TenantAtlas/apps/platform/app/Filament/Pages/Workspaces/ManagedEnvironmentsLanding.php

<?php

declare(strict_types=1);

namespace App\Filament\Pages\Workspaces;

use App\Models\ManagedEnvironment;
use App\Models\User;
use App\Models\Workspace;
use App\Services\Auth\CapabilityResolver;
use App\Services\Tenants\TenantOperabilityService;
use App\Support\Tenants\TenantInteractionLane;
use App\Support\Tenants\TenantOperabilityQuestion;
use App\Support\ManagedEnvironmentLinks;
use App\Support\Workspaces\WorkspaceContext;
use Filament\Pages\Page;
use Illuminate\Database\Eloquent\Collection;

class ManagedEnvironmentsLanding extends Page
{
    protected static bool $shouldRegisterNavigation = false;

    protected static bool $isDiscovered = false;

    protected static string $layout = 'filament-panels::components.layout.simple';

    protected string $view = 'filament.pages.workspaces.managed-environments-landing';

    public Workspace $workspace;

    public function getTitle(): string
    {
        return __('localization.shell.managed_environments_title');
    }

    /**
     * The Filament simple layout renders the topbar by default, which includes
     * lazy-loaded database notifications. On this workspace-scoped landing page,
     * those background Livewire requests currently 404.
     */
    protected function getLayoutData(): array
    {
        return [
            'hasTopbar' => false,
        ];
    }

    public function mount(Workspace $workspace): void
    {
        $this->workspace = $workspace;
    }

    /**
     * @return Collection<int, ManagedEnvironment>
     */
    public function getTenants(): Collection
    {
        $user = auth()->user();

        if (! $user instanceof User) {
            return ManagedEnvironment::query()->whereRaw('1 = 0')->get();
        }

        /** @var CapabilityResolver $resolver */
        $resolver = app(CapabilityResolver::class);

        $tenants = ManagedEnvironment::query()
            ->withTrashed()
            ->where('workspace_id', $this->workspace->getKey())
            ->orderBy('name')
            ->get();

        $resolver->primeMemberships($user, $tenants->modelKeys());

        return $tenants
            ->filter(function (ManagedEnvironment $tenant) use ($resolver, $user): bool {
                if (! $resolver->isMember($user, $tenant)) {
                    return false;
                }

                return app(TenantOperabilityService::class)->outcomeFor(
                    tenant: $tenant,
                    question: TenantOperabilityQuestion::AdministrativeDiscoverability,
                    actor: $user,
                    workspaceId: app(WorkspaceContext::class)->currentWorkspaceId(request()),
                    lane: TenantInteractionLane::AdministrativeManagement,
                )->allowed;
            })
            ->values();
    }

    public function openTenant(int $tenantId): void
    {
        $user = auth()->user();

        if (! $user instanceof User) {
            abort(403);
        }

        $tenant = ManagedEnvironment::query()
            ->withTrashed()
            ->where('workspace_id', $this->workspace->getKey())
            ->whereKey($tenantId)
            ->first();

        if (! $tenant instanceof ManagedEnvironment) {
            abort(404);
        }

        if (! $user->canAccessTenant($tenant)) {
            abort(404);
        }

        $this->redirect(
            ManagedEnvironmentLinks::viewUrl($tenant)
        );
    }
}