Yisroel Baum
a3f90d1e85
GET /users?q=... is public; POST /admin/users/promote is auth required and admin-checked inside the use case.
88 lines
2.8 KiB
PHP
88 lines
2.8 KiB
PHP
<?php
|
|
|
|
namespace App\Controllers;
|
|
|
|
use App\Exceptions\BadRequestException;
|
|
use App\Exceptions\ForbiddenException;
|
|
use App\User\UseCases\PromoteUserToAdmin\PromoteUserToAdmin;
|
|
use App\User\UseCases\PromoteUserToAdmin\PromoteUserToAdminRequest;
|
|
use App\User\UseCases\SearchUsers\SearchUsers;
|
|
use App\User\UseCases\SearchUsers\SearchUsersRequest;
|
|
use App\User\User;
|
|
use DomainException;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
|
|
class UserController
|
|
{
|
|
public function __construct(
|
|
private SearchUsers $searchUsers,
|
|
private PromoteUserToAdmin $promoteUserToAdmin,
|
|
) {}
|
|
|
|
public function search(Request $request): JsonResponse
|
|
{
|
|
$query = $request->query('q');
|
|
if (! is_string($query) || trim($query) === '') {
|
|
return new JsonResponse(['users' => []], 200);
|
|
}
|
|
try {
|
|
$results = $this->searchUsers->execute(
|
|
new SearchUsersRequest(query: $query),
|
|
);
|
|
} catch (BadRequestException $exception) {
|
|
return new JsonResponse(
|
|
['error' => $exception->getMessage()], 400,
|
|
);
|
|
}
|
|
|
|
return new JsonResponse([
|
|
'users' => array_map(
|
|
function (User $user) {
|
|
return [
|
|
'id' => $user->getId(),
|
|
'email' => $user->getEmail()->value(),
|
|
'displayName' => $user->getDisplayName(),
|
|
'isAdmin' => $user->isAdmin(),
|
|
];
|
|
},
|
|
$results,
|
|
),
|
|
], 200);
|
|
}
|
|
|
|
public function promote(Request $request): JsonResponse
|
|
{
|
|
/** @var User $requester */
|
|
$requester = $request->attributes->get('user');
|
|
try {
|
|
$promoted = $this->promoteUserToAdmin->execute(
|
|
new PromoteUserToAdminRequest(
|
|
targetUserId: (int) $request->input('userId'),
|
|
requesterIsAdmin: $requester->isAdmin(),
|
|
),
|
|
);
|
|
} catch (BadRequestException $exception) {
|
|
return new JsonResponse(
|
|
['error' => $exception->getMessage()], 400,
|
|
);
|
|
} catch (ForbiddenException $exception) {
|
|
return new JsonResponse(
|
|
['error' => $exception->getMessage()], 403,
|
|
);
|
|
} catch (DomainException $exception) {
|
|
return new JsonResponse(
|
|
['error' => $exception->getMessage()], 404,
|
|
);
|
|
}
|
|
|
|
return new JsonResponse([
|
|
'user' => [
|
|
'id' => $promoted->getId(),
|
|
'email' => $promoted->getEmail()->value(),
|
|
'displayName' => $promoted->getDisplayName(),
|
|
'isAdmin' => $promoted->isAdmin(),
|
|
],
|
|
], 200);
|
|
}
|
|
}
|