feat(finance): Phase 137 — Finance Vendor Payments

Add vendor payment lifecycle: pending → approved → processed/rejected/cancelled,
with soft-delete, policy-gated CRUD and action routes.

https://claude.ai/code/session_01RdUGwo74JXChRCF88Yu27d

Author: claude

erp/app/Modules/Finance/Http/Controllers/VendorPaymentController.php

@@ -0,0 +1,159 @@
+<?php
+
+namespace App\Modules\Finance\Http\Controllers;
+
+use App\Http\Controllers\Controller;
+use App\Modules\Finance\Models\VendorPayment;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Inertia\Inertia;
+use Inertia\Response;
+
+class VendorPaymentController extends Controller
+{
+    public function index(Request $request): Response
+    {
+        $this->authorize('viewAny', VendorPayment::class);
+
+        $query = VendorPayment::orderByDesc('payment_date');
+
+        if ($request->filled('status')) {
+            $query->where('status', $request->status);
+        }
+
+        $vendorPayments = $query->paginate(20);
+
+        return Inertia::render('Finance/VendorPayments/Index', compact('vendorPayments'));
+    }
+
+    public function create(): Response
+    {
+        $this->authorize('create', VendorPayment::class);
+
+        return Inertia::render('Finance/VendorPayments/Create');
+    }
+
+    public function store(Request $request): RedirectResponse
+    {
+        $this->authorize('create', VendorPayment::class);
+
+        $data = $request->validate([
+            'vendor_name'    => 'required|string|max:255',
+            'vendor_code'    => 'nullable|string|max:255',
+            'amount'         => 'required|numeric|min:0',
+            'currency'       => 'nullable|string|max:3',
+            'payment_method' => 'nullable|in:bank_transfer,cheque,cash,online',
+            'reference'      => 'nullable|string|max:255',
+            'payment_date'   => 'required|date',
+            'due_date'       => 'nullable|date',
+            'notes'          => 'nullable|string',
+        ]);
+
+        VendorPayment::create([
+            'tenant_id'      => app('tenant')->id,
+            'vendor_name'    => $data['vendor_name'],
+            'vendor_code'    => $data['vendor_code'] ?? null,
+            'amount'         => $data['amount'],
+            'currency'       => $data['currency'] ?? 'USD',
+            'payment_method' => $data['payment_method'] ?? 'bank_transfer',
+            'reference'      => $data['reference'] ?? null,
+            'payment_date'   => $data['payment_date'],
+            'due_date'       => $data['due_date'] ?? null,
+            'notes'          => $data['notes'] ?? null,
+            'created_by'     => auth()->id(),
+        ]);
+
+        return redirect()->route('finance.vendor-payments.index')
+            ->with('success', 'Vendor payment created.');
+    }
+
+    public function show(VendorPayment $vendorPayment): Response
+    {
+        $this->authorize('view', $vendorPayment);
+
+        $vendorPayment->load(['approvedBy', 'createdBy']);
+
+        return Inertia::render('Finance/VendorPayments/Show', compact('vendorPayment'));
+    }
+
+    public function edit(VendorPayment $vendorPayment): Response
+    {
+        $this->authorize('update', $vendorPayment);
+
+        return Inertia::render('Finance/VendorPayments/Edit', compact('vendorPayment'));
+    }
+
+    public function update(Request $request, VendorPayment $vendorPayment): RedirectResponse
+    {
+        $this->authorize('update', $vendorPayment);
+
+        $data = $request->validate([
+            'vendor_name'    => 'required|string|max:255',
+            'vendor_code'    => 'nullable|string|max:255',
+            'amount'         => 'required|numeric|min:0',
+            'currency'       => 'nullable|string|max:3',
+            'payment_method' => 'nullable|in:bank_transfer,cheque,cash,online',
+            'reference'      => 'nullable|string|max:255',
+            'payment_date'   => 'required|date',
+            'due_date'       => 'nullable|date',
+            'notes'          => 'nullable|string',
+        ]);
+
+        $vendorPayment->update($data);
+
+        return redirect()->route('finance.vendor-payments.index')
+            ->with('success', 'Vendor payment updated.');
+    }
+
+    public function destroy(VendorPayment $vendorPayment): RedirectResponse
+    {
+        $this->authorize('delete', $vendorPayment);
+
+        $vendorPayment->delete();
+
+        return redirect()->route('finance.vendor-payments.index')
+            ->with('success', 'Vendor payment deleted.');
+    }
+
+    // ── Custom actions ────────────────────────────────────────────────────────
+
+    public function approve(VendorPayment $vendorPayment): RedirectResponse
+    {
+        $this->authorize('approve', $vendorPayment);
+
+        $vendorPayment->approve(auth()->id());
+
+        return redirect()->route('finance.vendor-payments.index')
+            ->with('success', 'Vendor payment approved.');
+    }
+
+    public function process(VendorPayment $vendorPayment): RedirectResponse
+    {
+        $this->authorize('process', $vendorPayment);
+
+        $vendorPayment->process();
+
+        return redirect()->route('finance.vendor-payments.index')
+            ->with('success', 'Vendor payment processed.');
+    }
+
+    public function reject(VendorPayment $vendorPayment): RedirectResponse
+    {
+        $this->authorize('reject', $vendorPayment);
+
+        $vendorPayment->reject();
+
+        return redirect()->route('finance.vendor-payments.index')
+            ->with('success', 'Vendor payment rejected.');
+    }
+
+    public function cancel(VendorPayment $vendorPayment): RedirectResponse
+    {
+        $this->authorize('cancel', $vendorPayment);
+
+        $vendorPayment->cancel();
+
+        return redirect()->route('finance.vendor-payments.index')
+            ->with('success', 'Vendor payment cancelled.');
+    }
+}

erp/app/Modules/Finance/Models/VendorPayment.php

@@ -0,0 +1,124 @@
+<?php
+
+namespace App\Modules\Finance\Models;
+
+use App\Models\User;
+use App\Modules\Core\Traits\BelongsToTenant;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\SoftDeletes;
+
+class VendorPayment extends Model
+{
+    use BelongsToTenant, SoftDeletes;
+
+    protected $fillable = [
+        'tenant_id',
+        'payment_number',
+        'vendor_name',
+        'vendor_code',
+        'amount',
+        'currency',
+        'payment_method',
+        'reference',
+        'payment_date',
+        'due_date',
+        'status',
+        'notes',
+        'approved_by',
+        'approved_at',
+        'processed_at',
+        'created_by',
+    ];
+
+    protected $attributes = [
+        'status'         => 'pending',
+        'currency'       => 'USD',
+        'payment_method' => 'bank_transfer',
+    ];
+
+    protected $casts = [
+        'amount'       => 'decimal:2',
+        'payment_date' => 'date',
+        'due_date'     => 'date',
+        'approved_at'  => 'datetime',
+        'processed_at' => 'datetime',
+    ];
+
+    // ── Relationships ─────────────────────────────────────────────────────────
+
+    public function approvedBy(): BelongsTo
+    {
+        return $this->belongsTo(User::class, 'approved_by');
+    }
+
+    public function createdBy(): BelongsTo
+    {
+        return $this->belongsTo(User::class, 'created_by');
+    }
+
+    // ── Status transitions ────────────────────────────────────────────────────
+
+    public function approve(int $userId): void
+    {
+        $this->status      = 'approved';
+        $this->approved_by = $userId;
+        $this->approved_at = now();
+
+        if (is_null($this->payment_number)) {
+            $this->payment_number = $this->generatePaymentNumber();
+        }
+
+        $this->save();
+    }
+
+    public function process(): void
+    {
+        $this->status       = 'processed';
+        $this->processed_at = now();
+        $this->save();
+    }
+
+    public function reject(): void
+    {
+        $this->status = 'rejected';
+        $this->save();
+    }
+
+    public function cancel(): void
+    {
+        $this->status = 'cancelled';
+        $this->save();
+    }
+
+    // ── Helpers ───────────────────────────────────────────────────────────────
+
+    public function generatePaymentNumber(): string
+    {
+        return 'VP-' . date('Y') . '-' . str_pad((string) $this->id, 5, '0', STR_PAD_LEFT);
+    }
+
+    // ── Accessors ─────────────────────────────────────────────────────────────
+
+    public function getIsPendingAttribute(): bool
+    {
+        return $this->status === 'pending';
+    }
+
+    public function getIsApprovedAttribute(): bool
+    {
+        return $this->status === 'approved';
+    }
+
+    public function getIsProcessedAttribute(): bool
+    {
+        return $this->status === 'processed';
+    }
+
+    public function getIsOverdueAttribute(): bool
+    {
+        return $this->is_pending
+            && $this->due_date !== null
+            && $this->due_date->lt(now()->startOfDay());
+    }
+}

erp/app/Modules/Finance/Policies/VendorPaymentPolicy.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace App\Modules\Finance\Policies;
+
+use App\Models\User;
+use App\Modules\Finance\Models\VendorPayment;
+
+class VendorPaymentPolicy
+{
+    public function viewAny(User $user): bool
+    {
+        return $user->can('finance.view');
+    }
+
+    public function view(User $user, VendorPayment $vendorPayment): bool
+    {
+        return $user->can('finance.view');
+    }
+
+    public function create(User $user): bool
+    {
+        return $user->can('finance.create');
+    }
+
+    public function update(User $user, VendorPayment $vendorPayment): bool
+    {
+        return $user->can('finance.create');
+    }
+
+    public function approve(User $user, VendorPayment $vendorPayment): bool
+    {
+        return $user->can('finance.create');
+    }
+
+    public function process(User $user, VendorPayment $vendorPayment): bool
+    {
+        return $user->can('finance.create');
+    }
+
+    public function reject(User $user, VendorPayment $vendorPayment): bool
+    {
+        return $user->can('finance.delete');
+    }
+
+    public function cancel(User $user, VendorPayment $vendorPayment): bool
+    {
+        return $user->can('finance.delete');
+    }
+
+    public function delete(User $user, VendorPayment $vendorPayment): bool
+    {
+        return $user->can('finance.delete');
+    }
+}

erp/app/Modules/Finance/Providers/FinanceServiceProvider.php

@@ -110,6 +110,8 @@
 use App\Modules\Finance\Policies\CashFlowForecastPolicy;
 use App\Modules\Finance\Models\RecurringExpense;
 use App\Modules\Finance\Policies\RecurringExpensePolicy;
+use App\Modules\Finance\Models\VendorPayment;
+use App\Modules\Finance\Policies\VendorPaymentPolicy;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\ServiceProvider;
 
@@ -193,6 +195,7 @@ public function boot(): void
         Gate::policy(IntercompanyTransaction::class, IntercompanyPolicy::class);
         Gate::policy(CashFlowForecast::class,        CashFlowForecastPolicy::class);
         Gate::policy(RecurringExpense::class,        RecurringExpensePolicy::class);
+        Gate::policy(VendorPayment::class,           VendorPaymentPolicy::class);
         if ($this->app->runningInConsole()) {
             $this->commands([\App\Modules\Finance\Console\Commands\GenerateRecurringInvoices::class]);
         }

erp/app/Modules/Finance/routes/finance.php

@@ -409,3 +409,13 @@
     Route::post('recurring-expenses/{recurring_expense}/cancel', [RecurringExpenseController::class, 'cancel'])->name('recurring-expenses.cancel');
     Route::resource('recurring-expenses', RecurringExpenseController::class);
 });
+
+// Vendor Payments
+use App\Modules\Finance\Http\Controllers\VendorPaymentController;
+Route::middleware(['web', 'auth', 'verified'])->prefix('finance')->name('finance.')->group(function () {
+    Route::post('vendor-payments/{vendor_payment}/approve', [VendorPaymentController::class, 'approve'])->name('vendor-payments.approve');
+    Route::post('vendor-payments/{vendor_payment}/process', [VendorPaymentController::class, 'process'])->name('vendor-payments.process');
+    Route::post('vendor-payments/{vendor_payment}/reject',  [VendorPaymentController::class, 'reject'])->name('vendor-payments.reject');
+    Route::post('vendor-payments/{vendor_payment}/cancel',  [VendorPaymentController::class, 'cancel'])->name('vendor-payments.cancel');
+    Route::resource('vendor-payments', VendorPaymentController::class);
+});