mirror of
https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git
synced 2026-06-24 18:50:23 +00:00
✨ Add OAuth functionality, MCP tools, and feature tests
- 🔒 Added migrations for `oauth_access_tokens`, `oauth_refresh_tokens`, `oauth_auth_codes`, `oauth_clients`, and `oauth_device_codes`. - 🤖 Created MCP tools (Meetups, Cities, Venues, Courses, Lecturers) for managing entities with authentication and validation. - 🛠️ Implemented Passport-backed OAuth API guard configuration and validation endpoints. - ✅ Added comprehensive feature tests for MCP tools and OAuth functionality (access control, validation, and token-based authentication).
This commit is contained in:
HolgerHatGarKeineNode
@@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
namespace App\Mcp\Tools\Venue;
|
||||
|
||||
use App\Http\Requests\Api\StoreVenueRequest;
|
||||
use App\Http\Resources\VenueResource;
|
||||
use App\Models\Venue;
|
||||
use Illuminate\Contracts\JsonSchema\JsonSchema;
|
||||
use Illuminate\JsonSchema\Types\Type;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Laravel\Mcp\Request;
|
||||
use Laravel\Mcp\Response;
|
||||
use Laravel\Mcp\Server\Attributes\Description;
|
||||
use Laravel\Mcp\Server\Tool;
|
||||
|
||||
#[Description('Legt einen neuen Veranstaltungsort (Venue) für den authentifizierten Nutzer an. Der Ersteller (created_by) wird automatisch gesetzt.')]
|
||||
class CreateVenueTool extends Tool
|
||||
{
|
||||
public function handle(Request $request): Response
|
||||
{
|
||||
$user = $request->user();
|
||||
|
||||
if ($user === null || Gate::forUser($user)->denies('create', Venue::class)) {
|
||||
return Response::error('Nicht berechtigt, einen Veranstaltungsort anzulegen.');
|
||||
}
|
||||
|
||||
$storeRequest = new StoreVenueRequest;
|
||||
|
||||
$validated = $request->validate(
|
||||
$storeRequest->rules(),
|
||||
$storeRequest->messages(),
|
||||
);
|
||||
|
||||
$venue = Venue::create($validated);
|
||||
|
||||
return Response::json(VenueResource::make($venue->fresh())->resolve());
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, Type>
|
||||
*/
|
||||
public function schema(JsonSchema $schema): array
|
||||
{
|
||||
return [
|
||||
'city_id' => $schema->integer()->description('ID der zugehörigen Stadt (vorher per search-cities auflösen).')->required(),
|
||||
'name' => $schema->string()->description('Name des Veranstaltungsorts.')->required(),
|
||||
'street' => $schema->string()->description('Straße und Hausnummer des Veranstaltungsorts.')->required(),
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
namespace App\Mcp\Tools\Venue;
|
||||
|
||||
use App\Http\Resources\VenueResource;
|
||||
use App\Models\Venue;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Laravel\Mcp\Request;
|
||||
use Laravel\Mcp\Response;
|
||||
use Laravel\Mcp\Server\Attributes\Description;
|
||||
use Laravel\Mcp\Server\Tool;
|
||||
use Laravel\Mcp\Server\Tools\Annotations\IsReadOnly;
|
||||
|
||||
#[IsReadOnly]
|
||||
#[Description('Listet alle vom authentifizierten Nutzer erstellten Veranstaltungsorte, alphabetisch sortiert.')]
|
||||
class ListMyVenuesTool extends Tool
|
||||
{
|
||||
public function handle(Request $request): Response
|
||||
{
|
||||
$user = $request->user();
|
||||
|
||||
if ($user === null || Gate::forUser($user)->denies('viewAny', Venue::class)) {
|
||||
return Response::error('Nicht authentifiziert.');
|
||||
}
|
||||
|
||||
$venues = Venue::query()
|
||||
->where('created_by', $user->getAuthIdentifier())
|
||||
->orderBy('name')
|
||||
->get();
|
||||
|
||||
return Response::json(VenueResource::collection($venues)->resolve());
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,46 @@
|
||||
<?php
|
||||
|
||||
namespace App\Mcp\Tools\Venue;
|
||||
|
||||
use App\Http\Resources\VenueResource;
|
||||
use App\Models\Venue;
|
||||
use Illuminate\Contracts\JsonSchema\JsonSchema;
|
||||
use Illuminate\JsonSchema\Types\Type;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Laravel\Mcp\Request;
|
||||
use Laravel\Mcp\Response;
|
||||
use Laravel\Mcp\Server\Attributes\Description;
|
||||
use Laravel\Mcp\Server\Tool;
|
||||
use Laravel\Mcp\Server\Tools\Annotations\IsReadOnly;
|
||||
|
||||
#[IsReadOnly]
|
||||
#[Description('Zeigt einen einzelnen, vom authentifizierten Nutzer erstellten Veranstaltungsort.')]
|
||||
class ShowMyVenueTool extends Tool
|
||||
{
|
||||
public function handle(Request $request): Response
|
||||
{
|
||||
$venue = Venue::find($request->get('id'));
|
||||
|
||||
if (! $venue) {
|
||||
return Response::error('Veranstaltungsort nicht gefunden.');
|
||||
}
|
||||
|
||||
$user = $request->user();
|
||||
|
||||
if ($user === null || Gate::forUser($user)->denies('view', $venue)) {
|
||||
return Response::error('Nur der Ersteller oder ein Super-Admin darf diesen Veranstaltungsort sehen.');
|
||||
}
|
||||
|
||||
return Response::json(VenueResource::make($venue)->resolve());
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, Type>
|
||||
*/
|
||||
public function schema(JsonSchema $schema): array
|
||||
{
|
||||
return [
|
||||
'id' => $schema->integer()->description('ID des Veranstaltungsorts.')->required(),
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,52 @@
|
||||
<?php
|
||||
|
||||
namespace App\Mcp\Tools\Venue;
|
||||
|
||||
use App\Http\Requests\Api\UpdateVenueRequest;
|
||||
use App\Http\Resources\VenueResource;
|
||||
use App\Models\Venue;
|
||||
use Illuminate\Contracts\JsonSchema\JsonSchema;
|
||||
use Illuminate\JsonSchema\Types\Type;
|
||||
use Illuminate\Support\Facades\Gate;
|
||||
use Laravel\Mcp\Request;
|
||||
use Laravel\Mcp\Response;
|
||||
use Laravel\Mcp\Server\Attributes\Description;
|
||||
use Laravel\Mcp\Server\Tool;
|
||||
|
||||
#[Description('Aktualisiert einen bestehenden Veranstaltungsort (Venue). Nur der Ersteller oder ein Super-Admin darf ihn ändern.')]
|
||||
class UpdateVenueTool extends Tool
|
||||
{
|
||||
public function handle(Request $request): Response
|
||||
{
|
||||
$venue = Venue::find($request->get('id'));
|
||||
|
||||
if (! $venue) {
|
||||
return Response::error('Veranstaltungsort nicht gefunden.');
|
||||
}
|
||||
|
||||
$user = $request->user();
|
||||
|
||||
if ($user === null || Gate::forUser($user)->denies('update', $venue)) {
|
||||
return Response::error('Nur der Ersteller oder ein Super-Admin darf diesen Veranstaltungsort ändern.');
|
||||
}
|
||||
|
||||
$validated = $request->validate((new UpdateVenueRequest)->rules());
|
||||
|
||||
$venue->update($validated);
|
||||
|
||||
return Response::json(VenueResource::make($venue->fresh())->resolve());
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, Type>
|
||||
*/
|
||||
public function schema(JsonSchema $schema): array
|
||||
{
|
||||
return [
|
||||
'id' => $schema->integer()->description('ID des zu aktualisierenden Veranstaltungsorts.')->required(),
|
||||
'city_id' => $schema->integer()->description('ID der zugehörigen Stadt.'),
|
||||
'name' => $schema->string()->description('Name des Veranstaltungsorts.'),
|
||||
'street' => $schema->string()->description('Straße und Hausnummer des Veranstaltungsorts.'),
|
||||
];
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user