.env.example

@@ -19,7 +19,7 @@ BROADCAST_DRIVER=log
 CACHE_DRIVER=file
 FILESYSTEM_DISK=local
 QUEUE_CONNECTION=sync
-SESSION_DRIVER=file
+SESSION_DRIVER=database
 SESSION_LIFETIME=120
 
 MEMCACHED_HOST=127.0.0.1

app/Actions/Fortify/CreateNewUser.php

+<?php
+
+namespace App\Actions\Fortify;
+
+use App\Models\Team;
+use App\Models\User;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Fortify\Contracts\CreatesNewUsers;
+use Laravel\Jetstream\Jetstream;
+
+class CreateNewUser implements CreatesNewUsers
+{
+    use PasswordValidationRules;
+
+    /**
+     * Create a newly registered user.
+     *
+     * @param  array  $input
+     * @return \App\Models\User
+     */
+    public function create(array $input)
+    {
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
+            'password' => $this->passwordRules(),
+            'terms' => Jetstream::hasTermsAndPrivacyPolicyFeature() ? ['accepted', 'required'] : '',
+        ])->validate();
+
+        return DB::transaction(function () use ($input) {
+            return tap(User::create([
+                'name' => $input['name'],
+                'email' => $input['email'],
+                'password' => Hash::make($input['password']),
+            ]), function (User $user) {
+                $this->createTeam($user);
+            });
+        });
+    }
+
+    /**
+     * Create a personal team for the user.
+     *
+     * @param  \App\Models\User  $user
+     * @return void
+     */
+    protected function createTeam(User $user)
+    {
+        $user->ownedTeams()->save(Team::forceCreate([
+            'user_id' => $user->id,
+            'name' => explode(' ', $user->name, 2)[0]."'s Team",
+            'personal_team' => true,
+        ]));
+    }
+}

app/Actions/Fortify/PasswordValidationRules.php

+<?php
+
+namespace App\Actions\Fortify;
+
+use Laravel\Fortify\Rules\Password;
+
+trait PasswordValidationRules
+{
+    /**
+     * Get the validation rules used to validate passwords.
+     *
+     * @return array
+     */
+    protected function passwordRules()
+    {
+        return ['required', 'string', new Password, 'confirmed'];
+    }
+}

app/Actions/Fortify/ResetUserPassword.php

+<?php
+
+namespace App\Actions\Fortify;
+
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Fortify\Contracts\ResetsUserPasswords;
+
+class ResetUserPassword implements ResetsUserPasswords
+{
+    use PasswordValidationRules;
+
+    /**
+     * Validate and reset the user's forgotten password.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    public function reset($user, array $input)
+    {
+        Validator::make($input, [
+            'password' => $this->passwordRules(),
+        ])->validate();
+
+        $user->forceFill([
+            'password' => Hash::make($input['password']),
+        ])->save();
+    }
+}

app/Actions/Fortify/UpdateUserPassword.php

+<?php
+
+namespace App\Actions\Fortify;
+
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Fortify\Contracts\UpdatesUserPasswords;
+
+class UpdateUserPassword implements UpdatesUserPasswords
+{
+    use PasswordValidationRules;
+
+    /**
+     * Validate and update the user's password.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    public function update($user, array $input)
+    {
+        Validator::make($input, [
+            'current_password' => ['required', 'string'],
+            'password' => $this->passwordRules(),
+        ])->after(function ($validator) use ($user, $input) {
+            if (! isset($input['current_password']) || ! Hash::check($input['current_password'], $user->password)) {
+                $validator->errors()->add('current_password', __('The provided password does not match your current password.'));
+            }
+        })->validateWithBag('updatePassword');
+
+        $user->forceFill([
+            'password' => Hash::make($input['password']),
+        ])->save();
+    }
+}

app/Actions/Fortify/UpdateUserProfileInformation.php

+<?php
+
+namespace App\Actions\Fortify;
+
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\Rule;
+use Laravel\Fortify\Contracts\UpdatesUserProfileInformation;
+
+class UpdateUserProfileInformation implements UpdatesUserProfileInformation
+{
+    /**
+     * Validate and update the given user's profile information.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    public function update($user, array $input)
+    {
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'email', 'max:255', Rule::unique('users')->ignore($user->id)],
+            'photo' => ['nullable', 'mimes:jpg,jpeg,png', 'max:1024'],
+        ])->validateWithBag('updateProfileInformation');
+
+        if (isset($input['photo'])) {
+            $user->updateProfilePhoto($input['photo']);
+        }
+
+        if ($input['email'] !== $user->email &&
+            $user instanceof MustVerifyEmail) {
+            $this->updateVerifiedUser($user, $input);
+        } else {
+            $user->forceFill([
+                'name' => $input['name'],
+                'email' => $input['email'],
+            ])->save();
+        }
+    }
+
+    /**
+     * Update the given verified user's profile information.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    protected function updateVerifiedUser($user, array $input)
+    {
+        $user->forceFill([
+            'name' => $input['name'],
+            'email' => $input['email'],
+            'email_verified_at' => null,
+        ])->save();
+
+        $user->sendEmailVerificationNotification();
+    }
+}

app/Actions/Jetstream/AddTeamMember.php

+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Jetstream\Contracts\AddsTeamMembers;
+use Laravel\Jetstream\Events\AddingTeamMember;
+use Laravel\Jetstream\Events\TeamMemberAdded;
+use Laravel\Jetstream\Jetstream;
+use Laravel\Jetstream\Rules\Role;
+
+class AddTeamMember implements AddsTeamMembers
+{
+    /**
+     * Add a new team member to the given team.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    public function add($user, $team, string $email, string $role = null)
+    {
+        Gate::forUser($user)->authorize('addTeamMember', $team);
+
+        $this->validate($team, $email, $role);
+
+        $newTeamMember = Jetstream::findUserByEmailOrFail($email);
+
+        AddingTeamMember::dispatch($team, $newTeamMember);
+
+        $team->users()->attach(
+            $newTeamMember, ['role' => $role]
+        );
+
+        TeamMemberAdded::dispatch($team, $newTeamMember);
+    }
+
+    /**
+     * Validate the add member operation.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    protected function validate($team, string $email, ?string $role)
+    {
+        Validator::make([
+            'email' => $email,
+            'role' => $role,
+        ], $this->rules(), [
+            'email.exists' => __('We were unable to find a registered user with this email address.'),
+        ])->after(
+            $this->ensureUserIsNotAlreadyOnTeam($team, $email)
+        )->validateWithBag('addTeamMember');
+    }
+
+    /**
+     * Get the validation rules for adding a team member.
+     *
+     * @return array
+     */
+    protected function rules()
+    {
+        return array_filter([
+            'email' => ['required', 'email', 'exists:users'],
+            'role' => Jetstream::hasRoles()
+                            ? ['required', 'string', new Role]
+                            : null,
+        ]);
+    }
+
+    /**
+     * Ensure that the user is not already on the team.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @return \Closure
+     */
+    protected function ensureUserIsNotAlreadyOnTeam($team, string $email)
+    {
+        return function ($validator) use ($team, $email) {
+            $validator->errors()->addIf(
+                $team->hasUserWithEmail($email),
+                'email',
+                __('This user already belongs to the team.')
+            );
+        };
+    }
+}

app/Actions/Jetstream/CreateTeam.php

+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Jetstream\Contracts\CreatesTeams;
+use Laravel\Jetstream\Events\AddingTeam;
+use Laravel\Jetstream\Jetstream;
+
+class CreateTeam implements CreatesTeams
+{
+    /**
+     * Validate and create a new team for the given user.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return mixed
+     */
+    public function create($user, array $input)
+    {
+        Gate::forUser($user)->authorize('create', Jetstream::newTeamModel());
+
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+        ])->validateWithBag('createTeam');
+
+        AddingTeam::dispatch($user);
+
+        $user->switchTeam($team = $user->ownedTeams()->create([
+            'name' => $input['name'],
+            'personal_team' => false,
+        ]));
+
+        return $team;
+    }
+}

app/Actions/Jetstream/DeleteTeam.php

+<?php
+
+namespace App\Actions\Jetstream;
+
+use Laravel\Jetstream\Contracts\DeletesTeams;
+
+class DeleteTeam implements DeletesTeams
+{
+    /**
+     * Delete the given team.
+     *
+     * @param  mixed  $team
+     * @return void
+     */
+    public function delete($team)
+    {
+        $team->purge();
+    }
+}

app/Actions/Jetstream/DeleteUser.php

+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\DB;
+use Laravel\Jetstream\Contracts\DeletesTeams;
+use Laravel\Jetstream\Contracts\DeletesUsers;
+
+class DeleteUser implements DeletesUsers
+{
+    /**
+     * The team deleter implementation.
+     *
+     * @var \Laravel\Jetstream\Contracts\DeletesTeams
+     */
+    protected $deletesTeams;
+
+    /**
+     * Create a new action instance.
+     *
+     * @param  \Laravel\Jetstream\Contracts\DeletesTeams  $deletesTeams
+     * @return void
+     */
+    public function __construct(DeletesTeams $deletesTeams)
+    {
+        $this->deletesTeams = $deletesTeams;
+    }
+
+    /**
+     * Delete the given user.
+     *
+     * @param  mixed  $user
+     * @return void
+     */
+    public function delete($user)
+    {
+        DB::transaction(function () use ($user) {
+            $this->deleteTeams($user);
+            $user->deleteProfilePhoto();
+            $user->tokens->each->delete();
+            $user->delete();
+        });
+    }
+
+    /**
+     * Delete the teams and team associations attached to the user.
+     *
+     * @param  mixed  $user
+     * @return void
+     */
+    protected function deleteTeams($user)
+    {
+        $user->teams()->detach();
+
+        $user->ownedTeams->each(function ($team) {
+            $this->deletesTeams->delete($team);
+        });
+    }
+}

app/Actions/Jetstream/InviteTeamMember.php

+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Mail;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\Rule;
+use Laravel\Jetstream\Contracts\InvitesTeamMembers;
+use Laravel\Jetstream\Events\InvitingTeamMember;
+use Laravel\Jetstream\Jetstream;
+use Laravel\Jetstream\Mail\TeamInvitation;
+use Laravel\Jetstream\Rules\Role;
+
+class InviteTeamMember implements InvitesTeamMembers
+{
+    /**
+     * Invite a new team member to the given team.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    public function invite($user, $team, string $email, string $role = null)
+    {
+        Gate::forUser($user)->authorize('addTeamMember', $team);
+
+        $this->validate($team, $email, $role);
+
+        InvitingTeamMember::dispatch($team, $email, $role);
+
+        $invitation = $team->teamInvitations()->create([
+            'email' => $email,
+            'role' => $role,
+        ]);
+
+        Mail::to($email)->send(new TeamInvitation($invitation));
+    }
+
+    /**
+     * Validate the invite member operation.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    protected function validate($team, string $email, ?string $role)
+    {
+        Validator::make([
+            'email' => $email,
+            'role' => $role,
+        ], $this->rules($team), [
+            'email.unique' => __('This user has already been invited to the team.'),
+        ])->after(
+            $this->ensureUserIsNotAlreadyOnTeam($team, $email)
+        )->validateWithBag('addTeamMember');
+    }
+
+    /**
+     * Get the validation rules for inviting a team member.
+     *
+     * @param  mixed  $team
+     * @return array
+     */
+    protected function rules($team)
+    {
+        return array_filter([
+            'email' => ['required', 'email', Rule::unique('team_invitations')->where(function ($query) use ($team) {
+                $query->where('team_id', $team->id);
+            })],
+            'role' => Jetstream::hasRoles()
+                            ? ['required', 'string', new Role]
+                            : null,
+        ]);
+    }
+
+    /**
+     * Ensure that the user is not already on the team.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @return \Closure
+     */
+    protected function ensureUserIsNotAlreadyOnTeam($team, string $email)
+    {
+        return function ($validator) use ($team, $email) {
+            $validator->errors()->addIf(
+                $team->hasUserWithEmail($email),
+                'email',
+                __('This user already belongs to the team.')
+            );
+        };
+    }
+}

app/Actions/Jetstream/RemoveTeamMember.php

+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Validation\ValidationException;
+use Laravel\Jetstream\Contracts\RemovesTeamMembers;
+use Laravel\Jetstream\Events\TeamMemberRemoved;
+
+class RemoveTeamMember implements RemovesTeamMembers
+{
+    /**
+     * Remove the team member from the given team.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  mixed  $teamMember
+     * @return void
+     */
+    public function remove($user, $team, $teamMember)
+    {
+        $this->authorize($user, $team, $teamMember);
+
+        $this->ensureUserDoesNotOwnTeam($teamMember, $team);
+
+        $team->removeUser($teamMember);
+
+        TeamMemberRemoved::dispatch($team, $teamMember);
+    }
+
+    /**
+     * Authorize that the user can remove the team member.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  mixed  $teamMember
+     * @return void
+     */
+    protected function authorize($user, $team, $teamMember)
+    {
+        if (! Gate::forUser($user)->check('removeTeamMember', $team) &&
+            $user->id !== $teamMember->id) {
+            throw new AuthorizationException;
+        }
+    }
+
+    /**
+     * Ensure that the currently authenticated user does not own the team.
+     *
+     * @param  mixed  $teamMember
+     * @param  mixed  $team
+     * @return void
+     */
+    protected function ensureUserDoesNotOwnTeam($teamMember, $team)
+    {
+        if ($teamMember->id === $team->owner->id) {
+            throw ValidationException::withMessages([
+                'team' => [__('You may not leave a team that you created.')],
+            ])->errorBag('removeTeamMember');
+        }
+    }
+}

app/Actions/Jetstream/UpdateTeamName.php

+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Jetstream\Contracts\UpdatesTeamNames;
+
+class UpdateTeamName implements UpdatesTeamNames
+{
+    /**
+     * Validate and update the given team's name.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  array  $input
+     * @return void
+     */
+    public function update($user, $team, array $input)
+    {
+        Gate::forUser($user)->authorize('update', $team);
+
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+        ])->validateWithBag('updateTeamName');
+
+        $team->forceFill([
+            'name' => $input['name'],
+        ])->save();
+    }
+}

app/Models/Membership.php

+<?php
+
+namespace App\Models;
+
+use Laravel\Jetstream\Membership as JetstreamMembership;
+
+class Membership extends JetstreamMembership
+{
+    /**
+     * Indicates if the IDs are auto-incrementing.
+     *
+     * @var bool
+     */
+    public $incrementing = true;
+}

app/Models/Team.php

+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Laravel\Jetstream\Events\TeamCreated;
+use Laravel\Jetstream\Events\TeamDeleted;
+use Laravel\Jetstream\Events\TeamUpdated;
+use Laravel\Jetstream\Team as JetstreamTeam;
+
+class Team extends JetstreamTeam
+{
+    use HasFactory;
+
+    /**
+     * The attributes that should be cast.
+     *
+     * @var array
+     */
+    protected $casts = [
+        'personal_team' => 'boolean',
+    ];
+
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var string[]
+     */
+    protected $fillable = [
+        'name',
+        'personal_team',
+    ];
+
+    /**
+     * The event map for the model.
+     *
+     * @var array
+     */
+    protected $dispatchesEvents = [
+        'created' => TeamCreated::class,
+        'updated' => TeamUpdated::class,
+        'deleted' => TeamDeleted::class,
+    ];
+}

app/Models/TeamInvitation.php

+<?php
+
+namespace App\Models;
+
+use Laravel\Jetstream\Jetstream;
+use Laravel\Jetstream\TeamInvitation as JetstreamTeamInvitation;
+
+class TeamInvitation extends JetstreamTeamInvitation
+{
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var string[]
+     */
+    protected $fillable = [
+        'email',
+        'role',
+    ];
+
+    /**
+     * Get the team that the invitation belongs to.
+     *
+     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
+     */
+    public function team()
+    {
+        return $this->belongsTo(Jetstream::teamModel());
+    }
+}

app/Models/User.php

@@ -2,43 +2,60 @@
 
 namespace App\Models;
 
-// use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
+use Laravel\Fortify\TwoFactorAuthenticatable;
+use Laravel\Jetstream\HasProfilePhoto;
+use Laravel\Jetstream\HasTeams;
 use Laravel\Sanctum\HasApiTokens;
 
 class User extends Authenticatable
 {
-    use HasApiTokens, HasFactory, Notifiable;
+    use HasApiTokens;
+    use HasFactory;
+    use HasProfilePhoto;
+    use HasTeams;
+    use Notifiable;
+    use TwoFactorAuthenticatable;
 
     /**
      * The attributes that are mass assignable.
      *
-     * @var array<int, string>
+     * @var string[]
      */
     protected $fillable = [
-        'name',
-        'email',
-        'password',
+        'name', 'email', 'password',
     ];
 
     /**
      * The attributes that should be hidden for serialization.
      *
-     * @var array<int, string>
+     * @var array
      */
     protected $hidden = [
         'password',
         'remember_token',
+        'two_factor_recovery_codes',
+        'two_factor_secret',
     ];
 
     /**
      * The attributes that should be cast.
      *
-     * @var array<string, string>
+     * @var array
      */
     protected $casts = [
         'email_verified_at' => 'datetime',
     ];
+
+    /**
+     * The accessors to append to the model's array form.
+     *
+     * @var array
+     */
+    protected $appends = [
+        'profile_photo_url',
+    ];
 }

app/Policies/TeamPolicy.php

+<?php
+
+namespace App\Policies;
+
+use App\Models\Team;
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class TeamPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Determine whether the user can view any models.
+     *
+     * @param  \App\Models\User  $user
+     * @return mixed
+     */
+    public function viewAny(User $user)
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function view(User $user, Team $team)
+    {
+        return $user->belongsToTeam($team);
+    }
+
+    /**
+     * Determine whether the user can create models.
+     *
+     * @param  \App\Models\User  $user
+     * @return mixed
+     */
+    public function create(User $user)
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function update(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can add team members.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function addTeamMember(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can update team member permissions.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function updateTeamMember(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can remove team members.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function removeTeamMember(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function delete(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+}

app/Providers/AppServiceProvider.php

@@ -2,6 +2,7 @@
 
 namespace App\Providers;
 
+use Illuminate\Support\Facades\Schema;
 use Illuminate\Support\ServiceProvider;
 
 class AppServiceProvider extends ServiceProvider
@@ -23,6 +24,6 @@ public function register()
      */
     public function boot()
     {
-        //
+        Schema::defaultStringLength(191);
     }
 }

app/Providers/AuthServiceProvider.php

@@ -2,18 +2,19 @@
 
 namespace App\Providers;
 
-// use Illuminate\Support\Facades\Gate;
+use App\Models\Team;
+use App\Policies\TeamPolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 
 class AuthServiceProvider extends ServiceProvider
 {
     /**
-     * The model to policy mappings for the application.
+     * The policy mappings for the application.
      *
-     * @var array<class-string, class-string>
+     * @var array
      */
     protected $policies = [
-        // 'App\Models\Model' => 'App\Policies\ModelPolicy',
+        Team::class => TeamPolicy::class,
     ];
 
     /**