finished PUT and DELETE endpoints for users

WendellAdriel · WendellAdriel · commit 9325b438f29d · 2021-02-01T15:03:43.000Z
diff --git a/app/Modules/Auth/Controllers/UserController.php b/app/Modules/Auth/Controllers/UserController.php
@@ -4,9 +4,11 @@
 
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Auth;
 use LarAPI\Core\Http\BaseController;
 use LarAPI\Modules\Auth\Requests\CreateUserRequest;
+use LarAPI\Modules\Auth\Requests\UpdateUserRequest;
 use LarAPI\Modules\Auth\Services\UserService;
 use LarAPI\Modules\Common\Requests\CommonTableRequest;
 
@@ -197,11 +199,83 @@ public function show(string $uuid): JsonResponse
         return $this->apiSuccessResponse($this->service->getUser($uuid));
     }
 
-    public function update(string $uuid): JsonResponse
+    /**
+     * Updates the info of a specific user
+     *
+     * @OA\Put(
+     *      tags={"Users Management"},
+     *      path="/v1/users/{uuid}",
+     *      description="Updates the info of a specific user",
+     *      security={ "jwt": {} },
+     *
+     *      @OA\RequestBody(description="Info needed to update the user info",
+     *          @OA\MediaType(mediaType="application/json",
+     *              @OA\Schema(type="object", required={"name"},
+     *                  @OA\Property(property="name", type="string"),
+     *                  @OA\Property(property="password", type="string", description="Must contain at least one lowercase letter, one uppercase letter, one number and one special character"),
+     *                  @OA\Property(property="password_confirmation", type="string"),
+     *                  @OA\Property(property="active", type="boolean"),
+     *                  @OA\Property(property="role_id", type="integer"),
+     *              ),
+     *          ),
+     *      ),
+     *
+     *     @OA\Response(response="200", description="The success response",
+     *          @OA\MediaType(mediaType="application/json",
+     *              @OA\Schema(type="object",
+     *                  @OA\Property(property="success", type="boolean"),
+     *              ),
+     *          ),
+     *      ),
+     *      @OA\Response(response="400", description="Invalid Request"),
+     *      @OA\Response(response="401", description="Unauthorized"),
+     *      @OA\Response(response="403", description="Access Denied"),
+     *      @OA\Response(response="422", description="Data is invalid"),
+     * )
+     *
+     * @param UpdateUserRequest $request
+     * @param string            $uuid
+     * @return JsonResponse
+     */
+    public function update(UpdateUserRequest $request, string $uuid): JsonResponse
     {
+        $this->service->updateUser(Auth::user(), $uuid, $request->getDTO());
+        return $this->apiSimpleSuccessResponse(Response::HTTP_OK);
     }
 
+    /**
+     * Deletes a specific user
+     *
+     * @OA\Delete(
+     *      tags={"Users Management"},
+     *      path="/v1/users/{uuid}",
+     *      description="Deletes a specific user",
+     *      security={ "jwt": {} },
+     *
+     *      @OA\Parameter(name="uuid", in="path", required=true,
+     *          @OA\Schema(type="string"),
+     *      ),
+     *
+     *      @OA\Response(response="200", description="The success response",
+     *          @OA\MediaType(mediaType="application/json",
+     *              @OA\Schema(type="object",
+     *                  @OA\Property(property="success", type="boolean"),
+     *              ),
+     *          ),
+     *      ),
+     *      @OA\Response(response="400", description="Invalid Request"),
+     *      @OA\Response(response="401", description="Unauthorized"),
+     *      @OA\Response(response="403", description="Access Denied"),
+     *      @OA\Response(response="404", description="Resource not found"),
+     * )
+     *
+     * @param string $uuid
+     * @return JsonResponse
+     * @throws ModelNotFoundException
+     */
     public function delete(string $uuid): JsonResponse
     {
+        $this->service->deleteUser($uuid);
+        return $this->apiSimpleSuccessResponse(Response::HTTP_OK);
     }
 }
diff --git a/app/Modules/Auth/Requests/UpdateUserRequest.php b/app/Modules/Auth/Requests/UpdateUserRequest.php
@@ -0,0 +1,44 @@
+<?php
+
+
+namespace LarAPI\Modules\Auth\Requests;
+
+use Illuminate\Support\Facades\Hash;
+use LarAPI\Core\Http\BaseRequest;
+use LarAPI\Modules\Auth\Support\DTOs\UpdateUserDTO;
+use LarAPI\Modules\Common\Support\DTOs\DTOInterface;
+
+class UpdateUserRequest extends BaseRequest
+{
+    /**
+     * @return array
+     */
+    public function rules(): array
+    {
+        return [
+            UpdateUserDTO::NAME                  => ['required', 'string'],
+            UpdateUserDTO::PASSWORD_CONFIRMATION => ['required_with:' . UpdateUserDTO::PASSWORD, 'string'],
+            UpdateUserDTO::ACTIVE                => ['sometimes', 'boolean'],
+            UpdateUserDTO::ROLE                  => ['sometimes', 'integer'],
+            UpdateUserDTO::PASSWORD              => [
+                'sometimes', 'nullable', 'string', 'min:8', 'confirmed',
+                'regex:/[a-z]/', 'regex:/[A-Z]/',
+                'regex:/[0-9]/', 'regex:/[@$!%*#?&]/'
+            ],
+        ];
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function getDTO(): DTOInterface
+    {
+        $dto      = new UpdateUserDTO();
+        $password = $this->input($dto::PASSWORD);
+
+        return $dto->setName($this->input($dto::NAME))
+            ->setPassword(!is_null($password) ? Hash::make($password) : null)
+            ->setActive($this->input($dto::ACTIVE))
+            ->setRoleId($this->input($dto::ROLE));
+    }
+}
diff --git a/app/Modules/Auth/Routing/v1.php b/app/Modules/Auth/Routing/v1.php
@@ -26,7 +26,7 @@
         Route::prefix('{uuid}')->group(function () {
             Route::get('/', 'UserController@show');
             Route::put('/', 'UserController@update')->middleware('block_viewer');
-            Route::delete('/', 'UserController@delete')->middleware('block_viewer');
+            Route::delete('/', 'UserController@delete')->middleware('check_manager');
         });
     });
 });
diff --git a/app/Modules/Auth/Services/UserService.php b/app/Modules/Auth/Services/UserService.php
@@ -6,6 +6,7 @@
 use LarAPI\Models\Auth\Role;
 use LarAPI\Models\Auth\User;
 use LarAPI\Modules\Auth\Support\DTOs\CreateUserDTO;
+use LarAPI\Modules\Auth\Support\DTOs\UpdateUserDTO;
 use LarAPI\Modules\Common\Support\DTOs\CommonTableDTO;
 use LarAPI\Modules\Common\Support\Paginator;
 use LarAPI\Repositories\Auth\UserRepository;
@@ -63,4 +64,34 @@ public function getUser(string $userUuid): User
     {
         return $this->repository->getByOrFail('uuid', $userUuid);
     }
+
+    /**
+     * @param User          $user
+     * @param string        $userUuid
+     * @param UpdateUserDTO $dto
+     * @return int
+     */
+    public function updateUser(User $user, string $userUuid, UpdateUserDTO $dto): int
+    {
+        if (!$user->is_admin && !is_null($dto->getRoleId())) {
+            if ($dto->getRoleId() === Role::ROLE_ADMIN) {
+                $dto->setRoleId(Role::ROLE_NORMAL);
+            }
+            if ($dto->getRoleId() === Role::ROLE_MANAGER && !$user->is_manager) {
+                $dto->setRoleId(Role::ROLE_NORMAL);
+            }
+        }
+
+        $params = collect($dto->toArray())->filter()->toArray();
+        return $this->repository->updateBy('uuid', $userUuid, $params);
+    }
+
+    /**
+     * @param string $userUuid
+     * @return mixed
+     */
+    public function deleteUser(string $userUuid)
+    {
+        return $this->repository->deleteBy('uuid', $userUuid);
+    }
 }
diff --git a/app/Modules/Auth/Support/DTOs/UpdateUserDTO.php b/app/Modules/Auth/Support/DTOs/UpdateUserDTO.php
@@ -0,0 +1,104 @@
+<?php
+
+namespace LarAPI\Modules\Auth\Support\DTOs;
+
+use LarAPI\Modules\Common\Support\DTOs\DTOInterface;
+
+class UpdateUserDTO implements DTOInterface
+{
+    public const NAME                  = 'name';
+    public const PASSWORD              = 'password';
+    public const PASSWORD_CONFIRMATION = 'password_confirmation';
+    public const ACTIVE                = 'active';
+    public const ROLE                  = 'role_id';
+
+    private string $name;
+    private ?string $password;
+    private ?bool $active;
+    private ?int $roleId;
+
+    /**
+     * @return string
+     */
+    public function getName(): string
+    {
+        return $this->name;
+    }
+
+    /**
+     * @param string $name
+     * @return UpdateUserDTO
+     */
+    public function setName(string $name): UpdateUserDTO
+    {
+        $this->name = $name;
+        return $this;
+    }
+
+    /**
+     * @return string|null
+     */
+    public function getPassword(): ?string
+    {
+        return $this->password;
+    }
+
+    /**
+     * @param string|null $password
+     * @return UpdateUserDTO
+     */
+    public function setPassword(?string $password): UpdateUserDTO
+    {
+        $this->password = $password;
+        return $this;
+    }
+
+    /**
+     * @return bool|null
+     */
+    public function getActive(): ?bool
+    {
+        return $this->active;
+    }
+
+    /**
+     * @param bool|null $active
+     * @return UpdateUserDTO
+     */
+    public function setActive(?bool $active): UpdateUserDTO
+    {
+        $this->active = $active;
+        return $this;
+    }
+
+    /**
+     * @return int|null
+     */
+    public function getRoleId(): ?int
+    {
+        return $this->roleId;
+    }
+
+    /**
+     * @param int|null $roleId
+     * @return UpdateUserDTO
+     */
+    public function setRoleId(?int $roleId): UpdateUserDTO
+    {
+        $this->roleId = $roleId;
+        return $this;
+    }
+
+    /**
+     * @return array
+     */
+    public function toArray(): array
+    {
+        return [
+            self::NAME     => $this->name,
+            self::PASSWORD => $this->password,
+            self::ACTIVE   => $this->active,
+            self::ROLE     => $this->roleId,
+        ];
+    }
+}
diff --git a/config/jwt.php b/config/jwt.php
@@ -101,7 +101,7 @@
     |
     */
 
-    'ttl' => env('JWT_TTL', 60),
+    'ttl' => env('JWT_TTL', 1440),
 
     /*
     |--------------------------------------------------------------------------
@@ -120,7 +120,7 @@
     |
     */
 
-    'refresh_ttl' => env('JWT_REFRESH_TTL', 20160),
+    'refresh_ttl' => env('JWT_REFRESH_TTL', 40320),
 
     /*
     |--------------------------------------------------------------------------
diff --git a/public/swagger/openapi.yaml b/public/swagger/openapi.yaml
diff --git a/tools/Insomnia_LarAPI.json b/tools/Insomnia_LarAPI.json

Original file line number	Diff line number	Diff line change
`@@ -101,7 +101,7 @@`
`101`	`101`	`\|`
`102`	`102`	`*/`
`103`	`103`
`104`		`- 'ttl' => env('JWT_TTL', 60),`
	`104`	`+ 'ttl' => env('JWT_TTL', 1440),`
`105`	`105`
`106`	`106`	`/*`
`107`	`107`	`\|--------------------------------------------------------------------------`
`@@ -120,7 +120,7 @@`
`120`	`120`	`\|`
`121`	`121`	`*/`
`122`	`122`
`123`		`- 'refresh_ttl' => env('JWT_REFRESH_TTL', 20160),`
	`123`	`+ 'refresh_ttl' => env('JWT_REFRESH_TTL', 40320),`
`124`	`124`
`125`	`125`	`/*`
`126`	`126`	`\|--------------------------------------------------------------------------`