Skip to main content

Overview

Admin controllers handle company-level configuration and user management. All routes require authentication and the role:admin middleware.

Company Management

Manage company profile and settings.

View Company Settings

GET /admin/company
route
Display company information edit form.
Middleware: auth, role:admin Route Name: admin.company.edit Response:
  • Returns view with company details
  • Form for editing company information
Authorization: User must have an associated company Controller: App\Http\Controllers\Admin\CompanyController@edit Source: routes/web.php:73

Update Company Settings

PUT /admin/company
route
Update company information.
Middleware: auth, role:admin Route Name: admin.company.update Request Parameters:
name
string
required
Company name (max 255 characters)
owner_name
string
required
Owner’s full name (max 255 characters)
owner_email
string
required
Owner’s email address (max 255 characters)
owner_phone
string
required
Owner’s phone number (max 50 characters)
tax_id
string
Company tax ID or VAT number (max 120 characters)
billing_email
string
Billing contact email (max 255 characters)
billing_phone
string
Billing contact phone (max 50 characters)
address_line
string
Street address (max 255 characters)
city
string
City name (max 120 characters)
state
string
State or province (max 120 characters)
country
string
required
Two-letter country code (ISO 3166-1 alpha-2, e.g., “US”, “MX”)
postal_code
string
Postal or ZIP code (max 20 characters)
currency
string
required
Three-letter currency code (ISO 4217, e.g., “USD”, “EUR”, “MXN”)
vat_percentage
number
required
VAT/tax percentage (0-100)
notes
string
Additional company notes
Response:
  • Redirects back with success message
Authorization: User must be admin with associated company Validation: UpdateCompanyRequest Controller: App\Http\Controllers\Admin\CompanyController@update Source: routes/web.php:74

Worker Management

Manage worker accounts and permissions.

List Workers

GET /admin/workers
route
Display all workers in the company.
Middleware: auth, role:admin Route Name: admin.workers.index Response:
  • Returns view with all workers (including soft-deleted)
  • Ordered by name
  • Only shows workers from admin’s company
Controller: App\Http\Controllers\Admin\WorkerController@index Source: routes/web.php:75

Create Worker

POST /admin/workers
route
Create a new worker account.
Middleware: auth, role:admin Route Name: admin.workers.store Request Parameters:
name
string
required
Worker’s full name (max 255 characters)
email
string
required
Worker’s email address (max 255 characters, must be unique)
password
string
required
Initial password (minimum 8 characters)
can_access_billing
boolean
Grant access to billing module (default: false)
can_access_inventory
boolean
Grant access to inventory module (default: false)
Response:
  • Redirects back with success message
  • Worker is automatically assigned to admin’s company
  • Worker role is set to “worker”
  • Account is active by default
Validation: StoreWorkerRequest Controller: App\Http\Controllers\Admin\WorkerController@store Source: routes/web.php:76

Update Worker

PUT /admin/workers/{user}
route
Update worker account details and permissions.
Middleware: auth, role:admin Route Name: admin.workers.update URL Parameters:
user
integer
required
Worker user ID
Request Parameters:
name
string
required
Worker’s full name (max 255 characters)
email
string
required
Worker’s email address (max 255 characters, unique except for this user)
password
string
New password (minimum 8 characters, only if changing password)
can_access_billing
boolean
Update billing module access
can_access_inventory
boolean
Update inventory module access
Response:
  • Redirects back with success message
Authorization: Worker must belong to admin’s company and have “worker” role Validation: UpdateWorkerRequest Controller: App\Http\Controllers\Admin\WorkerController@update Source: routes/web.php:77

Toggle Worker Active Status

PATCH /admin/workers/{user}/deactivate
route
Activate or deactivate a worker account.
Middleware: auth, role:admin Route Name: admin.workers.deactivate URL Parameters:
user
integer
required
Worker user ID
Response:
  • Redirects back with success message
  • Toggles is_active status
  • Inactive workers cannot log in
Authorization: Worker must belong to admin’s company and have “worker” role Controller: App\Http\Controllers\Admin\WorkerController@deactivate Source: routes/web.php:78

Delete Worker

DELETE /admin/workers/{user}
route
Permanently delete a worker account.
Middleware: auth, role:admin Route Name: admin.workers.destroy URL Parameters:
user
integer
required
Worker user ID
Response:
  • Redirects back with success message
  • Performs force delete (permanent)
Authorization: Worker must belong to admin’s company and have “worker” role Controller: App\Http\Controllers\Admin\WorkerController@destroy Source: routes/web.php:79

Subscription Management

Manage company subscription plans and settings.

View Subscription

GET /admin/subscription
route
Display subscription details and edit form.
Middleware: auth, role:admin Route Name: admin.subscription.edit Response:
  • Returns view with subscription details
  • If no subscription exists, creates default trial subscription:
    • Plan: “starter”
    • Status: “trial”
    • Duration: 1 month from now
    • Billing cycle: “monthly”
    • User limit: 10
Authorization: User must have an associated company Controller: App\Http\Controllers\Admin\SubscriptionController@edit Source: routes/web.php:80

Update Subscription

PUT /admin/subscription
route
Update subscription plan and settings.
Middleware: auth, role:admin Route Name: admin.subscription.update Request Parameters:
plan
string
required
Subscription plan: “starter”, “pro”, “enterprise”, or “developer_test”
status
string
required
Subscription status: “active”, “trial”, “past_due”, “canceled”, or “suspended”
starts_at
date
required
Subscription start date (format: YYYY-MM-DD)
ends_at
date
required
Subscription end date (must be on or after starts_at)
billing_cycle
string
required
Billing frequency: “monthly” or “yearly”
user_limit
integer
Maximum number of users allowed (1-100,000)
Response:
  • Redirects back with success message
Authorization: User must be admin with associated company Validation: UpdateSubscriptionRequest Controller: App\Http\Controllers\Admin\SubscriptionController@update Source: routes/web.php:81

Usage Examples

Updating Company Information

<form method="POST" action="{{ route('admin.company.update') }}">
    @csrf
    @method('PUT')
    
    <!-- Basic Information -->
    <input type="text" name="name" value="ElectroFix Repairs">
    <input type="text" name="owner_name" value="John Smith">
    <input type="email" name="owner_email" value="[email protected]">
    <input type="text" name="owner_phone" value="+1-555-0100">
    
    <!-- Tax & Billing -->
    <input type="text" name="tax_id" value="123-45-6789">
    <input type="email" name="billing_email" value="[email protected]">
    <input type="text" name="billing_phone" value="+1-555-0101">
    
    <!-- Address -->
    <input type="text" name="address_line" value="123 Main Street">
    <input type="text" name="city" value="San Francisco">
    <input type="text" name="state" value="California">
    <input type="text" name="country" value="US">
    <input type="text" name="postal_code" value="94102">
    
    <!-- Financial Settings -->
    <input type="text" name="currency" value="USD">
    <input type="number" name="vat_percentage" value="8.5" step="0.01">
    
    <textarea name="notes">Additional company information</textarea>
    
    <button type="submit">Update Company</button>
</form>

Creating a New Worker

<form method="POST" action="{{ route('admin.workers.store') }}">
    @csrf
    <input type="text" name="name" placeholder="Worker Name" required>
    <input type="email" name="email" placeholder="[email protected]" required>
    <input type="password" name="password" placeholder="Password (min 8 chars)" required>
    
    <label>
        <input type="checkbox" name="can_access_billing" value="1">
        Access to Billing Module
    </label>
    
    <label>
        <input type="checkbox" name="can_access_inventory" value="1">
        Access to Inventory Module
    </label>
    
    <button type="submit">Create Worker</button>
</form>

Updating Subscription

<form method="POST" action="{{ route('admin.subscription.update') }}">
    @csrf
    @method('PUT')
    
    <select name="plan" required>
        <option value="starter">Starter</option>
        <option value="pro">Pro</option>
        <option value="enterprise">Enterprise</option>
    </select>
    
    <select name="status" required>
        <option value="active">Active</option>
        <option value="trial">Trial</option>
        <option value="past_due">Past Due</option>
        <option value="canceled">Canceled</option>
        <option value="suspended">Suspended</option>
    </select>
    
    <input type="date" name="starts_at" value="2024-01-01" required>
    <input type="date" name="ends_at" value="2024-12-31" required>
    
    <select name="billing_cycle" required>
        <option value="monthly">Monthly</option>
        <option value="yearly">Yearly</option>
    </select>
    
    <input type="number" name="user_limit" value="25" min="1" max="100000">
    
    <button type="submit">Update Subscription</button>
</form>

Deactivating a Worker

<form method="POST" action="{{ route('admin.workers.deactivate', $worker) }}">
    @csrf
    @method('PATCH')
    <button type="submit">
        {{ $worker->is_active ? 'Deactivate' : 'Activate' }} Worker
    </button>
</form>

Deleting a Worker (Permanent)

<form method="POST" action="{{ route('admin.workers.destroy', $worker) }}" 
      onsubmit="return confirm('Permanently delete this worker? This cannot be undone!')">
    @csrf
    @method('DELETE')
    <button type="submit" class="danger">Delete Worker Permanently</button>
</form>

Module Access Control

Workers can be granted access to optional modules:
  • Billing Module (can_access_billing): Access to invoice/quote generation
  • Inventory Module (can_access_inventory): Access to inventory management
These permissions are checked by the module_access middleware on relevant routes. Example Permission Check: 
// In controller or middleware
if ($user->canAccessModule('billing')) {
    // Allow access to billing routes
}

Build docs developers (and LLMs) love

Get started for freeTalk to us