javier
14758136b6
Milestone 5 (media): - POST /api/v1/media — multipart upload, attaches to feature/issue/project/ phase/layer, idempotent by uuid, authz member + 'upload media'. Added uuid+client_updated_at to media. - Bundle now includes a 'media' array (URLs) for the project's project/feature/ issue attachments (delta-aware). Milestone 6 (hardening + docs): - sync_logs table/model: every applied op is logged; /sync short-circuits on a repeated op uuid -> 'duplicate' (true idempotency for updates too, not just creates). - Rate limiting on login (10/min), sync (60/min), media (120/min). - docs/openapi.yaml: OpenAPI 3 contract for the mobile team. Tests: 18 passing (added media upload idempotency + sync_logs idempotency). The mobile API (Milestones 1-6) is now feature-complete on the webapp side. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
197 lines
8.5 KiB
PHP
197 lines
8.5 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\V1;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\Feature;
|
|
use App\Models\Inspection;
|
|
use App\Models\InspectionTemplate;
|
|
use App\Models\Issue;
|
|
use App\Models\Layer;
|
|
use App\Models\Media;
|
|
use App\Models\Phase;
|
|
use App\Models\Project;
|
|
use Carbon\Carbon;
|
|
use Illuminate\Http\Request;
|
|
|
|
class ProjectApiController extends Controller
|
|
{
|
|
/** Projects the authenticated user can access. */
|
|
public function index(Request $request)
|
|
{
|
|
$projects = Project::accessibleBy($request->user())
|
|
->orderBy('name')
|
|
->get(['id', 'reference', 'name', 'address', 'status', 'lat', 'lng', 'updated_at']);
|
|
|
|
return response()->json(['projects' => $projects]);
|
|
}
|
|
|
|
/**
|
|
* Offline bundle for one project. Full snapshot, or a delta when `?since=` is
|
|
* given (only records changed after that timestamp + tombstones for deletions).
|
|
*/
|
|
public function bundle(Request $request, Project $project)
|
|
{
|
|
$this->authorizeProject($request, $project);
|
|
|
|
$since = $request->query('since');
|
|
$since = $since ? Carbon::parse($since) : null;
|
|
|
|
$changed = fn ($query) => $since ? $query->where('updated_at', '>', $since) : $query;
|
|
|
|
$allPhaseIds = Phase::withTrashed()->where('project_id', $project->id)->pluck('id');
|
|
$allLayerIds = Layer::withTrashed()->whereIn('phase_id', $allPhaseIds)->pluck('id');
|
|
|
|
$phases = $changed(Phase::where('project_id', $project->id))->orderBy('order')->get();
|
|
$layers = $changed(Layer::whereIn('phase_id', $allPhaseIds))->get();
|
|
$features = $changed(Feature::whereIn('layer_id', $allLayerIds))->get();
|
|
$inspections = $changed(Inspection::where('project_id', $project->id))->get();
|
|
$issues = $changed(Issue::where('project_id', $project->id))->get();
|
|
$templates = $changed(InspectionTemplate::where('project_id', $project->id))->get();
|
|
|
|
$featureIds = Feature::whereIn('layer_id', $allLayerIds)->pluck('id');
|
|
$issueIds = Issue::where('project_id', $project->id)->pluck('id');
|
|
$media = $changed(Media::where(function ($q) use ($project, $featureIds, $issueIds) {
|
|
$q->where(fn ($w) => $w->where('mediable_type', Project::class)->where('mediable_id', $project->id))
|
|
->orWhere(fn ($w) => $w->where('mediable_type', Feature::class)->whereIn('mediable_id', $featureIds))
|
|
->orWhere(fn ($w) => $w->where('mediable_type', Issue::class)->whereIn('mediable_id', $issueIds));
|
|
}))->get();
|
|
|
|
return response()->json([
|
|
'server_time' => now()->toIso8601String(),
|
|
'project' => $this->mapProject($project),
|
|
'phases' => $phases->map(fn ($p) => $this->mapPhase($p))->values(),
|
|
'layers' => $layers->map(fn ($l) => $this->mapLayer($l))->values(),
|
|
'features' => $features->map(fn ($f) => $this->mapFeature($f))->values(),
|
|
'inspections' => $inspections->map(fn ($i) => $this->mapInspection($i))->values(),
|
|
'issues' => $issues->map(fn ($i) => $this->mapIssue($i))->values(),
|
|
'templates' => $templates->map(fn ($t) => $this->mapTemplate($t))->values(),
|
|
'media' => $media->map(fn ($m) => $this->mapMedia($m))->values(),
|
|
'deleted' => $since ? $this->tombstones($since, $project, $allPhaseIds, $allLayerIds) : (object) [],
|
|
]);
|
|
}
|
|
|
|
/** Inspection templates for the projects the user can access (with version/hash). */
|
|
public function templates(Request $request)
|
|
{
|
|
$since = $request->query('since');
|
|
$since = $since ? Carbon::parse($since) : null;
|
|
|
|
$projectIds = Project::accessibleBy($request->user())->pluck('id');
|
|
|
|
$query = InspectionTemplate::whereIn('project_id', $projectIds);
|
|
if ($since) {
|
|
$query->where('updated_at', '>', $since);
|
|
}
|
|
|
|
return response()->json([
|
|
'templates' => $query->get()->map(fn ($t) => $this->mapTemplate($t))->values(),
|
|
]);
|
|
}
|
|
|
|
// ── Helpers ────────────────────────────────────────────────────────────────
|
|
|
|
private function authorizeProject(Request $request, Project $project): void
|
|
{
|
|
$user = $request->user();
|
|
abort_unless(
|
|
$user->can('manage all') || $project->users()->where('user_id', $user->id)->exists(),
|
|
403
|
|
);
|
|
}
|
|
|
|
private function tombstones(Carbon $since, Project $project, $allPhaseIds, $allLayerIds): array
|
|
{
|
|
return [
|
|
'phases' => Phase::onlyTrashed()->where('project_id', $project->id)->where('deleted_at', '>', $since)->pluck('id')->values(),
|
|
'layers' => Layer::onlyTrashed()->whereIn('phase_id', $allPhaseIds)->where('deleted_at', '>', $since)->pluck('id')->values(),
|
|
'features' => Feature::onlyTrashed()->whereIn('layer_id', $allLayerIds)->where('deleted_at', '>', $since)->pluck('id')->values(),
|
|
'inspections' => Inspection::onlyTrashed()->where('project_id', $project->id)->where('deleted_at', '>', $since)->pluck('id')->values(),
|
|
'issues' => Issue::onlyTrashed()->where('project_id', $project->id)->where('deleted_at', '>', $since)->pluck('id')->values(),
|
|
];
|
|
}
|
|
|
|
private function mapProject(Project $p): array
|
|
{
|
|
return [
|
|
'id' => $p->id, 'reference' => $p->reference, 'name' => $p->name,
|
|
'address' => $p->address, 'lat' => $p->lat, 'lng' => $p->lng,
|
|
'status' => $p->status, 'updated_at' => $p->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
|
|
private function mapPhase(Phase $p): array
|
|
{
|
|
return [
|
|
'id' => $p->id, 'name' => $p->name, 'order' => $p->order, 'color' => $p->color,
|
|
'progress_percent' => $p->progress_percent, 'updated_at' => $p->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
|
|
private function mapLayer(Layer $l): array
|
|
{
|
|
return [
|
|
'id' => $l->id, 'phase_id' => $l->phase_id, 'name' => $l->name,
|
|
'color' => $l->color, 'updated_at' => $l->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
|
|
private function mapFeature(Feature $f): array
|
|
{
|
|
return [
|
|
'id' => $f->id, 'layer_id' => $f->layer_id, 'name' => $f->name,
|
|
'geometry' => $f->geometry, 'status' => $f->status, 'progress' => $f->progress,
|
|
'responsible' => $f->responsible, 'template_id' => $f->template_id,
|
|
'updated_at' => $f->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
|
|
private function mapInspection(Inspection $i): array
|
|
{
|
|
return [
|
|
'id' => $i->id, 'feature_id' => $i->feature_id, 'layer_id' => $i->layer_id,
|
|
'template_id' => $i->template_id, 'user_id' => $i->user_id, 'data' => $i->data,
|
|
'status' => $i->status, 'result' => $i->result, 'notes' => $i->notes,
|
|
'created_at' => $i->created_at?->toIso8601String(), 'updated_at' => $i->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
|
|
private function mapIssue(Issue $i): array
|
|
{
|
|
return [
|
|
'id' => $i->id, 'feature_id' => $i->feature_id, 'title' => $i->title,
|
|
'description' => $i->description, 'status' => $i->status, 'priority' => $i->priority,
|
|
'reported_by' => $i->reported_by, 'assigned_to' => $i->assigned_to,
|
|
'resolved_at' => $i->resolved_at?->toIso8601String(), 'updated_at' => $i->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
|
|
private function mapTemplate(InspectionTemplate $t): array
|
|
{
|
|
return [
|
|
'id' => $t->id, 'project_id' => $t->project_id, 'phase_id' => $t->phase_id,
|
|
'name' => $t->name, 'description' => $t->description, 'fields' => $t->fields,
|
|
'version' => $t->updated_at?->timestamp,
|
|
'hash' => md5(json_encode($t->fields) . $t->name),
|
|
'updated_at' => $t->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
|
|
private function mapMedia(Media $m): array
|
|
{
|
|
$entity = [
|
|
Project::class => 'project',
|
|
Feature::class => 'feature',
|
|
Issue::class => 'issue',
|
|
][$m->mediable_type] ?? class_basename($m->mediable_type);
|
|
|
|
return [
|
|
'id' => $m->id, 'uuid' => $m->uuid,
|
|
'parent_entity' => $entity, 'parent_id' => $m->mediable_id,
|
|
'url' => $m->url, 'name' => $m->name, 'file_type' => $m->file_type,
|
|
'category' => $m->category, 'updated_at' => $m->updated_at?->toIso8601String(),
|
|
];
|
|
}
|
|
}
|
|
|