Show clients that are assigned to the employee, closes #893

Author: agross

app/Http/Controllers/Api/V1/ClientController.php

@@ -12,6 +12,7 @@
 use App\Http\Resources\V1\Client\ClientResource;
 use App\Models\Client;
 use App\Models\Organization;
+use App\Models\Project;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Carbon;
@@ -38,11 +39,23 @@ protected function checkPermission(Organization $organization, string $permissio
     public function index(Organization $organization, ClientIndexRequest $request): ClientCollection
     {
         $this->checkPermission($organization, 'clients:view');
+        $canViewAllClients = $this->hasPermission($organization, 'clients:view:all');
+        $user = $this->user();
 
         $clientsQuery = Client::query()
             ->whereBelongsTo($organization, 'organization')
             ->orderBy('created_at', 'desc');
 
+        if (! $canViewAllClients) {
+            $projectsQuery = Project::query()
+                ->whereBelongsTo($organization, 'organization')
+                ->visibleByEmployee($user)
+                ->distinct()
+                ->select('client_id');
+
+            $clientsQuery->whereIn('id', $projectsQuery);
+        }
+
         $filterArchived = $request->getFilterArchived();
         if ($filterArchived === 'true') {
             $clientsQuery->whereNotNull('archived_at');

app/Providers/JetstreamServiceProvider.php

@@ -109,6 +109,7 @@ protected function configurePermissions(): void
             'tags:update',
             'tags:delete',
             'clients:view',
+            'clients:view:all',
             'clients:create',
             'clients:update',
             'clients:delete',
@@ -172,6 +173,7 @@ protected function configurePermissions(): void
             'tags:update',
             'tags:delete',
             'clients:view',
+            'clients:view:all',
             'clients:create',
             'clients:update',
             'clients:delete',
@@ -232,6 +234,7 @@ protected function configurePermissions(): void
             'tags:update',
             'tags:delete',
             'clients:view',
+            'clients:view:all',
             'clients:create',
             'clients:update',
             'clients:delete',
@@ -256,12 +259,13 @@ protected function configurePermissions(): void
             'projects:view',
             'tags:view',
             'tasks:view',
+            'clients:view',
             'time-entries:view:own',
             'time-entries:create:own',
             'time-entries:update:own',
             'time-entries:delete:own',
             'organizations:view',
-        ])->description('Employees have the ability to read, create, and update their own time entries and they can see the projects that they are members of.');
+        ])->description('Employees have the ability to read, create, and update their own time entries, they can see the projects that they are members of and the clients they are assigned to.');
 
         Jetstream::role(Role::Placeholder->value, 'Placeholder', [
         ])->description('Placeholders are used for importing data. They cannot log in and have no permissions.');

tests/Unit/Endpoint/Api/V1/ClientEndpointTest.php

@@ -34,6 +34,7 @@ public function test_index_endpoint_returns_list_of_all_clients_of_organization_
         // Arrange
         $data = $this->createUserWithPermission([
             'clients:view',
+            'clients:view:all',
         ]);
         $clients = Client::factory()->forOrganization($data->organization)->randomCreatedAt()->createMany(4);
         Passport::actingAs($data->user);
@@ -57,11 +58,43 @@ public function test_index_endpoint_returns_list_of_all_clients_of_organization_
         );
     }
 
+    public function test_index_endpoint_returns_list_of_clients_assigned_to_employee_user(): void
+    {
+        // Arrange
+        $data = $this->createUserWithPermission([
+            'clients:view'
+        ]);
+
+        $clients = Client::factory()->forOrganization($data->organization)->createMany(2);
+        $projectWithMembership1 = Project::factory()->forOrganization($data->organization)->forClient($clients->get(0))->addMember($data->member)->isPrivate()->create();
+        $projectWithMembership2 = Project::factory()->forOrganization($data->organization)->forClient($clients->get(1))->addMember($data->member)->isPrivate()->create();
+
+        $otherClients = Client::factory()->forOrganization($data->organization)->createMany(2);
+        $projectWithoutMembership = Project::factory()->forOrganization($data->organization)->forClient($otherClients->get(0))->isPrivate()->create();
+        Passport::actingAs($data->user);
+
+        // Act
+        $response = $this->getJson(route('api.v1.clients.index', [$data->organization->getKey()]));
+
+        // Assert
+        $response->assertStatus(200);
+        $response->assertJsonCount(2, 'data');
+        $response->assertJson(fn (AssertableJson $json) => $json
+            ->has('data')
+            ->has('links')
+            ->has('meta')
+            ->count('data', 2)
+            ->where('data.0.id', $clients->get(0)->getKey())
+            ->where('data.1.id', $clients->get(1)->getKey())
+        );
+    }
+
     public function test_index_endpoint_without_filter_archived_returns_only_non_archived_clients(): void
     {
         // Arrange
         $data = $this->createUserWithPermission([
             'clients:view',
+            'clients:view:all',
         ]);
         $archivedClients = Client::factory()->forOrganization($data->organization)->archived()->createMany(2);
         $nonArchivedClients = Client::factory()->forOrganization($data->organization)->createMany(2);
@@ -81,6 +114,7 @@ public function test_index_endpoint_with_filter_archived_true_returns_only_archi
         // Arrange
         $data = $this->createUserWithPermission([
             'clients:view',
+            'clients:view:all',
         ]);
         $archivedClients = Client::factory()->forOrganization($data->organization)->archived()->createMany(2);
         $nonArchivedClients = Client::factory()->forOrganization($data->organization)->createMany(2);
@@ -103,6 +137,7 @@ public function test_index_endpoint_with_filter_archived_false_returns_only_non_
         // Arrange
         $data = $this->createUserWithPermission([
             'clients:view',
+            'clients:view:all',
         ]);
         $archivedClients = Client::factory()->forOrganization($data->organization)->archived()->createMany(2);
         $nonArchivedClients = Client::factory()->forOrganization($data->organization)->createMany(2);
@@ -125,6 +160,7 @@ public function test_index_endpoint_with_filter_archived_all_returns_all_clients
         // Arrange
         $data = $this->createUserWithPermission([
             'clients:view',
+            'clients:view:all',
         ]);
         $archivedClients = Client::factory()->forOrganization($data->organization)->archived()->createMany(2);
         $nonArchivedClients = Client::factory()->forOrganization($data->organization)->createMany(2);