2026-02-04 23:31:53 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
use MintyPHP\Buffer;
|
2026-03-06 11:28:22 +01:00
|
|
|
use MintyPHP\Http\SessionStoreInterface;
|
2026-02-04 23:31:53 +01:00
|
|
|
use MintyPHP\Router;
|
2026-02-24 08:49:40 +01:00
|
|
|
use MintyPHP\Service\Access\DepartmentAuthorizationPolicy;
|
2026-02-23 12:58:19 +01:00
|
|
|
use MintyPHP\Support\Flash;
|
|
|
|
|
use MintyPHP\Support\Guard;
|
2026-02-04 23:31:53 +01:00
|
|
|
|
2026-03-06 11:28:22 +01:00
|
|
|
$session = app(SessionStoreInterface::class)->all();
|
2026-02-04 23:31:53 +01:00
|
|
|
Guard::requireLogin();
|
2026-03-04 15:56:58 +01:00
|
|
|
$request = requestInput();
|
|
|
|
|
$tenantService = app(\MintyPHP\Service\Tenant\TenantService::class);
|
|
|
|
|
$directoryScopeGateway = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class);
|
|
|
|
|
$departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);
|
2026-02-04 23:31:53 +01:00
|
|
|
|
2026-03-06 11:28:22 +01:00
|
|
|
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
2026-03-04 15:56:58 +01:00
|
|
|
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
2026-02-24 08:49:40 +01:00
|
|
|
$decision = $authorizationService->authorize(DepartmentAuthorizationPolicy::ABILITY_ADMIN_DEPARTMENTS_CREATE, [
|
|
|
|
|
'actor_user_id' => $currentUserId,
|
|
|
|
|
]);
|
|
|
|
|
if (!$decision->isAllowed()) {
|
|
|
|
|
Guard::deny();
|
2026-02-04 23:31:53 +01:00
|
|
|
}
|
2026-02-24 08:49:40 +01:00
|
|
|
$capabilities = $decision->attribute('capabilities', []);
|
|
|
|
|
$allowedTenantIds = is_array($capabilities) ? array_values(array_unique(array_map('intval', (array) ($capabilities['allowed_tenant_ids'] ?? [])))) : [];
|
|
|
|
|
$isStrictScope = is_array($capabilities) ? (bool) ($capabilities['is_strict_scope'] ?? false) : false;
|
2026-02-04 23:31:53 +01:00
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
$errorBag = formErrors();
|
2026-02-04 23:31:53 +01:00
|
|
|
$errors = [];
|
2026-02-11 19:28:12 +01:00
|
|
|
$warnings = [];
|
2026-02-04 23:31:53 +01:00
|
|
|
$form = [
|
|
|
|
|
'description' => '',
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
'tenant_id' => 0,
|
2026-02-11 19:28:12 +01:00
|
|
|
'code' => '',
|
|
|
|
|
'cost_center' => '',
|
|
|
|
|
'active' => '1',
|
2026-02-04 23:31:53 +01:00
|
|
|
];
|
2026-03-04 15:56:58 +01:00
|
|
|
$tenants = $tenantService->list();
|
2026-02-04 23:31:53 +01:00
|
|
|
if ($allowedTenantIds) {
|
|
|
|
|
$tenants = array_values(array_filter($tenants, static function (array $tenant) use ($allowedTenantIds): bool {
|
|
|
|
|
$tenantId = (int) ($tenant['id'] ?? 0);
|
|
|
|
|
return $tenantId > 0 && in_array($tenantId, $allowedTenantIds, true);
|
|
|
|
|
}));
|
2026-02-24 08:49:40 +01:00
|
|
|
} elseif ($isStrictScope) {
|
2026-02-04 23:31:53 +01:00
|
|
|
$tenants = [];
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
if ($request->hasBody('description')) {
|
|
|
|
|
$selectedTenantId = $request->bodyInt('tenant_id');
|
|
|
|
|
$selectedTenantIds = $directoryScopeGateway->filterTenantIdsForUser([$selectedTenantId], $currentUserId);
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
$selectedTenantId = (int) ($selectedTenantIds[0] ?? 0);
|
2026-03-04 15:56:58 +01:00
|
|
|
$input = $request->bodyAll();
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
$input['tenant_id'] = $selectedTenantId;
|
|
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
$result = $departmentService->createFromAdmin($input, $currentUserId);
|
2026-02-04 23:31:53 +01:00
|
|
|
$form = $result['form'] ?? $form;
|
2026-03-04 15:56:58 +01:00
|
|
|
$errorBag->merge($result['errors'] ?? []);
|
2026-02-11 19:28:12 +01:00
|
|
|
$warnings = $result['warnings'] ?? [];
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
$form['tenant_id'] = $selectedTenantId;
|
2026-02-04 23:31:53 +01:00
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
if (($result['ok'] ?? false) && !$errorBag->hasAny()) {
|
|
|
|
|
$action = (string) $request->body('action', 'create');
|
2026-02-04 23:31:53 +01:00
|
|
|
if ($action === 'create_close') {
|
2026-02-11 19:28:12 +01:00
|
|
|
if ($warnings) {
|
|
|
|
|
Flash::info(implode(' ', $warnings), 'admin/departments', 'department_warning');
|
|
|
|
|
}
|
2026-02-04 23:31:53 +01:00
|
|
|
Flash::success('Department created', 'admin/departments', 'department_created');
|
|
|
|
|
Router::redirect('admin/departments');
|
|
|
|
|
} else {
|
|
|
|
|
$uuid = (string) ($result['uuid'] ?? '');
|
|
|
|
|
if ($uuid !== '') {
|
|
|
|
|
$target = "admin/departments/edit/{$uuid}";
|
2026-02-11 19:28:12 +01:00
|
|
|
if ($warnings) {
|
|
|
|
|
Flash::info(implode(' ', $warnings), $target, 'department_warning');
|
|
|
|
|
}
|
2026-02-04 23:31:53 +01:00
|
|
|
Flash::success('Department created', $target, 'department_created');
|
|
|
|
|
Router::redirect($target);
|
|
|
|
|
} else {
|
2026-02-11 19:28:12 +01:00
|
|
|
if ($warnings) {
|
|
|
|
|
Flash::info(implode(' ', $warnings), 'admin/departments', 'department_warning');
|
|
|
|
|
}
|
2026-02-04 23:31:53 +01:00
|
|
|
Flash::success('Department created', 'admin/departments', 'department_created');
|
|
|
|
|
Router::redirect('admin/departments');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
$validationSummaryErrors = $errorBag->toArray();
|
|
|
|
|
$errors = $errorBag->toFlatList();
|
2026-02-04 23:31:53 +01:00
|
|
|
Buffer::set('title', t('Create department'));
|