Merge pull request #24 from openfoodfoundation/feature/audit-items

Feature: Audit Items model

app/Console/Commands/TestCommand.php

@@ -2,6 +2,11 @@
 
 namespace App\Console\Commands;
 
+use App\Models\AuditItem;
+use App\Models\Team;
+use App\Models\User;
+use App\Models\Voucher;
+use App\Models\VoucherSet;
 use Illuminate\Console\Command;
 
 class TestCommand extends Command
@@ -23,5 +28,14 @@ class TestCommand extends Command
     /**
      * Execute the console command.
      */
-    public function handle() {}
+    public function handle()
+    {
+        $users       = User::factory(100)->createQuietly();
+        $teams       = Team::factory(100)->createQuietly();
+        $vouchers    = Voucher::factory(100)->createQuietly();
+        $voucherSets = VoucherSet::factory(100)->createQuietly();
+        $auditItems  = AuditItem::factory(100)->createQuietly([
+            'team_id' => 1,
+        ]);
+    }
 }

app/Enums/PersonalAccessTokenAbility.php

@@ -7,21 +7,25 @@
  */
 enum PersonalAccessTokenAbility: string
 {
-    case SUPER_ADMIN              = 'super-admin'; // Allowed to do everything
-    case MY_PROFILE_CREATE        = 'my-profile-create';
-    case MY_PROFILE_READ          = 'my-profile-read';
-    case MY_PROFILE_UPDATE        = 'my-profile-update';
-    case MY_PROFILE_DELETE        = 'my-profile-delete';
-    case MY_TEAM_CREATE           = 'my-team-create';
-    case MY_TEAM_READ             = 'my-team-read';
-    case MY_TEAM_UPDATE           = 'my-team-update';
-    case MY_TEAM_DELETE           = 'my-team-delete';
-    case MY_TEAM_VOUCHERS_CREATE  = 'my-team-vouchers-create';
-    case MY_TEAM_VOUCHERS_READ    = 'my-team-vouchers-read';
-    case MY_TEAM_VOUCHERS_UPDATE  = 'my-team-vouchers-update';
-    case MY_TEAM_VOUCHERS_DELETE  = 'my-team-vouchers-delete';
-    case SYSTEM_STATISTICS_CREATE = 'system-statistics-create';
-    case SYSTEM_STATISTICS_READ   = 'system-statistics-read';
-    case SYSTEM_STATISTICS_UPDATE = 'system-statistics-update';
-    case SYSTEM_STATISTICS_DELETE = 'system-statistics-delete';
+    case SUPER_ADMIN                = 'super-admin'; // Allowed to do everything
+    case MY_PROFILE_CREATE          = 'my-profile-create';
+    case MY_PROFILE_READ            = 'my-profile-read';
+    case MY_PROFILE_UPDATE          = 'my-profile-update';
+    case MY_PROFILE_DELETE          = 'my-profile-delete';
+    case MY_TEAM_CREATE             = 'my-team-create';
+    case MY_TEAM_READ               = 'my-team-read';
+    case MY_TEAM_UPDATE             = 'my-team-update';
+    case MY_TEAM_DELETE             = 'my-team-delete';
+    case MY_TEAM_AUDIT_ITEMS_CREATE = 'my-team-audit-items-create';
+    case MY_TEAM_AUDIT_ITEMS_READ   = 'my-team-audit-items-read';
+    case MY_TEAM_AUDIT_ITEMS_UPDATE = 'my-team-audit-items-update';
+    case MY_TEAM_AUDIT_ITEMS_DELETE = 'my-team-audit-items-delete';
+    case MY_TEAM_VOUCHERS_CREATE    = 'my-team-vouchers-create';
+    case MY_TEAM_VOUCHERS_READ      = 'my-team-vouchers-read';
+    case MY_TEAM_VOUCHERS_UPDATE    = 'my-team-vouchers-update';
+    case MY_TEAM_VOUCHERS_DELETE    = 'my-team-vouchers-delete';
+    case SYSTEM_STATISTICS_CREATE   = 'system-statistics-create';
+    case SYSTEM_STATISTICS_READ     = 'system-statistics-read';
+    case SYSTEM_STATISTICS_UPDATE   = 'system-statistics-update';
+    case SYSTEM_STATISTICS_DELETE   = 'system-statistics-delete';
 }

app/Events/Users/UserWasCreated.php

@@ -0,0 +1,37 @@
+<?php
+
+namespace App\Events\Users;
+
+use App\Models\User;
+use Illuminate\Broadcasting\Channel;
+use Illuminate\Broadcasting\InteractsWithSockets;
+use Illuminate\Broadcasting\PrivateChannel;
+use Illuminate\Contracts\Auth\Authenticatable;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+
+class UserWasCreated
+{
+    use Dispatchable;
+    use InteractsWithSockets;
+    use SerializesModels;
+
+    /**
+     * Create a new event instance.
+     *
+     * @param User|Authenticatable $user
+     */
+    public function __construct(public User|Authenticatable $user) {}
+
+    /**
+     * Get the channels the event should broadcast on.
+     *
+     * @return array<int, Channel>
+     */
+    public function broadcastOn(): array
+    {
+        return [
+            new PrivateChannel('channel-name'),
+        ];
+    }
+}

app/Http/Controllers/Api/V1/Admin/ApiAdminAuditItemsController.php

@@ -0,0 +1,101 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1\Admin;
+
+use App\Enums\ApiResponse;
+use App\Exceptions\DisallowedApiFieldException;
+use App\Http\Controllers\Api\HandlesAPIRequests;
+use App\Http\Controllers\Controller;
+use App\Models\AuditItem;
+use Illuminate\Http\JsonResponse;
+
+class ApiAdminAuditItemsController extends Controller
+{
+    use HandlesAPIRequests;
+
+    /**
+     * Set the related data the GET request is allowed to ask for
+     */
+    public array $availableRelations = [
+        'team',
+    ];
+
+    public static array $searchableFields = [];
+
+    /**
+     * GET /
+     *
+     * @return JsonResponse
+     *
+     * @throws DisallowedApiFieldException
+     */
+    public function index(): JsonResponse
+    {
+        $this->query = AuditItem::with($this->associatedData);
+        $this->query = $this->updateReadQueryBasedOnUrl();
+        $this->data  = $this->query->paginate($this->limit);
+
+        return $this->respond();
+    }
+
+    /**
+     * POST /
+     *
+     * @return JsonResponse
+     */
+    public function store(): JsonResponse
+    {
+        $this->responseCode = 403;
+        $this->message      = ApiResponse::RESPONSE_METHOD_NOT_ALLOWED->value;
+
+        return $this->respond();
+    }
+
+    /**
+     * GET /{id}
+     *
+     * @param int $id
+     *
+     * @return JsonResponse
+     *
+     * @throws DisallowedApiFieldException
+     */
+    public function show(int $id)
+    {
+        $this->query = AuditItem::with($this->associatedData);
+        $this->query = $this->updateReadQueryBasedOnUrl();
+        $this->data  = $this->query->find($id);
+
+        return $this->respond();
+    }
+
+    /**
+     * PUT /{id}
+     *
+     * @param string $id
+     *
+     * @return JsonResponse
+     */
+    public function update(string $id)
+    {
+        $this->responseCode = 403;
+        $this->message      = ApiResponse::RESPONSE_METHOD_NOT_ALLOWED->value;
+
+        return $this->respond();
+    }
+
+    /**
+     * DELETE / {id}
+     *
+     * @param string $id
+     *
+     * @return JsonResponse
+     */
+    public function destroy(string $id)
+    {
+        $this->responseCode = 403;
+        $this->message      = ApiResponse::RESPONSE_METHOD_NOT_ALLOWED->value;
+
+        return $this->respond();
+    }
+}

app/Http/Controllers/Api/V1/Admin/ApiAdminSearchController.php

@@ -21,9 +21,7 @@ class ApiAdminSearchController extends Controller
      */
     public array $availableRelations = [];
 
-    public static array $searchableFields = [
-        'id',
-    ];
+    public static array $searchableFields = [];
 
     /**
      * GET /

app/Http/Controllers/Api/V1/ApiMyTeamAuditItemsController.php

@@ -0,0 +1,102 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Enums\ApiResponse;
+use App\Exceptions\DisallowedApiFieldException;
+use App\Http\Controllers\Api\HandlesAPIRequests;
+use App\Http\Controllers\Controller;
+use App\Models\AuditItem;
+use Auth;
+use Illuminate\Http\JsonResponse;
+
+class ApiMyTeamAuditItemsController extends Controller
+{
+    use HandlesAPIRequests;
+
+    /**
+     * Set the related data the GET request is allowed to ask for
+     */
+    public array $availableRelations = [
+        'team',
+    ];
+
+    public static array $searchableFields = [];
+
+    /**
+     * GET /
+     *
+     * @return JsonResponse
+     *
+     * @throws DisallowedApiFieldException
+     */
+    public function index(): JsonResponse
+    {
+        $this->query = AuditItem::where('auditable_team_id', Auth::user()->current_team_id)->with($this->associatedData);
+        $this->query = $this->updateReadQueryBasedOnUrl();
+        $this->data  = $this->query->paginate($this->limit);
+
+        return $this->respond();
+    }
+
+    /**
+     * POST /
+     *
+     * @return JsonResponse
+     */
+    public function store(): JsonResponse
+    {
+        $this->responseCode = 403;
+        $this->message      = ApiResponse::RESPONSE_METHOD_NOT_ALLOWED->value;
+
+        return $this->respond();
+    }
+
+    /**
+     * GET /{id}
+     *
+     * @param int $id
+     *
+     * @return JsonResponse
+     *
+     * @throws DisallowedApiFieldException
+     */
+    public function show(int $id)
+    {
+        $this->query = AuditItem::where('auditable_team_id', Auth::user()->current_team_id)->with($this->associatedData);
+        $this->query = $this->updateReadQueryBasedOnUrl();
+        $this->data  = $this->query->find($id);
+
+        return $this->respond();
+    }
+
+    /**
+     * PUT /{id}
+     *
+     * @param string $id
+     *
+     * @return JsonResponse
+     */
+    public function update(string $id)
+    {
+        $this->responseCode = 403;
+        $this->message      = ApiResponse::RESPONSE_METHOD_NOT_ALLOWED->value;
+
+        return $this->respond();
+    }
+
+    /**
+     * DELETE / {id}
+     *
+     * @param string $id
+     *
+     * @return JsonResponse
+     */
+    public function destroy(string $id)
+    {
+        $this->responseCode = 403;
+        $this->message      = ApiResponse::RESPONSE_METHOD_NOT_ALLOWED->value;
+
+        return $this->respond();
+    }
+}

app/Http/Middleware/HandleInertiaRequests.php

@@ -39,7 +39,7 @@ public function share(Request $request): array
             ...parent::share($request),
             'auth' => [
                 'user'        => $request->user(),
-                'currentTeam' => Team::find($request->user()->current_team_id),
+                'currentTeam' => Team::find($request->user()?->current_team_id),
             ],
             'personalAccessTokenAbilities' => PersonalAccessTokenAbility::cases(),
         ];

app/Jobs/RecordUserWasCreatedAuditItem.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Jobs;
+
+use App\Models\User;
+use App\Services\AuditItemService;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Queue\Queueable;
+
+class RecordUserWasCreatedAuditItem implements ShouldQueue
+{
+    use Queueable;
+
+    /**
+     * Create a new job instance.
+     *
+     * @param User $createdUser
+     */
+    public function __construct(public User $createdUser) {}
+
+    /**
+     * Execute the job.
+     */
+    public function handle(): void
+    {
+        AuditItemService::createAuditItemForEvent(
+            model    : $this->createdUser,
+            eventText: 'User ' . $this->createdUser->name . ' was created.',
+            teamId   : $this->createdUser->current_team_id
+        );
+    }
+}

app/Listeners/Users/HandleUserWasCreatedEvent.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Listeners\Users;
+
+use App\Events\Users\UserWasCreated;
+use App\Jobs\RecordUserWasCreatedAuditItem;
+
+class HandleUserWasCreatedEvent
+{
+    /**
+     * Create the event listener.
+     */
+    public function __construct() {}
+
+    /**
+     * Handle the event.
+     *
+     * @param UserWasCreated $event
+     */
+    public function handle(UserWasCreated $event): void
+    {
+
+        dispatch(
+            new RecordUserWasCreatedAuditItem(
+                createdUser: $event->user
+            )
+        );
+
+    }
+}