One Hat Cyber Team
Your IP :
216.73.216.84
Server IP :
50.6.229.107
Server :
Linux server.hostburly.com 5.14.0-611.38.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 10 17:21:28 EDT 2026 x86_64
Server Software :
Apache
PHP Version :
8.2.30
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
andjemzt
/
ggh_api
/
routes
/
Edit File:
lms.php
<?php use Illuminate\Support\Facades\Route; use App\Http\Controllers\Api\Lms\CourseController; use App\Http\Controllers\Api\Lms\CourseModuleController; use App\Http\Controllers\Api\Lms\LessonController; use App\Http\Controllers\Api\Lms\QuestionController; use App\Http\Controllers\Api\Lms\EnrollmentController; use App\Http\Controllers\Api\Lms\ReviewLogController; use App\Http\Controllers\Api\Lms\FeaturedCourseController; use App\Http\Controllers\Api\Lms\CourseCertificatePriceController; use App\Http\Controllers\Api\Lms\LessonCompletionController; use App\Http\Controllers\Api\Lms\CourseAccessController; use App\Http\Controllers\Api\Lms\EntitlementController; Route::get('lms/courses', [CourseController::class, 'index']); Route::get('lms/courses/essential', [CourseController::class, 'essential']); // Create (JSON or multipart) Route::get('lms/courses/{course}', [CourseController::class, 'show']); Route::prefix('lms')->middleware(['auth:api'])->group(function () { Route::get('my/courses/enrolled', [CourseController::class, 'enrolled']); Route::post('courses', [CourseController::class, 'store']); // ✅ Courses CRUD // List + filters // Show Route::match(['put', 'patch'], 'courses/{course}', [CourseController::class, 'update']); // Update (JSON or multipart) Route::delete('courses/{course}', [CourseController::class, 'destroy']); // Delete (soft delete) // ✅ Publishing workflow Route::post('courses/{course}/publish', [CourseController::class, 'publish']); Route::post('courses/{course}/unpublish', [CourseController::class, 'unpublish']); Route::post('courses/{course}/archive', [CourseController::class, 'archive']); Route::post('courses/{course}/approve', [CourseController::class, 'approve']); Route::post('courses/{course}/reject', [CourseController::class, 'reject']); // ✅ Optional: remove media explicitly // type = thumbnail | banner | intro_video Route::delete('courses/{course}/media/{type}', [CourseController::class, 'deleteMedia']); Route::delete('/courses/{course}/media/{type}', [CourseController::class, 'deleteMedia']); // course module routes here Route::get('courses/{courseId}/modules', [CourseModuleController::class, 'index']); Route::get('courses/{courseId}/access', [CourseAccessController::class, 'show']); Route::post('courses/{courseId}/modules', [CourseModuleController::class, 'store']); Route::get('courses/{courseId}/modules/{moduleId}', [CourseModuleController::class, 'show']); Route::match(['put','patch'], 'courses/{courseId}/modules/{moduleId}', [CourseModuleController::class, 'update']); Route::delete('courses/{courseId}/modules/{moduleId}', [CourseModuleController::class, 'destroy']); Route::post('courses/{courseId}/modules/{moduleId}/approve', [CourseModuleController::class, 'approve']); Route::post('courses/{courseId}/modules/{moduleId}/reject', [CourseModuleController::class, 'reject']); Route::post('courses/{courseId}/modules/{moduleId}/publish', [CourseModuleController::class, 'publish']); Route::post('courses/{courseId}/modules/{moduleId}/unpublish', [CourseModuleController::class, 'unpublish']); Route::post('courses/{courseId}/modules/{moduleId}/archive', [CourseModuleController::class, 'archive']); Route::post('courses/{courseId}/modules/reorder', [CourseModuleController::class, 'reorder']); Route::get('modules/{moduleId}/lessons', [LessonController::class, 'index']); Route::post('modules/{moduleId}/lessons', [LessonController::class, 'store']); Route::get('modules/{moduleId}/lessons/{id}', [LessonController::class, 'show']); Route::put('modules/{moduleId}/lessons/{id}', [LessonController::class, 'update']); Route::delete('modules/{moduleId}/lessons/{id}', [LessonController::class, 'destroy']); Route::post('modules/{moduleId}/lessons/reorder', [LessonController::class, 'reorder']); Route::post('modules/{moduleId}/lessons/{id}/publish', [LessonController::class, 'publish']); Route::post('modules/{moduleId}/lessons/{id}/unpublish', [LessonController::class, 'unpublish']); Route::get('lessons/{lessonId}/questions', [QuestionController::class, 'index']); Route::post('lessons/{lessonId}/questions', [QuestionController::class, 'store']); Route::put('lessons/{lessonId}/questions/{id}', [QuestionController::class, 'update']); Route::delete('lessons/{lessonId}/questions/{id}', [QuestionController::class, 'destroy']); Route::post('lessons/{lessonId}/questions/reorder', [QuestionController::class, 'reorder']); Route::get('enrollments', [EnrollmentController::class, 'index']); Route::post('courses/{courseId}/enroll', [EnrollmentController::class, 'enroll']); Route::post('/essential/enroll', [EnrollmentController::class, 'enrollEssential']); Route::patch('enrollments/{id}/progress', [EnrollmentController::class, 'updateProgress']); Route::get('review-logs', [ReviewLogController::class, 'index']); Route::post('enrollments/{enrollmentId}/review-logs', [ReviewLogController::class, 'store']); // Featured courses Route::get('featured-courses', [FeaturedCourseController::class, 'index']); // ->middleware('permission:lms.courses.view'); Route::post('courses/{courseId}/feature', [FeaturedCourseController::class, 'feature']); // ->middleware('permission:lms.courses.feature'); Route::post('courses/{courseId}/unfeature', [FeaturedCourseController::class, 'unfeature']); // ->middleware('permission:lms.courses.feature'); Route::post('featured-courses/reorder', [FeaturedCourseController::class, 'reorder']); // ->middleware('permission:lms.courses.feature'); Route::get('certificate-price-changes', [CourseCertificatePriceController::class, 'index']); // list pending/history Route::post('courses/{courseId}/certificate-price-change', [CourseCertificatePriceController::class, 'requestChange']); Route::post('certificate-price-changes/{id}/approve', [CourseCertificatePriceController::class, 'approve']); Route::post('certificate-price-changes/{id}/reject', [CourseCertificatePriceController::class, 'reject']); // lesson completions // Route::post('lessons/{lessonId}/complete', [LessonCompletionController::class, 'complete']); // Completion endpoints (must be allowed only if paid) }); // We'll enforce access by middleware "course.access" using lessonId Route::prefix('lms')->middleware(['auth:api', 'course.access:lessonId'])->group(function () { Route::post('/lessons/{lessonId}/complete', [LessonCompletionController::class, 'complete']); Route::post('/lessons/{lessonId}/uncomplete', [LessonCompletionController::class, 'uncomplete']); }); Route::prefix('lms')->middleware(['auth:api'])->group(function () { // ✅ Course Access check (frontend gating) // ✅ Entitlements Route::get('/entitlements/me', [EntitlementController::class, 'me']); Route::post('/entitlements/courses/{courseId}/activate', [EntitlementController::class, 'activateCourse']); Route::post('/entitlements/essential/activate', [EntitlementController::class, 'activateEssential']); // ✅ Lesson completion must be entitled Route::post('/lessons/{lessonId}/complete', [LessonCompletionController::class, 'complete']) ->middleware('course.entitled'); Route::post('/lessons/{lessonId}/uncomplete', [LessonCompletionController::class, 'uncomplete']) ->middleware('course.entitled'); // ✅ IMPORTANT: // Whatever endpoint returns lesson content/video should ALSO be protected: // Example: // Route::get('/lms/modules/{moduleId}/lessons/{id}', [LessonController::class, 'show'])->middleware('entitled'); });
Simpan