where('id', '!=', $request->tenant->id)->exists();
$taken = Tenant::where('custom_domain', $domain)
->where('id', '!=', $request->tenant->id)
->exists();
return response()->json([
'available' => !$taken,
'message' => $taken ? 'Domain ist bereits vergeben.' : 'Domain ist verfügbar.',
'available' => ! $taken,
'message' => $taken ? 'Domain ist bereits vergeben.' : 'Domain ist verfuegbar.',
]);
}
}
private function isValidDomain(string $domain): bool
{
return filter_var($domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME) !== false;
}
}