From 6f77d8100fc381f16fc9afe73e62b623fea2f7fb Mon Sep 17 00:00:00 2001
From: b1ek <me@blek.codes>
Date: Fri, 30 Aug 2024 10:17:13 +1000
Subject: [PATCH] feat: implement /api/users/private/list and /get/{id}

---
 .../Controllers/PrivateUserController.php     | 25 ++++++++++++++
 app/Http/Requests/AuthorizedRequest.php       | 16 +++++++++
 app/Services/UserService.php                  | 10 ++++++
 public/openapi.yml                            | 33 +++++++++++++++++++
 routes/web.php                                |  5 +++
 5 files changed, 89 insertions(+)
 create mode 100644 app/Http/Controllers/PrivateUserController.php
 create mode 100644 app/Http/Requests/AuthorizedRequest.php

diff --git a/app/Http/Controllers/PrivateUserController.php b/app/Http/Controllers/PrivateUserController.php
new file mode 100644
index 0000000..9b71253
--- /dev/null
+++ b/app/Http/Controllers/PrivateUserController.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\AuthorizedRequest;
+use App\Services\UserService;
+use Illuminate\Http\Request;
+use Validator;
+
+class PrivateUserController extends Controller
+{
+    public function __construct(
+        private UserService $userService
+    ) { }
+    
+    public function list(AuthorizedRequest $request)
+    {
+        return $this->userService->listAll();
+    }
+
+    public function get(AuthorizedRequest $request, string $id)
+    {
+        return $this->userService->getOneById($id);
+    }
+}
diff --git a/app/Http/Requests/AuthorizedRequest.php b/app/Http/Requests/AuthorizedRequest.php
new file mode 100644
index 0000000..acc560b
--- /dev/null
+++ b/app/Http/Requests/AuthorizedRequest.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class AuthorizedRequest extends RestRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return auth()->check();
+    }
+}
diff --git a/app/Services/UserService.php b/app/Services/UserService.php
index e48b3ba..457ba94 100644
--- a/app/Services/UserService.php
+++ b/app/Services/UserService.php
@@ -53,4 +53,14 @@ class UserService
         $user->password = Hash::make($data['password']);
         $user->save();
     }
+
+    public function listAll(): array
+    {
+        return User::all()->toArray();
+    }
+
+    public function getOneById(string $id): User | null
+    {
+        return User::where([ 'id' => $id ])->first();
+    }
 }
\ No newline at end of file
diff --git a/public/openapi.yml b/public/openapi.yml
index 31c75e7..70d58a8 100644
--- a/public/openapi.yml
+++ b/public/openapi.yml
@@ -140,6 +140,10 @@ paths:
                 type: array
                 items:
                   $ref: '#/components/schemas/User'
+        401:
+          description: Auth failed
+        403:
+          description: Auth failed
   /api/users/private/get/{id}:
     get:
       parameters:
@@ -148,6 +152,7 @@ paths:
           required: true
           schema:
             type: string
+          description: Must be a valid UUID
       tags:
         - Private routes
       security:
@@ -167,6 +172,10 @@ paths:
                 $ref: '#/components/schemas/ValidationError'
         404:
           description: User not found
+        401:
+          description: Auth failed
+        403:
+          description: Auth failed
   /api/users/private/edit/{id}:
     put:
       parameters:
@@ -175,6 +184,7 @@ paths:
           required: true
           schema:
             type: string
+          description: Must be a valid UUID
       tags:
         - Private routes
       security:
@@ -188,6 +198,10 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/ValidationError'
+        401:
+          description: Auth failed
+        403:
+          description: Auth failed
       requestBody:
         description: |-
           All fields of `user` are required. The whole record will be updated with exactly what you provide here. It is assumed that you already have all information about the user beforehand
@@ -219,6 +233,7 @@ paths:
           schema:
             type: string
             example: 'comma,separated,values'
+          description: All must be valid UUIDs
       responses:
         200:
           description: OK
@@ -237,6 +252,10 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/ValidationError'
+        401:
+          description: Auth failed
+        403:
+          description: Auth failed
     delete:
       summary: Remove user(s) from trash
       tags:
@@ -250,6 +269,7 @@ paths:
           schema:
             type: string
             example: 'comma,separated,values'
+          description: All must be valid UUIDs
       responses:
         200:
           description: |-
@@ -271,6 +291,10 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/ValidationError'
+        401:
+          description: Auth failed
+        403:
+          description: Auth failed
   /api/users/private/trash/clean:
     delete:
       summary: Delete user(s) for good from trash
@@ -285,6 +309,7 @@ paths:
           schema:
             type: string
             example: 'comma,separated,values'
+          description: All must be valid UUIDs
       responses:
         200:
           description: OK
@@ -302,6 +327,10 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/ValidationError'
+        401:
+          description: Auth failed
+        403:
+          description: Auth failed
   /api/users/private/trash/list:
     get:
       summary: List users in trash
@@ -318,6 +347,10 @@ paths:
                 type: array
                 items:
                   $ref: '#/components/schemas/User'
+        401:
+          description: Auth failed
+        403:
+          description: Auth failed
 components:
   schemas:
     User:
diff --git a/routes/web.php b/routes/web.php
index 3b886e6..b459be4 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -1,5 +1,6 @@
 <?php
 
+use App\Http\Controllers\PrivateUserController;
 use App\Http\Controllers\PublicUserController;
 use Illuminate\Support\Facades\Route;
 
@@ -13,6 +14,10 @@ Route::prefix('/api')->group(function() {
         Route::post('/login', 'login');
         Route::post('/reset', 'reset');
     });
+    Route::controller(PrivateUserController::class)->prefix('/users/private')->group(function () {
+        Route::get('/list', 'list');
+        Route::get('/get/{id}', 'get')->whereUuid('id');
+    });
 });
 
 Route::get('/session', function() {