with(['roles', 'rank']) ->orderBy('id') ->get() ->map(fn (User $user) => [ 'id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'avatar_url' => $this->resolveAvatarUrl($user), 'rank' => $user->rank ? [ 'id' => $user->rank->id, 'name' => $user->rank->name, ] : null, 'roles' => $user->roles->pluck('name')->values(), ]); return response()->json($users); } public function me(Request $request): JsonResponse { $user = $request->user(); if (!$user) { return response()->json(['message' => 'Unauthenticated.'], 401); } return response()->json([ 'id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'avatar_url' => $this->resolveAvatarUrl($user), 'rank' => $user->rank ? [ 'id' => $user->rank->id, 'name' => $user->rank->name, ] : null, 'roles' => $user->roles()->pluck('name')->values(), ]); } public function profile(User $user): JsonResponse { return response()->json([ 'id' => $user->id, 'name' => $user->name, 'avatar_url' => $this->resolveAvatarUrl($user), 'rank' => $user->rank ? [ 'id' => $user->rank->id, 'name' => $user->rank->name, ] : null, 'created_at' => $user->created_at?->toIso8601String(), ]); } public function updateRank(Request $request, User $user): JsonResponse { $actor = $request->user(); if (!$actor || !$actor->roles()->where('name', 'ROLE_ADMIN')->exists()) { return response()->json(['message' => 'Forbidden'], 403); } $data = $request->validate([ 'rank_id' => ['nullable', 'exists:ranks,id'], ]); $user->rank_id = $data['rank_id'] ?? null; $user->save(); $user->loadMissing('rank'); return response()->json([ 'id' => $user->id, 'rank' => $user->rank ? [ 'id' => $user->rank->id, 'name' => $user->rank->name, ] : null, ]); } public function update(Request $request, User $user): JsonResponse { $actor = $request->user(); if (!$actor || !$actor->roles()->where('name', 'ROLE_ADMIN')->exists()) { return response()->json(['message' => 'Forbidden'], 403); } $data = $request->validate([ 'name' => ['required', 'string', 'max:255'], 'email' => [ 'required', 'string', 'email', 'max:255', Rule::unique('users', 'email')->ignore($user->id), ], 'rank_id' => ['nullable', 'exists:ranks,id'], ]); $nameCanonical = Str::lower(trim($data['name'])); $nameConflict = User::query() ->where('id', '!=', $user->id) ->where('name_canonical', $nameCanonical) ->exists(); if ($nameConflict) { return response()->json(['message' => 'Name already exists.'], 422); } if ($data['email'] !== $user->email) { $user->email_verified_at = null; } $user->forceFill([ 'name' => $data['name'], 'name_canonical' => $nameCanonical, 'email' => $data['email'], 'rank_id' => $data['rank_id'] ?? null, ])->save(); $user->loadMissing('rank'); return response()->json([ 'id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'avatar_url' => $this->resolveAvatarUrl($user), 'rank' => $user->rank ? [ 'id' => $user->rank->id, 'name' => $user->rank->name, ] : null, 'roles' => $user->roles()->pluck('name')->values(), ]); } private function resolveAvatarUrl(User $user): ?string { if (!$user->avatar_path) { return null; } return Storage::url($user->avatar_path); } }