funzioni addizionali per gestione amici

code/app/Http/Controllers/GasController.php

@@ -229,41 +229,22 @@ private function configImports($gas, $request)
 
     private function configRoles($gas, $request)
     {
-        $conf = (object) [
-            'user' => $request->input('roles->user'),
-        ];
+        $role_service = app()->make('RolesService');
 
-		if ($request->has('roles->friend')) {
-			$conf->friend = $request->input('roles->friend');
+        if ($request->has('roles->user')) {
+            $role = $request->input('roles->user');
+            $role_service->setMasterRole($gas, 'user', $role);
 		}
-		else {
-			$conf->friend = $gas->roles['friend'];
+
+		if ($request->has('roles->friend')) {
+            $role = $request->input('roles->friend');
+            $role_service->setMasterRole($gas, 'friend', $role);
 		}
 
 		if ($request->has('roles->multigas')) {
-			$conf->multigas = $request->input('roles->multigas');
+			$role = $request->input('roles->multigas');
+            $role_service->setMasterRole($gas, 'multigas', $role);
 		}
-		else {
-			$conf->multigas = $gas->roles['multigas'];
-		}
-
-        $old_friend_role = $gas->roles['friend'];
-        $update_users = ($conf->friend != $old_friend_role);
-
-        $gas->setConfig('roles', $conf);
-
-        /*
-            Se il ruolo "amico" viene cambiato, cambio effettivamente
-            gli utenti coinvolti
-        */
-        if ($update_users) {
-            $friends = User::whereNotNull('parent_id')->get();
-
-            foreach($friends as $friend) {
-                $friend->removeRole($old_friend_role, $gas);
-                $friend->addRole($conf->friend, $gas);
-            }
-        }
     }
 
     public function update(Request $request, $id)

code/app/Http/Controllers/UsersController.php

@@ -50,13 +50,29 @@ public function blocked(Request $request)
     public function revisioned(Request $request, $id)
     {
         return $this->easyExecute(function() use ($id, $request) {
-            $user = $request->user();
             $status = $request->input('action');
             $this->service->revisioned($id, $status == 'approve');
             return $this->successResponse(['action' => $status]);
         });
     }
 
+    public function promote(Request $request, $id)
+    {
+        return $this->easyExecute(function() use ($id, $request) {
+            $subject = $this->service->promoteFriend($id);
+            return $this->commonSuccessResponse($subject);
+        });
+    }
+
+    public function reassign(Request $request, $id)
+    {
+        return $this->easyExecute(function() use ($id, $request) {
+            $new_parent = $request->input('parent_id');
+            $this->service->reassignFriend($id, $new_parent);
+            return $this->successResponse();
+        });
+    }
+
     public function search(Request $request)
     {
         return $this->easyExecute(function() use ($request) {
@@ -252,8 +268,16 @@ private function testInternalFunctionsAccess($requester, $target, $type)
         $admin_editable = $requester->can('users.admin', $target->gas);
         $access = ($admin_editable || $requester->id == $target->id || $target->parent_id == $requester->id);
 
-        if ($access == false && $type == 'accounting') {
-            $access = $requester->can('movements.admin', $target->gas) || $requester->can('movements.view', $target->gas);
+        if ($access == false) {
+            switch($type) {
+                case 'accounting':
+                    $access = $requester->can('movements.admin', $target->gas) || $requester->can('movements.view', $target->gas);
+                    break;
+
+                case 'friends':
+                    $access = $target->can('users.subusers', $target->gas);
+                    break;
+            }
         }
 
         if ($access == false) {
@@ -289,6 +313,15 @@ public function accounting(Request $request, $id)
         });
     }
 
+    public function friends(Request $request, $id)
+    {
+        return $this->easyExecute(function() use ($request, $id) {
+            $user = $this->service->show($id);
+            $this->testInternalFunctionsAccess($request->user(), $user, 'friends');
+            return view('user.friends', ['user' => $user]);
+        });
+    }
+
     private function toJQueryAutocompletionFormat($users)
     {
         $ret = [];

code/app/Services/RolesService.php

@@ -46,6 +46,36 @@ public function destroy($id)
 		return $role;
 	}
 
+	public function setMasterRole($gas, $identifier, $role_id)
+	{
+		$this->ensureAuth(['gas.permissions' => 'gas']);
+
+		$conf = $gas->roles;
+
+		if ($identifier == 'friend') {
+			$old_friend_role = $conf['friend'];
+		}
+		else {
+			$old_friend_role = null;
+		}
+
+		$conf[$identifier] = $role_id;
+		$gas->setConfig('roles', $conf);
+
+		/*
+            Se il ruolo "amico" viene cambiato, cambio effettivamente gli utenti
+			coinvolti
+        */
+		if ($old_friend_role) {
+            $friends = User::whereNotNull('parent_id')->get();
+
+            foreach($friends as $friend) {
+                $friend->removeRole($old_friend_role, $gas);
+                $friend->addRole($conf['friend'], $gas);
+            }
+        }
+	}
+
 	/*
 		Nota bene: le funzioni per assegnare o revocare un ruolo devono
 		funzionare a prescindere dal permesso gas.permissions, almeno sui ruoli
@@ -61,11 +91,17 @@ private function checkAccessToRole($role_id)
 
 		if ($managed_roles === false) {
 			/*
-				Se il ruolo desiderato non è tra quelli gestibili
-				gerarchicamente, occorre avere il permesso globale per alterare
-				tutti i permessi
+				Se il ruolo desiderato è uno di quelli base "utente" e "amico"
+				basta il permesso di gestione degli utenti, in quanto
+				l'amministratore degli utenti deve poter intervenire (in
+				particolare sugli amici)
 			*/
-			$this->ensureAuth(['gas.permissions' => 'gas']);
+			if ((isset($user->gas->roles['friend']) && $role_id == $user->gas->roles['friend']) || (isset($user->gas->roles['user']) && $role_id == $user->gas->roles['user'])) {
+				$this->ensureAuth(['users.admin' => 'gas']);
+			}
+			else {
+				$this->ensureAuth(['gas.permissions' => 'gas']);
+			}
 		}
 	}
 

code/app/Services/UsersService.php

@@ -10,6 +10,7 @@
 use DB;
 use Hash;
 
+use App\Exceptions\IllegalArgumentException;
 use App\Notifications\ApprovedMessage;
 use App\Notifications\DeclinedMessage;
 use App\User;
@@ -283,6 +284,48 @@ public function revisioned($id, $approved)
         DB::commit();
     }
 
+    public function promoteFriend($id)
+    {
+        $admin = $this->ensureAuth(['users.admin' => 'gas']);
+
+        $roles = app()->make('RolesService');
+        $friend_role = $admin->gas->roles['friend'];
+        $user_role = $admin->gas->roles['user'];
+
+        $roles->detachUser($id, $friend_role, null);
+        $roles->attachUser($id, $user_role, null);
+
+        $user = $this->show($id);
+        $user->parent_id = null;
+        $user->save();
+
+        return $user;
+    }
+
+    public function reassignFriend($user_id, $parent_id)
+    {
+        $this->ensureAuth(['users.admin' => 'gas']);
+
+        if ($parent_id == $user_id) {
+            throw new IllegalArgumentException(_i('Un utente non può essere amico di sé stesso'), 1);
+        }
+
+        $parent = $this->show($parent_id);
+        if ($parent->can('users.subusers') == false) {
+            throw new IllegalArgumentException(_i("Il nuovo utente assegnatario non può gestire amici"), 1);
+        }
+
+        $user = $this->show($user_id);
+        if ($user->isFriend() == false) {
+            throw new IllegalArgumentException(_i('Un utente regolare non può essere retrocesso ad amico'), 1);
+        }
+
+        $user->parent_id = $parent->id;
+        $user->save();
+
+        return $user;
+    }
+
     public function picture($id)
     {
         $user = $this->show($id);

code/package.json

@@ -27,7 +27,7 @@
     "bootstrap-validator": "^0.11.9",
     "chartist": "^1.3",
     "continous-calendar": "^0.1.1",
-    "jbob": "^0.2.6",
+    "jbob": "^0.3.0",
     "jquery": "^3.7.1",
     "jquery-ui": "^1.13.2",
     "jquery-ui-touch-punch": "^0.2.3",

code/public/mix-manifest.json

@@ -1,4 +1,4 @@
 {
-    "/js/gasdotto.js": "/js/gasdotto.js?id=8578a3b3969ae0f4dcd83e17df063e3a",
-    "/css/gasdotto.css": "/css/gasdotto.css?id=1319b6248551694a7cc664f14b15fa9c"
+    "/js/gasdotto.js": "/js/gasdotto.js?id=239af269c96d1f43a9966f2b7bc477dd",
+    "/css/gasdotto.css": "/css/gasdotto.css?id=997e46c44b439912f20b9c87e677eb7b"
 }

code/resources/assets/js/gasdotto.js

@@ -62,6 +62,10 @@ function generalInit(container) {
         container = $('body');
     }
 
+	$('[data-bs-toggle]', container).click(function(e) {
+        e.preventDefault();
+    });
+
     $('.nav-tabs a', container).click(function(e) {
         e.preventDefault();
         $(this).tab('show');

code/resources/assets/js/lists.js

@@ -136,7 +136,7 @@ class Lists {
     {
         var node = Lists.listRow(list, data.id, data.url, data.header);
         list.append(node);
-        utils.j().handleAsyncAccordion(node);
+        utils.j().initElements(list);
         Lists.afterListChanges(list);
 
         if (open) {

code/resources/assets/sass/gasdotto.scss

@@ -601,11 +601,6 @@ i[class^='bi-hidden-'] {
     .accordion-item {
         &:not(:first-of-type) {
             border-top: 1px solid rgba(0, 0, 0, 0.125);
-            border-bottom: 0;
-        }
-
-        &:last-of-type {
-            border-bottom: 1px solid rgba(0, 0, 0, 0.125);
         }
     }
 
@@ -622,6 +617,8 @@ i[class^='bi-hidden-'] {
     }
 
     .accordion-header {
+        font-size: 2rem;
+
         &:hover {
             background-color: $accordion-button-active-bg;
         }

code/resources/views/user/edit.blade.php

@@ -17,6 +17,17 @@
 $has_friends = $editable && $user->can('users.subusers');
 $has_notifications = $user->isFriend() == false && $editable && ($currentgas->getConfig('notify_all_new_orders') == false);
 
+$friend_admin_buttons = [];
+if ($user->isFriend() && $admin_editable) {
+    $friend_admin_buttons = [
+        [
+            'label' => _i('Modifica Amico'),
+            'classes' => ['float-start'],
+            'attributes' => ['data-bs-toggle' => 'modal', 'data-bs-target' => '#change_friend_' . $user->id]
+        ]
+    ];
+}
+
 ?>
 
 <x-larastrap::tabs>
@@ -41,7 +52,7 @@
             @endif
         @endif
 
-        <x-larastrap::mform :obj="$user" method="PUT" :action="route('users.update', $user->id)" :classes="$display_page ? 'inner-form' : ''" :nodelete="$display_page || $user->isFriend() == false" :nosave="$readonly">
+        <x-larastrap::mform :obj="$user" method="PUT" :action="route('users.update', $user->id)" :classes="$display_page ? 'inner-form' : ''" :nodelete="$display_page || $user->isFriend() == false" :nosave="$readonly" :other_buttons="$friend_admin_buttons">
             <div class="row">
                 <div class="col-12 col-md-6">
                     @if($user->isFriend() == false)
@@ -140,6 +151,38 @@
 
             <hr/>
         </x-larastrap::mform>
+
+        @if($user->isFriend() && $admin_editable)
+            @push('postponed')
+                <x-larastrap::modal :id="sprintf('change_friend_%s', $user->id)">
+                    <x-larastrap::accordion>
+                        <x-larastrap::accordionitem :label="_i('Promuovi a utente regolare')" active="false">
+                            <x-larastrap::mform :action="route('users.promote', $user->id)" keep_buttons="true" nodelete="true">
+                                <x-larastrap::hidden name="close-modal" value="1" />
+                                <x-larastrap::hidden name="reload-portion" :value="sprintf('#friends-tab-%s', $user->parent_id)" />
+                                <x-larastrap::hidden name="append-list" value="user-list" />
+
+                                <p>
+                                    {{ _i('Cliccando "Salva", questo utente diventerà un utente regolare. Gli sarà assegnato il ruolo %s, avrà una propria contabilità, e non potrà più essere amministrato da %s. Sarà preservato lo storico delle sue prenotazioni, ma tutti i suoi pagamenti pregressi resteranno addebitati a %s.', roleByIdentifier('user')->name, $user->parent->printableName(), $user->parent->printableName()) }}
+                                </p>
+                            </x-larastrap::mform>
+                        </x-larastrap::accordionitem>
+                        <x-larastrap::accordionitem :label="_i('Cambia assegnazione')" active="false">
+                            <x-larastrap::mform :action="route('users.reassign', $user->id)" keep_buttons="true" nodelete="true">
+                                <x-larastrap::hidden name="close-modal" value="1" />
+                                <x-larastrap::hidden name="reload-portion" :value="sprintf('#friends-tab-%s', $user->parent_id)" />
+
+                                <p>
+                                    {{ _i('Da qui è possibile riassegnare un amico ad un altro utente. Tutti i pagamenti pregressi resteranno addebitati a %s.', $user->parent->printableName()) }}
+                                </p>
+
+                                <x-larastrap::selectobj :label="_i('Nuovo assegnatario')" name="parent_id" :options="App\User::where('id', '!=', $user->parent_id)->topLevel()->sorted()->get()->filter(fn($u) => $u->can('users.subusers'))" />
+                            </x-larastrap::mform>
+                        </x-larastrap::accordionitem>
+                    </x-larastrap::accordion>
+                </x-larastrap::modal>
+            @endpush
+        @endif
     </x-larastrap::tabpane>
 
     @if($has_accounting)
@@ -158,35 +201,8 @@
     @endif
 
     @if($has_friends)
-        <x-larastrap::tabpane :id="sprintf('friends-%s', sanitizeId($user->id))" :label="_i('Amici')" icon="bi-person-add">
-            <div class="row">
-                <div class="col">
-                    @include('commons.addingbutton', [
-                        'user' => null,
-                        'template' => 'friend.base-edit',
-                        'typename' => 'friend',
-                        'typename_readable' => _i('Amico'),
-                        'targeturl' => 'friends',
-                        'extra' => [
-                            'creator_id' => $user->id,
-                        ]
-                    ])
-                </div>
-            </div>
-
-            <hr>
-
-            <div class="row">
-                <div class="col">
-                    @include('commons.loadablelist', [
-                        'identifier' => 'friend-list',
-                        'items' => $user->friends,
-                        'empty_message' => _i('Aggiungi le informazioni relative agli amici per i quali vuoi creare delle sotto-prenotazioni. Ogni singola prenotazione sarà autonoma, ma trattata come una sola in fase di consegna. Ogni amico può anche avere delle proprie credenziali di accesso, per entrare in GASdotto e popolare da sé le proprie prenotazioni.'),
-                        'url' => 'users'
-                    ])
-                </div>
-            </div>
-        </x-larastrap::tabpane>
+        <x-larastrap::remotetabpane :id="sprintf('friends-%s', sanitizeId($user->id))" :label="_i('Amici')" :button_attributes="['id' => sprintf('friends-tab-%s', sanitizeId($user->id)), 'data-tab-url' => route('users.friends', $user->id)]" icon="bi-person-add">
+        </x-larastrap::remotetabpane>
     @endif
 
     @if($has_notifications)