Nodarx/server
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Initial Version

Browse Source
This commit is contained in:
root
2025-12-21 10:09:54 -05:00
commit 4ae6befc7b
422 changed files with 47225 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

201
core/lib/Controllers/UserRolesController.php Normal file
View File

@@ -0,0 +1,201 @@
<?php
namespace KTXC\Controllers;
use KTXC\Http\Response\JsonResponse;
use KTXC\SessionIdentity;
use KTXC\SessionTenant;
use KTXC\Service\UserRolesService;
use KTXF\Controller\ControllerAbstract;
use KTXF\Routing\Attributes\AuthenticatedRoute;
use Psr\Log\LoggerInterface;
/**
* User Roles Controller
* Core administrative role management operations
*/
class UserRolesController extends ControllerAbstract
{
public function __construct(
private readonly SessionTenant $tenantIdentity,
private readonly SessionIdentity $userIdentity,
private readonly UserRolesService $roleService,
private readonly LoggerInterface $logger
) {}
/**
* Main versioned endpoint for role management
*/
#[AuthenticatedRoute('/user/roles/v1', name: 'user.roles.v1', methods: ['POST'])]
public function index(int $version, string $transaction, string $operation, array $data = []): JsonResponse
{
try {
// Check role admin permission
if (!$this->userIdentity->hasPermission('role.admin')) {
return new JsonResponse([
'status' => 'error',
'data' => ['code' => 403, 'message' => 'Insufficient permissions']
], JsonResponse::HTTP_FORBIDDEN);
}
$result = $this->process($operation, $data);
return new JsonResponse([
'version' => $version,
'transaction' => $transaction,
'operation' => $operation,
'status' => 'success',
'data' => $result,
], JsonResponse::HTTP_OK);
} catch (\InvalidArgumentException $e) {
$this->logger->error('Role manager validation error', [
'operation' => $operation,
'error' => $e->getMessage(),
'trace' => $e->getTraceAsString()
]);
return new JsonResponse([
'version' => $version,
'transaction' => $transaction,
'operation' => $operation,
'status' => 'error',
'data' => ['code' => 400, 'message' => $e->getMessage()]
], JsonResponse::HTTP_BAD_REQUEST);
} catch (\Throwable $e) {
$this->logger->error('Role manager operation failed', [
'operation' => $operation,
'error' => $e->getMessage(),
'trace' => $e->getTraceAsString()
]);
return new JsonResponse([
'version' => $version,
'transaction' => $transaction,
'operation' => $operation,
'status' => 'error',
'data' => ['code' => $e->getCode(), 'message' => $e->getMessage()]
], JsonResponse::HTTP_INTERNAL_SERVER_ERROR);
}
}
/**
* Process operation
*/
private function process(string $operation, array $data): mixed
{
return match ($operation) {
'role.list' => $this->roleList($data),
'role.fetch' => $this->roleFetch($data),
'role.create' => $this->roleCreate($data),
'role.update' => $this->roleUpdate($data),
'role.delete' => $this->roleDelete($data),
'permissions.list' => $this->permissionsList($data),
default => throw new \InvalidArgumentException("Invalid operation: {$operation}"),
};
}
// =========================================================================
// Role Operations
// =========================================================================
/**
* List all roles
*/
private function roleList(array $data): array
{
$roles = $this->roleService->listRoles();
// Add user count to each role
foreach ($roles as &$role) {
$role['user_count'] = $this->roleService->getRoleUserCount($role['rid']);
}
return $roles;
}
/**
* Fetch single role
*/
private function roleFetch(array $data): array
{
$rid = $data['rid'] ?? throw new \InvalidArgumentException('Role ID required');
$role = $this->roleService->getRole($rid);
if (!$role) {
throw new \InvalidArgumentException('Role not found');
}
$role['user_count'] = $this->roleService->getRoleUserCount($rid);
return $role;
}
/**
* Create new role
*/
private function roleCreate(array $data): array
{
if (!$this->userIdentity->hasPermission('role.manage')) {
throw new \InvalidArgumentException('Insufficient permissions to create roles');
}
$roleData = [
'label' => $data['label'] ?? throw new \InvalidArgumentException('Role label required'),
'description' => $data['description'] ?? '',
'permissions' => $data['permissions'] ?? []
];
return $this->roleService->createRole($roleData);
}
/**
* Update existing role
*/
private function roleUpdate(array $data): bool
{
if (!$this->userIdentity->hasPermission('role.manage')) {
throw new \InvalidArgumentException('Insufficient permissions to update roles');
}
$rid = $data['rid'] ?? throw new \InvalidArgumentException('Role ID required');
$updates = [];
$allowedFields = ['label', 'description', 'permissions'];
foreach ($allowedFields as $field) {
if (isset($data[$field])) {
$updates[$field] = $data[$field];
}
}
if (empty($updates)) {
throw new \InvalidArgumentException('No valid fields to update');
}
return $this->roleService->updateRole($rid, $updates);
}
/**
* Delete role
*/
private function roleDelete(array $data): bool
{
if (!$this->userIdentity->hasPermission('role.manage')) {
throw new \InvalidArgumentException('Insufficient permissions to delete roles');
}
$rid = $data['rid'] ?? throw new \InvalidArgumentException('Role ID required');
return $this->roleService->deleteRole($rid);
}
/**
* Get available permissions
*/
private function permissionsList(array $data): array
{
return $this->roleService->availablePermissions();
}
}