feat: Sign / E-Signature module — 10 tests passing

- SignRequest model: send() (generates signer tokens), cancel(),
  checkCompletion() (auto-completes when all signers have signed),
  pendingSigners(), allSigned()
- SignRequestSigner model: sign() (sets signed_at, triggers checkCompletion),
  decline(), generateToken() (Str::random(40))
- SignController: CRUD + send/cancel/addSigner/removeSigner/sign/decline
- Auto-completion: request status → 'completed' when last signer signs
- 2 migrations: sign_requests, sign_request_signers
- React pages: Index (request list, signers count badge, new request form
  with dynamic signer rows) + Show (signers table with Sign/Decline actions)

https://claude.ai/code/session_01RdUGwo74JXChRCF88Yu27d

Author: claude

erp/app/Modules/Core/Providers/CoreServiceProvider.php

@@ -29,6 +29,7 @@
 use App\Modules\Events\Providers\EventsServiceProvider;
 use App\Modules\KnowledgeBase\Providers\KnowledgeBaseServiceProvider;
 use App\Modules\Planning\Providers\PlanningServiceProvider;
+use App\Modules\Sign\Providers\SignServiceProvider;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\ServiceProvider;
 
@@ -59,6 +60,7 @@ public function register(): void
         $this->app->register(EventsServiceProvider::class);
         $this->app->register(KnowledgeBaseServiceProvider::class);
         $this->app->register(PlanningServiceProvider::class);
+        $this->app->register(SignServiceProvider::class);
     }
 
     public function boot(): void

erp/app/Modules/Sign/Http/Controllers/SignController.php

@@ -0,0 +1,150 @@
+<?php
+
+namespace App\Modules\Sign\Http\Controllers;
+
+use App\Http\Controllers\Controller;
+use App\Modules\Sign\Models\SignRequest;
+use App\Modules\Sign\Models\SignRequestSigner;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Inertia\Inertia;
+use Inertia\Response;
+
+class SignController extends Controller
+{
+    public function index(Request $request): Response
+    {
+        $signRequests = SignRequest::when($request->status, fn ($q) => $q->where('status', $request->status))
+            ->with(['signers', 'creator'])
+            ->orderByDesc('created_at')
+            ->paginate(20)
+            ->withQueryString();
+
+        return Inertia::render('Sign/Index', [
+            'signRequests' => $signRequests,
+            'filters'      => $request->only(['status']),
+        ]);
+    }
+
+    public function show(SignRequest $signRequest): Response
+    {
+        $signRequest->load(['signers', 'creator']);
+
+        return Inertia::render('Sign/Show', [
+            'signRequest' => $signRequest,
+        ]);
+    }
+
+    public function store(Request $request): RedirectResponse
+    {
+        $validated = $request->validate([
+            'title'         => 'required|string|max:255',
+            'document_path' => 'required|string|max:255',
+            'document_name' => 'required|string|max:255',
+            'message'       => 'nullable|string',
+            'signers'       => 'nullable|array',
+            'signers.*.name'     => 'required_with:signers|string|max:255',
+            'signers.*.email'    => 'required_with:signers|email|max:255',
+            'signers.*.sequence' => 'nullable|integer',
+        ]);
+
+        $signRequest = SignRequest::create([
+            'title'         => $validated['title'],
+            'document_path' => $validated['document_path'],
+            'document_name' => $validated['document_name'],
+            'message'       => $validated['message'] ?? null,
+            'tenant_id'     => auth()->user()->tenant_id,
+            'created_by'    => auth()->id(),
+            'status'        => 'draft',
+        ]);
+
+        foreach ($validated['signers'] ?? [] as $signerData) {
+            $signer = new SignRequestSigner([
+                'sign_request_id' => $signRequest->id,
+                'tenant_id'       => $signRequest->tenant_id,
+                'signer_name'     => $signerData['name'],
+                'signer_email'    => $signerData['email'],
+                'sequence'        => $signerData['sequence'] ?? 0,
+                'status'          => 'pending',
+            ]);
+            $signer->token = $signer->generateToken();
+            $signer->save();
+        }
+
+        return redirect()->route('sign.show', $signRequest)->with('success', 'Sign request created.');
+    }
+
+    public function destroy(SignRequest $signRequest): RedirectResponse
+    {
+        abort_if(
+            ! in_array($signRequest->status, ['draft', 'cancelled']),
+            403,
+            'Only draft or cancelled requests can be deleted.'
+        );
+
+        $signRequest->delete();
+
+        return redirect()->route('sign.index')->with('success', 'Sign request deleted.');
+    }
+
+    public function send(SignRequest $signRequest): RedirectResponse
+    {
+        $signRequest->send();
+
+        return redirect()->back()->with('success', 'Sign request sent.');
+    }
+
+    public function cancel(SignRequest $signRequest): RedirectResponse
+    {
+        $signRequest->cancel();
+
+        return redirect()->back()->with('success', 'Sign request cancelled.');
+    }
+
+    public function addSigner(Request $request, SignRequest $signRequest): RedirectResponse
+    {
+        abort_if($signRequest->status !== 'draft', 403, 'Signers can only be added to draft requests.');
+
+        $validated = $request->validate([
+            'signer_name'  => 'required|string|max:255',
+            'signer_email' => 'required|email|max:255',
+            'sequence'     => 'nullable|integer',
+        ]);
+
+        $signer = new SignRequestSigner([
+            'sign_request_id' => $signRequest->id,
+            'tenant_id'       => $signRequest->tenant_id,
+            'signer_name'     => $validated['signer_name'],
+            'signer_email'    => $validated['signer_email'],
+            'sequence'        => $validated['sequence'] ?? 0,
+            'status'          => 'pending',
+        ]);
+        $signer->token = $signer->generateToken();
+        $signer->save();
+
+        return redirect()->back()->with('success', 'Signer added.');
+    }
+
+    public function removeSigner(SignRequest $signRequest, SignRequestSigner $signer): RedirectResponse
+    {
+        abort_if($signRequest->status !== 'draft', 403, 'Signers can only be removed from draft requests.');
+
+        $signer->delete();
+
+        return redirect()->back()->with('success', 'Signer removed.');
+    }
+
+    public function sign(SignRequest $signRequest, SignRequestSigner $signer): RedirectResponse
+    {
+        $signer->sign();
+
+        return redirect()->back()->with('success', 'Signed successfully.');
+    }
+
+    public function decline(SignRequest $signRequest, SignRequestSigner $signer): RedirectResponse
+    {
+        $signer->decline();
+
+        return redirect()->back()->with('success', 'Declined.');
+    }
+}

erp/app/Modules/Sign/Models/SignRequest.php

@@ -0,0 +1,80 @@
+<?php
+
+namespace App\Modules\Sign\Models;
+
+use App\Models\User;
+use App\Modules\Core\Traits\BelongsToTenant;
+use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\HasMany;
+use Illuminate\Database\Eloquent\SoftDeletes;
+
+class SignRequest extends Model
+{
+    use BelongsToTenant, SoftDeletes;
+
+    protected $fillable = [
+        'tenant_id',
+        'title',
+        'document_path',
+        'document_name',
+        'status',
+        'message',
+        'created_by',
+        'completed_at',
+    ];
+
+    protected $casts = [
+        'completed_at' => 'datetime',
+    ];
+
+    public function signers(): HasMany
+    {
+        return $this->hasMany(SignRequestSigner::class)->orderBy('sequence');
+    }
+
+    public function creator(): BelongsTo
+    {
+        return $this->belongsTo(User::class, 'created_by');
+    }
+
+    public function send(): void
+    {
+        $this->status = 'sent';
+        $this->save();
+
+        foreach ($this->signers as $signer) {
+            if (empty($signer->token)) {
+                $signer->token = $signer->generateToken();
+                $signer->save();
+            }
+        }
+    }
+
+    public function cancel(): void
+    {
+        $this->status = 'cancelled';
+        $this->save();
+    }
+
+    public function checkCompletion(): void
+    {
+        if ($this->allSigned()) {
+            $this->status       = 'completed';
+            $this->completed_at = now();
+            $this->save();
+        }
+    }
+
+    public function pendingSigners(): Collection
+    {
+        return $this->signers()->where('status', 'pending')->get();
+    }
+
+    public function allSigned(): bool
+    {
+        return $this->signers()->exists()
+            && $this->signers()->where('status', '!=', 'signed')->doesntExist();
+    }
+}

erp/app/Modules/Sign/Models/SignRequestSigner.php

@@ -0,0 +1,56 @@
+<?php
+
+namespace App\Modules\Sign\Models;
+
+use App\Modules\Core\Traits\BelongsToTenant;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Support\Str;
+
+class SignRequestSigner extends Model
+{
+    use BelongsToTenant;
+
+    protected $fillable = [
+        'sign_request_id',
+        'tenant_id',
+        'signer_name',
+        'signer_email',
+        'status',
+        'signed_at',
+        'declined_at',
+        'token',
+        'sequence',
+    ];
+
+    protected $casts = [
+        'signed_at'   => 'datetime',
+        'declined_at' => 'datetime',
+    ];
+
+    public function request(): BelongsTo
+    {
+        return $this->belongsTo(SignRequest::class, 'sign_request_id');
+    }
+
+    public function sign(): void
+    {
+        $this->status    = 'signed';
+        $this->signed_at = now();
+        $this->save();
+
+        $this->request->checkCompletion();
+    }
+
+    public function decline(): void
+    {
+        $this->status      = 'declined';
+        $this->declined_at = now();
+        $this->save();
+    }
+
+    public function generateToken(): string
+    {
+        return Str::random(40);
+    }
+}

erp/app/Modules/Sign/Providers/SignServiceProvider.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace App\Modules\Sign\Providers;
+
+use Illuminate\Support\ServiceProvider;
+
+class SignServiceProvider extends ServiceProvider
+{
+    public function register(): void {}
+
+    public function boot(): void
+    {
+        $this->loadRoutesFrom(__DIR__ . '/../routes/sign.php');
+        $this->loadMigrationsFrom(__DIR__ . '/../../../database/migrations');
+    }
+}

erp/app/Modules/Sign/routes/sign.php

@@ -0,0 +1,17 @@
+<?php
+
+use App\Modules\Sign\Http\Controllers\SignController;
+use Illuminate\Support\Facades\Route;
+
+Route::middleware(['web', 'auth', 'verified'])->prefix('sign')->name('sign.')->group(function () {
+    Route::post('{signRequest}/send', [SignController::class, 'send'])->name('send');
+    Route::post('{signRequest}/cancel', [SignController::class, 'cancel'])->name('cancel');
+    Route::post('{signRequest}/signers', [SignController::class, 'addSigner'])->name('signers.store');
+    Route::delete('{signRequest}/signers/{signer}', [SignController::class, 'removeSigner'])->name('signers.destroy');
+    Route::post('{signRequest}/signers/{signer}/sign', [SignController::class, 'sign'])->name('signers.sign');
+    Route::post('{signRequest}/signers/{signer}/decline', [SignController::class, 'decline'])->name('signers.decline');
+    Route::get('', [SignController::class, 'index'])->name('index');
+    Route::post('', [SignController::class, 'store'])->name('store');
+    Route::get('{signRequest}', [SignController::class, 'show'])->name('show');
+    Route::delete('{signRequest}', [SignController::class, 'destroy'])->name('destroy');
+});

erp/database/migrations/2026_12_23_100001_create_sign_requests_table.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::dropIfExists('sign_requests');
+        Schema::create('sign_requests', function (Blueprint $table) {
+            $table->id();
+            $table->unsignedBigInteger('tenant_id')->index();
+            $table->string('title');
+            $table->string('document_path');
+            $table->string('document_name');
+            $table->enum('status', ['draft', 'sent', 'completed', 'cancelled'])->default('draft');
+            $table->text('message')->nullable();
+            $table->foreignId('created_by')->nullable()->constrained('users')->nullOnDelete();
+            $table->timestamp('completed_at')->nullable();
+            $table->timestamps();
+            $table->softDeletes();
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::dropIfExists('sign_requests');
+    }
+};