gitmedia/presseportale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

12-05-2026 Frontend dev
Some checks are pending
linter / quality (push) Waiting to run
Details
tests / ci (push) Waiting to run
Details

Browse source
This commit is contained in:
Kevin Adametz 2026-05-12 18:32:33 +02:00
parent 405df0a122
commit 5b8bdf4182
779 changed files with 480564 additions and 6241 deletions
Download patch file Download diff file Expand all files Collapse all files

74
app/Http/Controllers/Admin/DashboardController.php Normal file
View file

@ -0,0 +1,74 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Enums\PressReleaseStatus;
use App\Http\Controllers\Controller;
use App\Models\Company;
use App\Models\Contact;
use App\Models\NewsletterSubscription;
use App\Models\PressRelease;
use App\Models\User;
use App\Services\Admin\AdminPerformanceCache;
use Illuminate\Contracts\View\View;
use stdClass;
class DashboardController extends Controller
{
public function __invoke(): View
{
$stats = app(AdminPerformanceCache::class)->remember(AdminPerformanceCache::DashboardStats, AdminPerformanceCache::StatsTtl, fn (): array => $this->stats());
return view('admin.dashboard', [
'stats' => $stats,
'recentPRs' => PressRelease::withoutGlobalScopes()
->with(['company:id,name', 'user:id,name'])
->latest('created_at')
->limit(8)
->get(['id', 'title', 'status', 'portal', 'company_id', 'user_id', 'created_at']),
'pendingReviews' => PressRelease::withoutGlobalScopes()
->with(['company:id,name'])
->where('status', PressReleaseStatus::Review->value)
->latest('created_at')
->limit(5)
->get(['id', 'title', 'company_id', 'portal', 'created_at']),
]);
}
/**
* @return array{press_releases: array{total: int, published: int, review: int, draft: int}, companies: int, contacts: int, users: int, newsletter: int}
*/
private function stats(): array
{
$pressReleaseStats = PressRelease::withoutGlobalScopes()
->toBase()
->selectRaw('COUNT(*) as total')
->selectRaw('SUM(CASE WHEN status = ? THEN 1 ELSE 0 END) as published', [PressReleaseStatus::Published->value])
->selectRaw('SUM(CASE WHEN status = ? THEN 1 ELSE 0 END) as review', [PressReleaseStatus::Review->value])
->selectRaw('SUM(CASE WHEN status = ? THEN 1 ELSE 0 END) as draft', [PressReleaseStatus::Draft->value])
->first();
return [
'press_releases' => $this->normalizePressReleaseStats($pressReleaseStats),
'companies' => Company::withoutGlobalScopes()->count(),
'contacts' => Contact::withoutGlobalScopes()->count(),
'users' => User::query()->toBase()->count('*'),
'newsletter' => NewsletterSubscription::withoutGlobalScopes()
->where('is_confirmed', true)
->count(),
];
}
/**
* @return array{total: int, published: int, review: int, draft: int}
*/
private function normalizePressReleaseStats(?stdClass $stats): array
{
return [
'total' => (int) ($stats->total ?? 0),
'published' => (int) ($stats->published ?? 0),
'review' => (int) ($stats->review ?? 0),
'draft' => (int) ($stats->draft ?? 0),
];
}
}

23
app/Http/Controllers/Admin/LeaveImpersonationController.php Normal file
View file

@ -0,0 +1,23 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Actions\Admin\UserImpersonation;
use App\Http\Controllers\Controller;
use Illuminate\Http\RedirectResponse;
class LeaveImpersonationController extends Controller
{
public function __invoke(UserImpersonation $impersonation): RedirectResponse
{
$admin = $impersonation->stop();
if ($admin !== null) {
return redirect()
->route('admin.users.index')
->with('status', __('Erfolgreich zurück zum Admin-Account gewechselt.'));
}
return redirect()->route('me.dashboard');
}
}

25
app/Http/Controllers/Api/V1/CategoryController.php Normal file
View file

@ -0,0 +1,25 @@
<?php
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Resources\CategoryResource;
use App\Models\Category;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
class CategoryController extends Controller
{
public function index(Request $request): AnonymousResourceCollection
{
abort_unless($request->user()->tokenCan('press-releases:read'), 403);
$categories = Category::query()
->with('translations')
->where('is_active', true)
->orderBy('id')
->get();
return CategoryResource::collection($categories);
}
}

59
app/Http/Controllers/Api/V1/CompanyController.php Normal file
View file

@ -0,0 +1,59 @@
<?php
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Resources\CompanyResource;
use App\Models\Company;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
class CompanyController extends Controller
{
public function index(Request $request): AnonymousResourceCollection
{
abort_unless($request->user()->tokenCan('companies:read'), 403);
$companies = Company::withoutGlobalScopes()
->where(function ($query) use ($request): void {
$query->where('owner_user_id', $request->user()->id)
->orWhereHas('users', fn ($users) => $users->whereKey($request->user()->id));
})
->orderBy('name')
->paginate(min((int) $request->query('per_page', 25), 100));
return CompanyResource::collection($companies);
}
public function store(Request $request)
{
abort(404);
}
public function show(Request $request, int $company): CompanyResource
{
abort_unless($request->user()->tokenCan('companies:read'), 403);
$company = Company::withoutGlobalScopes()
->whereKey($company)
->where(function ($query) use ($request): void {
$query->where('owner_user_id', $request->user()->id)
->orWhereHas('users', fn ($users) => $users->whereKey($request->user()->id));
})
->first();
abort_unless($company !== null, 403);
return CompanyResource::make($company);
}
public function update(Request $request, string $id)
{
abort(404);
}
public function destroy(string $id)
{
abort(404);
}
}

45
app/Http/Controllers/Api/V1/NewsletterSubscriptionController.php Normal file
View file

@ -0,0 +1,45 @@
<?php
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\SubscribeNewsletterRequest;
use App\Models\NewsletterSubscription;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Str;
class NewsletterSubscriptionController extends Controller
{
public function store(SubscribeNewsletterRequest $request): JsonResponse
{
$validated = $request->validated();
$subscription = NewsletterSubscription::withoutGlobalScopes()->updateOrCreate(
[
'portal' => $validated['portal'],
'email' => mb_strtolower($validated['email']),
],
[
'user_id' => $request->user()->id,
'salutation_key' => $validated['salutation_key'] ?? null,
'first_name' => $validated['first_name'] ?? null,
'last_name' => $validated['last_name'] ?? null,
'ip_address' => $request->ip(),
'is_confirmed' => false,
'confirmation_token' => Str::random(32),
'subscribed_at' => now(),
'unsubscribed_at' => null,
],
);
return response()->json([
'message' => 'Newsletter subscription created.',
'data' => [
'id' => $subscription->id,
'portal' => $subscription->portal->value,
'email' => $subscription->email,
'is_confirmed' => $subscription->is_confirmed,
],
], 201);
}
}

165
app/Http/Controllers/Api/V1/PressReleaseController.php Normal file
View file

@ -0,0 +1,165 @@
<?php
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StorePressReleaseRequest;
use App\Http\Requests\Api\V1\UpdatePressReleaseRequest;
use App\Http\Resources\PressReleaseResource;
use App\Models\Company;
use App\Models\PressRelease;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Http\Response;
use Illuminate\Support\Str;
class PressReleaseController extends Controller
{
public function index(Request $request): AnonymousResourceCollection
{
abort_unless($request->user()->tokenCan('press-releases:read'), 403);
$pressReleases = PressRelease::withoutGlobalScopes()
->where('user_id', $request->user()->id)
->with(['company:id,name,portal,legacy_portal,legacy_id', 'category.translations', 'images'])
->when($request->query('status'), fn ($query, string $status) => $query->where('status', $status))
->latest()
->paginate(min((int) $request->query('per_page', 25), 100));
return PressReleaseResource::collection($pressReleases);
}
public function store(StorePressReleaseRequest $request): JsonResponse
{
$validated = $request->validated();
$company = $this->findOwnedCompany((int) $validated['company_id'], $request);
abort_unless($company !== null, 403);
$pressRelease = PressRelease::withoutGlobalScopes()->create([
...$validated,
'uuid' => (string) Str::uuid(),
'user_id' => $request->user()->id,
'portal' => $company->portal->value,
'slug' => $this->uniqueSlug(
Str::slug($validated['title']),
$company->portal->value,
$validated['language'],
),
'status' => $validated['status'] ?? 'draft',
]);
return PressReleaseResource::make(
$pressRelease->load(['company:id,name,portal,legacy_portal,legacy_id', 'category.translations', 'images'])
)->response()->setStatusCode(201);
}
public function show(Request $request, int $pressRelease): PressReleaseResource
{
abort_unless($request->user()->tokenCan('press-releases:read'), 403);
$pressRelease = $this->findOwnedPressRelease($pressRelease, $request);
abort_unless($pressRelease !== null, 403);
return PressReleaseResource::make(
$pressRelease->load(['company:id,name,portal,legacy_portal,legacy_id', 'category.translations', 'images'])
);
}
public function update(UpdatePressReleaseRequest $request, int $pressRelease): PressReleaseResource|JsonResponse
{
$pressRelease = $this->findOwnedPressRelease($pressRelease, $request);
abort_unless($pressRelease !== null, 403);
if (! in_array($pressRelease->status->value, ['draft', 'rejected'], true)) {
return response()->json([
'message' => 'Only draft or rejected press releases may be edited.',
], 409);
}
$validated = $request->validated();
$company = isset($validated['company_id'])
? $this->findOwnedCompany((int) $validated['company_id'], $request)
: $this->findOwnedCompany((int) $pressRelease->company_id, $request);
abort_unless($company !== null, 403);
$language = $validated['language'] ?? $pressRelease->language;
$title = $validated['title'] ?? $pressRelease->title;
$portal = $company->portal->value;
$pressRelease->fill([
...$validated,
'portal' => $portal,
]);
if (
array_key_exists('title', $validated)
|| array_key_exists('language', $validated)
|| array_key_exists('company_id', $validated)
) {
$pressRelease->slug = $this->uniqueSlug(Str::slug($title), $portal, $language, $pressRelease->id);
}
$pressRelease->save();
return PressReleaseResource::make(
$pressRelease->load(['company:id,name,portal,legacy_portal,legacy_id', 'category.translations', 'images'])
);
}
public function destroy(Request $request, int $pressRelease): JsonResponse|Response
{
abort_unless($request->user()->tokenCan('press-releases:write'), 403);
$pressRelease = $this->findOwnedPressRelease($pressRelease, $request);
abort_unless($pressRelease !== null, 403);
if ($pressRelease->status->value === 'published') {
return response()->json([
'message' => 'Published press releases cannot be deleted via API.',
], 409);
}
$pressRelease->delete();
return response()->noContent();
}
private function findOwnedCompany(int $companyId, Request $request): ?Company
{
return Company::withoutGlobalScopes()
->whereKey($companyId)
->where(function ($query) use ($request): void {
$query->where('owner_user_id', $request->user()->id)
->orWhereHas('users', fn ($users) => $users->whereKey($request->user()->id));
})
->first();
}
private function findOwnedPressRelease(int $pressReleaseId, Request $request): ?PressRelease
{
return PressRelease::withoutGlobalScopes()
->whereKey($pressReleaseId)
->where('user_id', $request->user()->id)
->first();
}
private function uniqueSlug(string $baseSlug, string $portal, string $language, ?int $excludeId = null): string
{
$slug = $baseSlug !== '' ? $baseSlug : Str::random(8);
$candidate = $slug;
$suffix = 2;
while (
PressRelease::withoutGlobalScopes()
->where('portal', $portal)
->where('language', $language)
->where('slug', $candidate)
->when($excludeId !== null, fn ($query) => $query->whereKeyNot($excludeId))
->exists()
) {
$candidate = "{$slug}-{$suffix}";
$suffix++;
}
return $candidate;
}
}

121
app/Http/Controllers/Api/V1/PressReleaseImageController.php Normal file
View file

@ -0,0 +1,121 @@
<?php
namespace App\Http\Controllers\Api\V1;
use App\Enums\PressReleaseStatus;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\V1\StorePressReleaseImageRequest;
use App\Http\Resources\PressReleaseImageResource;
use App\Models\PressRelease;
use App\Models\PressReleaseImage;
use App\Services\Image\ImageService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Illuminate\Http\Response;
use Illuminate\Http\UploadedFile;
use RuntimeException;
class PressReleaseImageController extends Controller
{
public function __construct(private readonly ImageService $imageService) {}
public function index(Request $request, int $pressRelease): AnonymousResourceCollection
{
abort_unless($request->user()->tokenCan('press-releases:read'), 403);
$pressRelease = $this->findOwnedPressRelease($pressRelease, $request);
abort_unless($pressRelease !== null, 403);
return PressReleaseImageResource::collection(
$pressRelease->images()->orderBy('sort_order')->orderBy('id')->get()
);
}
public function store(StorePressReleaseImageRequest $request, int $pressRelease): JsonResponse
{
$pressRelease = $this->findOwnedPressRelease($pressRelease, $request);
abort_unless($pressRelease !== null, 403);
if (! $this->canChangeImages($pressRelease)) {
return response()->json([
'message' => 'Only draft or rejected press releases may be edited.',
], 409);
}
$validated = $request->validated();
/** @var UploadedFile $file */
$file = $request->file('image');
try {
$stored = $this->imageService->storePressReleaseImage($file, $pressRelease->id);
} catch (RuntimeException $exception) {
return response()->json([
'message' => $exception->getMessage(),
], 422);
}
if ((bool) ($validated['is_preview'] ?? false)) {
$pressRelease->images()->update(['is_preview' => false]);
}
$image = $pressRelease->images()->create([
'disk' => 'public',
'path' => $stored['path'],
'variants' => $stored['variants'],
'title' => $validated['title'] ?? null,
'description' => $validated['description'] ?? null,
'copyright' => $validated['copyright'] ?? null,
'is_preview' => (bool) ($validated['is_preview'] ?? false),
'sort_order' => ((int) $pressRelease->images()->max('sort_order')) + 1,
'width' => $stored['width'],
'height' => $stored['height'],
'mime' => $stored['mime'],
]);
return PressReleaseImageResource::make($image)
->response()
->setStatusCode(201);
}
public function destroy(Request $request, int $pressReleaseImage): Response|JsonResponse
{
abort_unless($request->user()->tokenCan('press-release-images:write'), 403);
$image = PressReleaseImage::query()
->whereKey($pressReleaseImage)
->whereHas('pressRelease', fn ($query) => $query->withoutGlobalScopes()->where('user_id', $request->user()->id))
->with(['pressRelease' => fn ($query) => $query->withoutGlobalScopes()])
->first();
abort_unless($image !== null, 403);
if (! $this->canChangeImages($image->pressRelease)) {
return response()->json([
'message' => 'Only draft or rejected press releases may be edited.',
], 409);
}
$this->imageService->deletePressReleaseImage($image->disk, $image->path, $image->variants);
$image->delete();
return response()->noContent();
}
private function findOwnedPressRelease(int $pressReleaseId, Request $request): ?PressRelease
{
return PressRelease::withoutGlobalScopes()
->whereKey($pressReleaseId)
->where('user_id', $request->user()->id)
->first();
}
private function canChangeImages(PressRelease $pressRelease): bool
{
$status = $pressRelease->status instanceof PressReleaseStatus
? $pressRelease->status->value
: (string) $pressRelease->status;
return in_array($status, [PressReleaseStatus::Draft->value, PressReleaseStatus::Rejected->value], true);
}
}

52
app/Http/Controllers/Auth/MagicLinkConsumeController.php Normal file
View file

@ -0,0 +1,52 @@
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Models\MagicLink;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class MagicLinkConsumeController extends Controller
{
public function __invoke(Request $request, string $token): RedirectResponse
{
$magicLink = MagicLink::query()
->with('user')
->where('token_hash', hash('sha256', $token))
->where('purpose', 'login')
->first();
if (! $magicLink || ! $magicLink->user) {
return redirect()->route('login')->with('status', __('The magic login link is invalid.'));
}
if ($magicLink->consumed_at !== null || $magicLink->expires_at->isPast()) {
return redirect()->route('login')->with('status', __('The magic login link has expired or was already used.'));
}
if (! $magicLink->user->is_active) {
return redirect()->route('login')->with('status', __('Your account is not active.'));
}
$magicLink->update([
'consumed_at' => now(),
'ip_consumed' => $request->ip(),
]);
$magicLink->user->update([
'last_login_at' => now(),
'last_login_ip' => $request->ip(),
]);
Auth::guard('web')->login($magicLink->user);
$request->session()->regenerate();
$home = $magicLink->user->canAccessAdmin()
? route('dashboard', absolute: false)
: route('me.dashboard', absolute: false);
return redirect()->intended($home);
}
}

11
app/Http/Controllers/Auth/VerifyEmailController.php
View file

@ -4,6 +4,7 @@ namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Auth\Events\Verified;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\EmailVerificationRequest;
use Illuminate\Http\RedirectResponse;
@ -14,17 +15,21 @@ class VerifyEmailController extends Controller
*/
public function __invoke(EmailVerificationRequest $request): RedirectResponse
{
$home = $request->user()->canAccessAdmin()
? route('dashboard', absolute: false)
: route('me.dashboard', absolute: false);
if ($request->user()->hasVerifiedEmail()) {
return redirect()->intended(route('dashboard', absolute: false).'?verified=1');
return redirect()->intended($home.'?verified=1');
}
if ($request->user()->markEmailAsVerified()) {
/** @var \Illuminate\Contracts\Auth\MustVerifyEmail $user */
/** @var MustVerifyEmail $user */
$user = $request->user();
event(new Verified($user));
}
return redirect()->intended(route('dashboard', absolute: false).'?verified=1');
return redirect()->intended($home.'?verified=1');
}
}

32
app/Http/Controllers/LegacyInvoicePdfController.php Normal file
View file

@ -0,0 +1,32 @@
<?php
namespace App\Http\Controllers;
use App\Models\LegacyInvoice;
use App\Services\Billing\LegacyInvoicePdfRenderer;
use Illuminate\Support\Facades\Gate;
use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\Storage;
use Symfony\Component\HttpFoundation\Response;
class LegacyInvoicePdfController extends Controller
{
public function __invoke(LegacyInvoice $legacyInvoice, LegacyInvoicePdfRenderer $renderer): Response
{
Gate::authorize('downloadPdf', $legacyInvoice);
if (filled($legacyInvoice->pdf_path) && Storage::disk('local')->exists($legacyInvoice->pdf_path)) {
return response()->file(Storage::disk('local')->path($legacyInvoice->pdf_path), [
'Content-Type' => 'application/pdf',
'Content-Disposition' => 'inline; filename="'.$renderer->filename($legacyInvoice).'"',
'Cache-Control' => 'private, max-age=0, must-revalidate',
]);
}
if (Schema::hasColumn('legacy_invoices', 'pdf_generated_at')) {
$legacyInvoice->forceFill(['pdf_generated_at' => now()])->save();
}
return $renderer->inlineResponse($legacyInvoice);
}
}

51
app/Http/Controllers/PressReleasePreviewController.php Normal file
View file

@ -0,0 +1,51 @@
<?php
namespace App\Http\Controllers;
use App\Models\MagicLink;
use App\Models\PressRelease;
use Illuminate\Contracts\View\View;
use Symfony\Component\HttpFoundation\Response;
class PressReleasePreviewController extends Controller
{
public function __invoke(string $token): View|Response
{
$magicLink = MagicLink::query()
->where('token_hash', hash('sha256', $token))
->where('purpose', 'press_release_access')
->first();
if (! $magicLink) {
return $this->renderError(__('Der Vorschau-Link ist ungültig.'), 404);
}
if ($magicLink->expires_at && $magicLink->expires_at->isPast()) {
return $this->renderError(__('Der Vorschau-Link ist abgelaufen.'), 410);
}
$pressReleaseId = (int) ($magicLink->payload['press_release_id'] ?? 0);
$pressRelease = $pressReleaseId
? PressRelease::withoutGlobalScopes()
->with(['company:id,name,slug', 'category.translations', 'images', 'user:id,name'])
->find($pressReleaseId)
: null;
if (! $pressRelease) {
return $this->renderError(__('Die Pressemitteilung wurde nicht gefunden.'), 404);
}
return view('press-release-preview', [
'pressRelease' => $pressRelease,
'expiresAt' => $magicLink->expires_at,
]);
}
private function renderError(string $message, int $status): Response
{
return response()->view('press-release-preview-error', [
'message' => $message,
], $status);
}
}