javier/investbrain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat:adds ability to share portfolios

Browse Source 
also includes basic permissions and authorization
This commit is contained in:
hackerESQ
2024-10-21 22:23:20 -05:00
parent 63c4c1c228
commit f93bfad3ce
18 changed files with 375 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Imports/ValidatesPortfolioPermissions.php
+5 -1
View File
@@ -3,6 +3,7 @@
namespace App\Imports; namespace App\Imports;
use Exception; use Exception;
use App\Models\Portfolio;
trait ValidatesPortfolioPermissions { trait ValidatesPortfolioPermissions {
@@ -12,7 +13,10 @@ trait ValidatesPortfolioPermissions {
$collection->pluck('portfolio_id')->unique()->each(function($portfolio) use ($portfolios) { $collection->pluck('portfolio_id')->unique()->each(function($portfolio) use ($portfolios) {
if (!$portfolios->contains($portfolio)) { if (
!$portfolios->contains($portfolio)
|| auth()->user()->cannot('fullAccess', Portfolio::find($portfolio))
) {
throw new Exception('You do not have permission to access that portfolio.'); throw new Exception('You do not have permission to access that portfolio.');
} }
app/Models/Portfolio.php
+15 -13
View File
@@ -26,9 +26,9 @@ class Portfolio extends Model
{ {
parent::boot(); parent::boot();
static::saved(function ($model) { static::saved(function ($portfolio) {
self::syncUsers($model); self::ensurePortfolioHasOwner($portfolio);
}); });
} }
@@ -42,7 +42,7 @@ class Portfolio extends Model
public function users() public function users()
{ {
return $this->belongsToMany(User::class)->withPivot('owner'); return $this->belongsToMany(User::class)->withPivot(['owner', 'full_access', 'invite_accepted_at']);
} }
public function holdings() public function holdings()
@@ -76,21 +76,23 @@ class Portfolio extends Model
public function getOwnerIdAttribute() public function getOwnerIdAttribute()
{ {
return $this->users()->firstWhere('owner', 1)?->id; return $this->owner?->id;
} }
public static function syncUsers(self $model) public function getOwnerAttribute()
{
return $this->users()->firstWhere('owner', 1);
}
public static function ensurePortfolioHasOwner(self $portfolio)
{ {
// make sure we don't remove owner access // make sure we don't remove owner access
$user_id[$model->owner_id ?? auth()->user()->id] = ['owner' => true]; if (!$portfolio->owner_id) {
$users[auth()->user()->id] = ['owner' => true];
// // add other users // save
// foreach(request()->users ?? [] as $id) { $portfolio->users()->sync($users);
// $user_id[$id] = ['owner' => false]; }
// };
// save
$model->users()->sync($user_id);
} }
public function syncDailyChanges(): void public function syncDailyChanges(): void
app/Models/User.php
+1 -1
View File
@@ -52,7 +52,7 @@ class User extends Authenticatable implements MustVerifyEmail
public function portfolios() public function portfolios()
{ {
return $this->belongsToMany(Portfolio::class)->withPivot('owner'); return $this->belongsToMany(Portfolio::class)->withPivot(['owner', 'full_access', 'invite_accepted_at']);
} }
public function daily_changes() public function daily_changes()
app/Policies/PortfolioPolicy.php
+40
View File
@@ -0,0 +1,40 @@
<?php
namespace App\Policies;
use App\Models\User;
use App\Models\Portfolio;
class PortfolioPolicy
{
/**
*
*/
public function readOnly(User $user, Portfolio $portfolio)
{
$pivot = $portfolio->users()->where('user_id', $user->id)->first();
return $pivot;
}
/**
*
*/
public function fullAccess(User $user, Portfolio $portfolio)
{
$pivot = $portfolio->users()->where('user_id', $user->id)->first();
return $pivot && ($pivot->pivot->full_access || $pivot->pivot->owner);
}
/**
*
*/
public function owner(User $user, Portfolio $portfolio)
{
$pivot = $portfolio->users()->where('user_id', $user->id)->first();
return $pivot && $pivot->pivot->owner;
}
}
database/migrations/2021_01_30_112537_create_portfolio_users_table.php
+2 -1
View File
@@ -19,7 +19,8 @@ return new class extends Migration
$table->foreignIdFor(Portfolio::class, 'portfolio_id')->constrained()->onDelete('cascade'); $table->foreignIdFor(Portfolio::class, 'portfolio_id')->constrained()->onDelete('cascade');
$table->foreignIdFor(User::class, 'user_id')->constrained()->onDelete('cascade'); $table->foreignIdFor(User::class, 'user_id')->constrained()->onDelete('cascade');
$table->boolean('owner')->default(false); $table->boolean('owner')->default(false);
$table->boolean('write')->default(false); $table->boolean('full_access')->default(false);
$table->datetime('invite_accepted_at')->nullable();
$table->primary(['portfolio_id', 'user_id']); $table->primary(['portfolio_id', 'user_id']);
}); });
} }
database/migrations/2024_10_21_155635_update_shared_columns.php
+32
View File
@@ -0,0 +1,32 @@
<?php
use App\Models\User;
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::table('portfolio_users', function (Blueprint $table) {
$table->renameColumn('write', 'full_access');
$table->datetime('invite_accepted_at')->nullable();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
}
};
lang/en.json
+17 -1
View File
@@ -18,6 +18,7 @@
"or": "or", "or": "or",
"and": "and", "and": "and",
"Yes": "Yes", "Yes": "Yes",
"you": "you",
"Nothing to show here yet": "Nothing to show here yet", "Nothing to show here yet": "Nothing to show here yet",
"Hang on! You're doing that too much.": "Hang on! You're doing that too much.", "Hang on! You're doing that too much.": "Hang on! You're doing that too much.",
@@ -334,5 +335,20 @@
"auth.failed": "These credentials do not match our records.", "auth.failed": "These credentials do not match our records.",
"auth.password": "The provided password is incorrect.", "auth.password": "The provided password is incorrect.",
"auth.throttle": "Too many login attempts. Please try again in :seconds seconds." "auth.throttle": "Too many login attempts. Please try again in :seconds seconds.",
"Add people": "Add people",
"People with access": "People with access",
"Owner": "Owner",
"Read only": "Read only",
"Full access": "Full access",
"You do not have permission to manage transactions for this portfolio": "You do not have permission to manage transactions for this portfolio",
"Updated user's access permission to portfolio": "Updated user's access permission to portfolio",
"Removed user's access to portfolio": "Removed user's access to portfolio",
"Shared portfolio with user": "Shared portfolio with user",
"Share Portfolio": "Share Portfolio",
"Type an email address to share portfolio": "Type an email address to share portfolio",
"Grant full access": "Grant full access",
"Allow this user to manage portfolio details and create or update transactions": "Allow this user to manage portfolio details and create or update transactions",
"Share": "Share"
} }
lang/es.json
+17 -1
View File
@@ -18,6 +18,7 @@
"or": "o", "or": "o",
"and": "y", "and": "y",
"Yes": "Sí", "Yes": "Sí",
"you": "tú",
"Nothing to show here yet": "No hay nada que mostrar aquí todavía", "Nothing to show here yet": "No hay nada que mostrar aquí todavía",
"Hang on! You're doing that too much.": "¡Por favor espere un momento!", "Hang on! You're doing that too much.": "¡Por favor espere un momento!",
@@ -334,5 +335,20 @@
"auth.failed": "Estas credenciales no coinciden con nuestros registros.", "auth.failed": "Estas credenciales no coinciden con nuestros registros.",
"auth.password": "La contraseña es incorrecta.", "auth.password": "La contraseña es incorrecta.",
"auth.throttle": "Demasiados intentos de acceso. Por favor intente nuevamente en :seconds segundos." "auth.throttle": "Demasiados intentos de acceso. Por favor intente nuevamente en :seconds segundos.",
"Add people": "Agregar personas",
"People with access": "Personas con acceso",
"Read only": "Sólo lectura",
"Full access": "Acceso completo",
"Owner": "Dueño",
"You do not have permission to manage transactions for this portfolio": "No tienes permisos para administrar transacciones",
"Updated user's access permission to portfolio": "Se actualizó el permiso de acceso del usuario al portafolio",
"Removed user's access to portfolio": "Se eliminó el acceso del usuario al portafolio",
"Shared portfolio with user": "Portafolio compartido con usuario",
"Share Portfolio": "Compartir portafolio",
"Type an email address to share portfolio": "Escribe una dirección de correo electrónico para compartir portafolio",
"Grant full access": "Otorgar acceso completo",
"Allow this user to manage portfolio details and create or update transactions": "Permitir a este usuario administrar detalles de portafolio y crear o actualizar transacciones",
"Share": "Compartir"
} }
resources/views/components/ib-drawer.blade.php
+1 -1
View File
@@ -24,7 +24,7 @@
<x-card <x-card
{{ $attributes->merge(['class' => 'min-h-screen w-11/12 lg:w-1/3 rounded-none px-8 transition']) }} {{ $attributes->merge(['class' => 'min-h-screen w-5/6 xl:w-3/5 rounded-none px-8 transition']) }}
> >
@if($title) @if($title)
<x-slot:title> <x-slot:title>
resources/views/components/ib-form.blade.php
+1 -1
View File
@@ -11,7 +11,7 @@
@if ($actions) @if ($actions)
@if(!$noSeparator) @if(!$noSeparator)
<hr class="my-3" /> <x-section-border class="my-3" />
@endif @endif
<div class="flex justify-between gap-3"> <div class="flex justify-between gap-3">
resources/views/components/section-border.blade.php
+1 -1
View File
@@ -1,5 +1,5 @@
<div {{ $attributes->class(['py-6' => !$attributes->has('class'), 'h-4 sm:h-auto' => $attributes->has('hide-on-mobile')]) }}> <div {{ $attributes->class(['my-6' => !$attributes->has('class'), 'h-4 sm:h-auto' => $attributes->has('hide-on-mobile')]) }}>
<hr class="{{ $attributes->has('hide-on-mobile') ? 'hidden sm:block' : '' }} border-t border-gray-200 dark:border-gray-700" /> <hr class="{{ $attributes->has('hide-on-mobile') ? 'hidden sm:block' : '' }} border-t border-gray-200 dark:border-gray-700" />
</div> </div>
resources/views/holding/show.blade.php
+9 -7
View File
@@ -30,22 +30,24 @@
</x-slot:title> </x-slot:title>
@can('fullAccess', $portfolio)
<x-button <x-button
title="{{ __('Holding options') }}" title="{{ __('Holding options') }}"
icon="o-pencil" icon="o-pencil"
class="btn-circle btn-ghost btn-sm text-secondary" class="btn-circle btn-ghost btn-sm text-secondary"
@click="$dispatch('toggle-holding-options')" @click="$dispatch('toggle-holding-options')"
/> />
@endcan
<x-ib-flex-spacer /> <x-ib-flex-spacer />
<div> @can('fullAccess', $portfolio)
<x-button <x-button
label="{{ __('Create Transaction') }}" label="{{ __('Create Transaction') }}"
class="btn-sm btn-primary whitespace-nowrap" class="btn-sm btn-primary whitespace-nowrap"
@click="$dispatch('toggle-create-transaction')" @click="$dispatch('toggle-create-transaction')"
/> />
</div> @endcan
</x-ib-toolbar> </x-ib-toolbar>
<div class="mt-6 grid md:grid-cols-9 gap-5"> <div class="mt-6 grid md:grid-cols-9 gap-5">
resources/views/livewire/manage-portfolio-form.blade.php
+10 -5
View File
@@ -27,7 +27,6 @@ new class extends Component {
// methods // methods
public function mount() public function mount()
{ {
if (isset($this->portfolio)) { if (isset($this->portfolio)) {
$this->title = $this->portfolio->title; $this->title = $this->portfolio->title;
@@ -38,8 +37,9 @@ new class extends Component {
public function update() public function update()
{ {
$this->authorize('fullAccess', $this->portfolio);
$this->portfolio->update($this->validate()); $this->portfolio->update($this->validate());
// $this->portfolio->owner_id = auth()->user()->id;
$this->portfolio->save(); $this->portfolio->save();
$this->success(__('Portfolio updated'), redirectTo: "/portfolio/{$this->portfolio->id}"); $this->success(__('Portfolio updated'), redirectTo: "/portfolio/{$this->portfolio->id}");
@@ -47,8 +47,10 @@ new class extends Component {
public function save() public function save()
{ {
$this->authorize('fullAccess', $this->portfolio);
$portfolio = (new Portfolio())->fill($this->validate()); $portfolio = (new Portfolio())->fill($this->validate());
// $portfolio->owner_id = auth()->user()->id;
$portfolio->save(); $portfolio->save();
$this->success(__('Portfolio created'), redirectTo: "/portfolio/{$portfolio->id}"); $this->success(__('Portfolio created'), redirectTo: "/portfolio/{$portfolio->id}");
@@ -56,6 +58,7 @@ new class extends Component {
public function delete() public function delete()
{ {
$this->authorize('fullAccess', $this->portfolio);
$this->portfolio->delete(); $this->portfolio->delete();
@@ -67,9 +70,11 @@ new class extends Component {
<x-ib-form wire:submit="{{ $portfolio ? 'update' : 'save' }}" class="col-span-3"> <x-ib-form wire:submit="{{ $portfolio ? 'update' : 'save' }}" class="col-span-3">
<x-input label="{{ __('Title') }}" wire:model="title" required /> <x-input label="{{ __('Title') }}" wire:model="title" required />
<x-textarea label="{{ __('Notes') }}" wire:model="notes" rows="5" /> <x-textarea label="{{ __('Notes') }}" wire:model="notes" rows="4" />
<x-toggle label="{{ __('Wishlist') }}" wire:model="wishlist"> @livewire('share-portfolio-form', ['portfolio' => $portfolio])
<x-toggle class="mt-1" label="{{ __('Wishlist') }}" wire:model="wishlist" >
<x-slot:hint> <x-slot:hint>
{{ __('Treat this portfolio as a "wishlist" (holdings will be excluded from realized gains, unrealized gains, and dividends)') }} {{ __('Treat this portfolio as a "wishlist" (holdings will be excluded from realized gains, unrealized gains, and dividends)') }}
</x-slot:hint> </x-slot:hint>
resources/views/livewire/manage-transaction-form.blade.php
+4 -1
View File
@@ -30,7 +30,6 @@ new class extends Component {
// methods // methods
public function rules() public function rules()
{ {
return [ return [
'symbol' => ['required', 'string', new SymbolValidationRule], 'symbol' => ['required', 'string', new SymbolValidationRule],
'transaction_type' => 'required|string|in:BUY,SELL', 'transaction_type' => 'required|string|in:BUY,SELL',
@@ -68,6 +67,7 @@ new class extends Component {
public function update() public function update()
{ {
$this->authorize('fullAccess', $this->portfolio);
$this->transaction->update($this->validate()); $this->transaction->update($this->validate());
// $this->transaction->owner_id = auth()->user()->id; // $this->transaction->owner_id = auth()->user()->id;
@@ -81,6 +81,8 @@ new class extends Component {
public function save() public function save()
{ {
$this->authorize('fullAccess', $this->portfolio);
$validated = $this->validate(); $validated = $this->validate();
if (!isset($this->portfolio)) { if (!isset($this->portfolio)) {
@@ -97,6 +99,7 @@ new class extends Component {
public function delete() public function delete()
{ {
$this->authorize('fullAccess', $this->portfolio);
$this->transaction->delete(); $this->transaction->delete();
resources/views/livewire/share-portfolio-form.blade.php
+208
View File
@@ -0,0 +1,208 @@
<?php
use App\Models\Portfolio;
use App\Models\User;
use Livewire\Attributes\Rule;
use Livewire\Volt\Component;
use Illuminate\Support\Collection;
use Mary\Traits\Toast;
new class extends Component {
use Toast;
// props
public ?Portfolio $portfolio = null;
#[Rule('required|string|email')]
public string $emailAddress;
#[Rule('sometimes|boolean')]
public bool $fullAccess = false;
public array $permissions;
// methods
public function mount()
{
if (!$this->portfolio) {
$this->permissions = [
auth()->user()->id => [
'owner' => true,
'full_access' => false
]
];
} else {
$this->permissions = collect($this->portfolio->users)->mapWithKeys(function ($user) {
return [
$user->id => [
'owner' => $user->pivot->owner ?? 0,
'full_access' => $user->pivot->full_access ?? 0
]
];
})->toArray();
}
}
public function updatedPermissions()
{
$this->authorize('fullAccess', $this->portfolio);
$this->portfolio->users()->sync($this->permissions);
$this->portfolio->refresh();
$this->success(__('Updated user\'s access permission to portfolio'));
}
public function deleteUser(string $userId)
{
$this->authorize('fullAccess', $this->portfolio);
unset($this->permissions[$userId]);
$this->portfolio->users()->sync($this->permissions);
$this->portfolio->refresh();
$this->success(__('Removed user\'s access to portfolio'));
}
public function addUser()
{
$this->authorize('fullAccess', $this->portfolio);
$this->validate();
$user = User::firstOrCreate([
'email' => $this->emailAddress
], [
'name' => Str::title(Str::before($this->emailAddress, '@'))
]);
$this->permissions[$user->id] = [
'full_access' => $this->fullAccess
];
$this->portfolio->users()->sync($this->permissions);
$this->success(__('Shared portfolio with user'));
$this->portfolio->refresh();
$this->dispatch('toggle-add-user-modal');
$this->emailAddress = '';
$this->fullAccess = false;
}
}; ?>
<div class="">
@if ($this->portfolio)
<label class="pt-0 label label-text font-semibold">
<span>{{ __('People with access') }}</span>
</label>
<div class="border-primary border rounded-sm px-2 py-5 mb-2">
@php
$owner = collect($this->portfolio?->users)->where('pivot.owner', 1)->first() ?? auth()->user();
@endphp
<x-list-item
:item="$owner"
avatar="profile_photo_url"
no-separator
no-hover
class="!-my-2 rounded"
>
<x-slot:value>
{{ $owner->name }}
@if (auth()->user()->id == $owner->id)
({{ __('you') }})
@endif
</x-slot:value>
<x-slot:sub-value>
{{ __('Owner') }}
</x-slot:sub-value>
</x-list-item>
@foreach (collect($this->portfolio?->users)->where('pivot.owner', '!=', 1) as $user)
<x-list-item
:item="$user"
avatar="profile_photo_url"
value="name"
no-separator
class="!-my-2 rounded"
x-data="{ loading: false, timeout: null }"
>
<x-slot:sub-value>
{{ $user->email }}
</x-slot:sub-value>
<x-slot:actions>
<x-select
class="select select-ghost border-none focus:outline-none focus:ring-0"
:options="[['id' => 0, 'name' => __('Read only')], ['id' => 1, 'name' => __('Full access')]]"
wire:model.live.number="permissions.{{ $user->id }}.full_access"
/>
<x-button
class="btn-sm btn-ghost btn-circle"
wire:click="deleteUser('{{ $user->id }}')"
spinner="deleteUser"
>
<x-icon name="o-x-mark" class="w-4" />
</x-button>
</x-slot:actions>
</x-list-item>
@endforeach
<x-ib-modal
key="add-user-modal"
title="{{ __('Share Portfolio') }}"
>
<div class="" x-data="{ }">
<x-ib-form wire:submit="addUser" class="">
<x-input
label="Email"
icon="o-envelope"
placeholder="{{ __('Type an email address to share portfolio') }}"
wire:model="emailAddress"
/>
<x-toggle
class="mt-2"
label="{{ __('Grant full access') }}"
wire:model="fullAccess"
hint="{{ __('Allow this user to manage portfolio details and create or update transactions') }}"
right
/>
<x-slot:actions>
<x-button
label="{{ __('Share') }}"
title="{{ __('Share Portfolio') }}"
type="submit"
icon="o-paper-airplane"
class="btn-primary"
spinner="addUser"
/>
</x-slot:actions>
</x-ib-form>
</div>
</x-ib-modal>
<x-button class="btn-sm block mt-4" @click="$dispatch('toggle-add-user-modal')">
{{ __('Add people') }}
</x-button>
</div>
@endif
</div>
resources/views/livewire/transactions-list.blade.php
+8
View File
@@ -4,9 +4,12 @@ use App\Models\Portfolio;
use App\Models\Transaction; use App\Models\Transaction;
use Illuminate\Support\Collection; use Illuminate\Support\Collection;
use Livewire\Volt\Component; use Livewire\Volt\Component;
use Mary\Traits\Toast;
new class extends Component { new class extends Component {
use Toast;
// props // props
public Collection $transactions; public Collection $transactions;
public ?Portfolio $portfolio; public ?Portfolio $portfolio;
@@ -21,6 +24,11 @@ new class extends Component {
// methods // methods
public function showTransactionDialog($transactionId) public function showTransactionDialog($transactionId)
{ {
if (!auth()->user()->can('fullAccess', $this->portfolio)) {
$this->error(__('You do not have permission to manage transactions for this portfolio'));
return;
}
$this->editingTransaction = Transaction::findOrFail($transactionId); $this->editingTransaction = Transaction::findOrFail($transactionId);
$this->dispatch('toggle-manage-transaction'); $this->dispatch('toggle-manage-transaction');
} }
resources/views/livewire/transactions-table.blade.php
-7
View File
@@ -29,12 +29,6 @@ new class extends Component {
return $this->redirect(route('holding.show', ['portfolio' => $holding['portfolio_id'], 'symbol' => $holding['symbol']])); return $this->redirect(route('holding.show', ['portfolio' => $holding['portfolio_id'], 'symbol' => $holding['symbol']]));
} }
// public function showTransactionDialog($transactionId)
// {
// $this->editingTransaction = Transaction::findOrFail($transactionId);
// $this->dispatch('toggle-manage-transaction');
// }
public function mount() public function mount()
{ {
$this->headers = [ $this->headers = [
@@ -69,7 +63,6 @@ new class extends Component {
x-data="{ loadingId: null, timeout: null }" x-data="{ loadingId: null, timeout: null }"
@row-click=" @row-click="
timeout = setTimeout(() => { loadingId = $event.detail.id }, 200); timeout = setTimeout(() => { loadingId = $event.detail.id }, 200);
{{-- $wire.showTransactionDialog($event.detail.id).then(() => { --}}
$wire.goToHolding($event.detail).then(() => { $wire.goToHolding($event.detail).then(() => {
clearTimeout(timeout); clearTimeout(timeout);
loadingId = null; loadingId = null;
resources/views/portfolio/show.blade.php
+4
View File
@@ -28,15 +28,18 @@
<x-badge value="{{ __('Wishlist') }}" class="badge-secondary mr-3" /> <x-badge value="{{ __('Wishlist') }}" class="badge-secondary mr-3" />
@endif @endif
@can('fullAccess', $portfolio)
<x-button <x-button
title="{{ __('Manage Portfolio') }}" title="{{ __('Manage Portfolio') }}"
icon="o-pencil" icon="o-pencil"
class="btn-circle btn-ghost btn-sm text-secondary" class="btn-circle btn-ghost btn-sm text-secondary"
@click="$dispatch('toggle-manage-portfolio')" @click="$dispatch('toggle-manage-portfolio')"
/> />
@endcan
<x-ib-flex-spacer /> <x-ib-flex-spacer />
@can('fullAccess', $portfolio)
<div> <div>
<x-button <x-button
label="{{ __('Create Transaction') }}" label="{{ __('Create Transaction') }}"
@@ -44,6 +47,7 @@
@click="$dispatch('toggle-create-transaction')" @click="$dispatch('toggle-create-transaction')"
/> />
</div> </div>
@endcan
</x-ib-toolbar> </x-ib-toolbar>
@livewire('portfolio-performance-chart', [ @livewire('portfolio-performance-chart', [