Merge pull request #428 from canyongbs/advapp-210

[ADVAPP-210]: Update interaction license handling

app-modules/interaction/src/Models/Interaction.php

@@ -46,6 +46,7 @@
 use AdvisingApp\Campaign\Models\CampaignAction;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use AdvisingApp\ServiceManagement\Models\ServiceRequest;
 use AdvisingApp\Notification\Models\Contracts\Subscribable;
 use AdvisingApp\StudentDataModel\Models\Contracts\Educatable;
 use AdvisingApp\Audit\Models\Concerns\Auditable as AuditableTrait;
@@ -172,7 +173,15 @@ public static function executeFromCampaignAction(CampaignAction $action): bool|s
     protected static function booted(): void
     {
         static::addGlobalScope('licensed', function (Builder $builder) {
-            $builder->tap(new LicensedToEducatable('interactable'));
+            $builder
+                ->tap(new LicensedToEducatable('interactable'))
+                ->where(fn (Builder $builder) => $builder
+                    ->where('interactable_type', '!=', app(ServiceRequest::class)->getMorphClass())
+                    ->orWhereDoesntHaveMorph(
+                        'interactable',
+                        ServiceRequest::class,
+                        fn (Builder $builder) => $builder->tap(new LicensedToEducatable('respondent')),
+                    ));
         });
     }
 }

app-modules/interaction/src/Policies/InteractionCampaignPolicy.php

@@ -38,10 +38,21 @@
 
 use App\Models\Authenticatable;
 use Illuminate\Auth\Access\Response;
+use AdvisingApp\Prospect\Models\Prospect;
+use AdvisingApp\StudentDataModel\Models\Student;
 use AdvisingApp\Interaction\Models\InteractionCampaign;
 
 class InteractionCampaignPolicy
 {
+    public function before(Authenticatable $authenticatable): ?Response
+    {
+        if (! $authenticatable->hasAnyLicense([Student::getLicenseType(), Prospect::getLicenseType()])) {
+            return Response::deny('You are not licensed for the Retention or Recruitment CRM.');
+        }
+
+        return null;
+    }
+
     public function viewAny(Authenticatable $authenticatable): Response
     {
         return $authenticatable->canOrElse(

app-modules/interaction/src/Policies/InteractionDriverPolicy.php

@@ -38,10 +38,21 @@
 
 use App\Models\Authenticatable;
 use Illuminate\Auth\Access\Response;
+use AdvisingApp\Prospect\Models\Prospect;
+use AdvisingApp\StudentDataModel\Models\Student;
 use AdvisingApp\Interaction\Models\InteractionDriver;
 
 class InteractionDriverPolicy
 {
+    public function before(Authenticatable $authenticatable): ?Response
+    {
+        if (! $authenticatable->hasAnyLicense([Student::getLicenseType(), Prospect::getLicenseType()])) {
+            return Response::deny('You are not licensed for the Retention or Recruitment CRM.');
+        }
+
+        return null;
+    }
+
     public function viewAny(Authenticatable $authenticatable): Response
     {
         return $authenticatable->canOrElse(

app-modules/interaction/src/Policies/InteractionOutcomePolicy.php

@@ -38,10 +38,21 @@
 
 use App\Models\Authenticatable;
 use Illuminate\Auth\Access\Response;
+use AdvisingApp\Prospect\Models\Prospect;
+use AdvisingApp\StudentDataModel\Models\Student;
 use AdvisingApp\Interaction\Models\InteractionOutcome;
 
 class InteractionOutcomePolicy
 {
+    public function before(Authenticatable $authenticatable): ?Response
+    {
+        if (! $authenticatable->hasAnyLicense([Student::getLicenseType(), Prospect::getLicenseType()])) {
+            return Response::deny('You are not licensed for the Retention or Recruitment CRM.');
+        }
+
+        return null;
+    }
+
     public function viewAny(Authenticatable $authenticatable): Response
     {
         return $authenticatable->canOrElse(

app-modules/interaction/src/Policies/InteractionPolicy.php

@@ -38,11 +38,21 @@
 
 use App\Models\Authenticatable;
 use Illuminate\Auth\Access\Response;
+use AdvisingApp\Prospect\Models\Prospect;
 use AdvisingApp\Interaction\Models\Interaction;
-use AdvisingApp\StudentDataModel\Models\Contracts\Educatable;
+use AdvisingApp\StudentDataModel\Models\Student;
 
 class InteractionPolicy
 {
+    public function before(Authenticatable $authenticatable): ?Response
+    {
+        if (! $authenticatable->hasAnyLicense([Student::getLicenseType(), Prospect::getLicenseType()])) {
+            return Response::deny('You are not licensed for the Retention or Recruitment CRM.');
+        }
+
+        return null;
+    }
+
     public function viewAny(Authenticatable $authenticatable): Response
     {
         return $authenticatable->canOrElse(
@@ -53,10 +63,7 @@ public function viewAny(Authenticatable $authenticatable): Response
 
     public function view(Authenticatable $authenticatable, Interaction $interaction): Response
     {
-        if (
-            ($interaction->interactable instanceof Educatable) &&
-            (! $authenticatable->hasLicense($interaction->interactable->getLicenseType()))
-        ) {
+        if (! $authenticatable->can('view', $interaction->interactable)) {
             return Response::deny('You do not have permission to view this interaction.');
         }
 
@@ -76,10 +83,7 @@ public function create(Authenticatable $authenticatable): Response
 
     public function update(Authenticatable $authenticatable, Interaction $interaction): Response
     {
-        if (
-            ($interaction->interactable instanceof Educatable) &&
-            (! $authenticatable->hasLicense($interaction->interactable->getLicenseType()))
-        ) {
+        if (! $authenticatable->can('view', $interaction->interactable)) {
             return Response::deny('You do not have permission to update this interaction.');
         }
 
@@ -91,10 +95,7 @@ public function update(Authenticatable $authenticatable, Interaction $interactio
 
     public function delete(Authenticatable $authenticatable, Interaction $interaction): Response
     {
-        if (
-            ($interaction->interactable instanceof Educatable) &&
-            (! $authenticatable->hasLicense($interaction->interactable->getLicenseType()))
-        ) {
+        if (! $authenticatable->can('view', $interaction->interactable)) {
             return Response::deny('You do not have permission to delete this interaction.');
         }
 
@@ -106,10 +107,7 @@ public function delete(Authenticatable $authenticatable, Interaction $interactio
 
     public function restore(Authenticatable $authenticatable, Interaction $interaction): Response
     {
-        if (
-            ($interaction->interactable instanceof Educatable) &&
-            (! $authenticatable->hasLicense($interaction->interactable->getLicenseType()))
-        ) {
+        if (! $authenticatable->can('view', $interaction->interactable)) {
             return Response::deny('You do not have permission to restore this interaction.');
         }
 
@@ -121,10 +119,7 @@ public function restore(Authenticatable $authenticatable, Interaction $interacti
 
     public function forceDelete(Authenticatable $authenticatable, Interaction $interaction): Response
     {
-        if (
-            ($interaction->interactable instanceof Educatable) &&
-            (! $authenticatable->hasLicense($interaction->interactable->getLicenseType()))
-        ) {
+        if (! $authenticatable->can('view', $interaction->interactable)) {
             return Response::deny('You do not have permission to permanently delete this interaction.');
         }
 

app-modules/interaction/src/Policies/InteractionRelationPolicy.php

@@ -38,10 +38,21 @@
 
 use App\Models\Authenticatable;
 use Illuminate\Auth\Access\Response;
+use AdvisingApp\Prospect\Models\Prospect;
+use AdvisingApp\StudentDataModel\Models\Student;
 use AdvisingApp\Interaction\Models\InteractionRelation;
 
 class InteractionRelationPolicy
 {
+    public function before(Authenticatable $authenticatable): ?Response
+    {
+        if (! $authenticatable->hasAnyLicense([Student::getLicenseType(), Prospect::getLicenseType()])) {
+            return Response::deny('You are not licensed for the Retention or Recruitment CRM.');
+        }
+
+        return null;
+    }
+
     public function viewAny(Authenticatable $authenticatable): Response
     {
         return $authenticatable->canOrElse(

app-modules/interaction/src/Policies/InteractionStatusPolicy.php

@@ -38,10 +38,21 @@
 
 use App\Models\Authenticatable;
 use Illuminate\Auth\Access\Response;
+use AdvisingApp\Prospect\Models\Prospect;
+use AdvisingApp\StudentDataModel\Models\Student;
 use AdvisingApp\Interaction\Models\InteractionStatus;
 
 class InteractionStatusPolicy
 {
+    public function before(Authenticatable $authenticatable): ?Response
+    {
+        if (! $authenticatable->hasAnyLicense([Student::getLicenseType(), Prospect::getLicenseType()])) {
+            return Response::deny('You are not licensed for the Retention or Recruitment CRM.');
+        }
+
+        return null;
+    }
+
     public function viewAny(Authenticatable $authenticatable): Response
     {
         return $authenticatable->canOrElse(

app-modules/interaction/src/Policies/InteractionTypePolicy.php

@@ -38,10 +38,21 @@
 
 use App\Models\Authenticatable;
 use Illuminate\Auth\Access\Response;
+use AdvisingApp\Prospect\Models\Prospect;
+use AdvisingApp\StudentDataModel\Models\Student;
 use AdvisingApp\Interaction\Models\InteractionType;
 
 class InteractionTypePolicy
 {
+    public function before(Authenticatable $authenticatable): ?Response
+    {
+        if (! $authenticatable->hasAnyLicense([Student::getLicenseType(), Prospect::getLicenseType()])) {
+            return Response::deny('You are not licensed for the Retention or Recruitment CRM.');
+        }
+
+        return null;
+    }
+
     public function viewAny(Authenticatable $authenticatable): Response
     {
         return $authenticatable->canOrElse(

app-modules/interaction/tests/Filament/InteractionCampaignResource/EditInteractionCampaignTest.php

@@ -38,11 +38,12 @@
 
 use function Pest\Laravel\actingAs;
 
+use AdvisingApp\Authorization\Enums\LicenseType;
 use AdvisingApp\Interaction\Models\InteractionCampaign;
 use AdvisingApp\Interaction\Filament\Resources\InteractionCampaignResource;
 
 test('EditInteractionCampaign is gated with proper access control', function () {
-    $user = User::factory()->create();
+    $user = User::factory()->licensed(LicenseType::cases())->create();
 
     $campaign = InteractionCampaign::factory()->create();
 

app-modules/interaction/tests/Filament/InteractionOutcomeResource/CreateInteractionOutcomeTest.php

@@ -38,10 +38,11 @@
 
 use function Pest\Laravel\actingAs;
 
+use AdvisingApp\Authorization\Enums\LicenseType;
 use AdvisingApp\Interaction\Filament\Resources\InteractionOutcomeResource;
 
 test('CreateInteractionOutcome is gated with proper access control', function () {
-    $user = User::factory()->create();
+    $user = User::factory()->licensed(LicenseType::cases())->create();
 
     actingAs($user)
         ->get(

app-modules/interaction/tests/Filament/InteractionRelationResource/CreateInteractionRelationTest.php

@@ -38,10 +38,11 @@
 
 use function Pest\Laravel\actingAs;
 
+use AdvisingApp\Authorization\Enums\LicenseType;
 use AdvisingApp\Interaction\Filament\Resources\InteractionRelationResource;
 
 test('CreateInteractionRelation is gated with proper access control', function () {
-    $user = User::factory()->create();
+    $user = User::factory()->licensed(LicenseType::cases())->create();
 
     actingAs($user)
         ->get(

app-modules/interaction/tests/Filament/InteractionRelationResource/EditInteractionRelationTest.php

@@ -38,11 +38,12 @@
 
 use function Pest\Laravel\actingAs;
 
+use AdvisingApp\Authorization\Enums\LicenseType;
 use AdvisingApp\Interaction\Models\InteractionRelation;
 use AdvisingApp\Interaction\Filament\Resources\InteractionRelationResource;
 
 test('EditInteractionRelation is gated with proper access control', function () {
-    $user = User::factory()->create();
+    $user = User::factory()->licensed(LicenseType::cases())->create();
 
     $relation = InteractionRelation::factory()->create();
 

app-modules/interaction/tests/Filament/InteractionRelationResource/ListInteractionRelationsTest.php

@@ -38,10 +38,11 @@
 
 use function Pest\Laravel\actingAs;
 
+use AdvisingApp\Authorization\Enums\LicenseType;
 use AdvisingApp\Interaction\Filament\Resources\InteractionRelationResource;
 
 test('ListInteractionRelations is gated with proper access control', function () {
-    $user = User::factory()->create();
+    $user = User::factory()->licensed(LicenseType::cases())->create();
 
     actingAs($user)
         ->get(

app-modules/interaction/tests/Filament/InteractionResource/EditInteractionTest.php

@@ -45,18 +45,24 @@
 test('EditInteraction is gated with proper access control', function () {
     $user = User::factory()->licensed(LicenseType::cases())->create();
 
+    $user->givePermissionTo('student.*.view');
+    $user->givePermissionTo('prospect.*.view');
+    $user->givePermissionTo('service_request.*.view');
+
     $interaction = Interaction::factory()->create();
 
     actingAs($user)
         ->get(
             InteractionResource::getUrl('edit', ['record' => $interaction])
-        )->assertForbidden();
+        )
+        ->assertForbidden();
 
     $user->givePermissionTo('interaction.view-any');
     $user->givePermissionTo('interaction.*.update');
 
     actingAs($user)
         ->get(
             InteractionResource::getUrl('edit', ['record' => $interaction])
-        )->assertSuccessful();
+        )
+        ->assertSuccessful();
 });

app-modules/service-management/database/migrations/2023_09_05_144251_create_service_requests_table.php

@@ -45,8 +45,8 @@ public function up(): void
             $table->uuid('id')->primary();
 
             $table->string('service_request_number')->unique();
-            $table->string('respondent_type')->nullable();
-            $table->string('respondent_id')->nullable();
+            $table->string('respondent_type');
+            $table->string('respondent_id');
             $table->longText('close_details')->nullable();
             $table->longText('res_details')->nullable();
 

app-modules/service-management/src/Filament/Resources/ServiceRequestResource/Pages/CreateServiceRequest.php

@@ -94,6 +94,7 @@ public function form(Form $form): Form
                     ->string(),
                 EducatableSelect::make('respondent')
                     ->label('Related To')
+                    ->required()
                     ->hiddenOn([RelationManager::class, ManageRelatedRecords::class]),
             ]);
     }

app-modules/service-management/src/Filament/Resources/ServiceRequestResource/Pages/EditServiceRequest.php

@@ -92,7 +92,8 @@ public function form(Form $form): Form
                     ->nullable()
                     ->string(),
                 EducatableSelect::make('respondent')
-                    ->label('Related To'),
+                    ->label('Related To')
+                    ->required(),
             ]);
     }
 

app-modules/service-management/src/Filament/Resources/ServiceRequestResource/RelationManagers/AssignedToRelationManager.php

@@ -93,7 +93,7 @@ public function table(Table $table): Table
                             ->label('Reassign Service Request To')
                             ->searchable()
                             ->getSearchResultsUsing(fn (string $search): array => User::query()
-                                ->tap(new HasLicense($this->getOwnerRecord()->respondent?->getLicenseType()))
+                                ->tap(new HasLicense($this->getOwnerRecord()->respondent->getLicenseType()))
                                 ->where(new Expression('lower(name)'), 'like', '%' . str($search)->lower() . '%')
                                 ->pluck('name', 'id')
                                 ->all())