Dolo/BetiX
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0280278978d2ab2870f9da601ef1b56738f71071
BetiX/app/Http/Controllers/UserRestrictionApiController.php
Dolo 0280278978
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (8.4) (push) Has been cancelled
Details
tests / ci (8.5) (push) Has been cancelled
Details
Initialer Laravel Commit für BetiX
2026-04-04 18:01:50 +02:00

172 lines
6.5 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers;
use App\Http\Controllers\Concerns\ProxiesBackend;
use App\Services\BackendHttpClient;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
class UserRestrictionApiController extends Controller
{
use ProxiesBackend;
private array $allowedTypes = [
'account_ban',
'chat_ban',
'deposit_block',
'withdrawal_block',
'support_block',
];
public function __construct(private readonly BackendHttpClient $client)
{
// Inline Bearer token middleware like BonusApiController
$this->middleware(function ($request, $next) {
$provided = $this->extractToken($request);
$expected = config('services.moderation_api.token');
if (!$expected || !hash_equals((string) $expected, (string) $provided)) {
return response()->json(['message' => 'Unauthorized'], 401);
}
return $next($request);
});
}
private function extractToken(Request $request): ?string
{
$auth = $request->header('Authorization');
if ($auth && str_starts_with($auth, 'Bearer ')) {
return substr($auth, 7);
}
return $request->query('api_token');
}
// GET /api/users/{id}/restrictions?active_only=1
public function listForUser(Request $request, int $userId)
{
try {
$query = [];
if ($request->boolean('active_only')) {
$query['active_only'] = 1;
}
$res = $this->client->get($request, "/users/{$userId}/restrictions", $query, retry: true);
if ($res->successful()) {
return response()->json($res->json() ?: []);
}
if ($res->clientError()) return $this->mapClientError($res);
if ($res->serverError()) return $this->mapServiceUnavailable($res);
return $this->mapBadGateway();
} catch (\Throwable $e) {
return $this->mapBadGateway('API server not reachable');
}
}
// GET /api/users/{id}/restrictions/check
public function checkForUser(Request $request, int $userId)
{
try {
$res = $this->client->get($request, "/users/{$userId}/restrictions/check", [], retry: true);
if ($res->successful()) {
return response()->json($res->json() ?: []);
}
if ($res->clientError()) return $this->mapClientError($res);
if ($res->serverError()) return $this->mapServiceUnavailable($res);
return $this->mapBadGateway();
} catch (\Throwable $e) {
return $this->mapBadGateway('API server not reachable');
}
}
// POST /api/users/{id}/restrictions
public function createForUser(Request $request, int $userId)
{
$data = $this->validatePayload($request, partial: false);
try {
$res = $this->client->post($request, "/users/{$userId}/restrictions", $data);
if ($res->successful()) {
return response()->json($res->json() ?: [], 201);
}
if ($res->clientError()) return $this->mapClientError($res);
if ($res->serverError()) return $this->mapServiceUnavailable($res);
return $this->mapBadGateway();
} catch (\Throwable $e) {
return $this->mapBadGateway('API server not reachable');
}
}
// POST /api/users/{id}/restrictions/upsert
public function upsertForUser(Request $request, int $userId)
{
$data = $this->validatePayload($request, partial: true);
if (empty($data['type'])) {
return response()->json(['message' => 'type is required for upsert'], 422);
}
try {
$res = $this->client->post($request, "/users/{$userId}/restrictions/upsert", $data);
if ($res->successful()) {
// 200 or 201 upstream; forward as given
$status = $res->status() === 201 ? 201 : 200;
return response()->json($res->json() ?: [], $status);
}
if ($res->clientError()) return $this->mapClientError($res);
if ($res->serverError()) return $this->mapServiceUnavailable($res);
return $this->mapBadGateway();
} catch (\Throwable $e) {
return $this->mapBadGateway('API server not reachable');
}
}
// PATCH /api/restrictions/{id}
public function update(Request $request, int $id)
{
$data = $this->validatePayload($request, partial: true);
try {
$res = $this->client->patch($request, "/restrictions/{$id}", $data);
if ($res->successful()) {
return response()->json($res->json() ?: []);
}
if ($res->clientError()) return $this->mapClientError($res);
if ($res->serverError()) return $this->mapServiceUnavailable($res);
return $this->mapBadGateway();
} catch (\Throwable $e) {
return $this->mapBadGateway('API server not reachable');
}
}
// DELETE /api/restrictions/{id}
public function destroy(Request $request, int $id)
{
try {
$res = $this->client->delete($request, "/restrictions/{$id}");
if ($res->successful()) {
return response()->json($res->json() ?: ['message' => 'Deactivated']);
}
if ($res->clientError()) return $this->mapClientError($res);
if ($res->serverError()) return $this->mapServiceUnavailable($res);
return $this->mapBadGateway();
} catch (\Throwable $e) {
return $this->mapBadGateway('API server not reachable');
}
}
private function validatePayload(Request $request, bool $partial = false): array
{
$required = $partial ? 'sometimes' : 'required';
$rules = [
'type' => [$required, Rule::in($this->allowedTypes)],
'reason' => ['sometimes', 'nullable', 'string', 'max:255'],
'notes' => ['sometimes', 'nullable', 'string'],
'imposed_by' => ['sometimes', 'nullable', 'integer'],
'starts_at' => ['sometimes', 'nullable', 'date'],
'ends_at' => ['sometimes', 'nullable', 'date', 'after_or_equal:starts_at'],
'active' => ['sometimes', 'boolean'],
'source' => ['sometimes', 'nullable', 'string', 'max:64'],
'metadata' => ['sometimes', 'nullable', 'array'],
];
$validated = $request->validate($rules);
return $validated;
}
}
Reference in New Issue View Git Blame Copy Permalink