Merge remote-tracking branch 'origin/dev' into dev

app/Http/Controllers/API/UserController.php

@@ -3,11 +3,13 @@
 namespace App\Http\Controllers\API;
 
 use App\Http\Controllers\Controller;
+use App\Http\Requests\API\User\CreateOrUpdateRequest;
 use App\Http\Resources\API\UserInfoResource;
 use App\Models\Role;
 use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
 
 class UserController extends Controller
 {
@@ -38,6 +40,22 @@ class UserController extends Controller
 
     public function index(){
         $user = User::all();
-        return $user;
+        return UserInfoResource::collection($user);
+    }
+
+    /**
+     * add a new User
+     * @return \Illuminate\Http\Response
+     */
+    public function store(CreateOrUpdateRequest $request){
+        $password = Hash::make($request->password);
+        $user=$request->all();
+        $user['password']=$password;
+        User::create([
+            ...$user,
+            'created_by' => Auth::id(),
+        ]);
+//        TODO:发送邮箱给目标用户
+        return $this->created();
     }
 }

app/Http/Requests/API/User/CreateOrUpdateRequest.php

@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Http\Requests\API\User;
+
+use App\Http\Requests\RuleHelper;
+use Illuminate\Foundation\Http\FormRequest;
+
+class CreateOrUpdateRequest extends FormRequest
+{
+    use RuleHelper;
+
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+
+        return [
+            'name' => 'required|max:100',
+            'email'=> 'required|email|unique:users',
+            'username'=>'required|max:30|unique:users',
+            'password' => 'required|min:6|regex:/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{6,}$/', // 至少6位，包含大小写字母和数字
+            'confirm_password' => 'required|same:password', // 与password字段相同
+            'phone'=>'nullable|regex:/^\d{10}$/',
+            'gender'=>'nullable|in:1,0',
+            'address'=>'nullable|max:255',
+            'company_id'=>'required|exists:company,id',
+            'department_id'=>'required|exists:department,id',
+            'role_id'=>'required|exists:roles,id',
+        ];
+    }
+
+}

app/Models/User.php

@@ -29,6 +29,7 @@ class User extends Authenticatable
         'password',
         'company_id',
         'department_id',
+        'role_id',
     ];
 
     /**

routes/api.php

@@ -20,7 +20,6 @@ Route::post("/login", [API\AuthController::class, "login"]);
 Route::middleware(['auth:sanctum'])->group(function () {
     Route::post("/logout", [API\AuthController::class, "logout"]);
     Route::get("user/info", [API\UserController::class, 'info'])->name("user.info");
-    Route::get("user/index",[API\UserController::class, 'index'])->name("user.index");
 
     Route::middleware(['permission'])->group(function() {
         Route::apiResources([
@@ -37,6 +36,7 @@ Route::middleware(['auth:sanctum'])->group(function () {
             'library' => API\LibraryController::class,
             'department' => API\DepartmentController::class,
             'company' => API\CompanyController::class,
+            'user' => API\UserController::class,
         ]);
         Route::get("asset/{asset_id}/report",[API\AssetController::class, 'report'])->name('asset.report');