Merge branch 'feature/Správa-účtu-garantom' into develop

2025-11-02 21:23:21 +01:00
parent 054a6083b8 7954cdd093
commit 197b26cf08
8 changed files with 568 additions and 3 deletions
--- a/backend/app/Http/Controllers/CompanyController.php
+++ b/backend/app/Http/Controllers/CompanyController.php
@@ -8,7 +8,8 @@ use Illuminate\Http\Request;

 class CompanyController extends Controller
 {
-    public function all_simple() {
+    public function all_simple()
+    {
        $companies = Company::all()->makeHidden(['created_at', 'updated_at']);

        $companies->each(function ($company) {
@@ -18,6 +19,84 @@ class CompanyController extends Controller
        return response()->json($companies);
    }

+    /**
+     * Get a specific company with contact details.
+     */
+    public function get(int $id)
+    {
+        $user = auth()->user();
+
+        if ($user->role !== 'ADMIN') {
+            abort(403, 'Unauthorized');
+        }
+
+        $company = Company::find($id);
+
+        if (!$company) {
+            return response()->json([
+                'message' => 'No such company exists.'
+            ], 400);
+        }
+
+        $company->contact = User::find($company->contact)->makeHidden(['created_at', 'updated_at', 'email_verified_at']);
+
+        return response()->json($company);
+    }
+
+    /**
+     * Update company information and contact person.
+     */
+    public function update_all(int $id, Request $request)
+    {
+        $user = auth()->user();
+
+        if ($user->role !== 'ADMIN') {
+            abort(403, 'Unauthorized');
+        }
+
+        $company = Company::find($id);
+
+        if (!$company) {
+            return response()->json([
+                'message' => 'No such company exists.'
+            ], 400);
+        }
+
+        // Validácia dát
+        $request->validate([
+            'name' => ['required', 'string', 'max:255'],
+            'address' => ['required', 'string', 'max:500'],
+            'ico' => ['required', 'integer'],
+            'hiring' => ['required', 'boolean'],
+            'contact.name' => ['required', 'string', 'max:255'],
+            'contact.email' => ['required', 'email', 'max:255', 'unique:users,email,' . $company->contact],
+            'contact.phone' => ['nullable', 'string', 'max:20'],
+        ]);
+
+        // Aktualizácia Company údajov
+        $company->update([
+            'name' => $request->name,
+            'address' => $request->address,
+            'ico' => $request->ico,
+            'hiring' => $request->hiring,
+        ]);
+
+        // Aktualizácia kontaktnej osoby
+        if ($request->has('contact')) {
+            $contactPerson = User::find($company->contact);
+
+            if ($contactPerson) {
+                $contactPerson->update([
+                    'name' => $request->contact['name'],
+                    'email' => $request->contact['email'],
+                    'phone' => $request->contact['phone'] ?? null,
+                ]);
+            }
+        }
+
+        return response()->noContent();
+    }
+
    /**
     * Display a listing of the resource.
     */
--- a/backend/app/Http/Controllers/StudentDataController.php
+++ b/backend/app/Http/Controllers/StudentDataController.php
@@ -3,10 +3,116 @@
 namespace App\Http\Controllers;

 use App\Models\StudentData;
+use App\Models\User;
 use Illuminate\Http\Request;

 class StudentDataController extends Controller
 {
+    /**
+     * Display a listing of all students with their data.
+     */
+    public function all()
+    {
+        // Iba admin môže vidieť zoznam študentov
+        $user = auth()->user();
+
+        if ($user->role !== 'ADMIN') {
+            abort(403, 'Unauthorized');
+        }
+
+        $students = User::where('role', 'STUDENT')
+            ->with('studentData')
+            ->get();
+
+        return response()->json($students);
+    }
+
+    /**
+     * Get a specific student with their data.
+     */
+    public function get(int $id)
+    {
+        $user = auth()->user();
+
+        $student = User::find($id);
+
+        if (!$student) {
+            return response()->json([
+                'message' => 'No such student exists.'
+            ], 400);
+        }
+
+        if ($student->role !== 'STUDENT') {
+            return response()->json([
+                'message' => 'User is not a student.'
+            ], 400);
+        }
+
+        if ($user->role !== 'ADMIN') {
+            abort(403, 'Unauthorized');
+        }
+
+        $student->load('studentData');
+
+        return response()->json($student);
+    }
+
+    /**
+     * Update student's basic information and student data.
+     */
+    public function update_all(int $id, Request $request)
+    {
+        $user = auth()->user();
+
+        $student = User::find($id);
+
+        if (!$student) {
+            return response()->json([
+                'message' => 'No such student exists.'
+            ], 400);
+        }
+
+        if ($student->role !== 'STUDENT') {
+            return response()->json([
+                'message' => 'User is not a student.'
+            ], 400);
+        }
+
+        if ($user->role !== 'ADMIN') {
+            abort(403, 'Unauthorized');
+        }
+
+        // Validácia dát
+        $request->validate([
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'email', 'max:255', 'unique:users,email,' . $id],
+            'phone' => ['nullable', 'string', 'max:20'],
+            'student_data.study_field' => ['nullable', 'string', 'max:255'],
+            'student_data.personal_email' => ['nullable', 'email', 'max:255'],
+            'student_data.address' => ['nullable', 'string', 'max:500'],
+        ]);
+
+        // Aktualizácia User údajov
+        $student->update([
+            'name' => $request->name,
+            'email' => $request->email,
+            'phone' => $request->phone,
+        ]);
+
+        // Aktualizácia alebo vytvorenie StudentData
+        if ($request->has('student_data')) {
+            $studentData = $student->studentData;
+
+            if ($studentData) {
+                $studentData->update($request->student_data);
+            } else {
+                $student->studentData()->create($request->student_data);
+            }
+        }
+
+        return response()->noContent();
+    }
+
    /**
     * Display a listing of the resource.
     */
--- a/backend/app/Models/User.php
+++ b/backend/app/Models/User.php
@@ -49,4 +49,12 @@ class User extends Authenticatable
            'password' => 'hashed',
        ];
    }
+
+    /**
+     * Get the student data associated with the user.
+     */
+    public function studentData()
+    {
+        return $this->hasOne(StudentData::class, 'user_id');
+    }
 }
--- a/backend/routes/api.php
+++ b/backend/routes/api.php
@@ -3,6 +3,7 @@
 use App\Http\Controllers\Auth\RegisteredUserController;
 use App\Http\Controllers\CompanyController;
 use App\Http\Controllers\InternshipController;
+use App\Http\Controllers\StudentDataController;
 use App\Http\Controllers\InternshipStatusController;
 use App\Models\Company;
 use App\Models\StudentData;
@@ -21,6 +22,12 @@ Route::middleware(['auth:sanctum'])->get('/user', function (Request $request) {
    return $user;
 });

+Route::middleware(['auth:sanctum'])->prefix('/students')->group(function () {
+    Route::get('/', [StudentDataController::class, 'all']);
+    Route::get('/{id}', [StudentDataController::class, 'get']);
+    Route::post('/{id}', [StudentDataController::class, 'update_all']);
+});
+
 Route::post('/password-reset', [RegisteredUserController::class, 'reset_password'])
    ->middleware(['guest', 'throttle:6,1'])
    ->name('password.reset');
@@ -44,4 +51,6 @@ Route::prefix('/internships')->group(function () {

 Route::prefix('/companies')->middleware("auth:sanctum")->group(function () {
    Route::get("/simple", [CompanyController::class, 'all_simple']);
+    Route::get("/{id}", [CompanyController::class, 'get']);
+    Route::post("/{id}", [CompanyController::class, 'update_all']);
 });