app/Models/User.php

<?php

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use App\Enums\UserGroup;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Fortify\TwoFactorAuthenticatable;
use Spatie\Activitylog\LogOptions;
use Spatie\Activitylog\Traits\LogsActivity;

class User extends Authenticatable
{
    /** @use HasFactory<\Database\Factories\UserFactory> */
    use HasFactory, LogsActivity, Notifiable, SoftDeletes, TwoFactorAuthenticatable;

    /**
     * The attributes that are mass assignable.
     *
     * @var list<string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
        'group',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var list<string>
     */
    protected $hidden = [
        'password',
        'two_factor_secret',
        'two_factor_recovery_codes',
        'remember_token',
    ];

    /**
     * Get the attributes that should be cast.
     *
     * @return array<string, string>
     */
    protected function casts(): array
    {
        return [
            'email_verified_at' => 'datetime',
            'password' => 'hashed',
            'group' => UserGroup::class,
            'two_factor_confirmed_at' => 'datetime',
        ];
    }

    /**
     * The workspaces that the user belongs to.
     *
     * @return BelongsToMany<Workspace>
     */
    public function workspaces(): BelongsToMany
    {
        return $this->belongsToMany(Workspace::class, 'workspace_user')
            ->using(\App\Models\WorkspaceUser::class)
            ->withPivot('role', 'permissions')
            ->withTimestamps();
    }

    /**
     * Memoized workspace-user pivot instances, keyed by workspace ID.
     *
     * @var array<int, WorkspaceUser>
     */
    protected array $resolvedWorkspaceUsers = [];

    /**
     * Get the workspace-user pivot for the current session workspace.
     * Result is memoized per workspace ID to avoid duplicate queries within a request.
     */
    public function currentWorkspaceUser(): WorkspaceUser
    {
        $workspaceId = (int) session('current_workspace_id');

        return $this->resolvedWorkspaceUsers[$workspaceId] ??= WorkspaceUser::where('user_id', $this->id)
            ->where('workspace_id', $workspaceId)
            ->firstOrFail();
    }

    public function getActivitylogOptions(): LogOptions
    {
        return LogOptions::defaults()
            ->logFillable()
            ->logOnlyDirty()
            ->dontSubmitEmptyLogs();
    }
}
feat: L'Ami Fiduciaire V1.0.0 — full codebase with Story 0.1 complete Initial commit of the L'Ami Fiduciaire SaaS platform built on Laravel 12, Vue 3, Inertia.js 2, and Tailwind CSS 4. Story 0.1 (rename folders to declarations in database) is implemented and code-reviewed: migration, rollback, and 6 Pest tests all passing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-11 23:33:10 +00:00			`<?php`

			`namespace App\Models;`

			`// use Illuminate\Contracts\Auth\MustVerifyEmail;`
			`use App\Enums\UserGroup;`
			`use Illuminate\Database\Eloquent\Factories\HasFactory;`
			`use Illuminate\Database\Eloquent\Relations\BelongsToMany;`
			`use Illuminate\Database\Eloquent\SoftDeletes;`
			`use Illuminate\Foundation\Auth\User as Authenticatable;`
			`use Illuminate\Notifications\Notifiable;`
			`use Laravel\Fortify\TwoFactorAuthenticatable;`
			`use Spatie\Activitylog\LogOptions;`
			`use Spatie\Activitylog\Traits\LogsActivity;`

			`class User extends Authenticatable`
			`{`
			`/** @use HasFactory<\Database\Factories\UserFactory> */`
feat: complete Epic 0 — foundation migration & infrastructure setup Stories 0.2-0.5: rename folders→declarations (backend+frontend), configure Redis for cache/queue/sessions, add foundation database migrations (permissions, archived_at), replace DeclarationStatus enum with architecture lifecycle values, create DeclarationObserver for status transition validation and auto-archive, fix controller status transitions to respect observer rules. 93 tests pass (240 assertions). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-12 18:25:32 +00:00			`use HasFactory, LogsActivity, Notifiable, SoftDeletes, TwoFactorAuthenticatable;`
feat: L'Ami Fiduciaire V1.0.0 — full codebase with Story 0.1 complete Initial commit of the L'Ami Fiduciaire SaaS platform built on Laravel 12, Vue 3, Inertia.js 2, and Tailwind CSS 4. Story 0.1 (rename folders to declarations in database) is implemented and code-reviewed: migration, rollback, and 6 Pest tests all passing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-11 23:33:10 +00:00
			`/**`
			`* The attributes that are mass assignable.`
			`*`
			`* @var list<string>`
			`*/`
			`protected $fillable = [`
			`'name',`
			`'email',`
			`'password',`
			`'group',`
			`];`

			`/**`
			`* The attributes that should be hidden for serialization.`
			`*`
			`* @var list<string>`
			`*/`
			`protected $hidden = [`
			`'password',`
			`'two_factor_secret',`
			`'two_factor_recovery_codes',`
			`'remember_token',`
			`];`

			`/**`
			`* Get the attributes that should be cast.`
			`*`
			`* @return array<string, string>`
			`*/`
			`protected function casts(): array`
			`{`
			`return [`
			`'email_verified_at' => 'datetime',`
			`'password' => 'hashed',`
			`'group' => UserGroup::class,`
			`'two_factor_confirmed_at' => 'datetime',`
			`];`
			`}`

			`/**`
			`* The workspaces that the user belongs to.`
			`*`
			`* @return BelongsToMany<Workspace>`
			`*/`
			`public function workspaces(): BelongsToMany`
			`{`
			`return $this->belongsToMany(Workspace::class, 'workspace_user')`
			`->using(\App\Models\WorkspaceUser::class)`
feat: complete Epic 1 — team management & permission system - Story 1.1: Permission enum, config, AuthorizesPermissions & HasWorkspaceScope traits, member→worker migration - Story 1.2: Team page with member list, invitation system with queued email - Story 1.3: Role assignment (Manager/Worker) and member removal with activity logging - Story 1.4: Owner-only permission toggle matrix for Managers (manage team, view logs, configure portal) - Story 1.5: Role-based access enforcement — Workers see only assigned declarations/clients, sidebar scoping - Story 1.6: Workspace switcher dropdown for multi-workspace users with session-based switching - 83 new/modified files, 182 tests passing with zero regressions Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-18 00:12:50 +00:00			`->withPivot('role', 'permissions')`
feat: L'Ami Fiduciaire V1.0.0 — full codebase with Story 0.1 complete Initial commit of the L'Ami Fiduciaire SaaS platform built on Laravel 12, Vue 3, Inertia.js 2, and Tailwind CSS 4. Story 0.1 (rename folders to declarations in database) is implemented and code-reviewed: migration, rollback, and 6 Pest tests all passing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-11 23:33:10 +00:00			`->withTimestamps();`
			`}`

feat: complete Epic 1 — team management & permission system - Story 1.1: Permission enum, config, AuthorizesPermissions & HasWorkspaceScope traits, member→worker migration - Story 1.2: Team page with member list, invitation system with queued email - Story 1.3: Role assignment (Manager/Worker) and member removal with activity logging - Story 1.4: Owner-only permission toggle matrix for Managers (manage team, view logs, configure portal) - Story 1.5: Role-based access enforcement — Workers see only assigned declarations/clients, sidebar scoping - Story 1.6: Workspace switcher dropdown for multi-workspace users with session-based switching - 83 new/modified files, 182 tests passing with zero regressions Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-18 00:12:50 +00:00			`/**`
			`* Memoized workspace-user pivot instances, keyed by workspace ID.`
			`*`
			`* @var array<int, WorkspaceUser>`
			`*/`
			`protected array $resolvedWorkspaceUsers = [];`

			`/**`
			`* Get the workspace-user pivot for the current session workspace.`
			`* Result is memoized per workspace ID to avoid duplicate queries within a request.`
			`*/`
			`public function currentWorkspaceUser(): WorkspaceUser`
			`{`
			`$workspaceId = (int) session('current_workspace_id');`

			`return $this->resolvedWorkspaceUsers[$workspaceId] ??= WorkspaceUser::where('user_id', $this->id)`
			`->where('workspace_id', $workspaceId)`
			`->firstOrFail();`
			`}`

feat: L'Ami Fiduciaire V1.0.0 — full codebase with Story 0.1 complete Initial commit of the L'Ami Fiduciaire SaaS platform built on Laravel 12, Vue 3, Inertia.js 2, and Tailwind CSS 4. Story 0.1 (rename folders to declarations in database) is implemented and code-reviewed: migration, rollback, and 6 Pest tests all passing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-11 23:33:10 +00:00			`public function getActivitylogOptions(): LogOptions`
			`{`
			`return LogOptions::defaults()`
			`->logFillable()`
			`->logOnlyDirty()`
			`->dontSubmitEmptyLogs();`
			`}`
			`}`