a620906209
da48a3652d
後端: - Migration:diving_offers 新增 provider_id(nullable FK) - Migration:users.role ENUM 加入 provider 值 - Migration:diving_offers.spot 改為 nullable - AuthController:registerProvider business_name 改為選填 - AuthController:updateProviderProfile 補上 certifications / dive_sites / services / facilities / website / social_media - ProviderOfferController:教練課程 CRUD(index/show/store/update/destroy),實作 provider_id 所有權不變式(404 → 403 兩步驟) 前端(frontend/): - coachAuth store、coachAxios(獨立於 member auth) - /coach/* 路由群組 + beforeEach guard - CoachNavBar、CoachLayout(教練頁隱藏會員 NavBar) - LoginView、RegisterView、DashboardView(表格 + 刪除確認) - OfferFormView(新增/編輯共用)、ProfileView OpenSpec: - openspec/config.yaml 補入專案 context 與 rules - 新增 specs:coach-offers-api / coach-portal-ui / provider-auth - 更新 spec:diving-offers-api 加入 provider_id - 歸檔:openspec/changes/archive/2026-05-10-coach-portal Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
112 lines
3.5 KiB
PHP
112 lines
3.5 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\API;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\DivingOffer;
|
|
use Illuminate\Http\Request;
|
|
|
|
class ProviderOfferController extends Controller
|
|
{
|
|
public function index()
|
|
{
|
|
$offers = DivingOffer::where('provider_id', auth()->id())
|
|
->paginate(12);
|
|
|
|
return response()->json([
|
|
'status' => true,
|
|
'data' => $offers->items(),
|
|
'meta' => [
|
|
'total' => $offers->total(),
|
|
'per_page' => $offers->perPage(),
|
|
'current_page' => $offers->currentPage(),
|
|
'last_page' => $offers->lastPage(),
|
|
],
|
|
]);
|
|
}
|
|
|
|
public function show(int $id)
|
|
{
|
|
$offer = DivingOffer::find($id);
|
|
|
|
if (!$offer) {
|
|
return response()->json(['status' => false, 'message' => '課程不存在'], 404);
|
|
}
|
|
|
|
if ($offer->provider_id !== auth()->id()) {
|
|
return response()->json(['status' => false, 'message' => '無權限查看此課程'], 403);
|
|
}
|
|
|
|
return response()->json(['status' => true, 'data' => $offer]);
|
|
}
|
|
|
|
public function store(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'title' => 'required|string|max:255',
|
|
'location' => 'required|string|max:255',
|
|
'spot' => 'nullable|string|max:255',
|
|
'price' => 'required|integer|min:0',
|
|
'region' => 'required|string|max:100',
|
|
'tag' => 'nullable|string|max:100',
|
|
'badges' => 'nullable|array',
|
|
'badges.*' => 'string|max:50',
|
|
'description' => 'nullable|string',
|
|
]);
|
|
|
|
$validated['provider_id'] = auth()->id();
|
|
$validated['rating'] = 0;
|
|
$validated['reviews'] = 0;
|
|
|
|
$offer = DivingOffer::create($validated);
|
|
|
|
return response()->json(['status' => true, 'data' => $offer], 201);
|
|
}
|
|
|
|
public function update(Request $request, int $id)
|
|
{
|
|
$offer = DivingOffer::find($id);
|
|
|
|
if (!$offer) {
|
|
return response()->json(['status' => false, 'message' => '課程不存在'], 404);
|
|
}
|
|
|
|
if ($offer->provider_id !== auth()->id()) {
|
|
return response()->json(['status' => false, 'message' => '無權限修改此課程'], 403);
|
|
}
|
|
|
|
$validated = $request->validate([
|
|
'title' => 'nullable|string|max:255',
|
|
'location' => 'nullable|string|max:255',
|
|
'spot' => 'nullable|string|max:255',
|
|
'price' => 'nullable|integer|min:0',
|
|
'region' => 'nullable|string|max:100',
|
|
'tag' => 'nullable|string|max:100',
|
|
'badges' => 'nullable|array',
|
|
'badges.*' => 'string|max:50',
|
|
'description' => 'nullable|string',
|
|
]);
|
|
|
|
$offer->fill($validated)->save();
|
|
|
|
return response()->json(['status' => true, 'data' => $offer]);
|
|
}
|
|
|
|
public function destroy(int $id)
|
|
{
|
|
$offer = DivingOffer::find($id);
|
|
|
|
if (!$offer) {
|
|
return response()->json(['status' => false, 'message' => '課程不存在'], 404);
|
|
}
|
|
|
|
if ($offer->provider_id !== auth()->id()) {
|
|
return response()->json(['status' => false, 'message' => '無權限刪除此課程'], 403);
|
|
}
|
|
|
|
$offer->delete();
|
|
|
|
return response()->json(['status' => true, 'message' => '課程已刪除']);
|
|
}
|
|
}
|