fix flusso utente

app/Http/Livewire/User.php

@@ -319,6 +319,11 @@ class User extends Component
 
     public function add()
     {
+        if (!$this->canAddUser()) {
+            session()->flash('error', 'Non hai i permessi per aggiungere utenti.');
+            return;
+        }
+
         $this->logCurrentDatabase('In add() method');
 
         $this->resetFields();
@@ -330,6 +335,11 @@ class User extends Component
 
     public function store()
     {
+        if (!$this->canAddUser()) {
+            session()->flash('error', 'Non hai i permessi per aggiungere utenti.');
+            return;
+        }
+
         $this->logCurrentDatabase('Start of store() method');
 
         Log::info('User store', [
@@ -404,10 +414,20 @@ class User extends Component
                     'level' => $this->level
                 ], $plainPassword);
 
+                if (!$emailSent) {
+                    Log::info('HTML email failed, trying simple email', ['email' => $this->email]);
+                    $emailSent = $this->sendSimpleWelcomeEmail([
+                        'name' => $this->name,
+                        'cognome' => $this->cognome,
+                        'email' => $this->email,
+                        'level' => $this->level
+                    ], $plainPassword);
+                }
+
                 if ($emailSent) {
-                    session()->flash('success', 'Utente creato e email di benvenuto inviata');
+                    session()->flash('success', 'Utente creato e email di benvenuto inviata con successo');
                 } else {
-                    session()->flash('success', 'Utente creato ma errore nell\'invio email');
+                    session()->flash('success', 'Utente creato ma errore nell\'invio dell\'email. Controlla i log per dettagli.');
                 }
             } else {
                 session()->flash('success', 'Utente creato nel database tenant ma errore nella sincronizzazione master');
@@ -436,6 +456,11 @@ class User extends Component
 
     public function edit($id)
     {
+        if (!$this->canEditUser($id)) {
+            session()->flash('error', 'Non hai i permessi per modificare questo utente.');
+            return;
+        }
+
         $this->logCurrentDatabase('Start of edit() method');
 
         try {
@@ -444,7 +469,7 @@ class User extends Component
             $this->logCurrentDatabase('After finding user in edit()');
 
             if (!$user) {
-                session()->flash('error', 'Dato non trovato');
+                session()->flash('error', 'Utente non trovato');
             } else {
                 $this->name = $user->name;
                 $this->cognome = $user->cognome;
@@ -455,6 +480,7 @@ class User extends Component
                 $this->add = false;
                 $this->enabled = $user->enabled;
                 $this->userExists = true;
+                // Store old email for master database update
                 $this->oldEmail = $user->email;
             }
 
@@ -479,6 +505,7 @@ class User extends Component
         }
     }
 
+
     public function update()
     {
         $this->logCurrentDatabase('Start of update() method');
@@ -571,15 +598,50 @@ class User extends Component
 
     public function delete($id)
     {
+        Log::info('Delete method called', [
+            'user_id_to_delete' => $id,
+            'current_user_id' => Auth::id(),
+            'current_user_level' => Auth::user()->level
+        ]);
+
+        if (!$this->canDeleteUser($id)) {
+            Log::warning('Delete permission denied', [
+                'user_id_to_delete' => $id,
+                'current_user_id' => Auth::id(),
+                'current_user_level' => Auth::user()->level
+            ]);
+            session()->flash('error', 'Non hai i permessi per eliminare questo utente.');
+            return;
+        }
+
         $this->logCurrentDatabase('Start of delete() method');
 
         try {
             $user = \App\Models\User::find($id);
-            $userEmail = $user ? $user->email : null;
 
-            $user->delete();
+            if (!$user) {
+                Log::error('User not found for deletion', ['user_id' => $id]);
+                session()->flash('error', 'Utente non trovato.');
+                return;
+            }
 
-            $this->logCurrentDatabase('After deleting user');
+            $userEmail = $user->email;
+            $userName = $user->name;
+            $userCognome = $user->cognome;
+
+            Log::info('Found user for deletion', [
+                'user_id' => $id,
+                'user_email' => $userEmail,
+                'user_name' => $userName . ' ' . $userCognome
+            ]);
+
+            $deleted = $user->delete();
+
+            if (!$deleted) {
+                throw new \Exception('Failed to delete user from tenant database');
+            }
+
+            $this->logCurrentDatabase('After deleting user from tenant');
 
             Log::info('User deleted successfully from tenant database', [
                 'user_id' => $id,
@@ -587,21 +649,90 @@ class User extends Component
                 'database' => DB::connection()->getDatabaseName()
             ]);
 
-            if ($userEmail) {
-                $this->deleteUserFromMasterDatabase($userEmail);
+            $masterDeleted = $this->deleteUserFromMasterDatabase($userEmail);
+
+            if ($masterDeleted) {
+                Log::info('User deleted from both databases successfully', [
+                    'user_id' => $id,
+                    'user_email' => $userEmail
+                ]);
+                session()->flash('success', "Utente {$userName} {$userCognome} eliminato con successo");
+            } else {
+                Log::warning('User deleted from tenant but failed to delete from master', [
+                    'user_id' => $id,
+                    'user_email' => $userEmail
+                ]);
+                session()->flash('success', "Utente eliminato dal database tenant, ma errore nella sincronizzazione master");
             }
 
-            session()->flash('success', "Dato eliminato");
+            $this->emit('userDeleted');
+            $this->emit('load-data-table');
         } catch (\Exception $e) {
             $this->logCurrentDatabase('Error in delete() method');
 
             Log::error('User deletion failed', [
                 'user_id' => $id,
                 'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
                 'database' => DB::connection()->getDatabaseName()
             ]);
 
-            session()->flash('error', 'Errore (' . $e->getMessage() . ')');
+            session()->flash('error', 'Errore durante l\'eliminazione: ' . $e->getMessage());
         }
     }
+
+
+    private function canEditUser($userId)
+    {
+        $currentUser = Auth::user();
+
+        if ($currentUser->level == 0) {
+            $targetUser = \App\Models\User::find($userId);
+            return $targetUser && $targetUser->email != 'admin@admin.com';
+        }
+
+        return $userId == $currentUser->id;
+    }
+
+    /**
+     * Check if current user can edit email and password of a specific user
+     */
+    private function canEditEmailAndPassword($userId)
+    {
+        $currentUser = Auth::user();
+
+        return $userId == $currentUser->id;
+    }
+
+    /**
+     * Check if current user can delete a specific user
+     */
+    private function canDeleteUser($userId)
+    {
+        $currentUser = Auth::user();
+
+        if ($currentUser->level != 0) {
+            return false;
+        }
+
+        if ($userId == $currentUser->id) {
+            return false;
+        }
+
+        $targetUser = \App\Models\User::find($userId);
+        if ($targetUser && $targetUser->email == 'admin@admin.com') {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Check if current user can add users
+     */
+    private function canAddUser()
+    {
+        $currentUser = Auth::user();
+        return $currentUser->level == 0;
+    }
 }

app/Models/User.php

@@ -24,7 +24,8 @@ class User extends Authenticatable
         'cellulare',
         'email',
         'password',
-        'level'
+        'level',
+        'enabled'
     ];
 
     /**

resources/views/emails/password-reset.blade.php

@@ -14,7 +14,7 @@
             padding: 20px;
         }
         .header {
-            background-color: #dc3545;
+            background-color: #0C6197;
             color: white;
             padding: 20px;
             text-align: center;
@@ -27,7 +27,7 @@
         }
         .reset-button {
             display: inline-block;
-            background-color: #dc3545;
+            background-color: #0C6197;
             color: white;
             padding: 15px 30px;
             text-decoration: none;
@@ -38,7 +38,7 @@
         }
         .reset-url {
             background-color: white;
-            border: 2px solid #dc3545;
+            border: 2px solid #0C6197;
             border-radius: 8px;
             padding: 15px;
             margin: 20px 0;
@@ -84,7 +84,7 @@
         <p>Se hai effettuato questa richiesta, clicca sul pulsante qui sotto per reimpostare la tua password:</p>
 
         <div style="text-align: center;">
-            <a href="{{ $reset_url }}" class="reset-button">🔑 Reimposta Password</a>
+            <a href="{{ $reset_url }}" class="reset-button" style="color: #FFF!important">🔑 Reimposta Password</a>
         </div>
 
         <div class="warning">
@@ -114,7 +114,7 @@
         <div class="footer">
             <p><strong>{{ $company }}</strong></p>
             <p>Questa email è stata generata automaticamente. Per favore, non rispondere a questo indirizzo.</p>
-            <p>Data richiesta: {{ date('d/m/Y H:i') }}</p>
+            <p>Data richiesta: {{ date('d/m/Y H:i') }} ({{ date('T') }})</p>
             <p>Indirizzo email: {{ $email }}</p>
         </div>
     </div>

resources/views/emails/welcome-user.blade.php

@@ -14,7 +14,7 @@
             padding: 20px;
         }
         .header {
-            background-color: #007bff;
+            background-color: #0C6197;
             color: white;
             padding: 20px;
             text-align: center;
@@ -27,7 +27,7 @@
         }
         .credentials-box {
             background-color: white;
-            border: 2px solid #007bff;
+            border: 2px solid #0C6197;
             border-radius: 8px;
             padding: 20px;
             margin: 20px 0;
@@ -49,7 +49,7 @@
         }
         .login-button {
             display: inline-block;
-            background-color: #007bff;
+            background-color: #0C6197;
             color: white;
             padding: 12px 30px;
             text-decoration: none;
@@ -116,7 +116,7 @@
         </div>
 
         <div style="text-align: center;">
-            <a href="{{ $login_url }}" class="login-button">🚀 Accedi Ora</a>
+            <a href="{{ $login_url }}" class="login-button" style="color: #FFF!important">🚀 Accedi Ora</a>
         </div>
 
         <h3>📋 Cosa puoi fare ora:</h3>
@@ -131,7 +131,7 @@
         <div class="footer">
             <p><strong>{{ $company }}</strong></p>
             <p>Questa email è stata generata automaticamente. Per favore, non rispondere a questo indirizzo.</p>
-            <p>Data creazione account: {{ date('d/m/Y H:i') }}</p>
+            <p>Data creazione account: {{ date('d/m/Y H:i') }} ({{ date('T') }})</p>
         </div>
     </div>
 </body>

resources/views/livewire/user.blade.php

@@ -7,14 +7,31 @@
                 <h2 class="primary">Utenti</h2>
             </div>
 
-            <div class="title--section_addButton"  wire:click="add()" style="cursor: pointer;">
-                <div class="btn--ui entrata d-flex justify-items-between">
-                    <a href="#" wire:click="add()" style="color:white">Aggiungi</a>
+            @if(Auth::user()->level == 0)
+                <div class="title--section_addButton"  wire:click="add()" style="cursor: pointer;">
+                    <div class="btn--ui entrata d-flex justify-items-between">
+                        <a href="#" wire:click="add()" style="color:white">Aggiungi</a>
+                    </div>
                 </div>
-            </div>
+            @endif
 
         </header>
 
+        <!-- Success/Error Messages -->
+        @if (session()->has('success'))
+            <div class="alert alert-success alert-dismissible fade show" role="alert">
+                {{ session()->get('success') }}
+                <button type="button" class="btn-close" data-bs-dismiss="alert"></button>
+            </div>
+        @endif
+
+        @if (session()->has('error'))
+            <div class="alert alert-danger alert-dismissible fade show" role="alert">
+                {{ session()->get('error') }}
+                <button type="button" class="btn-close" data-bs-dismiss="alert"></button>
+            </div>
+        @endif
+
         <section id="resume-table">
             <div class="compare--chart_wrapper d-none"></div>
 
@@ -38,9 +55,20 @@
                             <td>{{$record->level == 0 ? 'Admin' : ($record->level == 1 ? 'Worker' : 'Istruttore')}}</td>
                             <td> <span class="tablesaw-cell-content"><span class="badge tessera-badge {{$record->enabled ? 'active' : 'suspended'}}">{{$record->enabled ? 'attivo' : 'disattivo'}}</span></span></td>
                             <td>
-                                @if($record->email != 'admin@admin.com')
+                                @php
+                                    $currentUser = Auth::user();
+                                    $isCurrentUser = $record->id == $currentUser->id;
+                                    $isAdmin = $currentUser->level == 0;
+                                    $canEdit = $record->email != 'admin@admin.com' && ($isAdmin || $isCurrentUser);
+                                    $canDelete = $record->email != 'admin@admin.com' && $isAdmin && !$isCurrentUser;
+                                @endphp
+
+                                @if($canEdit)
                                     <button type="button" class="btn" wire:click="edit({{ $record->id }})" data-bs-toggle="popover"  data-bs-trigger="hover focus" data-bs-placement="bottom" data-bs-content="Modifica"><i class="fa-regular fa-pen-to-square"></i></button>
-                                    <button type="button" class="btn" onclick="confirm('Sei sicuro?') || event.stopImmediatePropagation()" wire:click="delete({{ $record->id }})" data-bs-toggle="popover" data-bs-trigger="hover focus" data-bs-placement="bottom" data-bs-content="Elimina"><i class="fa-regular fa-trash-can"></i></button>
+                                @endif
+
+                                @if($canDelete)
+                                    <button type="button" class="btn delete-user-btn" data-user-id="{{ $record->id }}" data-bs-toggle="popover" data-bs-trigger="hover focus" data-bs-placement="bottom" data-bs-content="Elimina"><i class="fa-regular fa-trash-can"></i></button>
                                 @endif
                             </td>
                         </tr>
@@ -81,33 +109,70 @@
                             <div class="col-md-6">
                                 <div class="form--item">
                                     <label for="name" class="form-label">Cognome</label>
-                                    <input class="form-control js-keyupTitle @error('') is-invalid @enderror" type="text" id="cognome" placeholder="Cognome" wire:model="cognome">
+                                    <input class="form-control js-keyupTitle @error('cognome') is-invalid @enderror" type="text" id="cognome" placeholder="Cognome" wire:model="cognome">
                                     @error('cognome')
                                         <div class="invalid-feedback">{{ $message }}</div>
                                     @enderror
                                 </div>
                             </div>
-                            <div class="col-md-6">
-                                <div class="form--item">
-                                    <label for="email" class="form-label">Email</label>
-                                    <input class="form-control js-keyupTitle @error('email') is-invalid @enderror" type="text" id="email" placeholder="Email" wire:model="email" type="email">
-                                    @error('email')
-                                        <div class="invalid-feedback">{{ $message }}</div>
-                                    @enderror
+
+                            @php
+                                $currentUser = Auth::user();
+                                $isEditingOwnProfile = $update && isset($dataId) && $currentUser->id == $dataId;
+                                $canEditEmailAndPassword = $add || $isEditingOwnProfile;
+                            @endphp
+
+                            @if($canEditEmailAndPassword)
+                                <div class="col-md-6 mt-3">
+                                    <div class="form--item">
+                                        <label for="email" class="form-label">Email</label>
+                                        <input class="form-control js-keyupTitle @error('email') is-invalid @enderror" type="text" id="email" placeholder="Email" wire:model="email" type="email">
+                                        @error('email')
+                                            <div class="invalid-feedback">{{ $message }}</div>
+                                        @enderror
+                                    </div>
                                 </div>
-                            </div>
-                            <div class="col-md-6 ">
-                                <div class="form--item">
-                                    <label for="password" class="form-label">Password</label>
-                                    <input class="form-control js-keyupTitle @error('password') is-invalid @enderror" type="password" id="password" placeholder="Password" wire:model="password" type="password" {{ $userExists ? 'disabled' : '' }}>
-                                    @if($update)
+                            @else
+                                <div class="col-md-6 mt-3">
+                                    <div class="form--item">
+                                        <label for="email" class="form-label">Email</label>
+                                        <input class="form-control" type="text" id="email" value="{{ $email }}" disabled>
+                                        <small class="text-muted">Solo l'utente può modificare la propria email</small>
+                                    </div>
+                                </div>
+                            @endif
+
+                            @if ($add)
+                                <div class="col-md-6 mt-3">
+                                    <div class="form--item">
+                                        <label for="password" class="form-label">Password</label>
+                                        <input class="form-control js-keyupTitle @error('password') is-invalid @enderror" type="password" id="password" placeholder="Password" wire:model="password">
+                                        @error('password')
+                                            <div class="invalid-feedback">{{ $message }}</div>
+                                        @enderror
+                                    </div>
+                                </div>
+                            @elseif($canEditEmailAndPassword)
+                                <div class="col-md-6 mt-3">
+                                    <div class="form--item">
+                                        <label for="password" class="form-label">Password</label>
+                                        <input class="form-control js-keyupTitle @error('password') is-invalid @enderror" type="password" id="password" placeholder="Password" wire:model="password">
                                         <small>Lasciare vuota per NON modificarla</small>
-                                    @endif
-                                    @error('password')
-                                        <div class="invalid-feedback">{{ $message }}</div>
-                                    @enderror
+                                        @error('password')
+                                            <div class="invalid-feedback">{{ $message }}</div>
+                                        @enderror
+                                    </div>
                                 </div>
-                            </div>
+                            @else
+                                <div class="col-md-6 mt-3">
+                                    <div class="form--item">
+                                        <label for="password" class="form-label">Password</label>
+                                        <input class="form-control" type="password" value="********" disabled>
+                                        <small class="text-muted">Solo l'utente può modificare la propria password</small>
+                                    </div>
+                                </div>
+                            @endif
+
                         </div>
                         <div class="row mt-3">
 
@@ -126,13 +191,11 @@
                             <div class="col-md-6">
                                 <div class="form--item">
                                     <label for="enabled" class="form-label">Abilitato</label>
-                                    <input class="form-check-input form-control" style="width:22px; height:22px;" type="checkbox" id="enabled" wire:model="enabled" {{ $userExists ? '' : '' }}>
+                                    <input class="form-check-input form-control" style="width:22px; height:22px;" type="checkbox" id="enabled" wire:model="enabled">
                                 </div>
                             </div>
                         </div>
 
-                        <!-- // inline input field -->
-
                         <div class="form--item">
                             <button type="button" class="btn--ui lightGrey" wire:click="cancel()">Annulla</button>
                             @if($add)
@@ -172,6 +235,12 @@
             loadDataTable();
         });
 
+        Livewire.on('userDeleted', () => {
+            setTimeout(function() {
+                location.reload();
+            }, 1500);
+        });
+
         function loadDataTable(){
             if ( $.fn.DataTable.isDataTable('#tablesaw-350') ) {
                 $('#tablesaw-350').DataTable().destroy();
@@ -191,14 +260,14 @@
                                 buttons: [
                                     {
                                     extend: 'excelHtml5',
-                                        title: 'Durata corsi',
+                                        title: 'Utenti',
                                         exportOptions: {
                                             columns: ":not(':last')"
                                         }
                                     },
                                     {
                                         extend: 'pdfHtml5',
-                                        title: 'Durata corsi',
+                                        title: 'Utenti',
                                         exportOptions: {
                                             columns: ":not(':last')"
                                         }
@@ -206,7 +275,7 @@
                                     {
                                         extend: 'print',
                                         text: 'Stampa',
-                                        title: 'Durata corsi',
+                                        title: 'Utenti',
                                         exportOptions: {
                                             columns: ":not(':last')"
                                         }
@@ -228,8 +297,10 @@
                     "url": "/assets/js/Italian.json"
                 },
                 "fnInitComplete": function (oSettings, json) {
-                    var html = '&nbsp;<a href="#" class="addData btn--ui"><i class="fa-solid fa-plus"></i></a>';
-                    $(".dt-search").append(html);
+                    @if(Auth::user()->level == 0)
+                        var html = '&nbsp;<a href="#" class="addData btn--ui"><i class="fa-solid fa-plus"></i></a>';
+                        $(".dt-search").append(html);
+                    @endif
                 }
             });
             $('#tablesaw-350 thead tr th').addClass('col');
@@ -239,10 +310,24 @@
                 $(document).on("click",".addData",function() {
                     $(".title--section_addButton").trigger("click")
                 });
-            } );
 
+                $(document).on("click", ".delete-user-btn", function(e) {
+                    e.preventDefault();
+
+                    var userId = $(this).data('user-id');
+                    var userRow = $(this).closest('tr');
+                    var userName = userRow.find('td:eq(1)').text();
+                    var userSurname = userRow.find('td:eq(0)').text();
+
+                    if (confirm('Sei sicuro di voler eliminare l\'utente ' + userName + ' ' + userSurname + '?')) {
+                        $(this).prop('disabled', true);
+                        $(this).html('<i class="fa fa-spinner fa-spin"></i>');
+
+                        @this.call('delete', userId);
+                    }
+                });
+            });
         }
 
     </script>
 @endpush
-