autocde2.0/app/Http/Controllers/API/UserController.php

<?php

namespace App\Http\Controllers\API;

use App\Http\Controllers\Controller;
use App\Http\Requests\API\User\AdminUpdateRequest;
use App\Http\Requests\API\User\BatchCreateRequest;
use App\Http\Requests\API\User\CreateCompanyUserRequest;
use App\Http\Requests\API\User\CreateRequest;
use App\Http\Requests\API\User\UpdateRequest;
use App\Http\Resources\API\UserInfoResource;
use App\Http\Resources\API\UserSimpleResource;
use App\Models\Enums\RequirementStatus;
use App\Models\Menu;
use App\Models\Permission;
use App\Models\Role;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use function Laravel\Prompts\password;

class UserController extends Controller
{
    public function details()
    {
        $user = Auth::user();

        $menus = Menu::query()->where("group", \request("group", "web"))
            ->get();
//            ->filter(fn(Menu $menu) => Auth::user()->can($menu->permission));


        $userPerminssion=$user->role->permissions->pluck('name')->toArray();

        $flattenedPaths = [];
        foreach ($menus as $index=> $menu) {
            if(in_array($menu->permission,$userPerminssion)){
                $individualPaths = explode(',', $menu->path);
                $flattenedPaths = array_merge($flattenedPaths, $individualPaths);
            }
        }

        $userHasMenu=Menu::query()->whereIn('id',$flattenedPaths)->pluck('name')->toArray();

        $user->menus = $userHasMenu;

        return new UserInfoResource($user);
    }

    public function assignRole(Request $request, string $id)
    {
        $user = User::query()->findOrFail($id);

        $roleName = $request->get('role_name');
        if ($roleName) {
            $role = Role::query()->where("guard_name", "api")->where('name', $roleName)->firstOrFail();
            $user->role_id = $role->id;
            $user->save();
        }

        $roles = $roleName ? [$roleName] : [];

        $user->syncRoles($roles);

        return $this->noContent();
    }

    public function index(Request $request){
        $pageSize=$request->get('page_size') ?? 10;
        $sort=$request->input('sort','desc');
        //超管能看到所有用户
        if(Auth::user()->super_admin){
            $user = User::query()->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize);
            return UserSimpleResource::collection($user);
        }
        //普通管理员能看到自己公司的用户
        $user=User::query()
            ->where('company_id',Auth::user()->company_id)
            ->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize);
        return UserSimpleResource::collection($user);
    }

    public function publicSearch(Request $request){
        $pageSize=$request->get('page_size') ?? 10;
        $sort=$request->input('sort','desc');
        $user=User::query()
            ->where('company_id',Auth::user()->company_id)
            ->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize);
        return UserSimpleResource::collection($user);
    }

    /**
     * add a new User
     * @return \Illuminate\Http\Response
     */
    public function store(CreateRequest $request){
        $password = Hash::make($request->password);
        $userRequest=$request->all();
        $userRequest['password']=$password;
        $user=User::create([
            ...$userRequest,
            'created_by' => Auth::id(),
        ]);
//        TODO:发送邮箱给目标用户
        $roleId = $request->get('role_id');
        $role = Role::query()->findOrFail($roleId);
        $user->syncRoles($role);
        return $this->created();
    }


    /**
     * batchCreate  User,为ditto时参考上一条
     * @return \Illuminate\Http\Response
     */
    public function batchStore(BatchCreateRequest $request){
        $userData = $request->users;
        DB::transaction(function () use ($userData) {
        foreach ($userData as $k => $data) {
            $user = new User();
            if ($k != 0) {
//                $userData[$k]["department_id"] = $userData[$k]["department_id"] == 'ditto' ? $userData[$k - 1]["department_id"] : $userData[$k]["department_id"];
                $userData[$k]["role_id"] = $userData[$k]["role_id"] == 'ditto' ? $userData[$k - 1]["role_id"] : $userData[$k]["role_id"];
            }
            $userData[$k]['password'] = Hash::make($userData[$k]['password']);
            $role = Role::query()->findOrFail($userData[$k]["role_id"]);
            $user->syncRoles($role);
            $user->fill([
                ...$userData[$k],
                'created_by' => Auth::id(),
            ]);
            //        TODO:发送邮箱给目标用户
            $user->save();
        }
        });
//        TODO:发送邮箱给目标用户
        return $this->created();
    }

    /**
     * enable or ban users 启用或禁用用户
     * @param Request $request
     * @return \Illuminate\Http\Response
     */
    public function status(Request $request,string $status){
        //只能删除自己公司的;超管除外
        if (Auth::user()->super_admin){
            User::whereIn('id', $request->user_id)->update(['status' => $status]);
        }
        else{
            User::whereIn('id', $request->user_id)->where('company_id',Auth::user()->company_id)->update(['status' => $status]);
        }
        return $this->created();
    }

    public function destroy(string $id)
    {
        $user = User::query()->findOrFail($id);
        $user->delete();
        return $this->noContent();
    }

    public function show(string $id)
    {
        $user = User::query()->findOrFail($id);
        return new UserInfoResource($user);
    }

    public function update(UpdateRequest $request,string $id)
    {
        $user = User::findOrFail($id);
        $newPassword=null;

        // 如果用户是超级管理员或具有相应权限
        if (Auth::user()->super_admin || Auth::user()->can('user.assign-role')) {
            $user->fill([
            ...$request->except(['username']),
            'password' => $request->password ? Hash::make($request->password) : $user->password,
        ]);
        $roleId = $request->get('role_id');
        if ($roleId) {
            $role = Role::findOrFail($roleId);
            $user->syncRoles([$role]);
        }
        } else {
                // 如果用户不是超级管理员且没有编辑角色的权限
                $user->fill([
                ...$request->except(['role_id', 'department_id', 'company_id']),
                'password' => $request->password ? Hash::make($request->password) : $user->password,
            ]);
        }
        $user->save();
        return $this->noContent();

    }
//    /**
//     * @param CreateRequest $request
//     * @return \Illuminate\Http\Response
//     * 修改个人信息
//     */
//    public function updateInfo(UpdateRequest $request)
//    {
//        $user = User::findOrFail(Auth::user()->id);
//        $user->fill([
//            ...$request->except(['username','role_id','department_id','company_id'])
//        ]);
//        $user->save();
//        return $this->noContent();
//    }
//
//    /**
//     * @param AdminUpdateRequest $request 修改主体
//     * @param string $id 用户id
//     * @return \Illuminate\Http\Response
//     * 超管修改用户的信息
//     */
//    public function updateUserInfo(AdminUpdateRequest $request, string $id)
//    {
//        $user = User::findOrFail($id);
//        $user->fill([
//            ...$request->all()
//        ]);
//        $user->save();
//        return $this->noContent();
//
//    }

//    /**
//     * 注册用户
//     * @return \Illuminate\Http\Response
//     */
//    public function registerCompanyUser(CreateCompanyUserRequest $request){
//        $password = Hash::make($request->password);
//        $userRequest=$request->all();
//        $userRequest['password']=$password;
//        User::create([
//            ...$userRequest,
//            'created_by' => Auth::id(),
//        ]);
//        return $this->created();
//    }

}