TenantAtlas/app/Filament/Pages/TenantDiagnostics.php

<?php

declare(strict_types=1);

namespace App\Filament\Pages;

use App\Models\Tenant;
use App\Models\TenantMembership;
use App\Models\User;
use App\Services\Auth\TenantDiagnosticsService;
use App\Services\Auth\TenantMembershipManager;
use App\Support\Auth\Capabilities;
use App\Support\Rbac\UiEnforcement;
use App\Support\Rbac\UiTooltips;
use Filament\Actions\Action;
use Filament\Pages\Page;

class TenantDiagnostics extends Page
{
    protected static bool $shouldRegisterNavigation = false;

    protected static ?string $slug = 'diagnostics';

    protected string $view = 'filament.pages.tenant-diagnostics';

    public bool $missingOwner = false;

    public bool $hasDuplicateMembershipsForCurrentUser = false;

    public function mount(): void
    {
        $tenant = Tenant::current();
        $tenantId = (int) $tenant->getKey();

        $this->missingOwner = ! TenantMembership::query()
            ->where('tenant_id', $tenantId)
            ->where('role', 'owner')
            ->exists();

        $user = auth()->user();
        if (! $user instanceof User) {
            abort(403, 'Not allowed');
        }

        $this->hasDuplicateMembershipsForCurrentUser = app(TenantDiagnosticsService::class)
            ->userHasDuplicateMemberships($tenant, $user);
    }

    /**
     * @return array<Action>
     */
    protected function getHeaderActions(): array
    {
        return [
            UiEnforcement::forAction(
                Action::make('bootstrapOwner')
                    ->label('Bootstrap owner')
                    ->requiresConfirmation()
                    ->action(fn () => $this->bootstrapOwner()),
            )
                ->requireCapability(Capabilities::TENANT_MANAGE)
                ->destructive()
                ->tooltip(UiTooltips::INSUFFICIENT_PERMISSION)
                ->apply()
                ->visible(fn (): bool => $this->missingOwner),

            UiEnforcement::forAction(
                Action::make('mergeDuplicateMemberships')
                    ->label('Merge duplicate memberships')
                    ->requiresConfirmation()
                    ->action(fn () => $this->mergeDuplicateMemberships()),
            )
                ->requireCapability(Capabilities::TENANT_MANAGE)
                ->destructive()
                ->tooltip(UiTooltips::INSUFFICIENT_PERMISSION)
                ->apply()
                ->visible(fn (): bool => $this->hasDuplicateMembershipsForCurrentUser),
        ];
    }

    public function bootstrapOwner(): void
    {
        $tenant = Tenant::current();

        $user = auth()->user();
        if (! $user instanceof User) {
            abort(403, 'Not allowed');
        }

        app(TenantMembershipManager::class)->bootstrapRecover($tenant, $user, $user);

        $this->mount();
    }

    public function mergeDuplicateMemberships(): void
    {
        $tenant = Tenant::current();

        $user = auth()->user();
        if (! $user instanceof User) {
            abort(403, 'Not allowed');
        }

        app(TenantDiagnosticsService::class)->mergeDuplicateMembershipsForUser($tenant, $user, $user);

        $this->mount();
    }
}