From cbadc550fc97caa53c29b471d154a84b937086d6 Mon Sep 17 00:00:00 2001
From: tuxarmy <ambarrubiyanto@gmail.com>
Date: Sun, 5 Apr 2026 23:06:42 +0700
Subject: [PATCH] fix: policy koordinator hilang, source_type hardcode,
 validasi executed_at salah kondisi

---
 .../ParticipantsRelationManager.php              | 10 +++++-----
 app/Observers/ActivityObserver.php               |  7 -------
 app/Policies/ActivityPolicy.php                  | 16 ++++++++++++++--
 3 files changed, 19 insertions(+), 14 deletions(-)

diff --git a/app/Filament/Resources/Activities/RelationManagers/ParticipantsRelationManager.php b/app/Filament/Resources/Activities/RelationManagers/ParticipantsRelationManager.php
index de911d2..ebd48f2 100644
--- a/app/Filament/Resources/Activities/RelationManagers/ParticipantsRelationManager.php
+++ b/app/Filament/Resources/Activities/RelationManagers/ParticipantsRelationManager.php
@@ -59,7 +59,7 @@ class ParticipantsRelationManager extends RelationManager
                         if (($data['status'] ?? 'hadir') === 'hadir') {
                             $activity = $this->getOwnerRecord();
                             MemberPoint::firstOrCreate(
-                                ['user_id' => $data['recordId'], 'source_type' => 'activity', 'source_id' => $activity->id],
+                                ['user_id' => $data['recordId'], 'source_type' => \App\Models\Activity::class, 'source_id' => $activity->id],
                                 ['points' => 10, 'reason' => "Hadir di kegiatan: {$activity->title}"]
                             );
                         }
@@ -70,7 +70,7 @@ class ParticipantsRelationManager extends RelationManager
                     ->after(function (EditAction $action, $record, array $data) {
                         $activity = $this->getOwnerRecord();
                         $existing = MemberPoint::where('user_id', $record->id)
-                            ->where('source_type', 'activity')
+                            ->where('source_type', \App\Models\Activity::class)
                             ->where('source_id', $activity->id)
                             ->first();
 
@@ -79,7 +79,7 @@ class ParticipantsRelationManager extends RelationManager
                                 'user_id'     => $record->id,
                                 'points'      => 10,
                                 'reason'      => "Hadir di kegiatan: {$activity->title}",
-                                'source_type' => 'activity',
+                                'source_type' => \App\Models\Activity::class,
                                 'source_id'   => $activity->id,
                             ]);
                         } elseif (($data['status'] ?? 'hadir') !== 'hadir' && $existing) {
@@ -90,7 +90,7 @@ class ParticipantsRelationManager extends RelationManager
                     ->after(function ($record) {
                         $activity = $this->getOwnerRecord();
                         MemberPoint::where('user_id', $record->id)
-                            ->where('source_type', 'activity')
+                            ->where('source_type', \App\Models\Activity::class)
                             ->where('source_id', $activity->id)
                             ->delete();
                     }),
@@ -100,7 +100,7 @@ class ParticipantsRelationManager extends RelationManager
                     DetachBulkAction::make()
                         ->after(function ($records) {
                             $activity = $this->getOwnerRecord();
-                            MemberPoint::where('source_type', 'activity')
+                            MemberPoint::where('source_type', \App\Models\Activity::class)
                                 ->where('source_id', $activity->id)
                                 ->whereIn('user_id', $records->pluck('id'))
                                 ->delete();
diff --git a/app/Observers/ActivityObserver.php b/app/Observers/ActivityObserver.php
index 691eb87..c8d6b23 100644
--- a/app/Observers/ActivityObserver.php
+++ b/app/Observers/ActivityObserver.php
@@ -30,13 +30,6 @@ class ActivityObserver
                 return;
             }
 
-            if ($new === 'approved' && $activity->wasChanged('executed_at') && empty($activity->execution_notes)) {
-                Notification::make()->title('Catatan pelaksanaan wajib diisi')
-                    ->danger()->send();
-                $activity->executed_at = null;
-                return;
-            }
-
             ActivityLog::create([
                 'user_id'     => Auth::id(),
                 'action'      => 'status_changed',
diff --git a/app/Policies/ActivityPolicy.php b/app/Policies/ActivityPolicy.php
index 91e8221..5d48d81 100644
--- a/app/Policies/ActivityPolicy.php
+++ b/app/Policies/ActivityPolicy.php
@@ -29,12 +29,24 @@ class ActivityPolicy
 
     public function update(AuthUser $authUser, Activity $activity): bool
     {
-        return $authUser->can('Update:Activity');
+        if ($authUser->can('Update:Activity')) {
+            return true;
+        }
+
+        return $authUser->hasRole('koordinator')
+            && $activity->created_by === $authUser->id
+            && is_null($activity->approved_at);
     }
 
     public function delete(AuthUser $authUser, Activity $activity): bool
     {
-        return $authUser->can('Delete:Activity');
+        if ($authUser->can('Delete:Activity')) {
+            return true;
+        }
+
+        return $authUser->hasRole('koordinator')
+            && $activity->created_by === $authUser->id
+            && is_null($activity->approved_at);
     }
 
     public function deleteAny(AuthUser $authUser): bool