TenantAtlas/app/Models/User.php

<?php

namespace App\Models;

use App\Support\TenantRole;
use Filament\Models\Contracts\FilamentUser;
use Filament\Models\Contracts\HasDefaultTenant;
use Filament\Models\Contracts\HasTenants;
use Filament\Panel;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Schema;

class User extends Authenticatable implements FilamentUser, HasDefaultTenant, HasTenants
{
    /** @use HasFactory<\Database\Factories\UserFactory> */
    use HasFactory, Notifiable;

    use SoftDeletes;

    /**
     * The attributes that are mass assignable.
     *
     * @var list<string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
        'entra_tenant_id',
        'entra_object_id',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var list<string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * Get the attributes that should be cast.
     *
     * @return array<string, string>
     */
    protected function casts(): array
    {
        return [
            'email_verified_at' => 'datetime',
            'password' => 'hashed',
            'is_platform_superadmin' => 'bool',
        ];
    }

    public function isPlatformSuperadmin(): bool
    {
        return (bool) $this->is_platform_superadmin;
    }

    public function canAccessPanel(Panel $panel): bool
    {
        return true;
    }

    public function tenants(): BelongsToMany
    {
        return $this->belongsToMany(Tenant::class, 'tenant_memberships')
            ->using(TenantMembership::class)
            ->withPivot(['id', 'role', 'source', 'source_ref', 'created_by_user_id'])
            ->withTimestamps();
    }

    public function tenantMemberships(): HasMany
    {
        return $this->hasMany(TenantMembership::class);
    }

    public function tenantPreferences(): HasMany
    {
        return $this->hasMany(UserTenantPreference::class);
    }

    private function tenantPivotTableExists(): bool
    {
        static $exists;

        return $exists ??= Schema::hasTable('tenant_memberships');
    }

    private function tenantPreferencesTableExists(): bool
    {
        static $exists;

        return $exists ??= Schema::hasTable('user_tenant_preferences');
    }

    public function tenantRole(Tenant $tenant): ?TenantRole
    {
        if (! $this->tenantPivotTableExists()) {
            return null;
        }

        $role = $this->tenants()
            ->whereKey($tenant->getKey())
            ->value('role');

        if (! is_string($role)) {
            return null;
        }

        return TenantRole::tryFrom($role);
    }

    public function canSyncTenant(Tenant $tenant): bool
    {
        $role = $this->tenantRole($tenant);

        return $role?->canSync() ?? false;
    }

    public function canAccessTenant(Model $tenant): bool
    {
        if (! $tenant instanceof Tenant) {
            return false;
        }

        if ($this->isPlatformSuperadmin()) {
            return true;
        }

        if (! $this->tenantPivotTableExists()) {
            return false;
        }

        return $this->tenants()
            ->whereKey($tenant->getKey())
            ->exists();
    }

    public function getTenants(Panel $panel): array|Collection
    {
        if ($this->isPlatformSuperadmin()) {
            return Tenant::query()
                ->where('status', 'active')
                ->orderBy('name')
                ->get();
        }

        if (! $this->tenantPivotTableExists()) {
            return collect();
        }

        return $this->tenants()
            ->where('status', 'active')
            ->orderBy('name')
            ->get();
    }

    public function getDefaultTenant(Panel $panel): ?Model
    {
        if ($this->isPlatformSuperadmin()) {
            return Tenant::query()
                ->where('status', 'active')
                ->orderBy('name')
                ->first();
        }

        if (! $this->tenantPivotTableExists()) {
            return null;
        }

        $tenantId = null;

        if ($this->tenantPreferencesTableExists()) {
            $tenantId = $this->tenantPreferences()
                ->whereNotNull('last_used_at')
                ->orderByDesc('last_used_at')
                ->value('tenant_id');
        }

        if ($tenantId !== null) {
            $tenant = $this->tenants()
                ->where('status', 'active')
                ->whereKey($tenantId)
                ->first();

            if ($tenant !== null) {
                return $tenant;
            }
        }

        return $this->tenants()
            ->where('status', 'active')
            ->orderBy('name')
            ->first();
    }
}