From 9e665234c8c137410bc7e2679d82122c24c23d58 Mon Sep 17 00:00:00 2001
From: b1ek <me@blek.codes>
Date: Fri, 30 Aug 2024 11:31:22 +1000
Subject: [PATCH] feat: /api/users/private/edit/{id}

---
 .../Controllers/PrivateUserController.php     | 11 ++++--
 app/Http/Controllers/PublicUserController.php |  2 +-
 app/Http/Requests/RegisterRequest.php         |  3 +-
 app/Http/Requests/UserEditRequest.php         | 36 +++++++++++++++++++
 app/Models/User.php                           |  2 ++
 app/Services/UserService.php                  | 21 ++++++++++-
 public/openapi.yml                            | 28 ++++++++++++---
 routes/web.php                                |  1 +
 8 files changed, 94 insertions(+), 10 deletions(-)
 create mode 100644 app/Http/Requests/UserEditRequest.php

diff --git a/app/Http/Controllers/PrivateUserController.php b/app/Http/Controllers/PrivateUserController.php
index 9b71253..1374d54 100644
--- a/app/Http/Controllers/PrivateUserController.php
+++ b/app/Http/Controllers/PrivateUserController.php
@@ -3,9 +3,8 @@
 namespace App\Http\Controllers;
 
 use App\Http\Requests\AuthorizedRequest;
+use App\Http\Requests\UserEditRequest;
 use App\Services\UserService;
-use Illuminate\Http\Request;
-use Validator;
 
 class PrivateUserController extends Controller
 {
@@ -22,4 +21,12 @@ class PrivateUserController extends Controller
     {
         return $this->userService->getOneById($id);
     }
+
+    public function edit(UserEditRequest $request, string $id)
+    {
+        $user = $this->userService->editUser($request->all(), $id);
+        if ($user === null) {
+            return response('', 404);
+        }
+    }
 }
diff --git a/app/Http/Controllers/PublicUserController.php b/app/Http/Controllers/PublicUserController.php
index c4814e4..6a08dd2 100755
--- a/app/Http/Controllers/PublicUserController.php
+++ b/app/Http/Controllers/PublicUserController.php
@@ -27,6 +27,6 @@ class PublicUserController extends Controller
 
     public function reset(LoginRequest $request)
     {
-        $this->userService->reset($request->all());
+        $this->userService->setPassword($request->all());
     }
 }
diff --git a/app/Http/Requests/RegisterRequest.php b/app/Http/Requests/RegisterRequest.php
index 79c6fd5..c40376a 100644
--- a/app/Http/Requests/RegisterRequest.php
+++ b/app/Http/Requests/RegisterRequest.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Requests;
 
+use App\Models\User;
 use App\Rules\ZxcvbnRule;
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Validation\Rules\Password;
@@ -28,7 +29,7 @@ class RegisterRequest extends RestRequest
             'name' => ['required', 'string'],
             'middle_name' => ['required', 'string'],
             'email' => ['required', 'email'],
-            'phone' => ['required', 'regex:/^\+\d+$/'],
+            'phone' => ['required', 'regex:' . User::PHONE_REGEX ],
             'password' => ['required', Password::min(1)->rules([ new ZxcvbnRule ])],
         ];
     }
diff --git a/app/Http/Requests/UserEditRequest.php b/app/Http/Requests/UserEditRequest.php
new file mode 100644
index 0000000..c0947a7
--- /dev/null
+++ b/app/Http/Requests/UserEditRequest.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Models\User;
+use App\Rules\ZxcvbnRule;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rules\Password;
+
+class UserEditRequest extends AuthorizedRequest
+{
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'user.last_name' => [ 'string' ],
+            'user.name' => [ 'string' ],
+            'user.middle_name' => [ 'string' ],
+            'user.email' => [ 'email' ],
+            'user.phone' => [ 'string', 'regex:' . User::PHONE_REGEX ],
+            'user' => 'required',
+            'password' => [ Password::min(1)->rules([ new ZxcvbnRule ]) ],
+
+            'user.email_verified_at' => 'prohibited',
+            'user.created_at' => 'prohibited',
+            'user.updated_at' => 'prohibited',
+            'user.deleted_at' => 'prohibited',
+            'user.id' => 'prohibited',
+        ];
+    }
+}
diff --git a/app/Models/User.php b/app/Models/User.php
index a34c867..b045b5b 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -13,6 +13,8 @@ class User extends Authenticatable
 {
     use HasFactory, Notifiable, UuidId, HasHistory;
 
+    public const PHONE_REGEX = '/^\+\d+$/';
+
     /**
      * The attributes that are mass assignable.
      *
diff --git a/app/Services/UserService.php b/app/Services/UserService.php
index 457ba94..3c2f404 100644
--- a/app/Services/UserService.php
+++ b/app/Services/UserService.php
@@ -43,7 +43,7 @@ class UserService
         return false;
     }
 
-    public function reset($data)
+    public function setPassword($data)
     {
         $user = User::where([ 'email' => $data['email'] ])->first();
         if ($user === null) {
@@ -63,4 +63,23 @@ class UserService
     {
         return User::where([ 'id' => $id ])->first();
     }
+
+    /**
+     * Will return `null` if failed
+     */
+    public function editUser(array $data, string $id): User | null
+    {
+        $user = $this->getOneById($id);
+        if ($user === null) {
+            return null;
+        }
+
+        if (array_key_exists('password', $data)) {
+            $this->setPassword([ 'email' => $user['email'], 'password' => $data['password'] ]);
+        }
+
+        $user->fill($data['user']);
+        $user->save();
+        return $user;
+    }
 }
\ No newline at end of file
diff --git a/public/openapi.yml b/public/openapi.yml
index 70d58a8..1dbb455 100644
--- a/public/openapi.yml
+++ b/public/openapi.yml
@@ -202,21 +202,39 @@ paths:
           description: Auth failed
         403:
           description: Auth failed
+        404:
+          description: User not found
       requestBody:
         description: |-
-          All fields of `user` are required. The whole record will be updated with exactly what you provide here. It is assumed that you already have all information about the user beforehand
+          All fields of `user` are optional. If a field is specified, the database record will change to the field's value.
           
-          `new_pass` is optional, only if you want to update the password.
+          `password` is optional, only if you want to update the password.
           
-          Note: updating password will revoke all current sessions of the user
+          Note: updating password will not revoke all current sessions of the user
         content:
           application/json:
             schema:
               type: object
               properties:
                 user:
-                  $ref: '#/components/schemas/User'
-                new_pass:
+                  type: object
+                  properties:
+                    last_name:
+                      type: string
+                      example: doe
+                    name:
+                      type: string
+                      example: jade
+                    middle_name:
+                      type: string
+                      example: john
+                    email:
+                      type: string
+                      example: jdoe@example.com
+                    phone:
+                      type: string
+                      example: '+000000'
+                password:
                   type: string
                   example: 'very_strong_password123456'
   /api/users/private/trash/group:
diff --git a/routes/web.php b/routes/web.php
index b459be4..513faf6 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -17,6 +17,7 @@ Route::prefix('/api')->group(function() {
     Route::controller(PrivateUserController::class)->prefix('/users/private')->group(function () {
         Route::get('/list', 'list');
         Route::get('/get/{id}', 'get')->whereUuid('id');
+        Route::put('/edit/{id}', 'edit')->whereUuid('id');
     });
 });