soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
2e78f3ab8d4afa6891ea7c722b471a6bef2e7157
fotospiel-app/app/Http/Controllers/Api/Tenant/LiveShowPhotoController.php
Codex Agent 7aa0a4c847
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (push) Has been cancelled
Details
tests / ui (push) Has been cancelled
Details
Enforce tenant member permissions
2026-01-16 13:33:36 +01:00

202 lines
7.0 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Api\Tenant;
use App\Http\Controllers\Controller;
use App\Http\Requests\Tenant\LiveShowApproveRequest;
use App\Http\Requests\Tenant\LiveShowQueueRequest;
use App\Http\Requests\Tenant\LiveShowRejectRequest;
use App\Http\Resources\Tenant\PhotoResource;
use App\Models\Event;
use App\Models\Photo;
use App\Support\ApiError;
use App\Support\TenantMemberPermissions;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Symfony\Component\HttpFoundation\Response;
class LiveShowPhotoController extends Controller
{
public function index(LiveShowQueueRequest $request, string $eventSlug): AnonymousResourceCollection
{
$tenantId = $request->attributes->get('tenant_id');
$event = Event::where('slug', $eventSlug)
->where('tenant_id', $tenantId)
->firstOrFail();
TenantMemberPermissions::ensureEventPermission($request, $event, 'photos:moderate');
$liveStatus = $request->string('live_status', 'pending')->toString();
$perPage = (int) $request->input('per_page', 20);
$perPage = max(1, min($perPage, 50));
$query = Photo::query()
->where('event_id', $event->id)
->with('event')
->withCount('likes');
if ($liveStatus !== '' && $liveStatus !== 'all') {
$query->where('live_status', $liveStatus);
}
$photos = $query
->orderByDesc('live_submitted_at')
->orderByDesc('created_at')
->paginate($perPage);
return PhotoResource::collection($photos);
}
public function approve(LiveShowApproveRequest $request, string $eventSlug, Photo $photo): JsonResponse
{
$tenantId = $request->attributes->get('tenant_id');
$event = Event::where('slug', $eventSlug)
->where('tenant_id', $tenantId)
->firstOrFail();
TenantMemberPermissions::ensureEventPermission($request, $event, 'photos:moderate');
if ($photo->event_id !== $event->id) {
return ApiError::response(
'photo_not_found',
'Photo not found',
'The specified photo could not be located for this event.',
Response::HTTP_NOT_FOUND,
['photo_id' => $photo->id]
);
}
if ($photo->status !== 'approved') {
return ApiError::response(
'photo_not_approved',
'Photo not approved',
'Only approved photos can be added to the Live Show.',
Response::HTTP_UNPROCESSABLE_ENTITY,
['photo_id' => $photo->id]
);
}
$photo->approveForLiveShow($request->user());
if ($request->filled('priority')) {
$photo->forceFill([
'live_priority' => $request->integer('priority'),
])->save();
}
$photo->refresh()->load('event')->loadCount('likes');
return response()->json([
'message' => 'Photo approved for Live Show',
'data' => new PhotoResource($photo),
]);
}
public function approveAndLive(LiveShowApproveRequest $request, string $eventSlug, Photo $photo): JsonResponse
{
$tenantId = $request->attributes->get('tenant_id');
$event = Event::where('slug', $eventSlug)
->where('tenant_id', $tenantId)
->firstOrFail();
TenantMemberPermissions::ensureEventPermission($request, $event, 'photos:moderate');
if ($photo->event_id !== $event->id) {
return ApiError::response(
'photo_not_found',
'Photo not found',
'The specified photo could not be located for this event.',
Response::HTTP_NOT_FOUND,
['photo_id' => $photo->id]
);
}
if (in_array($photo->status, ['rejected', 'hidden'], true)) {
return ApiError::response(
'photo_not_eligible',
'Photo not eligible',
'Rejected or hidden photos cannot be approved for Live Show.',
Response::HTTP_UNPROCESSABLE_ENTITY,
['photo_id' => $photo->id]
);
}
if ($photo->status !== 'approved') {
$photo->forceFill([
'status' => 'approved',
'moderated_at' => now(),
'moderated_by' => $request->user()?->id,
'moderation_notes' => null,
])->save();
}
$photo->approveForLiveShow($request->user());
if ($request->filled('priority')) {
$photo->forceFill([
'live_priority' => $request->integer('priority'),
])->save();
}
$photo->refresh()->load('event')->loadCount('likes');
return response()->json([
'message' => 'Photo approved and added to Live Show',
'data' => new PhotoResource($photo),
]);
}
public function reject(LiveShowRejectRequest $request, string $eventSlug, Photo $photo): JsonResponse
{
$tenantId = $request->attributes->get('tenant_id');
$event = Event::where('slug', $eventSlug)
->where('tenant_id', $tenantId)
->firstOrFail();
TenantMemberPermissions::ensureEventPermission($request, $event, 'photos:moderate');
if ($photo->event_id !== $event->id) {
return ApiError::response(
'photo_not_found',
'Photo not found',
'The specified photo could not be located for this event.',
Response::HTTP_NOT_FOUND,
['photo_id' => $photo->id]
);
}
$reason = $request->string('reason')->toString();
$photo->rejectForLiveShow($request->user(), $reason !== '' ? $reason : null);
$photo->refresh()->load('event')->loadCount('likes');
return response()->json([
'message' => 'Photo rejected for Live Show',
'data' => new PhotoResource($photo),
]);
}
public function clear(Request $request, string $eventSlug, Photo $photo): JsonResponse
{
$tenantId = $request->attributes->get('tenant_id');
$event = Event::where('slug', $eventSlug)
->where('tenant_id', $tenantId)
->firstOrFail();
TenantMemberPermissions::ensureEventPermission($request, $event, 'photos:moderate');
if ($photo->event_id !== $event->id) {
return ApiError::response(
'photo_not_found',
'Photo not found',
'The specified photo could not be located for this event.',
Response::HTTP_NOT_FOUND,
['photo_id' => $photo->id]
);
}
$photo->clearFromLiveShow($request->user());
$photo->refresh()->load('event')->loadCount('likes');
return response()->json([
'message' => 'Photo removed from Live Show',
'data' => new PhotoResource($photo),
]);
}
}
Reference in New Issue View Git Blame Copy Permalink