einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-06-11 02:50:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enhance meetup association and permissions management

Browse Source 
- 🔍 Added `resolveInScope` method to `ResolvesEntities` for scoped entity resolution with stricter control.
- 👥 Introduced `AddMeetupToMineTool` MCP tool for adding external meetups to "My Meetups."
- 🛠️ Updated `ListMyMeetupsTool` and `ShowMyMeetupTool` to include both created and joined meetups.
- 📚 Updated `Meetup` model with `associatedWith` scope for querying user-related meetups.
-  Expanded feature tests for meetup membership, creator permissions, and scoped tool usage.
- 🛡️ Unified access checks across Livewire and APIs to restrict editing meetup details to creators or super-admins.
- 🔗 Registered `AddMeetupToMineTool` in `EinundzwanzigServer`.
This commit is contained in:
HolgerHatGarKeineNode
2026-06-08 11:59:02 +02:00
parent dc2b828777
commit 3a507cced2
13 changed files with 260 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Mcp/Tools/Meetup/ShowMyMeetupTool.php
+13 -9
View File
@@ -7,7 +7,6 @@ use App\Mcp\Tools\Concerns\ResolvesEntities;
use App\Models\Meetup;
use Illuminate\Contracts\JsonSchema\JsonSchema;
use Illuminate\JsonSchema\Types\Type;
use Illuminate\Support\Facades\Gate;
use Laravel\Mcp\Request;
use Laravel\Mcp\Response;
use Laravel\Mcp\Server\Attributes\Description;
@@ -15,25 +14,30 @@ use Laravel\Mcp\Server\Tool;
use Laravel\Mcp\Server\Tools\Annotations\IsReadOnly;
#[IsReadOnly]
#[Description('Zeigt eines deiner Meetups (per Name angegeben).')]
#[Description('Zeigt eines deiner Meetups (selbst erstellt oder beigetreten, per Name angegeben).')]
class ShowMyMeetupTool extends Tool
{
use ResolvesEntities;
public function handle(Request $request): Response
{
$meetup = $this->resolveOwnedByName($request, Meetup::class, 'Meetups', 'meetup');
$user = $request->user();
if ($user === null) {
return Response::error('Nicht authentifiziert.');
}
$meetup = $this->resolveInScope(
Meetup::query()->associatedWith($user->getAuthIdentifier()),
$request,
'Meetups',
'meetup',
);
if ($meetup instanceof Response) {
return $meetup;
}
$user = $request->user();
if ($user === null || Gate::forUser($user)->denies('view', $meetup)) {
return Response::error('Nur der Ersteller oder ein Super-Admin darf dieses Meetup sehen.');
}
return Response::json(MeetupResource::make($meetup)->resolve());
}