Probindo/database-pertani-web
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

profile dan lahan

Browse Source
This commit is contained in:
Irwan Cahyono 2026-04-13 11:53:45 +07:00
parent 502c3be5bf
commit 298c591a20
7 changed files with 196 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Enums/Role.php
View File

@ -5,7 +5,7 @@
enum Role: string enum Role: string
{ {
case SUPER_ADMIN = 'super_admin'; case SUPER_ADMIN = 'super_admin';
case ADMIN = 'admin'; case ADMIN = 'admin'; // admin program
case FASILITATOR = 'fasilitator'; case FASILITATOR = 'fasilitator';
case PETANI = 'petani'; case PETANI = 'petani';
} }

76
app/Http/Controllers/Api/LahanController.php
View File

@ -21,18 +21,22 @@ class LahanController extends Controller
*/ */
public function index(Request $request): AnonymousResourceCollection public function index(Request $request): AnonymousResourceCollection
{ {
Gate::authorize('petani'); if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$user = Auth::user(); $user = Auth::user();
$profile = $user->profile; $profile = $user->profile;
$profileId = $user->role === 'petani' ? $profile->id : $request->profile_id;
$size = $request->integer('size') ?: 10; $size = $request->integer('size') ?: 10;
$listLahan = Lahan::where('profile_id', $profile->id) $listLahan = Lahan::when($request->search, function ($q, $search) {
->when($request->search, function ($q, $search) {
$search = strtolower($search); $search = strtolower($search);
$q->whereRaw('lower(nama) like ?', ["%{$search}%"]); $q->whereRaw('lower(nama) like ?', ["%{$search}%"]);
}) })
->when($profileId, fn($q,$v) => $q->where('profile_id',$v))
->when($request->status_kepemilikan, fn($q,$v) => $q->where('status_kepemilikan',$v)) ->when($request->status_kepemilikan, fn($q,$v) => $q->where('status_kepemilikan',$v))
->when($request->desa_kelurahan_id, fn($q,$v) => $q->where('desa_kelurahan_id',$v)) ->when($request->desa_kelurahan_id, fn($q,$v) => $q->where('desa_kelurahan_id',$v))
->when($request->kecamatan_id, fn ($q, $v) => ->when($request->kecamatan_id, fn ($q, $v) =>
@ -46,7 +50,7 @@ public function index(Request $request): AnonymousResourceCollection
) )
) )
->when($request->provinsi_id, fn ($q, $v) => ->when($request->provinsi_id, fn ($q, $v) =>
$q->whereHas('desaKelurahan.kecamatan.kabupatenkota', fn ($k) => $q->whereHas('desaKelurahan.kecamatan.kabupatenota', fn ($k) =>
$k->where('provinsi_id', $v) $k->where('provinsi_id', $v)
) )
); );
@ -65,7 +69,6 @@ public function index(Request $request): AnonymousResourceCollection
$listLahan = $listLahan->paginate($size); $listLahan = $listLahan->paginate($size);
return LahanResource::collection($listLahan); return LahanResource::collection($listLahan);
} }
@ -74,11 +77,19 @@ public function index(Request $request): AnonymousResourceCollection
*/ */
public function store(Request $request): JsonResponse public function store(Request $request): JsonResponse
{ {
Gate::authorize('petani'); if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$user = Auth::user(); $user = Auth::user();
$profile = $user->profile; $profile = $user->profile;
if (!$profile) {
abort(404, 'Profile tidak ditemukan');
}
$profileRule = $user->role === 'fasilitator' ? ['required', 'numeric', 'exists:profiles,id'] : ['nullable'];
$validated = $request->validate([ $validated = $request->validate([
'nama' => ['required', 'string', 'max:255'], 'nama' => ['required', 'string', 'max:255'],
'status_kepemilikan' => ['required', new Enum(StatusLahan::class)], 'status_kepemilikan' => ['required', new Enum(StatusLahan::class)],
@ -86,11 +97,29 @@ public function store(Request $request): JsonResponse
'path' => ['nullable', 'array'], 'path' => ['nullable', 'array'],
'path.*' => ['array'], 'path.*' => ['array'],
'luas_lahan' => ['nullable', 'numeric'], 'luas_lahan' => ['nullable', 'numeric'],
'profile_id' => $profileRule,
]); ]);
$targetProfileId = $user->role === 'fasilitator'
? $validated['profile_id']
: $profile->id;
if ($user->role === 'fasilitator') {
$targetProfile = Profile::findOrFail($targetProfileId);
if ($targetProfile->desa_kelurahan_id !== $profile->desa_kelurahan_id) {
abort(403, 'Tidak boleh lintas desa');
}
}
$desaKelurahanId = $user->role === 'fasilitator'
? $profile->desa_kelurahan_id
: ($validated['desa_kelurahan_id'] ?? $profile->desa_kelurahan_id);
$lahan = Lahan::create([ $lahan = Lahan::create([
...$validated, ...$validated,
'profile_id' => $profile->id, 'profile_id' => $profile->id,
'desa_kelurahan_id' => $desaKelurahanId,
]); ]);
return (new LahanResource($lahan)) return (new LahanResource($lahan))
@ -103,12 +132,16 @@ public function store(Request $request): JsonResponse
*/ */
public function show(string $id): JsonResponse public function show(string $id): JsonResponse
{ {
Gate::authorize('petani'); if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$lahan = Lahan::with('desaKelurahan')->findOrFail($id); $lahan = Lahan::with('desaKelurahan')->findOrFail($id);
if ($lahan->profile_id !== Auth::user()->profile->id) { if ($lahan->profile_id !== Auth::user()->profile->id && Auth::user()->role === 'petani') {
return response()->json(['message' => 'Unauthorized'], 403); return response()->json(['message' => 'Unauthorized'], 403);
} } else if (Auth::user()->role === 'fasilitator' && $lahan->desa_kelurahan_id !== Auth::user()->profile->desa_kelurahan_id) {
return response()->json(['message' => 'Unauthorized'], 403);
}
return (new LahanResource($lahan))->response(); return (new LahanResource($lahan))->response();
} }
@ -118,12 +151,16 @@ public function show(string $id): JsonResponse
*/ */
public function update(Request $request, string $id): JsonResponse public function update(Request $request, string $id): JsonResponse
{ {
Gate::authorize('petani'); if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$lahan = Lahan::findOrFail($id); $lahan = Lahan::findOrFail($id);
if ($lahan->profile_id !== Auth::user()->profile->id) { if ($lahan->profile_id !== Auth::user()->profile->id && Auth::user()->role === 'petani') {
return response()->json(['message' => 'Unauthorized'], 403); return response()->json(['message' => 'Unauthorized'], 403);
} } else if (Auth::user()->role === 'fasilitator' && $lahan->desa_kelurahan_id !== Auth::user()->profile->desa_kelurahan_id) {
return response()->json(['message' => 'Unauthorized'], 403);
}
$validated = $request->validate([ $validated = $request->validate([
'nama' => ['required', 'string', 'max:255'], 'nama' => ['required', 'string', 'max:255'],
@ -144,12 +181,16 @@ public function update(Request $request, string $id): JsonResponse
*/ */
public function destroy(string $id): JsonResponse public function destroy(string $id): JsonResponse
{ {
Gate::authorize('petani'); if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$lahan = Lahan::findOrFail($id); $lahan = Lahan::findOrFail($id);
if ($lahan->profile_id !== Auth::user()->profile->id) { if ($lahan->profile_id !== Auth::user()->profile->id && Auth::user()->role === 'petani') {
return response()->json(['message' => 'Unauthorized'], 403); return response()->json(['message' => 'Unauthorized'], 403);
} } else if (Auth::user()->role === 'fasilitator' && $lahan->desa_kelurahan_id !== Auth::user()->profile->desa_kelurahan_id) {
return response()->json(['message' => 'Unauthorized'], 403);
}
$lahan->delete(); $lahan->delete();
@ -158,7 +199,10 @@ public function destroy(string $id): JsonResponse
public function batchUpsert(Request $request): JsonResponse public function batchUpsert(Request $request): JsonResponse
{ {
Gate::authorize('petani'); if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$user = Auth::user(); $user = Auth::user();
$profile = $user->profile; $profile = $user->profile;

124
app/Http/Controllers/Api/ProfileController.php
View File

@ -4,12 +4,16 @@
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use App\Models\Profile;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Symfony\Component\HttpFoundation\BinaryFileResponse; use Symfony\Component\HttpFoundation\BinaryFileResponse;
use Illuminate\Support\Facades\Gate;
use Illuminate\Validation\Rule;
use Illuminate\Support\Facades\Hash;
use App\Models\Profile;
use App\Models\User;
use App\Http\Resources\ProfileResource; use App\Http\Resources\ProfileResource;
class ProfileController extends Controller class ProfileController extends Controller
@ -17,9 +21,56 @@ class ProfileController extends Controller
/** /**
* Display a listing of the resource. * Display a listing of the resource.
*/ */
public function index() public function index(Request $request)
{ {
// Gate::authorize('fasilitator');
$user = Auth::user();
$profile = $user->profile;
$desaKelurahanId = null;
if ($profile->role === 'fasilitator') {
$desaKelurahanId = $profile->desa_kelurahan_id;
}
$size = $request->integer('size') ?: 10;
$listProfile = Profile::when($request->search, function ($q, $search) {
$search = strtolower($search);
$q->whereRaw('lower(nama) like ?', ["%{$search}%"]);
})
->when($desaKelurahanId ?? $request->desa_kelurahan_id, fn($q,$v) => $q->where('desa_kelurahan_id',$v))
->when($request->kecamatan_id, fn ($q, $v) =>
$q->whereHas('desaKelurahan', fn ($k) =>
$k->where('kecamatan_id', $v)
)
)
->when($request->kabupaten_kota_id, fn ($q, $v) =>
$q->whereHas('desaKelurahan.kecamatan', fn ($k) =>
$k->where('kabupaten_kota_id', $v)
)
)
->when($request->provinsi_id, fn ($q, $v) =>
$q->whereHas('desaKelurahan.kecamatan.kabupatenKota', fn ($k) =>
$k->where('provinsi_id', $v)
)
);
if ($request->filled('sort')) {
$dir = str_starts_with($request->sort, '-') ? 'desc' : 'asc';
$column = ltrim($request->sort, '-');
$allowed = ['id', 'nama'];
if (in_array($column, $allowed)) {
$listProfile->orderBy($column, $dir);
}
} else {
$listProfile->orderBy('nama', 'asc');
}
$listProfile = $listProfile->paginate($size);
return ProfileResource::collection($listProfile);
} }
/** /**
@ -35,7 +86,40 @@ public function create()
*/ */
public function store(Request $request) public function store(Request $request)
{ {
// Gate::authorize('fasilitator');
$validated = $request->validate([
'nama' => ['required', 'string', 'max:255'],
'email' => ['required', 'email', 'max:255', 'unique:users,email'],
'telepon' => ['nullable', 'string'],
'alamat' => ['nullable', 'string'],
'kk' => ['nullable', 'string'],
'ktp' => ['nullable', 'string'],
'file_kk' => ['nullable', 'file', 'mimes:jpg,jpeg,png,pdf', 'max:2048'],
'file_ktp' => ['nullable', 'file', 'mimes:jpg,jpeg,png,pdf', 'max:2048'],
'desa_kelurahan_id' => ['nullable', 'exists:master_desa_kelurahan,id'],
]);
$user = User::create([
'name' => $validated['nama'],
'email' => $validated['email'],
'password' => Hash::make('password123'), // Set default password or generate random
'role' => 'petani',
'email_verified_at' => now(),
'created_by' => Auth::id(),
'updated_by' => Auth::id(),
]);
$profile = Profile::create([
...$validated,
'user_id' => $user->id,
'created_by' => Auth::id(),
'updated_by' => Auth::id(),
]);
return (new ProfileResource($profile))
->response()
->setStatusCode(201);
} }
/** /**
@ -43,6 +127,10 @@ public function store(Request $request)
*/ */
public function show(string $id): JSONResponse public function show(string $id): JSONResponse
{ {
if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$profile = Profile::with('desaKelurahan')->where('user_id', Auth::id())->first(); $profile = Profile::with('desaKelurahan')->where('user_id', Auth::id())->first();
return response()->json(new ProfileResource($profile)); return response()->json(new ProfileResource($profile));
} }
@ -60,9 +148,26 @@ public function edit(string $id)
*/ */
public function update(Request $request, string $id): JSONResponse public function update(Request $request, string $id): JSONResponse
{ {
if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$user = Auth::user();
if ($user->role === 'petani' && $user->profile->id != $id) {
abort(403, 'Unauthorized');
}
$profile = Profile::findOrFail($id);
if ($user->role === 'fasilitator' && $profile->desa_kelurahan_id != $user->profile->desa_kelurahan_id) {
abort(403, 'Unauthorized');
}
$emailRule = Rule::unique('users', 'email')->ignore($profile->user_id);
$validated = $request->validate([ $validated = $request->validate([
'nama' => ['required', 'string', 'max:255'], 'nama' => ['required', 'string', 'max:255'],
'email' => ['required', 'email', 'max:255', 'unique:users,email,' . Auth::id()], 'email' => ['required', 'email', 'max:255', $emailRule],
'telepon' => ['nullable', 'string'], 'telepon' => ['nullable', 'string'],
'alamat' => ['nullable', 'string'], 'alamat' => ['nullable', 'string'],
'kk' => ['nullable', 'string'], 'kk' => ['nullable', 'string'],
@ -72,8 +177,6 @@ public function update(Request $request, string $id): JSONResponse
'desa_kelurahan_id' => ['nullable', 'exists:master_desa_kelurahan,id'], 'desa_kelurahan_id' => ['nullable', 'exists:master_desa_kelurahan,id'],
]); ]);
$profile = Profile::where('user_id', Auth::id())->first();
if ($request->hasFile('file_kk')) { if ($request->hasFile('file_kk')) {
$validated['file_kk'] = $request->file('file_kk')->getClientOriginalName(); $validated['file_kk'] = $request->file('file_kk')->getClientOriginalName();
$kkPath = $request->file('file_kk')->store('uploads/profile/' . $profile->id, 'public'); $kkPath = $request->file('file_kk')->store('uploads/profile/' . $profile->id, 'public');
@ -84,9 +187,8 @@ public function update(Request $request, string $id): JSONResponse
$ktpPath = $request->file('file_ktp')->store('uploads/profile/' . $profile->id, 'public'); $ktpPath = $request->file('file_ktp')->store('uploads/profile/' . $profile->id, 'public');
$validated['path_ktp'] = $ktpPath; $validated['path_ktp'] = $ktpPath;
} }
$validated['updated_by'] = Auth::id();
$user = Auth::user(); $validated['updated_by'] = $user->id();
DB::transaction(function () use ($profile, $user, $validated) { DB::transaction(function () use ($profile, $user, $validated) {
$profile->update($validated); $profile->update($validated);
@ -110,6 +212,10 @@ public function destroy(string $id)
public function downloadFile(string $id, string $type): JsonResponse | BinaryFileResponse public function downloadFile(string $id, string $type): JsonResponse | BinaryFileResponse
{ {
if (!Gate::any(['petani', 'fasilitator'])) {
abort(403);
}
$profile = Profile::where('user_id', Auth::id())->first(); $profile = Profile::where('user_id', Auth::id())->first();
if (!$profile) { if (!$profile) {

2
app/Http/Controllers/Web/AuthController.php
View File

@ -76,7 +76,7 @@ public function authenticate(Request $request)
? 'email' ? 'email'
: 'name'; : 'name';
if (Auth::attempt([$field => $login, 'password' => $request->password])) { if (Auth::attempt([$field => $login, 'password' => $request->password], $request->boolean('remember'))) {
if (Auth::user()->email_verified_at === null) { if (Auth::user()->email_verified_at === null) {
Auth::logout(); Auth::logout();

20
public/assets/js/pages-auth.js
View File

@ -35,23 +35,23 @@ document.addEventListener('DOMContentLoaded', function () {
'email-username': { 'email-username': {
validators: { validators: {
notEmpty: { notEmpty: {
message: 'Please enter email / username' message: 'Masukkan email atau username Anda'
}, },
stringLength: { // stringLength: {
min: 6, // min: 6,
message: 'Username must be more than 6 characters' // message: 'Username must be more than 6 characters'
} // }
} }
}, },
password: { password: {
validators: { validators: {
notEmpty: { notEmpty: {
message: 'Please enter your password' message: 'Masukkan password Anda'
}, },
stringLength: { // stringLength: {
min: 6, // min: 6,
message: 'Password must be more than 6 characters' // message: 'Password must be more than 6 characters'
} // }
} }
}, },
'confirm-password': { 'confirm-password': {

35
resources/views/auth/login.blade.php
View File

@ -23,8 +23,8 @@
</a> </a>
</div> </div>
<!-- /Logo --> <!-- /Logo -->
<h4 class="mb-1">Welcome to AgroMonev! 👋</h4> <h4 class="mb-1">Selamat datang di AgroMonev!</h4>
<p class="mb-6">Please sign-in to your account and start the adventure</p> <p class="mb-6">Silakan masuk ke akun Anda</p>
@if ($errors->any()) @if ($errors->any())
<div class="alert alert-danger"> <div class="alert alert-danger">
<ul class="mb-0"> <ul class="mb-0">
@ -37,13 +37,13 @@
<form id="formAuthentication" class="mb-4" action="{{ route('auth.authenticate') }}" method="POST"> <form id="formAuthentication" class="mb-4" action="{{ route('auth.authenticate') }}" method="POST">
@csrf @csrf
<div class="mb-6 form-control-validation"> <div class="mb-6 form-control-validation">
<label for="email" class="form-label">Email or Username</label> <label for="email" class="form-label">Email atau Username</label>
<input <input
type="text" type="text"
class="form-control" class="form-control"
id="email" id="email"
name="email_username" name="email_username"
placeholder="Enter your email or username" placeholder="Masukkan email atau username Anda"
autofocus /> autofocus />
</div> </div>
<div class="mb-6 form-password-toggle form-control-validation"> <div class="mb-6 form-password-toggle form-control-validation">
@ -66,7 +66,7 @@ class="form-control"
<label class="form-check-label" for="remember-me"> Remember Me </label> <label class="form-check-label" for="remember-me"> Remember Me </label>
</div> </div>
<a href="auth-forgot-password-basic.html"> <a href="auth-forgot-password-basic.html">
<p class="mb-0">Forgot Password?</p> <p class="mb-0">Lupa Password?</p>
</a> </a>
</div> </div>
</div> </div>
@ -76,33 +76,14 @@ class="form-control"
</form> </form>
<p class="text-center"> <p class="text-center">
<span>New on our platform?</span> <span>Anda belum terdaftar?</span>
<a href="{{ route('register') }}"> <a href="{{ route('register') }}">
<span>Create an account</span> <span>Buat akun baru</span>
</a> </a>
</p> </p>
<div class="divider my-6">
<div class="divider-text">or</div>
</div>
<div class="d-flex justify-content-center">
<a href="javascript:;" class="btn btn-icon rounded-circle btn-text-facebook me-1_5">
<i class="icon-base ti tabler-brand-facebook-filled icon-20px"></i>
</a>
<a href="javascript:;" class="btn btn-icon rounded-circle btn-text-twitter me-1_5">
<i class="icon-base ti tabler-brand-twitter-filled icon-20px"></i>
</a>
<a href="javascript:;" class="btn btn-icon rounded-circle btn-text-github me-1_5">
<i class="icon-base ti tabler-brand-github-filled icon-20px"></i>
</a>
<a href="javascript:;" class="btn btn-icon rounded-circle btn-text-google-plus">
<i class="icon-base ti tabler-brand-google-filled icon-20px"></i>
</a>
</div>
</div> </div>
</div> </div>
@endsection @endsection

2
routes/api.php
View File

@ -21,7 +21,7 @@
// Route::get('/profile', [\App\Http\Controllers\Api\ProfileController::class, 'show']); // Route::get('/profile', [\App\Http\Controllers\Api\ProfileController::class, 'show']);
Route::put('/profile/{id}', [\App\Http\Controllers\Api\ProfileController::class, 'update']); Route::put('/profile/{id}', [\App\Http\Controllers\Api\ProfileController::class, 'update']);
Route::get('/profile/{id}/download/{type}', [\App\Http\Controllers\Api\ProfileController::class, 'downloadFile']); Route::get('/profile/{id}/download/{type}', [\App\Http\Controllers\Api\ProfileController::class, 'downloadFile']);
Route::apiResource('/profile', \App\Http\Controllers\Api\ProfileController::class)->only(['show', 'update']); Route::apiResource('/profile', \App\Http\Controllers\Api\ProfileController::class)->except(['create', 'edit', 'destroy']);
}); });
Route::middleware('auth:sanctum') Route::middleware('auth:sanctum')