ibnezzoubayr/L-Ami-Fiduciaire
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: L'Ami Fiduciaire V1.0.0 — full codebase with Story 0.1 complete

Browse Source 
Initial commit of the L'Ami Fiduciaire SaaS platform built on Laravel 12,
Vue 3, Inertia.js 2, and Tailwind CSS 4.

Story 0.1 (rename folders to declarations in database) is implemented and
code-reviewed: migration, rollback, and 6 Pest tests all passing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Saad Ibn-Ezzoubayr
2026-03-11 23:33:10 +00:00
commit 35545c2a8f
1517 changed files with 246774 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
app/Http/Controllers/Client/ConfirmController.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
namespace App\Http\Controllers\Client;
use App\Enums\ActorType;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Inertia\Inertia;
use Inertia\Response;
class ConfirmController extends Controller
{
/**
* Show the confirmation page.
*/
public function show(Request $request, string $token): Response
{
$invitation = $request->attributes->get('folder_invitation');
$folder = $invitation->folder;
$folder->load(['client']);
return Inertia::render('client/Confirm', [
'folder' => [
'id' => $folder->id,
'title' => $folder->title,
'client_name' => $folder->client->company_name,
],
'token' => $token,
'submitUrl' => route('client.confirm.store', ['token' => $token]),
]);
}
/**
* Store the confirmation (client confirms).
*/
public function store(Request $request, string $token): RedirectResponse
{
$invitation = $request->attributes->get('folder_invitation');
$folder = $invitation->folder;
$request->validate([
'signature' => ['required', 'string', 'max:255'],
]);
$folder->update([
'validated_at' => now(),
'confirmed_by_type' => ActorType::Client,
'confirmed_by_id' => $folder->client_id,
'confirmation_signature' => $request->input('signature'),
'status' => \App\Enums\FolderStatus::Validated,
]);
return back()->with('flash', ['type' => 'success', 'message' => 'Validation enregistrée. Merci.']);
}
}

53
app/Http/Controllers/Client/RefuseController.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
namespace App\Http\Controllers\Client;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Inertia\Inertia;
use Inertia\Response;
class RefuseController extends Controller
{
/**
* Show the refusal page.
*/
public function show(Request $request, string $token): Response
{
$invitation = $request->attributes->get('folder_invitation');
$folder = $invitation->folder;
$folder->load(['client']);
return Inertia::render('client/Refuse', [
'folder' => [
'id' => $folder->id,
'title' => $folder->title,
'client_name' => $folder->client->company_name,
],
'token' => $token,
'submitUrl' => route('client.refuse.store', ['token' => $token]),
]);
}
/**
* Store the refusal.
*/
public function store(Request $request, string $token): RedirectResponse
{
$invitation = $request->attributes->get('folder_invitation');
$folder = $invitation->folder;
$request->validate([
'reason' => ['nullable', 'string', 'max:65535'],
]);
$folder->update([
'refused_at' => now(),
'refusal_reason' => $request->input('reason'),
]);
return back()->with('flash', ['type' => 'success', 'message' => 'Refus enregistré.']);
}
}

90
app/Http/Controllers/Client/UploadController.php Normal file
View File

@@ -0,0 +1,90 @@
<?php
namespace App\Http\Controllers\Client;
use App\Enums\ActorType;
use App\Enums\FolderStatus;
use App\Enums\MessageType;
use App\Http\Controllers\Controller;
use App\Mail\FolderTextMessageMail;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Mail;
use Inertia\Inertia;
use Inertia\Response;
class UploadController extends Controller
{
/**
* Show the client upload page.
*/
public function show(Request $request, string $token): Response
{
$invitation = $request->attributes->get('folder_invitation');
$folder = $invitation->folder;
$folder->load(['client']);
$documents = $folder->getMedia('documents')->map(fn ($m) => [
'id' => $m->id,
'name' => $m->name,
'file_name' => $m->file_name,
'size' => $m->human_readable_size,
'created_at' => $m->created_at->format('d/m/Y H:i'),
])->values()->all();
return Inertia::render('client/Upload', [
'folder' => [
'id' => $folder->id,
'title' => $folder->title,
'client_name' => $folder->client->company_name,
],
'token' => $token,
'documents' => $documents,
'uploadUrl' => route('client.upload.store', ['token' => $token]),
'csrfToken' => csrf_token(),
]);
}
/**
* Store uploaded files.
*/
public function store(Request $request, string $token): RedirectResponse
{
$invitation = $request->attributes->get('folder_invitation');
$folder = $invitation->folder;
$request->validate([
'files' => ['required', 'array', 'min:1'],
'files.*' => ['file', 'max:10240'],
]);
$message = $folder->messages()->create([
'type' => MessageType::Text,
'body' => 'Documents déposés par le client.',
'sent_by_type' => ActorType::Client,
'sent_by_id' => $folder->client_id,
'metadata' => ['invitation_id' => $invitation->id],
]);
foreach ($request->file('files') as $file) {
$folder->addMedia($file)
->withCustomProperties([
'message_id' => $message->id,
'uploaded_by_type' => ActorType::Client,
'uploaded_by_id' => $folder->client_id,
])
->toMediaCollection('documents');
}
$folder->update(['status' => FolderStatus::DocumentsReceived]);
$recipient = $folder->assignee ?? $folder->creator;
if ($recipient?->email) {
Mail::to($recipient->email)->send(
new FolderTextMessageMail($folder, 'Le client a déposé des documents.', null)
);
}
return back()->with('flash', ['type' => 'success', 'message' => 'Documents envoyés avec succès.']);
}
}

293
app/Http/Controllers/ClientController.php Normal file
View File

@@ -0,0 +1,293 @@
<?php
namespace App\Http\Controllers;
use App\Enums\ClientStatus;
use App\Enums\LegalForm;
use App\Http\Requests\StoreClientRequest;
use App\Http\Requests\UpdateClientRequest;
use App\Models\Client;
use App\Models\Workspace;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Inertia\Inertia;
use Inertia\Response;
class ClientController extends Controller
{
protected function legalFormLabels(): array
{
$labels = [
'sarl' => 'SARL',
'sa' => 'SA',
'snc' => 'SNC',
'scs' => 'SCS',
'eurl' => 'EURL',
'sel' => 'SEL',
'auto_entrepreneur' => 'Auto-entrepreneur',
'entreprise_individuelle' => 'Entreprise individuelle',
'other' => 'Autre',
];
return array_intersect_key($labels, array_flip(LegalForm::getValues()));
}
protected function clientStatusLabels(): array
{
return [
ClientStatus::Active => 'Actif',
ClientStatus::Inactive => 'Inactif',
ClientStatus::Suspended => 'Suspendu',
];
}
protected function currentWorkspace(Request $request): Workspace
{
$workspaceId = $request->session()->get('current_workspace_id');
return Workspace::query()->findOrFail($workspaceId);
}
protected function serializeContacts(Client $client): array
{
return $client->contacts->map(fn ($c) => [
'id' => $c->id,
'full_name' => $c->full_name,
'job_title' => $c->job_title,
'email' => $c->email,
'phone' => $c->phone,
'is_principal' => $c->is_principal,
])->all();
}
/**
* Display a listing of the clients.
*/
public function index(Request $request): Response
{
$workspace = $this->currentWorkspace($request);
$perPage = min(max((int) $request->input('per_page', 10), 10), 100);
$clients = $workspace->clients()
->latest()
->paginate($perPage)
->through(fn (Client $client) => [
'id' => $client->id,
'company_name' => $client->company_name,
'legal_form' => $client->legal_form->value,
'ice' => $client->ice,
'status' => $client->status?->value,
'showUrl' => route('clients.show', $client),
'editUrl' => route('clients.edit', $client),
'destroyUrl' => route('clients.destroy', $client),
]);
return Inertia::render('clients/Index', [
'clients' => $clients,
'createUrl' => route('clients.create'),
'workspaceName' => $workspace->name,
]);
}
/**
* Show the form for creating a new client.
*/
public function create(Request $request): Response
{
$workspace = $this->currentWorkspace($request);
return Inertia::render('clients/Create', [
'indexUrl' => route('clients.index'),
'storeUrl' => route('clients.store'),
'legalForms' => $this->legalFormLabels(),
'clientStatusLabels' => $this->clientStatusLabels(),
'workspaceUsers' => $workspace->users()->orderBy('users.name')->select('users.id', 'users.name', 'users.email')->get()->map(fn ($u) => [
'id' => $u->id,
'name' => $u->name,
'email' => $u->email,
])->values()->all(),
]);
}
/**
* Store a newly created client in storage.
*/
public function store(StoreClientRequest $request): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
$data = $request->validated();
$contacts = $data['contacts'];
unset($data['contacts']);
$data['workspace_id'] = $workspace->id;
$client = Client::query()->create($data);
foreach ($contacts as $contact) {
$client->contacts()->create($contact);
}
return to_route('clients.index');
}
/**
* Display the specified client.
*/
public function show(Request $request, Client $client): Response
{
$workspace = $this->currentWorkspace($request);
$this->authorizeClient($workspace, $client);
$client->load(['internalResponsible', 'contacts']);
$folders = $client->folders()
->with(['assignee'])
->latest()
->limit(50)
->get()
->map(fn ($f) => [
'id' => $f->id,
'title' => $f->title,
'type' => $f->type->value,
'status' => $f->status->value,
'due_date' => $f->due_date?->format('Y-m-d'),
'created_at' => $f->created_at->format('Y-m-d'),
'showUrl' => route('folders.show', $f),
])
->values()
->all();
$allFolders = $client->folders()->get();
$stats = [
'total' => $allFolders->count(),
'by_status' => $allFolders->groupBy(fn ($f) => $f->status->value)
->map->count()
->all(),
'by_type' => $allFolders->groupBy(fn ($f) => $f->type->value)
->map->count()
->all(),
];
return Inertia::render('clients/Show', [
'client' => [
'id' => $client->id,
'company_name' => $client->company_name,
'legal_form' => $client->legal_form->value,
'ice' => $client->ice,
'fiscal_id' => $client->fiscal_id,
'rc' => $client->rc,
'cnss' => $client->cnss,
'patente' => $client->patente,
'contacts' => $this->serializeContacts($client),
'internal_responsible_id' => $client->internal_responsible_id,
'internal_responsible_name' => $client->internalResponsible?->name,
'status' => $client->status?->value,
'internal_notes' => $client->internal_notes,
],
'folders' => $folders,
'stats' => $stats,
'indexUrl' => route('clients.index'),
'editUrl' => route('clients.edit', $client),
'createFolderUrl' => route('folders.create', ['client_id' => $client->id]),
]);
}
/**
* Show the form for editing the specified client.
*/
public function edit(Request $request, Client $client): Response
{
$workspace = $this->currentWorkspace($request);
$this->authorizeClient($workspace, $client);
$client->load('contacts');
return Inertia::render('clients/Edit', [
'client' => [
'id' => $client->id,
'company_name' => $client->company_name,
'legal_form' => $client->legal_form->value,
'ice' => $client->ice,
'fiscal_id' => $client->fiscal_id,
'rc' => $client->rc,
'cnss' => $client->cnss,
'patente' => $client->patente,
'contacts' => $this->serializeContacts($client),
'internal_responsible_id' => $client->internal_responsible_id,
'status' => $client->status?->value,
'internal_notes' => $client->internal_notes,
],
'indexUrl' => route('clients.index'),
'updateUrl' => route('clients.update', $client),
'legalForms' => $this->legalFormLabels(),
'clientStatusLabels' => $this->clientStatusLabels(),
'workspaceUsers' => $workspace->users()->orderBy('users.name')->select('users.id', 'users.name', 'users.email')->get()->map(fn ($u) => [
'id' => $u->id,
'name' => $u->name,
'email' => $u->email,
])->values()->all(),
]);
}
/**
* Update the specified client in storage.
*/
public function update(UpdateClientRequest $request, Client $client): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
$this->authorizeClient($workspace, $client);
$data = $request->validated();
$contacts = $data['contacts'];
unset($data['contacts']);
DB::transaction(function () use ($client, $data, $contacts) {
$client->update($data);
$submittedIds = collect($contacts)
->pluck('id')
->filter()
->all();
$client->contacts()
->whereNotIn('id', $submittedIds)
->get()
->each
->delete();
foreach ($contacts as $contactData) {
if (! empty($contactData['id'])) {
$client->contacts()
->where('id', $contactData['id'])
->first()
?->update($contactData);
} else {
$client->contacts()->create($contactData);
}
}
});
return to_route('clients.index');
}
/**
* Remove the specified client from storage.
*/
public function destroy(Request $request, Client $client): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
$this->authorizeClient($workspace, $client);
$client->delete();
return to_route('clients.index');
}
protected function authorizeClient(Workspace $workspace, Client $client): void
{
if ($client->workspace_id !== $workspace->id) {
abort(404);
}
}
}

8
app/Http/Controllers/Controller.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
namespace App\Http\Controllers;
abstract class Controller
{
//
}

126
app/Http/Controllers/DashboardController.php Normal file
View File

@@ -0,0 +1,126 @@
<?php
namespace App\Http\Controllers;
use App\Enums\FolderStatus;
use App\Models\Folder;
use App\Models\Workspace;
use Illuminate\Http\Request;
use Inertia\Inertia;
use Inertia\Response;
class DashboardController extends Controller
{
/**
* Display the dashboard with assigned folders and notifications.
*/
public function __invoke(Request $request): Response
{
$user = $request->user();
$workspaceId = $request->session()->get('current_workspace_id');
$workspace = $workspaceId ? Workspace::query()->find($workspaceId) : null;
$assignedFolders = [];
$notifications = [];
if ($workspace && $user) {
$assignedFolders = $workspace->folders()
->where('assigned_to', $user->id)
->whereNotIn('status', [FolderStatus::Closed, FolderStatus::Cancelled])
->with('client:id,company_name')
->orderByRaw('CASE WHEN due_date IS NULL THEN 1 ELSE 0 END, due_date ASC')
->limit(50)
->get()
->map(fn (Folder $f) => [
'id' => $f->id,
'title' => $f->title,
'type' => $f->type->value,
'client_name' => $f->client->company_name,
'status' => $f->status->value,
'due_date' => $f->due_date?->format('Y-m-d'),
'priority' => $f->priority?->value,
'showUrl' => route('folders.show', $f),
])
->all();
$overdue = $workspace->folders()
->where('assigned_to', $user->id)
->where('due_date', '<', now()->startOfDay())
->whereNotIn('status', [FolderStatus::Closed, FolderStatus::Cancelled])
->with('client:id,company_name')
->orderBy('due_date')
->limit(10)
->get()
->map(fn (Folder $f) => [
'id' => $f->id,
'title' => $f->title,
'client_name' => $f->client->company_name,
'due_date' => $f->due_date?->format('Y-m-d'),
'showUrl' => route('folders.show', $f),
])
->all();
$dueSoon = $workspace->folders()
->where('assigned_to', $user->id)
->whereBetween('due_date', [now()->startOfDay(), now()->addDays(7)->endOfDay()])
->whereNotIn('status', [FolderStatus::Closed, FolderStatus::Cancelled])
->with('client:id,company_name')
->orderBy('due_date')
->limit(10)
->get()
->map(fn (Folder $f) => [
'id' => $f->id,
'title' => $f->title,
'client_name' => $f->client->company_name,
'due_date' => $f->due_date?->format('Y-m-d'),
'showUrl' => route('folders.show', $f),
])
->all();
$documentsReceived = $workspace->folders()
->where('assigned_to', $user->id)
->where('status', FolderStatus::DocumentsReceived)
->with('client:id,company_name')
->orderBy('updated_at', 'desc')
->limit(10)
->get()
->map(fn (Folder $f) => [
'id' => $f->id,
'title' => $f->title,
'client_name' => $f->client->company_name,
'showUrl' => route('folders.show', $f),
])
->all();
$awaitingValidation = $workspace->folders()
->where('assigned_to', $user->id)
->where('status', FolderStatus::WaitingClientValidation)
->with('client:id,company_name')
->orderBy('confirmation_requested_at', 'desc')
->limit(10)
->get()
->map(fn (Folder $f) => [
'id' => $f->id,
'title' => $f->title,
'client_name' => $f->client->company_name,
'showUrl' => route('folders.show', $f),
])
->all();
$notifications = [
'overdue' => $overdue,
'due_soon' => $dueSoon,
'documents_received' => $documentsReceived,
'awaiting_validation' => $awaitingValidation,
];
}
return Inertia::render('Dashboard', [
'assignedFolders' => $assignedFolders,
'notifications' => $notifications,
'workspaceName' => $workspace?->name ?? null,
'foldersUrl' => $workspace ? route('folders.index') : null,
'clientsUrl' => $workspace ? route('clients.index') : null,
]);
}
}

328
app/Http/Controllers/FolderController.php Normal file
View File

@@ -0,0 +1,328 @@
<?php
namespace App\Http\Controllers;
use App\Enums\FolderPriority;
use App\Enums\FolderStatus;
use App\Enums\FolderType;
use App\Http\Requests\StoreFolderRequest;
use App\Http\Requests\UpdateFolderRequest;
use App\Models\Client;
use App\Models\Folder;
use App\Models\MediaDownload;
use App\Models\Workspace;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Inertia\Inertia;
use Inertia\Response;
class FolderController extends Controller
{
protected function folderTypeLabels(): array
{
return [
FolderType::VAT => 'TVA',
FolderType::VatMonthly => 'TVA mensuelle',
FolderType::VatQuarterly => 'TVA trimestrielle',
FolderType::CorporateTax => 'IS',
FolderType::IncomeTax => 'IR',
FolderType::CNSS => 'CNSS',
FolderType::AnnualBalance => 'Bilan',
FolderType::Other => 'Autre',
];
}
protected function folderStatusLabels(): array
{
return [
FolderStatus::Draft => 'Brouillon',
FolderStatus::WaitingDocuments => 'En attente documents',
FolderStatus::DocumentsReceived => 'Documents reçus',
FolderStatus::Processing => 'En cours de traitement',
FolderStatus::AdditionalDocumentsRequested => 'Pièces complémentaires demandées',
FolderStatus::WaitingClientValidation => 'En attente validation client',
FolderStatus::Validated => 'Validé',
FolderStatus::Closed => 'Clôturé',
FolderStatus::Cancelled => 'Annulé',
];
}
protected function folderPriorityLabels(): array
{
return [
FolderPriority::Low => 'Basse',
FolderPriority::Medium => 'Normale',
FolderPriority::High => 'Haute',
];
}
protected function currentWorkspace(Request $request): Workspace
{
$workspaceId = $request->session()->get('current_workspace_id');
return Workspace::query()->findOrFail($workspaceId);
}
/**
* Display a listing of the folders.
*/
public function index(Request $request): Response
{
$workspace = $this->currentWorkspace($request);
$perPage = min(max((int) $request->input('per_page', 10), 10), 100);
$folders = $workspace->folders()
->with(['client', 'assignee'])
->latest()
->paginate($perPage)
->through(fn (Folder $folder) => [
'id' => $folder->id,
'title' => $folder->title,
'type' => $folder->type->value,
'client_name' => $folder->client->company_name,
'status' => $folder->status->value,
'due_date' => $folder->due_date?->format('Y-m-d'),
'showUrl' => route('folders.show', $folder),
'editUrl' => route('folders.edit', $folder),
'destroyUrl' => route('folders.destroy', $folder),
]);
return Inertia::render('folders/Index', [
'folders' => $folders,
'createUrl' => route('folders.create'),
'workspaceName' => $workspace->name,
]);
}
/**
* Show the form for creating a new folder.
*/
public function create(Request $request): Response
{
$workspace = $this->currentWorkspace($request);
$initialClientId = $request->integer('client_id', 0) ?: null;
return Inertia::render('folders/Create', [
'indexUrl' => route('folders.index'),
'storeUrl' => route('folders.store'),
'initialClientId' => $initialClientId,
'folderTypeLabels' => $this->folderTypeLabels(),
'folderStatusLabels' => $this->folderStatusLabels(),
'folderPriorityLabels' => $this->folderPriorityLabels(),
'clients' => $workspace->clients()->orderBy('company_name')->get(['id', 'company_name'])->map(fn (Client $c) => [
'id' => $c->id,
'company_name' => $c->company_name,
])->values()->all(),
'workspaceUsers' => $workspace->users()
->orderBy('users.name')
->select('users.id', 'users.name', 'users.email')
->get()
->map(fn ($u) => [
'id' => $u->id,
'name' => $u->name,
'email' => $u->email,
])->values()->all(),
]);
}
/**
* Store a newly created folder in storage.
*/
public function store(StoreFolderRequest $request): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
$data = $request->validated();
$data['workspace_id'] = $workspace->id;
$data['created_by'] = $request->user()?->id;
$data['status'] = $data['status'] ?? FolderStatus::Draft->value;
Folder::query()->create($data);
return to_route('folders.index');
}
/**
* Display the specified folder.
*/
public function show(Request $request, Folder $folder): Response
{
$workspace = $this->currentWorkspace($request);
$this->authorizeFolder($workspace, $folder);
$folder->load(['client', 'creator', 'assignee', 'messages' => fn ($q) => $q->with(['senderUser', 'senderClient'])->latest()]);
$allMedia = $folder->getMedia('documents');
$downloadedMediaIds = MediaDownload::query()
->where('user_id', $request->user()->id)
->whereIn('media_id', $allMedia->pluck('id'))
->pluck('media_id')
->all();
$messages = $folder->messages->map(function ($m) use ($folder, $allMedia, $downloadedMediaIds) {
$attachments = $allMedia
->filter(fn ($media) => $media->getCustomProperty('message_id') === $m->id)
->map(fn ($media) => [
'id' => $media->id,
'file_name' => $media->file_name,
'mime_type' => $media->mime_type,
'size' => $media->human_readable_size,
'downloadUrl' => route('folders.media.download', ['folder' => $folder, 'mediaId' => $media->id]),
'is_downloaded' => in_array($media->id, $downloadedMediaIds),
])
->values()
->all();
$confirmationStatus = null;
if ($m->type->value === 'confirmation') {
$confirmationStatus = $folder->refused_at ? 'refused' : ($folder->validated_at ? 'confirmed' : 'pending');
}
return [
'id' => $m->id,
'type' => $m->type->value,
'body' => $m->body,
'sent_by_type' => $m->sent_by_type->value,
'sender_name' => $m->sender_name,
'created_at' => $m->created_at->format('Y-m-d H:i'),
'attachments' => $attachments,
'confirmation_status' => $confirmationStatus,
];
})->values()->all();
$documents = $allMedia->map(fn ($m) => [
'id' => $m->id,
'name' => $m->name,
'file_name' => $m->file_name,
'size' => $m->human_readable_size,
'created_at' => $m->created_at->format('d/m/Y H:i'),
'uploaded_by' => $m->getCustomProperty('uploaded_by_type') === 'user' ? 'Comptable' : 'Client',
'downloadUrl' => route('folders.media.download', ['folder' => $folder, 'mediaId' => $m->id]),
'is_downloaded' => in_array($m->id, $downloadedMediaIds),
])->values()->all();
return Inertia::render('folders/Show', [
'folder' => [
'id' => $folder->id,
'title' => $folder->title,
'type' => $folder->type->value,
'client_id' => $folder->client_id,
'client_name' => $folder->client->company_name,
'period_year' => $folder->period_year,
'period_month' => $folder->period_month,
'period_quarter' => $folder->period_quarter,
'due_date' => $folder->due_date?->format('Y-m-d'),
'status' => $folder->status->value,
'priority' => $folder->priority?->value,
'assigned_to' => $folder->assigned_to,
'assignee_name' => $folder->assignee?->name,
'validated_at' => $folder->validated_at?->format('Y-m-d H:i'),
'closed_at' => $folder->closed_at?->format('Y-m-d H:i'),
'notes_internal' => $folder->notes_internal,
'notes_client' => $folder->notes_client,
'created_at' => $folder->created_at?->format('Y-m-d H:i'),
],
'messages' => $messages,
'documents' => $documents,
'messagesStoreUrl' => route('folders.messages.store', $folder),
'mediaStoreUrl' => route('folders.media.store', $folder),
'messageTypeLabels' => [
'invite' => 'Invitation',
'situation' => 'Situation',
'file_request' => 'Demande de pièces',
'confirmation' => 'Demande de validation',
'text' => 'Message',
],
'indexUrl' => route('folders.index'),
'editUrl' => route('folders.edit', $folder),
'workspaceUsers' => $workspace->users()->orderBy('users.name')
->select('users.id', 'users.name', 'users.email')
->get()->map(fn ($u) => ['id' => $u->id, 'name' => $u->name])
->values()->all(),
'mentionStoreUrl' => route('folders.mentions.store', $folder),
'canMention' => in_array(
$workspace->users()->where('users.id', $request->user()->id)->first()?->pivot?->role?->value,
['owner', 'manager']
),
]);
}
/**
* Show the form for editing the specified folder.
*/
public function edit(Request $request, Folder $folder): Response
{
$workspace = $this->currentWorkspace($request);
$this->authorizeFolder($workspace, $folder);
return Inertia::render('folders/Edit', [
'folder' => [
'id' => $folder->id,
'title' => $folder->title,
'type' => $folder->type->value,
'client_id' => $folder->client_id,
'period_year' => $folder->period_year,
'period_month' => $folder->period_month,
'period_quarter' => $folder->period_quarter,
'due_date' => $folder->due_date?->format('Y-m-d'),
'status' => $folder->status->value,
'priority' => $folder->priority?->value,
'assigned_to' => $folder->assigned_to,
'notes_internal' => $folder->notes_internal,
'notes_client' => $folder->notes_client,
'created_at' => $folder->created_at?->format('Y-m-d H:i'),
],
'indexUrl' => route('folders.index'),
'updateUrl' => route('folders.update', $folder),
'folderTypeLabels' => $this->folderTypeLabels(),
'folderStatusLabels' => $this->folderStatusLabels(),
'folderPriorityLabels' => $this->folderPriorityLabels(),
'clients' => $workspace->clients()->orderBy('company_name')->get(['id', 'company_name'])->map(fn (Client $c) => [
'id' => $c->id,
'company_name' => $c->company_name,
])->values()->all(),
'workspaceUsers' => $workspace->users()
->orderBy('users.name')
->select('users.id', 'users.name', 'users.email')
->get()
->map(fn ($u) => [
'id' => $u->id,
'name' => $u->name,
'email' => $u->email,
])->values()->all(),
]);
}
/**
* Update the specified folder in storage.
*/
public function update(UpdateFolderRequest $request, Folder $folder): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
$this->authorizeFolder($workspace, $folder);
$folder->update($request->validated());
return to_route('folders.index');
}
/**
* Remove the specified folder from storage.
*/
public function destroy(Request $request, Folder $folder): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
$this->authorizeFolder($workspace, $folder);
$folder->delete();
return to_route('folders.index');
}
protected function authorizeFolder(Workspace $workspace, Folder $folder): void
{
if ($folder->workspace_id !== $workspace->id) {
abort(404);
}
}
}

81
app/Http/Controllers/FolderMediaController.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
namespace App\Http\Controllers;
use App\Enums\ActorType;
use App\Models\Folder;
use App\Models\MediaDownload;
use App\Models\Workspace;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Spatie\MediaLibrary\MediaCollections\Models\Media;
use Symfony\Component\HttpFoundation\Response;
class FolderMediaController extends Controller
{
protected function currentWorkspace(Request $request): Workspace
{
$workspaceId = $request->session()->get('current_workspace_id');
return Workspace::query()->findOrFail($workspaceId);
}
/**
* Store a newly uploaded file.
*/
public function store(Request $request, Folder $folder): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
if ($folder->workspace_id !== $workspace->id) {
abort(404);
}
$request->validate([
'files' => ['required', 'array', 'min:1'],
'files.*' => ['file', 'max:10240'],
]);
$user = $request->user();
foreach ($request->file('files') as $file) {
$folder->addMedia($file)
->withCustomProperties([
'uploaded_by_type' => ActorType::User,
'uploaded_by_id' => $user->id,
])
->toMediaCollection('documents');
}
return back()->with('flash', ['type' => 'success', 'message' => 'Fichier(s) téléchargé(s).']);
}
/**
* Download a media file.
*/
public function download(Request $request, Folder $folder, int $mediaId): Response
{
$workspace = $this->currentWorkspace($request);
if ($folder->workspace_id !== $workspace->id) {
abort(404);
}
$media = Media::query()
->where('model_type', Folder::class)
->where('model_id', $folder->id)
->where('id', $mediaId)
->firstOrFail();
try {
MediaDownload::query()->updateOrCreate(
['media_id' => $media->id, 'user_id' => $request->user()->id],
['downloaded_at' => now()],
);
} catch (\Throwable) {
// Tracking failure must never block the download
}
return $media->toResponse($request);
}
}

59
app/Http/Controllers/FolderMentionController.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
namespace App\Http\Controllers;
use App\Http\Requests\StoreFolderMentionRequest;
use App\Models\Folder;
use App\Models\User;
use App\Models\Workspace;
use App\Notifications\FolderMentionNotification;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;
class FolderMentionController extends Controller
{
protected function currentWorkspace(Request $request): Workspace
{
$workspaceId = $request->session()->get('current_workspace_id');
return Workspace::query()->findOrFail($workspaceId);
}
protected function authorizeFolder(Workspace $workspace, Folder $folder): void
{
if ($folder->workspace_id !== $workspace->id) {
abort(404);
}
}
public function store(StoreFolderMentionRequest $request, Folder $folder): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
$this->authorizeFolder($workspace, $folder);
$userRole = $workspace->users()
->where('users.id', $request->user()->id)
->first()
?->pivot
?->role
?->value;
if (! in_array($userRole, ['owner', 'manager'])) {
abort(403);
}
$validated = $request->validated();
$targetUser = User::findOrFail($validated['user_id']);
$targetUser->notify(new FolderMentionNotification(
$folder,
$request->user(),
$validated['message'],
));
Cache::forget("user:{$targetUser->id}:unread_notifications");
return back()->with('flash', ['type' => 'success', 'message' => 'Notification envoyée.']);
}
}

149
app/Http/Controllers/FolderMessageController.php Normal file
View File

@@ -0,0 +1,149 @@
<?php
namespace App\Http\Controllers;
use App\Enums\ActorType;
use App\Enums\FolderStatus;
use App\Enums\MessageType;
use App\Http\Requests\StoreFolderMessageRequest;
use App\Mail\FolderConfirmationMail;
use App\Mail\FolderFileRequestMail;
use App\Mail\FolderInviteMail;
use App\Mail\FolderSituationMail;
use App\Mail\FolderTextMessageMail;
use App\Models\Folder;
use App\Models\FolderInvitation;
use App\Models\Message;
use App\Models\Workspace;
use Carbon\Carbon;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Mail;
class FolderMessageController extends Controller
{
protected function currentWorkspace(Request $request): Workspace
{
$workspaceId = $request->session()->get('current_workspace_id');
return Workspace::query()->findOrFail($workspaceId);
}
/**
* Store a newly created message.
*/
public function store(StoreFolderMessageRequest $request, Folder $folder): RedirectResponse
{
$workspace = $this->currentWorkspace($request);
if ($folder->workspace_id !== $workspace->id) {
abort(404);
}
$user = $request->user();
$type = MessageType::fromValue($request->input('type'));
$body = $request->input('body');
$invitation = $type->is(MessageType::Invite)
? $this->createInvitation($folder)
: $this->getOrCreateInvitation($folder);
$metadata = ['invitation_id' => $invitation->id];
$message = $folder->messages()->create([
'type' => $type,
'body' => $body,
'sent_by_type' => ActorType::User,
'sent_by_id' => $user->id,
'metadata' => $metadata,
]);
$mediaIds = [];
if ($request->hasFile('files')) {
foreach ($request->file('files') as $file) {
$media = $folder->addMedia($file)
->withCustomProperties([
'message_id' => $message->id,
'uploaded_by_type' => ActorType::User,
'uploaded_by_id' => $user->id,
])
->toMediaCollection('documents');
$mediaIds[] = $media->id;
}
$message->update(['metadata' => array_merge($metadata, ['media_ids' => $mediaIds])]);
}
$this->updateFolderStatusAndConfirmation($folder, $type, $mediaIds);
$emailSent = $this->sendEmailForMessage($folder, $invitation, $message, $body, $type);
$flashMessage = $emailSent
? 'Message envoyé.'
: 'Message enregistré, mais l\'email du client n\'est pas configuré.';
return back()->with('flash', ['type' => 'success', 'message' => $flashMessage]);
}
protected function createInvitation(Folder $folder): FolderInvitation
{
$folder->load('client.primaryContact');
return $folder->invitations()->create([
'email' => $folder->client->primary_contact_email,
'expires_at' => Carbon::now()->addDays(7),
]);
}
protected function getOrCreateInvitation(Folder $folder): FolderInvitation
{
$invitation = $folder->invitations()
->where('expires_at', '>', now())
->latest()
->first();
if ($invitation) {
return $invitation;
}
return $this->createInvitation($folder);
}
/**
* @param array<int> $mediaIds
*/
protected function updateFolderStatusAndConfirmation(Folder $folder, MessageType $type, array $mediaIds): void
{
match ($type->value) {
'invite' => $folder->update(['status' => FolderStatus::WaitingDocuments]),
'situation', 'file_request' => $folder->update(['status' => FolderStatus::AdditionalDocumentsRequested]),
'confirmation' => $folder->update([
'status' => FolderStatus::WaitingClientValidation,
'confirmation_requested_at' => now(),
'confirmation_media_id' => $mediaIds[0] ?? null,
]),
default => null,
};
}
protected function sendEmailForMessage(Folder $folder, FolderInvitation $invitation, Message $message, string $body, MessageType $type): bool
{
$folder->load('client.primaryContact');
$clientEmail = $folder->client->primary_contact_email;
if (empty($clientEmail)) {
\Illuminate\Support\Facades\Log::warning("No primary contact email for client #{$folder->client_id}, skipping email.");
return false;
}
match ($type->value) {
'invite' => Mail::to($clientEmail)->send(new FolderInviteMail($folder, $invitation)),
'situation' => Mail::to($clientEmail)->send(new FolderSituationMail($folder, $invitation, $body)),
'file_request' => Mail::to($clientEmail)->send(new FolderFileRequestMail($folder, $invitation, $body)),
'confirmation' => Mail::to($clientEmail)->send(new FolderConfirmationMail($folder, $invitation, $body)),
'text' => Mail::to($clientEmail)->send(new FolderTextMessageMail($folder, $body, $invitation->token)),
default => null,
};
return true;
}
}

32
app/Http/Controllers/NotificationController.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;
class NotificationController extends Controller
{
public function markAsRead(Request $request, string $id): RedirectResponse
{
$request->user()
->notifications()
->where('id', $id)
->firstOrFail()
->markAsRead();
Cache::forget("user:{$request->user()->id}:unread_notifications");
return back();
}
public function markAllAsRead(Request $request): RedirectResponse
{
$request->user()->unreadNotifications->markAsRead();
Cache::forget("user:{$request->user()->id}:unread_notifications");
return back();
}
}

32
app/Http/Controllers/Settings/PasswordController.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
namespace App\Http\Controllers\Settings;
use App\Http\Controllers\Controller;
use App\Http\Requests\Settings\PasswordUpdateRequest;
use Illuminate\Http\RedirectResponse;
use Inertia\Inertia;
use Inertia\Response;
class PasswordController extends Controller
{
/**
* Show the user's password settings page.
*/
public function edit(): Response
{
return Inertia::render('settings/Password');
}
/**
* Update the user's password.
*/
public function update(PasswordUpdateRequest $request): RedirectResponse
{
$request->user()->update([
'password' => $request->password,
]);
return back();
}
}

60
app/Http/Controllers/Settings/ProfileController.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
namespace App\Http\Controllers\Settings;
use App\Http\Controllers\Controller;
use App\Http\Requests\Settings\ProfileDeleteRequest;
use App\Http\Requests\Settings\ProfileUpdateRequest;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Inertia\Inertia;
use Inertia\Response;
class ProfileController extends Controller
{
/**
* Show the user's profile settings page.
*/
public function edit(Request $request): Response
{
return Inertia::render('settings/Profile', [
'mustVerifyEmail' => $request->user() instanceof MustVerifyEmail,
'status' => $request->session()->get('status'),
]);
}
/**
* Update the user's profile information.
*/
public function update(ProfileUpdateRequest $request): RedirectResponse
{
$request->user()->fill($request->validated());
if ($request->user()->isDirty('email')) {
$request->user()->email_verified_at = null;
}
$request->user()->save();
return to_route('profile.edit');
}
/**
* Delete the user's profile.
*/
public function destroy(ProfileDeleteRequest $request): RedirectResponse
{
$user = $request->user();
Auth::logout();
$user->delete();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('/');
}
}

37
app/Http/Controllers/Settings/TwoFactorAuthenticationController.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
namespace App\Http\Controllers\Settings;
use App\Http\Controllers\Controller;
use App\Http\Requests\Settings\TwoFactorAuthenticationRequest;
use Illuminate\Routing\Controllers\HasMiddleware;
use Illuminate\Routing\Controllers\Middleware;
use Inertia\Inertia;
use Inertia\Response;
use Laravel\Fortify\Features;
class TwoFactorAuthenticationController extends Controller implements HasMiddleware
{
/**
* Get the middleware that should be assigned to the controller.
*/
public static function middleware(): array
{
return Features::optionEnabled(Features::twoFactorAuthentication(), 'confirmPassword')
? [new Middleware('password.confirm', only: ['show'])]
: [];
}
/**
* Show the user's two-factor authentication settings page.
*/
public function show(TwoFactorAuthenticationRequest $request): Response
{
$request->ensureStateIsValid();
return Inertia::render('settings/TwoFactor', [
'twoFactorEnabled' => $request->user()->hasEnabledTwoFactorAuthentication(),
'requiresConfirmation' => Features::optionEnabled(Features::twoFactorAuthentication(), 'confirm'),
]);
}
}

107
app/Http/Controllers/UserController.php Normal file
View File

@@ -0,0 +1,107 @@
<?php
namespace App\Http\Controllers;
use App\Http\Requests\StoreUserRequest;
use App\Http\Requests\UpdateUserRequest;
use App\Models\User;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Inertia\Inertia;
use Inertia\Response;
class UserController extends Controller
{
/**
* Display a listing of the users.
*/
public function index(Request $request): Response
{
$perPage = min(max((int) $request->input('per_page', 10), 10), 100);
$users = User::query()
->latest()
->paginate($perPage)
->through(fn (User $user) => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'group' => $user->group->value,
'created_at' => $user->created_at?->toISOString(),
'editUrl' => route('users.edit', $user),
'destroyUrl' => route('users.destroy', $user),
]);
return Inertia::render('users/Index', [
'users' => $users,
'createUrl' => route('users.create'),
]);
}
/**
* Show the form for creating a new user.
*/
public function create(): Response
{
return Inertia::render('users/Create', [
'indexUrl' => route('users.index'),
'storeUrl' => route('users.store'),
'userGroups' => \App\Enums\UserGroup::asSelectArray(),
]);
}
/**
* Store a newly created user in storage.
*/
public function store(StoreUserRequest $request): RedirectResponse
{
User::query()->create($request->validated());
return to_route('users.index');
}
/**
* Show the form for editing the specified user.
*/
public function edit(User $user): Response
{
return Inertia::render('users/Edit', [
'user' => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'group' => $user->group->value,
],
'indexUrl' => route('users.index'),
'updateUrl' => route('users.update', $user),
'userGroups' => \App\Enums\UserGroup::asSelectArray(),
]);
}
/**
* Update the specified user in storage.
*/
public function update(UpdateUserRequest $request, User $user): RedirectResponse
{
$data = $request->validated();
if (empty($data['password'])) {
unset($data['password']);
unset($data['password_confirmation']);
}
$user->update($data);
return to_route('users.index');
}
/**
* Remove the specified user from storage.
*/
public function destroy(User $user): RedirectResponse
{
$user->delete();
return to_route('users.index');
}
}

178
app/Http/Controllers/WorkspaceController.php Normal file
View File

@@ -0,0 +1,178 @@
<?php
namespace App\Http\Controllers;
use App\Enums\WorkspaceUserRole;
use App\Http\Requests\StoreWorkspaceRequest;
use App\Http\Requests\UpdateWorkspaceRequest;
use App\Models\User;
use App\Models\Workspace;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Inertia\Inertia;
use Inertia\Response;
class WorkspaceController extends Controller
{
/**
* Display a listing of the workspaces.
*/
public function index(Request $request): Response
{
$perPage = min(max((int) $request->input('per_page', 10), 10), 100);
$workspaces = Workspace::query()
->withCount('users')
->latest()
->paginate($perPage)
->through(fn (Workspace $workspace) => [
'id' => $workspace->id,
'name' => $workspace->name,
'slug' => $workspace->slug,
'users_count' => $workspace->users_count,
'showUrl' => route('workspaces.show', $workspace),
'editUrl' => route('workspaces.edit', $workspace),
'destroyUrl' => route('workspaces.destroy', $workspace),
]);
return Inertia::render('workspaces/Index', [
'workspaces' => $workspaces,
'createUrl' => route('workspaces.create'),
]);
}
/**
* Show the form for creating a new workspace.
*/
public function create(): Response
{
return Inertia::render('workspaces/Create', [
'indexUrl' => route('workspaces.index'),
'storeUrl' => route('workspaces.store'),
'users' => User::query()->orderBy('name')->get(['id', 'name', 'email']),
'workspaceUserRoles' => WorkspaceUserRole::asSelectArray(),
]);
}
/**
* Store a newly created workspace in storage.
*/
public function store(StoreWorkspaceRequest $request): RedirectResponse
{
$data = $request->validated();
$userIds = $data['user_ids'] ?? [];
$userRoles = $data['user_roles'] ?? [];
unset($data['user_ids'], $data['user_roles']);
$workspace = Workspace::query()->create($data);
$syncData = collect($userIds)->mapWithKeys(fn ($userId) => [
(int) $userId => ['role' => $userRoles[$userId] ?? WorkspaceUserRole::Member],
])->all();
$workspace->users()->sync($syncData);
return to_route('workspaces.index');
}
/**
* Display the specified workspace.
*/
public function show(Workspace $workspace): Response
{
$workspace->load('users');
$clientsCount = $workspace->clients()->count();
$foldersCount = $workspace->folders()->count();
$foldersByStatus = $workspace->folders()
->selectRaw('status, count(*) as count')
->groupBy('status')
->pluck('count', 'status')
->all();
$foldersThisMonth = $workspace->folders()
->whereMonth('created_at', now()->month)
->whereYear('created_at', now()->year)
->count();
$foldersNeedingAttention = $workspace->folders()
->whereIn('status', [
\App\Enums\FolderStatus::WaitingDocuments,
\App\Enums\FolderStatus::WaitingClientValidation,
])
->count();
return Inertia::render('workspaces/Show', [
'workspace' => [
'id' => $workspace->id,
'name' => $workspace->name,
'slug' => $workspace->slug,
'users' => $workspace->users->map(fn ($user) => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'role' => $user->pivot->role->value,
])->all(),
],
'stats' => [
'clients' => $clientsCount,
'folders' => $foldersCount,
'folders_by_status' => $foldersByStatus,
'folders_this_month' => $foldersThisMonth,
'folders_needing_attention' => $foldersNeedingAttention,
],
'indexUrl' => route('workspaces.index'),
'editUrl' => route('workspaces.edit', $workspace),
]);
}
/**
* Show the form for editing the specified workspace.
*/
public function edit(Workspace $workspace): Response
{
$workspace->load('users');
$userRoles = $workspace->users->mapWithKeys(
fn ($user) => [$user->id => $user->pivot->role->value],
)->all();
return Inertia::render('workspaces/Edit', [
'workspace' => [
'id' => $workspace->id,
'name' => $workspace->name,
'slug' => $workspace->slug,
'user_ids' => $workspace->users->pluck('id')->all(),
'user_roles' => $userRoles,
],
'indexUrl' => route('workspaces.index'),
'updateUrl' => route('workspaces.update', $workspace),
'users' => User::query()->orderBy('name')->get(['id', 'name', 'email']),
'workspaceUserRoles' => WorkspaceUserRole::asSelectArray(),
]);
}
/**
* Update the specified workspace in storage.
*/
public function update(UpdateWorkspaceRequest $request, Workspace $workspace): RedirectResponse
{
$data = $request->validated();
$userIds = $data['user_ids'] ?? [];
$userRoles = $data['user_roles'] ?? [];
unset($data['user_ids'], $data['user_roles']);
$workspace->update($data);
$syncData = collect($userIds)->mapWithKeys(fn ($userId) => [
(int) $userId => ['role' => $userRoles[$userId] ?? WorkspaceUserRole::Member],
])->all();
$workspace->users()->sync($syncData);
return to_route('workspaces.index');
}
/**
* Remove the specified workspace from storage.
*/
public function destroy(Workspace $workspace): RedirectResponse
{
$workspace->delete();
return to_route('workspaces.index');
}
}

28
app/Http/Controllers/WorkspaceSwitchController.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
class WorkspaceSwitchController extends Controller
{
/**
* Switch the current workspace.
*/
public function __invoke(Request $request): RedirectResponse
{
$workspaceId = $request->input('workspace_id');
$user = $request->user();
$hasAccess = $user->workspaces()->where('workspaces.id', $workspaceId)->exists();
if (! $hasAccess) {
return back();
}
$request->session()->put('current_workspace_id', (int) $workspaceId);
return back();
}
}

37
app/Http/Middleware/EnsureUserHasWorkspace.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class EnsureUserHasWorkspace
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$workspaceId = $request->session()->get('current_workspace_id');
if (! $workspaceId) {
return redirect()->route('dashboard')
->with('error', __('Please select a workspace first.'));
}
$user = $request->user();
$hasAccess = $user->workspaces()->where('workspaces.id', $workspaceId)->exists();
if (! $hasAccess) {
$request->session()->forget('current_workspace_id');
return redirect()->route('dashboard')
->with('error', __('You do not have access to this workspace.'));
}
return $next($request);
}
}

27
app/Http/Middleware/EnsureUserIsAdmin.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
namespace App\Http\Middleware;
use App\Enums\UserGroup;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class EnsureUserIsAdmin
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$user = $request->user();
if (! $user || (! $user->group->is(UserGroup::Admin) && ! $user->group->is(UserGroup::Superadmin))) {
abort(403);
}
return $next($request);
}
}

23
app/Http/Middleware/HandleAppearance.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\View;
use Symfony\Component\HttpFoundation\Response;
class HandleAppearance
{
/**
* Handle an incoming request.
*
* @param Closure(Request): (Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
View::share('appearance', $request->cookie('appearance') ?? 'system');
return $next($request);
}
}

101
app/Http/Middleware/HandleInertiaRequests.php Normal file
View File

@@ -0,0 +1,101 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;
use Inertia\Inertia;
use Inertia\Middleware;
class HandleInertiaRequests extends Middleware
{
/**
* The root template that's loaded on the first page visit.
*
* @see https://inertiajs.com/server-side-setup#root-template
*
* @var string
*/
protected $rootView = 'app';
/**
* Determines the current asset version.
*
* @see https://inertiajs.com/asset-versioning
*/
public function version(Request $request): ?string
{
return parent::version($request);
}
/**
* Define the props that are shared by default.
*
* @see https://inertiajs.com/shared-data
*
* @return array<string, mixed>
*/
public function share(Request $request): array
{
$user = $request->user();
$workspaces = $user
? $user->workspaces()
->orderBy('name')
->get(['workspaces.id', 'workspaces.name', 'workspaces.slug'])
->map(fn ($w) => [
'id' => $w->id,
'name' => $w->name,
'slug' => $w->slug,
])
->values()
->all()
: [];
$currentWorkspaceId = $request->session()->get('current_workspace_id');
$currentWorkspace = collect($workspaces)->firstWhere('id', $currentWorkspaceId)
?? ($workspaces[0] ?? null);
if (! $currentWorkspaceId && count($workspaces) > 0) {
$request->session()->put('current_workspace_id', $currentWorkspace['id']);
}
return [
...parent::share($request),
'flash' => $request->session()->get('flash'),
'name' => config('app.name'),
'auth' => [
'user' => $user,
'workspaces' => $workspaces,
'currentWorkspace' => $currentWorkspace,
],
'sidebarOpen' => ! $request->hasCookie('sidebar_state') || $request->cookie('sidebar_state') === 'true',
'userNotifications' => [
'unread_count' => $user ? Cache::remember(
"user:{$user->id}:unread_notifications",
60,
fn () => $user->unreadNotifications()->count()
) : 0,
'readUrl' => fn () => $user ? route('notifications.read', ['id' => '__ID__']) : null,
'readAllUrl' => fn () => $user ? route('notifications.readAll') : null,
'items' => Inertia::defer(function () use ($user) {
if (! $user) {
return [];
}
try {
return $user->notifications()->latest()->take(10)->get()->map(fn ($n) => [
'id' => $n->id,
'type' => class_basename($n->type),
'data' => $n->data,
'read_at' => $n->read_at?->toISOString(),
'created_at' => $n->created_at->diffForHumans(),
])->all();
} catch (\Throwable) {
return [];
}
}),
],
];
}
}

34
app/Http/Middleware/ValidateFolderInvitation.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace App\Http\Middleware;
use App\Models\FolderInvitation;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class ValidateFolderInvitation
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$token = $request->route('token');
$invitation = FolderInvitation::query()
->where('token', $token)
->with(['folder.client', 'folder.assignee', 'folder.creator'])
->first();
if (! $invitation || ! $invitation->isValid()) {
abort(404, 'Lien invalide ou expiré.');
}
$request->attributes->set('folder_invitation', $invitation);
return $next($request);
}
}

25
app/Http/Requests/Settings/PasswordUpdateRequest.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace App\Http\Requests\Settings;
use App\Concerns\PasswordValidationRules;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
class PasswordUpdateRequest extends FormRequest
{
use PasswordValidationRules;
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'current_password' => $this->currentPasswordRules(),
'password' => $this->passwordRules(),
];
}
}

24
app/Http/Requests/Settings/ProfileDeleteRequest.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace App\Http\Requests\Settings;
use App\Concerns\PasswordValidationRules;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
class ProfileDeleteRequest extends FormRequest
{
use PasswordValidationRules;
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'password' => $this->currentPasswordRules(),
];
}
}

22
app/Http/Requests/Settings/ProfileUpdateRequest.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace App\Http\Requests\Settings;
use App\Concerns\ProfileValidationRules;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
class ProfileUpdateRequest extends FormRequest
{
use ProfileValidationRules;
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return $this->profileRules($this->user()->id);
}
}

31
app/Http/Requests/Settings/TwoFactorAuthenticationRequest.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace App\Http\Requests\Settings;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
use Laravel\Fortify\Features;
use Laravel\Fortify\InteractsWithTwoFactorState;
class TwoFactorAuthenticationRequest extends FormRequest
{
use InteractsWithTwoFactorState;
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return Features::enabled(Features::twoFactorAuthentication());
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [];
}
}

72
app/Http/Requests/StoreClientRequest.php Normal file
View File

@@ -0,0 +1,72 @@
<?php
namespace App\Http\Requests;
use App\Enums\ClientStatus;
use App\Enums\LegalForm;
use BenSampo\Enum\Rules\EnumValue;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
use Illuminate\Validation\Validator;
class StoreClientRequest extends FormRequest
{
/**
* Prepare the data for validation.
*/
protected function prepareForValidation(): void
{
if ($this->has('internal_responsible_id') && $this->internal_responsible_id === '') {
$this->merge(['internal_responsible_id' => null]);
}
}
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'company_name' => ['required', 'string', 'max:255'],
'legal_form' => ['required', new EnumValue(LegalForm::class)],
'ice' => ['nullable', 'string', 'max:50'],
'fiscal_id' => ['nullable', 'string', 'max:50'],
'rc' => ['nullable', 'string', 'max:50'],
'cnss' => ['nullable', 'string', 'max:50'],
'patente' => ['nullable', 'string', 'max:50'],
'contacts' => ['required', 'array', 'min:1', 'max:20'],
'contacts.*.full_name' => ['required', 'string', 'max:255'],
'contacts.*.job_title' => ['nullable', 'string', 'max:255'],
'contacts.*.email' => ['nullable', 'string', 'email', 'max:255'],
'contacts.*.phone' => ['nullable', 'string', 'max:50'],
'contacts.*.is_principal' => ['required', 'boolean'],
'internal_responsible_id' => ['nullable', 'integer', 'exists:users,id'],
'status' => ['nullable', Rule::in(ClientStatus::getValues())],
'internal_notes' => ['nullable', 'string', 'max:65535'],
];
}
/**
* Configure the validator instance.
*/
public function withValidator(Validator $validator): void
{
$validator->after(function (Validator $validator) {
$contacts = $this->input('contacts', []);
$principalCount = collect($contacts)->where('is_principal', true)->count();
if ($principalCount !== 1) {
$validator->errors()->add('contacts', 'Exactement un responsable doit être marqué comme principal.');
}
});
}
}

37
app/Http/Requests/StoreFolderMentionRequest.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
class StoreFolderMentionRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
$workspaceId = $this->session()->get('current_workspace_id');
return [
'user_id' => [
'required',
'integer',
Rule::exists('workspace_user', 'user_id')
->where('workspace_id', $workspaceId),
],
'message' => ['required', 'string', 'max:500'],
];
}
}

54
app/Http/Requests/StoreFolderMessageRequest.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
namespace App\Http\Requests;
use App\Enums\MessageType;
use BenSampo\Enum\Rules\EnumValue;
use Illuminate\Foundation\Http\FormRequest;
class StoreFolderMessageRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
$rules = [
'type' => ['required', new EnumValue(MessageType::class)],
'body' => ['required', 'string', 'max:65535'],
'files' => ['nullable', 'array'],
'files.*' => ['file', 'max:10240'], // 10MB per file
];
$type = $this->input('type');
if (in_array($type, ['situation', 'confirmation'])) {
$rules['files'] = ['required', 'array', 'min:1'];
}
return $rules;
}
/**
* Get custom attributes for validator errors.
*
* @return array<string, string>
*/
public function attributes(): array
{
return [
'body' => 'message',
'files' => 'fichiers',
];
}
}

111
app/Http/Requests/StoreFolderRequest.php Normal file
View File

@@ -0,0 +1,111 @@
<?php
namespace App\Http\Requests;
use App\Enums\FolderPriority;
use App\Enums\FolderStatus;
use App\Enums\FolderType;
use BenSampo\Enum\Rules\EnumValue;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
use Illuminate\Validation\Validator;
class StoreFolderRequest extends FormRequest
{
/**
* Prepare the data for validation.
*/
protected function prepareForValidation(): void
{
$merge = [];
if ($this->has('assigned_to') && $this->assigned_to === '') {
$merge['assigned_to'] = null;
}
if ($this->filled('period_month') && (int) $this->period_month === 0) {
$merge['period_month'] = null;
}
if ($this->filled('period_quarter') && (int) $this->period_quarter === 0) {
$merge['period_quarter'] = null;
}
if ($merge !== []) {
$this->merge($merge);
}
}
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
$workspaceId = $this->session()->get('current_workspace_id');
return [
'client_id' => [
'required',
'integer',
Rule::exists('clients', 'id')->where('workspace_id', $workspaceId),
],
'title' => ['required', 'string', 'max:255'],
'type' => ['required', new EnumValue(FolderType::class)],
'period_year' => ['required', 'integer', 'min:2000', 'max:2100'],
'period_month' => ['nullable', 'integer', 'min:1', 'max:12'],
'period_quarter' => ['nullable', 'integer', 'min:1', 'max:4'],
'due_date' => ['nullable', 'date'],
'status' => ['nullable', Rule::in(FolderStatus::getValues())],
'priority' => ['nullable', Rule::in(FolderPriority::getValues())],
'assigned_to' => [
'nullable',
'integer',
Rule::exists('users', 'id'),
],
'notes_internal' => ['nullable', 'string', 'max:65535'],
'notes_client' => ['nullable', 'string', 'max:65535'],
];
}
/**
* Configure the validator instance.
*/
public function withValidator(Validator $validator): void
{
$validator->after(function (Validator $validator) {
$type = $this->input('type');
if ($type === 'vat') {
$validator->errors()->add(
'type',
'Veuillez sélectionner TVA mensuelle ou TVA trimestrielle.',
);
}
if ($type === 'vat_monthly') {
$month = $this->input('period_month');
if ($month === null || $month === '') {
$validator->errors()->add('period_month', 'Le mois est requis pour la TVA mensuelle.');
}
$this->merge(['period_quarter' => null]);
}
if ($type === 'vat_quarterly') {
$quarter = $this->input('period_quarter');
if ($quarter === null || $quarter === '') {
$validator->errors()->add('period_quarter', 'Le trimestre est requis pour la TVA trimestrielle.');
}
$this->merge(['period_month' => null]);
}
});
}
}

36
app/Http/Requests/StoreUserRequest.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
namespace App\Http\Requests;
use App\Enums\UserGroup;
use App\Models\User;
use BenSampo\Enum\Rules\EnumValue;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
class StoreUserRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', Rule::unique(User::class)],
'password' => ['required', 'string', 'min:8', 'confirmed'],
'group' => ['required', new EnumValue(UserGroup::class)],
];
}
}

37
app/Http/Requests/StoreWorkspaceRequest.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
namespace App\Http\Requests;
use App\Enums\WorkspaceUserRole;
use App\Models\Workspace;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
class StoreWorkspaceRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'slug' => ['nullable', 'string', 'max:255', Rule::unique(Workspace::class)],
'user_ids' => ['array'],
'user_ids.*' => ['integer', 'exists:users,id'],
'user_roles' => ['nullable', 'array'],
'user_roles.*' => ['string', 'in:' . implode(',', WorkspaceUserRole::getValues())],
];
}
}

73
app/Http/Requests/UpdateClientRequest.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
namespace App\Http\Requests;
use App\Enums\ClientStatus;
use App\Enums\LegalForm;
use BenSampo\Enum\Rules\EnumValue;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
use Illuminate\Validation\Validator;
class UpdateClientRequest extends FormRequest
{
/**
* Prepare the data for validation.
*/
protected function prepareForValidation(): void
{
if ($this->has('internal_responsible_id') && $this->internal_responsible_id === '') {
$this->merge(['internal_responsible_id' => null]);
}
}
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'company_name' => ['required', 'string', 'max:255'],
'legal_form' => ['required', new EnumValue(LegalForm::class)],
'ice' => ['nullable', 'string', 'max:50'],
'fiscal_id' => ['nullable', 'string', 'max:50'],
'rc' => ['nullable', 'string', 'max:50'],
'cnss' => ['nullable', 'string', 'max:50'],
'patente' => ['nullable', 'string', 'max:50'],
'contacts' => ['required', 'array', 'min:1', 'max:20'],
'contacts.*.id' => ['nullable', 'integer'],
'contacts.*.full_name' => ['required', 'string', 'max:255'],
'contacts.*.job_title' => ['nullable', 'string', 'max:255'],
'contacts.*.email' => ['nullable', 'string', 'email', 'max:255'],
'contacts.*.phone' => ['nullable', 'string', 'max:50'],
'contacts.*.is_principal' => ['required', 'boolean'],
'internal_responsible_id' => ['nullable', 'integer', 'exists:users,id'],
'status' => ['nullable', Rule::in(ClientStatus::getValues())],
'internal_notes' => ['nullable', 'string', 'max:65535'],
];
}
/**
* Configure the validator instance.
*/
public function withValidator(Validator $validator): void
{
$validator->after(function (Validator $validator) {
$contacts = $this->input('contacts', []);
$principalCount = collect($contacts)->where('is_principal', true)->count();
if ($principalCount !== 1) {
$validator->errors()->add('contacts', 'Exactement un responsable doit être marqué comme principal.');
}
});
}
}

111
app/Http/Requests/UpdateFolderRequest.php Normal file
View File

@@ -0,0 +1,111 @@
<?php
namespace App\Http\Requests;
use App\Enums\FolderPriority;
use App\Enums\FolderStatus;
use App\Enums\FolderType;
use BenSampo\Enum\Rules\EnumValue;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
use Illuminate\Validation\Validator;
class UpdateFolderRequest extends FormRequest
{
/**
* Prepare the data for validation.
*/
protected function prepareForValidation(): void
{
$merge = [];
if ($this->has('assigned_to') && $this->assigned_to === '') {
$merge['assigned_to'] = null;
}
if ($this->filled('period_month') && (int) $this->period_month === 0) {
$merge['period_month'] = null;
}
if ($this->filled('period_quarter') && (int) $this->period_quarter === 0) {
$merge['period_quarter'] = null;
}
if ($merge !== []) {
$this->merge($merge);
}
}
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
$workspaceId = $this->session()->get('current_workspace_id');
return [
'client_id' => [
'required',
'integer',
Rule::exists('clients', 'id')->where('workspace_id', $workspaceId),
],
'title' => ['required', 'string', 'max:255'],
'type' => ['required', new EnumValue(FolderType::class)],
'period_year' => ['required', 'integer', 'min:2000', 'max:2100'],
'period_month' => ['nullable', 'integer', 'min:1', 'max:12'],
'period_quarter' => ['nullable', 'integer', 'min:1', 'max:4'],
'due_date' => ['nullable', 'date'],
'status' => ['nullable', Rule::in(FolderStatus::getValues())],
'priority' => ['nullable', Rule::in(FolderPriority::getValues())],
'assigned_to' => [
'nullable',
'integer',
Rule::exists('users', 'id'),
],
'notes_internal' => ['nullable', 'string', 'max:65535'],
'notes_client' => ['nullable', 'string', 'max:65535'],
];
}
/**
* Configure the validator instance.
*/
public function withValidator(Validator $validator): void
{
$validator->after(function (Validator $validator) {
$type = $this->input('type');
if ($type === 'vat') {
$validator->errors()->add(
'type',
'Veuillez sélectionner TVA mensuelle ou TVA trimestrielle.',
);
}
if ($type === 'vat_monthly') {
$month = $this->input('period_month');
if ($month === null || $month === '') {
$validator->errors()->add('period_month', 'Le mois est requis pour la TVA mensuelle.');
}
$this->merge(['period_quarter' => null]);
}
if ($type === 'vat_quarterly') {
$quarter = $this->input('period_quarter');
if ($quarter === null || $quarter === '') {
$validator->errors()->add('period_quarter', 'Le trimestre est requis pour la TVA trimestrielle.');
}
$this->merge(['period_month' => null]);
}
});
}
}

38
app/Http/Requests/UpdateUserRequest.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
namespace App\Http\Requests;
use App\Enums\UserGroup;
use App\Models\User;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
class UpdateUserRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
/** @var User $user */
$user = $this->route('user');
return [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', Rule::unique(User::class)->ignore($user->id)],
'password' => ['nullable', 'string', 'min:8', 'confirmed'],
'group' => ['required', Rule::in(UserGroup::getValues())],
];
}
}

40
app/Http/Requests/UpdateWorkspaceRequest.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
namespace App\Http\Requests;
use App\Enums\WorkspaceUserRole;
use App\Models\Workspace;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
class UpdateWorkspaceRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return $this->user() !== null;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
/** @var Workspace $workspace */
$workspace = $this->route('workspace');
return [
'name' => ['required', 'string', 'max:255'],
'slug' => ['nullable', 'string', 'max:255', Rule::unique(Workspace::class)->ignore($workspace->id)],
'user_ids' => ['array'],
'user_ids.*' => ['integer', 'exists:users,id'],
'user_roles' => ['nullable', 'array'],
'user_roles.*' => ['string', 'in:' . implode(',', WorkspaceUserRole::getValues())],
];
}
}