File: /home/xedaptot/be.naniguide.com/app/Http/Controllers/Refactor/Admin/AdminAdsLeadController.php
<?php
namespace App\Http\Controllers\Refactor\Admin;
use App\Http\Controllers\Controller;
use App\Model\AdLead;
use App\Services\Ads\AdActivityLogger;
use Illuminate\Http\Request;
/**
* R11.5 — admin-side lead inspection with mandatory audit logging.
*
* Every admin GET on a customer's lead writes an `AdActivityLog` row with
* action `admin.lead_viewed`, the actor admin id, and the customer id.
* The view also surfaces a banner reminding the admin that the access is
* audited — so support staff aren't tempted to use admin powers for
* routine snooping.
*
* Closes gate C-8 (admin lead view audited) and pairs with C-9 (the
* customer-side `AdLeadFormConfig::ofCustomer($customerId)` scope already
* blocks cross-tenant reads on the customer surface).
*/
class AdminAdsLeadController extends Controller
{
public function show(Request $request, int $id)
{
if (!$this->canManage($request)) {
return $this->notAuthorized();
}
$lead = AdLead::with(['config', 'subscriber'])->findOrFail($id);
/** @var \App\Model\AdLeadFormConfig|null $config */
$config = $lead->config()->first();
$customerId = $config?->customer_id;
AdActivityLogger::log(
entity: $lead,
action: 'admin.lead_viewed',
status: 'info',
title: "Admin viewed lead #{$lead->id}",
description: 'Cross-tenant lead access — audited per R11.5.',
metadata: [
'actor_admin_id' => optional($request->user()->admin)->id,
'actor_user_id' => $request->user()->id,
'customer_id' => $customerId,
'platform_lead_id' => $lead->platform_lead_id,
],
);
return view('refactor.pages.admin.ads.lead_show', [
'lead' => $lead,
'config' => $config,
'subscriber' => $lead->subscriber,
]);
}
private function canManage(Request $request): bool
{
$user = $request->user();
if (!$user) {
return false;
}
$admin = $user->admin()->first();
if (!$admin) {
return false;
}
return $admin->getPermission('setting_general') === 'yes';
}
}