user(), $school); auth()->user()->refresh(); $headSetter->setHeadDirector(auth()->user()); return redirect(route('schools.show', $school)); } public function show(Request $request, School $school) { if ($request->user()->cannot('view', $school)) { abort(403); } return view('schools.show', ['school' => $school]); } public function create(Request $request) { if ($request->user()->cannot('create', School::class)) { abort(403); } return view('schools.create'); } public function edit(Request $request, School $school) { if ($request->user()->cannot('update', $school)) { abort(403); } return view('schools.edit', ['school' => $school]); } public function update(SchoolStoreRequest $request, School $school) { $school->update([ 'name' => $request['name'], 'address' => $request['address'], 'city' => $request['city'], 'state' => $request['state'], 'zip' => $request['zip'], ]); $message = 'Modified school #'.$school->id.' - '.$school->name.' with address
'.$school->address.'
'.$school->city.', '.$school->state.' '.$school->zip; AuditLogEntry::create([ 'user' => auth()->user()->email, 'ip_address' => request()->ip(), 'message' => $message, 'affected' => ['schools' => [$school->id]], ]); return redirect()->route('schools.show', $school->id)->with('success', 'School details updated'); } public function addDirector(School $school) { if (auth()->user()->school_id !== $school->id) { abort(403); } if (! auth()->user()->hasFlag('head_director')) { abort(403); } $userCreator = app(CreateNewUser::class); $randomPassword = Str::random(12); $data = request()->all(); $data['password'] = $randomPassword; $data['password_confirmation'] = $randomPassword; $newDirector = $userCreator->create($data); $newDirector->update([ 'school_id' => $school->id, ]); Mail::to($newDirector->email)->send(new NewUserPassword($newDirector, $randomPassword)); return redirect()->back()->with('success', 'Director added'); } public function setHeadDirector(School $school, User $user, SetHeadDirector $headSetter) { if (auth()->user()->school_id !== $school->id) { abort(403); } if (! auth()->user()->hasFlag('head_director')) { abort(403); } if ($school->id !== $user->school_id) { abort(403); } $headSetter->setHeadDirector($user); return redirect()->route('schools.show', $school)->with('success', 'New head director set'); } public function addDomain(School $school) { if (auth()->user()->school_id !== $school->id) { abort(403); } if (! auth()->user()->hasFlag('head_director')) { abort(403); } $verifiedData = request()->validate([ 'domain' => ['required'], ]); app(AddSchoolEmailDomain::class)->addDomain($school, $verifiedData['domain']); return redirect()->route('schools.show', $school)->with('success', 'Domain added'); } public function deleteDomain(SchoolEmailDomain $domain) { if (auth()->user()->school_id !== $domain->school_id) { abort(403); } if (! auth()->user()->hasFlag('head_director')) { abort(403); } $domain->delete(); return redirect() ->route('schools.show', auth()->user()->school) ->with('success', 'Domain deleted'); } }