feat(phase-9): add Approvals, Subcontracting API controllers and API test files

claude · claude · commit 074379720347 · 2026-06-18T17:45:06.000Z
Co-Authored-By: Claude &lt;noreply@anthropic.com&gt;
diff --git a/erp/app/Http/Controllers/Api/V1/ApprovalsApiController.php b/erp/app/Http/Controllers/Api/V1/ApprovalsApiController.php
@@ -0,0 +1,88 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Modules\Approvals\Models\ApprovalRequest;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+
+class ApprovalsApiController extends ApiController
+{
+    public function index(Request $request): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+
+        $query = ApprovalRequest::where('tenant_id', $tenantId);
+
+        if ($request->filled('status')) {
+            $query->where('status', $request->status);
+        }
+
+        if ($request->filled('requestor_id')) {
+            $query->where('requested_by', $request->requestor_id);
+        }
+
+        return $this->paginated($query->latest()->paginate(15));
+    }
+
+    public function show(int $id): JsonResponse
+    {
+        $approvalRequest = ApprovalRequest::with([
+            'requestedBy',
+            'actions.actor',
+            'workflow.steps.approver',
+        ])->findOrFail($id);
+
+        return $this->success($approvalRequest);
+    }
+
+    public function store(Request $request): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+
+        $validated = $request->validate([
+            'workflow_id'  => 'required|integer|exists:approval_workflows,id',
+            'entity_type'  => 'required|string|max:100',
+            'entity_id'    => 'required|integer',
+            'entity_title' => 'required|string|max:255',
+        ]);
+
+        $validated['tenant_id']    = $tenantId;
+        $validated['requested_by'] = $request->user()->id;
+        $validated['status']       = 'pending';
+        $validated['current_step'] = 1;
+
+        $approvalRequest = ApprovalRequest::create($validated);
+
+        return $this->success($approvalRequest->load('workflow'), 201);
+    }
+
+    public function approve(Request $request, int $id): JsonResponse
+    {
+        $approvalRequest = ApprovalRequest::findOrFail($id);
+
+        $approvalRequest->update([
+            'status'      => 'approved',
+            'approved_at' => now(),
+        ]);
+
+        return $this->success($approvalRequest->fresh());
+    }
+
+    public function reject(Request $request, int $id): JsonResponse
+    {
+        $validated = $request->validate([
+            'reason' => 'required|string',
+        ]);
+
+        $approvalRequest = ApprovalRequest::findOrFail($id);
+
+        $approvalRequest->update([
+            'status'           => 'rejected',
+            'rejected_at'      => now(),
+            'rejection_reason' => $validated['reason'],
+        ]);
+
+        return $this->success($approvalRequest->fresh());
+    }
+}
diff --git a/erp/app/Http/Controllers/Api/V1/SubcontractingApiController.php b/erp/app/Http/Controllers/Api/V1/SubcontractingApiController.php
@@ -0,0 +1,108 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Modules\Subcontracting\Models\SubcontractOrder;
+use App\Modules\Subcontracting\Models\SubcontractComponent;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+
+class SubcontractingApiController extends ApiController
+{
+    /**
+     * GET /api/v1/subcontracting/orders
+     */
+    public function index(Request $request): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+
+        $query = SubcontractOrder::where('tenant_id', $tenantId);
+
+        if ($status = $request->query('status')) {
+            $query->where('status', $status);
+        }
+
+        if ($vendorId = $request->query('vendor_id')) {
+            $query->where('vendor_id', $vendorId);
+        }
+
+        $paginator = $query->latest()->paginate(20);
+
+        return $this->paginated($paginator);
+    }
+
+    /**
+     * GET /api/v1/subcontracting/orders/{id}
+     */
+    public function show(int $id): JsonResponse
+    {
+        $order = SubcontractOrder::with(['components'])->findOrFail($id);
+
+        return $this->success($order);
+    }
+
+    /**
+     * POST /api/v1/subcontracting/orders
+     */
+    public function store(Request $request): JsonResponse
+    {
+        $validated = $request->validate([
+            'vendor_id'        => 'required|integer',
+            'reference'        => 'nullable|string|max:100',
+            'finished_product' => 'required|string|max:255',
+            'finished_qty'     => 'required|numeric|min:0',
+            'unit_price'       => 'nullable|numeric|min:0',
+            'notes'            => 'nullable|string',
+            'components'       => 'nullable|array',
+            'components.*.component_name' => 'required_with:components|string|max:255',
+            'components.*.quantity'       => 'required_with:components|numeric|min:0',
+            'components.*.unit'           => 'nullable|string|max:50',
+        ]);
+
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+
+        $components = $validated['components'] ?? [];
+        unset($validated['components']);
+
+        $validated['tenant_id'] = $tenantId;
+        $validated['status']    = 'draft';
+
+        $order = SubcontractOrder::create($validated);
+
+        foreach ($components as $component) {
+            SubcontractComponent::create([
+                'tenant_id'       => $tenantId,
+                'subcontract_id'  => $order->id,
+                'component_name'  => $component['component_name'],
+                'quantity'        => $component['quantity'],
+                'unit'            => $component['unit'] ?? null,
+            ]);
+        }
+
+        return $this->success($order->load('components'), 201);
+    }
+
+    /**
+     * PUT /api/v1/subcontracting/orders/{id}
+     */
+    public function update(Request $request, int $id): JsonResponse
+    {
+        $order = SubcontractOrder::findOrFail($id);
+
+        $validated = $request->validate([
+            'vendor_id'        => 'sometimes|integer',
+            'reference'        => 'nullable|string|max:100',
+            'finished_product' => 'sometimes|string|max:255',
+            'finished_qty'     => 'sometimes|numeric|min:0',
+            'unit_price'       => 'nullable|numeric|min:0',
+            'notes'            => 'nullable|string',
+            'status'           => 'nullable|string|in:draft,sent,in_progress,done,cancelled',
+            'sent_at'          => 'nullable|date',
+            'received_at'      => 'nullable|date',
+        ]);
+
+        $order->update($validated);
+
+        return $this->success($order);
+    }
+}
diff --git a/erp/tests/Feature/Api/ApiKnowledgeBaseTest.php b/erp/tests/Feature/Api/ApiKnowledgeBaseTest.php
@@ -0,0 +1,35 @@
+<?php
+
+use App\Models\User;
+use App\Modules\Core\Models\Tenant;
+use App\Modules\KnowledgeBase\Models\KbArticle;
+use App\Modules\KnowledgeBase\Models\KbCategory;
+use Database\Seeders\RolePermissionSeeder;
+
+beforeEach(function () {
+    $this->seed(RolePermissionSeeder::class);
+    $this->tenant = Tenant::create(['name' => 'KB Co', 'slug' => 'kb-co']);
+    $this->user   = User::factory()->create(['tenant_id' => $this->tenant->id]);
+    $this->user->assignRole('super-admin');
+    $this->token = $this->user->createToken('test')->plainTextToken;
+    app()->instance('tenant', $this->tenant);
+});
+
+it('returns articles for authenticated user', function () {
+    KbArticle::create([
+        'tenant_id' => $this->tenant->id,
+        'title'     => 'Test Article',
+        'content'   => 'Article content here',
+        'status'    => 'published',
+        'author_id' => $this->user->id,
+    ]);
+
+    $response = $this->withToken($this->token)->getJson('/api/v1/knowledge-base/articles');
+
+    $response->assertStatus(200)
+             ->assertJsonStructure(['success', 'data', 'meta']);
+});
+
+it('requires authentication for articles', function () {
+    $this->getJson('/api/v1/knowledge-base/articles')->assertStatus(401);
+});
diff --git a/erp/tests/Feature/Api/ApiLiveChatTest.php b/erp/tests/Feature/Api/ApiLiveChatTest.php
@@ -0,0 +1,32 @@
+<?php
+
+use App\Models\User;
+use App\Modules\Core\Models\Tenant;
+use App\Modules\LiveChat\Models\ChatChannel;
+use App\Modules\LiveChat\Models\ChatSession;
+use Database\Seeders\RolePermissionSeeder;
+
+beforeEach(function () {
+    $this->seed(RolePermissionSeeder::class);
+    $this->tenant = Tenant::create(['name' => 'Chat Co', 'slug' => 'chat-co']);
+    $this->user   = User::factory()->create(['tenant_id' => $this->tenant->id]);
+    $this->user->assignRole('super-admin');
+    $this->token = $this->user->createToken('test')->plainTextToken;
+    app()->instance('tenant', $this->tenant);
+});
+
+it('returns channels for authenticated user', function () {
+    ChatChannel::create([
+        'tenant_id' => $this->tenant->id,
+        'name'      => 'Support Channel',
+    ]);
+
+    $response = $this->withToken($this->token)->getJson('/api/v1/live-chat/channels');
+
+    $response->assertStatus(200)
+             ->assertJsonStructure(['success', 'data', 'meta']);
+});
+
+it('requires authentication for channels', function () {
+    $this->getJson('/api/v1/live-chat/channels')->assertStatus(401);
+});
diff --git a/erp/tests/Feature/Api/ApiMarketingTest.php b/erp/tests/Feature/Api/ApiMarketingTest.php
@@ -0,0 +1,28 @@
+<?php
+
+use App\Models\User;
+use App\Modules\Core\Models\Tenant;
+
+it('returns campaigns for authenticated user', function () {
+    $tenant = Tenant::factory()->create();
+    $user = User::factory()->create(['tenant_id' => $tenant->id]);
+    $token = $user->createToken('test')->plainTextToken;
+    $response = $this->withToken($token)->getJson('/api/v1/marketing/campaigns');
+    $response->assertStatus(200)->assertJsonStructure(['success', 'data', 'meta']);
+});
+
+it('requires authentication for campaigns', function () {
+    $this->getJson('/api/v1/marketing/campaigns')->assertStatus(401);
+});
+
+it('returns mailing lists for authenticated user', function () {
+    $tenant = Tenant::factory()->create();
+    $user = User::factory()->create(['tenant_id' => $tenant->id]);
+    $token = $user->createToken('test')->plainTextToken;
+    $response = $this->withToken($token)->getJson('/api/v1/marketing/mailing-lists');
+    $response->assertStatus(200)->assertJsonStructure(['success', 'data', 'meta']);
+});
+
+it('requires authentication for mailing lists', function () {
+    $this->getJson('/api/v1/marketing/mailing-lists')->assertStatus(401);
+});
