handle donors phone encryption and dycription, manage proposal policy…

… and showing the action buttons depending on the status of the proposal

app/Http/Controllers/DonationController.php

@@ -6,6 +6,7 @@
 use App\Http\Requests\UpdateDonationRequest;
 use App\Models\Donation;
 use App\Models\Currency;
+use App\Models\Donor;
 use App\Models\Proposal;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Validator;

app/Http/Controllers/DonorController.php

@@ -7,6 +7,7 @@
 use App\Models\Donor;
 use App\Models\Country;
 use App\Models\Donation;
+use Illuminate\Database\Eloquent\Casts\Attribute;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Str;
@@ -23,12 +24,13 @@ public function __construct(Request $request)
         parent::__construct($request);
     }
 
+
+
     /**
      * Display a listing of the resource.
      */
     public function index(Request $request)
     {
-
         return Inertia::render(Str::studly("Donor").'/Index', [
             "headers" => Donor::headers(),
             "items" => Donor::search($request)->sort($request)->paginate($this->pagination),

app/Http/Controllers/ProposalController.php

@@ -15,6 +15,8 @@
 use App\Models\Country;
 use Illuminate\Support\Str;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Validator;
 use Inertia\Inertia;
 
@@ -110,8 +112,12 @@ public function edit(Proposal $proposal)
      */
     public function update(UpdateProposalRequest $request, Proposal $proposal)
     {
+        // Log::debug($proposal);
         $validated = $request->validated();
+        // update the propsal with the new values without storing it, so that we can check the new and the original values in the ProposalPolicy class
+        // $proposal->fill($validated); 
 
+        Gate::authorize('update', [$proposal, $request['status']]);
 
         // check if there is a donatingAmount and a new donation record is needed to be added 
         if(!empty($request->donatingAmount) && $request->status == 2 && $proposal->status != $request->status){

app/Http/Requests/StoreDonationRequest.php

@@ -6,6 +6,16 @@
 
 class StoreDonationRequest extends FormRequest
 {
+
+    protected function prepareForValidation()
+    {
+        if ($this->has('phone')) {
+            $this->merge([
+                'phone' => deterministicEncrypt($this->phone),
+            ]);
+        }
+    }
+
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -25,9 +35,9 @@ public function rules()
     {
         return [
             'phone' => 'required|exists:donors,phone',
-            'project_id' => 'required|exists:proposals,id',
+            'proposal_id' => 'required|exists:proposals,id',
             'currency_id' => 'required|exists:currencies,id',
-            'amount' => 'required|numberic|min:0',
+            'amount' => 'required|numeric|min:0',
             'status' => 'required|integer|between:0,3',
         ];
     }

app/Http/Requests/UpdateProposalRequest.php

@@ -34,7 +34,7 @@ public function rules()
             'cost' => 'sometimes|numeric',
             'share_cost' => 'sometimes|numeric',
             'expected_benificiaries_count' => 'sometimes|integer|min:0',
-            'min_documenting_amount' => 'required|integer|min:0',
+            'min_documenting_amount' => 'sometimes|integer|min:0',
             'publishing_date' => 'sometimes|date',
             'execution_date' => 'sometimes|date|after_or_equal:publishing_date',
             'entity_id' => 'sometimes|integer|exists:entities,id', 

app/Http/helpers.php

@@ -0,0 +1,14 @@
+<?php
+function deterministicEncrypt($value)
+{
+    $key = config('app.key'); // Use a secure key
+    return base64_encode(openssl_encrypt($value, 'AES-256-ECB', $key, OPENSSL_RAW_DATA));
+}
+
+function deterministicDecrypt($encryptedValue)
+{
+    $key = config('app.key'); // Use a secure key
+    return openssl_decrypt(base64_decode($encryptedValue), 'AES-256-ECB', $key, OPENSSL_RAW_DATA);
+}
+
+

app/Models/Document.php

@@ -9,7 +9,7 @@ class Document extends BaseModel
 {
     use HasFactory;
     protected $appends = ['proposal_name', 'donor_name', 'currency_name'];
-    protected $with = ['proposal', 'donor', 'currency'];
+    protected $with = ['proposal', 'donor', 'currency', 'attachments'];
     public static $controllable = true;
 
     public function proposal()
@@ -39,7 +39,10 @@ public function getCurrencyNameAttribute()
     {
         return $this->currency?->name;
     }
-
+    public function attachments()
+    {
+        return $this->morphMany(Attachment::class, 'attachable');
+    }
 
     public static function headers($user = null)
     {

app/Models/Donor.php

@@ -2,6 +2,7 @@
 
 namespace App\Models;
 
+use Illuminate\Database\Eloquent\Casts\Attribute;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
 
@@ -12,9 +13,6 @@ class Donor extends BaseModel
     protected $guarded = ['donations'];
     protected $with = ['country'];
     public static $controllable = true;
-    protected $casts = [
-        // 'phone' => 'encrypted',
-    ];
 
     public const STATUSES = [
         'pending' => 0,
@@ -24,9 +22,14 @@ class Donor extends BaseModel
         2 => ('Approved'),
         3 => ('Rejected'),
 
+    ];
+    public const PHONE_ALLOWED_USER_TYPES = [
+       1
+
     ];
 
     public static function genders() {
+
         return [
             ['id' => 1, 'name' => __('Male')],
             ['id' => 2, 'name' => __('Female')],
@@ -40,15 +43,25 @@ public function country()
         return $this->belongsTo(Country::class, 'country_id', 'id');
     }
 
-
-
-
-    public function getPhoneAttribute($phone)
+    protected function phone(): Attribute
     {
-        if(in_array(auth()->user()->type, [1,2]))
-             return ($phone);
-        return str_repeat("●", 15);
+        return Attribute::make(
+            set: fn (string $value) => deterministicEncrypt($value),
+            get: function (string $value) {
+                if(in_array(auth()->user()->type, self::PHONE_ALLOWED_USER_TYPES))
+                    return deterministicDecrypt($value);
+                return str_repeat("●", 15);
+            },
+        );
     }
+
+
+    // public function getPhoneAttribute($phone)
+    // {
+    //     if(in_array(auth()->user()->type, self::PHONE_ALLOWED_USER_TYPES))
+    //          return decrypt($phone, false);
+    //     return str_repeat("●", 15);
+    // }
     public function getCountryNameAttribute()
     {
         return $this->country->name ?? null;

app/Models/Proposal.php

@@ -5,13 +5,14 @@
 use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Gate;
 use PhpOffice\PhpSpreadsheet\Calculation\DateTimeExcel\Current;
 
 class Proposal extends BaseModel
 {
     use HasFactory;
     protected $guarded = ['donated_amount'];
-    protected $appends = ['status_str_ar', 'beneficiaries', 'currency_name', 'entity_name', 'proposal_type_type_ar', 'area_name'];
+    protected $appends = ['status_str_ar', 'beneficiaries', 'currency_name', 'entity_name', 'proposal_type_type_ar', 'area_name', 'can_complete_donating_status', 'can_complete_execution_status'];
     protected $with = ['entity', 'area', 'proposalType', 'currency'];
     public static $controllable = true;
 
@@ -58,15 +59,21 @@ public function getCurrencyNameAttribute(){
         return $this->currency->name;   
     }
 
+    public function getCanCompleteDonatingStatusAttribute(){
+        return Gate::allows('completeDonatingStatus', $this);   
+    }
+    public function getCanCompleteExecutionStatusAttribute(){
+        return Gate::allows('completeExecutionStatus', $this);   
+    }
+    // public function getCanCompleteExecutionStatusAttribute(){
+    //     return $this->currency->name;   
+    // }
+
     // public function getPropsalDetailsAttribute()
     // {
     //     return $this->hasMany(ProposalDetail::class, 'proposal_id');
     // }
 
-    // public function getTotalAttribute()
-    // {
-    //     return $this->propsal_details->sum('total');
-    // }
 
     // relations
     public function entity(){
@@ -81,6 +88,18 @@ public function currency(){
     public function proposalType(){
         return $this->belongsTo(ProposalType::class, 'proposal_type_id');
     }
+    public function donations(){
+        return $this->hasMany(Donation::class, 'proposal_id');
+    }
+    public function documents(){
+        return $this->hasMany(Document::class, 'proposal_id');
+    }
+    public function attachments()
+    {
+        return $this->morphMany(Attachment::class, 'attachable');
+    }
+
+    // Scopes
 
     public function scopePublic($query){
         $query->where('status', 1)->where('publishing_date', '<=', Carbon::now()->format('Y-m-d'));

app/Policies/ProposalPolicy.php

@@ -5,6 +5,8 @@
 use App\Models\Proposal;
 use App\Models\User;
 use Illuminate\Auth\Access\HandlesAuthorization;
+use Illuminate\Log\Logger;
+use Illuminate\Support\Facades\Log;
 
 class ProposalPolicy
 {
@@ -51,9 +53,56 @@ public function create(User $user)
      * @param  \App\Models\Proposal  $proposal
      * @return mixed
      */
-    public function update(User $user, Proposal $proposal)
+    public function update(User $user, Proposal $proposal, $newStatus = null)
     {
-        //
+
+        // if($newStatus != null && $newStatus != $proposal->status){
+        //     return $this->completeDonatingStatus($user, $proposal) || $this->completeExecutionStatus($user, $proposal);
+        // }
+        if(!in_array($user->type, [1, 2, 3, 5])) return false;
+        if($newStatus === 2) return $this->completeDonatingStatus($user, $proposal);
+        if($newStatus === 3) return $this->completeExecutionStatus($user, $proposal);
+
+        return true;
+
+
+    }
+    public function completeDonatingStatus(User $user, Proposal $proposal)
+    {
+        if(!in_array($user->type, [1, 2, 3])) return false;
+        if($proposal->status !== 1) return false;
+
+        // make sure that all donations are approved
+        $pendingDonations = $proposal->donations()
+        ->where('status', 0)
+        ->exists();
+
+        return !$pendingDonations;
+
+    }
+    public function completeExecutionStatus(User $user, Proposal $proposal)
+    {
+        // return true;
+        if(!in_array($user->type, [1, 5])) return false;
+        if($proposal->status != 2 ) return false;
+
+        // Check if the proposal has at least one attachable of type 2
+        $proposalAttachableOfType2 = $proposal->attachments()
+        ->where('attachment_type', 2)
+        ->exists();
+        if(!$proposalAttachableOfType2) return false;
+
+        // Check if all related documents have at least one attachable record
+        $documentsWithoutAttachable = $proposal->documents()
+            ->whereDoesntHave('attachments') // Check for documents without attachments
+            ->exists();
+
+        if ($documentsWithoutAttachable) {
+            return false;
+        }
+
+        return true;
+
     }
 
     /**

app/Providers/AppServiceProvider.php

@@ -10,6 +10,8 @@
 use App\Observers\UserObserver;
 use App\Models\User;
 use App\Observers\ProposalObserver;
+use App\Policies\ProposalPolicy;
+use Illuminate\Support\Facades\Gate;
 
 class AppServiceProvider extends ServiceProvider
 {
@@ -36,5 +38,7 @@ public function boot(): void
             'document' => 'App\Models\Document',
             'proposal' => 'App\Models\Proposal',
         ]);
+
+
     }
 }

composer.json

@@ -33,7 +33,8 @@
             "App\\": "app/",
             "Database\\Factories\\": "database/factories/",
             "Database\\Seeders\\": "database/seeders/"
-        }
+        },
+        "files": ["app/Http/helpers.php"]
     },
     "autoload-dev": {
         "psr-4": {

resources/js/Components/DropdownLink.vue

@@ -12,7 +12,7 @@ defineProps({
 <template>
     <Link
         :href="href"
-        class="block w-full px-4 py-2 text-start text-sm leading-5 text-gray-700 transition duration-150 ease-in-out hover:bg-gray-100 focus:bg-gray-100 focus:outline-none"
+        class="block w-full px-4 py-2 text-start text-sm leading-5 text-gray-700 dark:text-white transition duration-150 ease-in-out hover:bg-gray-100 focus:bg-gray-100 focus:outline-none"
     >
         <slot />
     </Link>

resources/js/Components/ItemList.vue

@@ -40,12 +40,12 @@
       </svg>
     </button>
     <ul :id="`dropdown-${item.title}`" class="hidden py-2 space-y-2">
-      <template v-for="(sub_item, index) in item.items">
-        <li :key="index" v-if="sub_item.allowedUserTypes.includes(user.type)" >
+      <template v-for="(sub_item, index) in item.items" :key="index" >
+        <li v-if="sub_item.allowedUserTypes.includes(user.type)" >
           <Link
             :href="route(sub_item.to)"
             class="acrive flex items-center w-full p-2 text-white transition duration-75 rounded-lg ps-11 group hover:bg-gray-600 dark:hover:bg-gray-70 dark:text-white dark:hover:bg-gray-700"
-            >{{ $t(sub_item.title) }}</Link
+            >{{ $t(sub_item.title) }} </Link
           >
         </li>
       </template>
@@ -54,8 +54,19 @@
 </template>
 
 <script>
+
+import { usePage } from '@inertiajs/vue3';
+
 export default {
+
   props: ["item"],
+  computed: {
+    user(){
+      // console.log('usePage()');
+      // console.log(usePage().props.auth.user);
+      return usePage().props.auth.user;
+    }
+  },
   methods: {
     handleActive(event) {
       let elements = document.querySelectorAll(".item-link");