Ekapp/skolehjem/app/Http/Controllers/UserController.php

333 lines
11 KiB
PHP
Raw Normal View History

2020-06-08 13:08:46 +00:00
<?php
namespace App\Http\Controllers;
use App\Helpers\Detector;
2020-06-08 13:08:46 +00:00
use Illuminate\Http\Request;
2020-06-23 04:42:43 +00:00
use Illuminate\Http\Response;
2020-06-10 06:25:21 +00:00
use App\User;
use Illuminate\Support\Facades\Auth;
2020-07-07 17:29:21 +00:00
use Illuminate\Support\Facades\DB;
2020-07-27 11:09:51 +00:00
use Illuminate\Support\Facades\Hash;
2020-06-22 12:53:00 +00:00
use Illuminate\Support\Facades\Log;
2020-06-30 10:08:31 +00:00
use Spatie\Permission\Models\Role;
2020-06-10 06:25:21 +00:00
2020-06-08 13:08:46 +00:00
class UserController extends Controller
{
2020-06-15 06:59:15 +00:00
public function __construct()
{
2020-06-29 12:28:09 +00:00
$this->middleware([ "auth" ])->only("logout");
$this->middleware([ "guest" ])->only("login");
$this->middleware([ "check.auth:user.list" ])->only("index");
$this->middleware([ "check.auth:user.show" ])->only("show");
$this->middleware([ "check.auth:user.create" ])->only("create");
$this->middleware([ "check.auth:user.edit" ])->only("edit", "update");
$this->middleware([ "check.auth:user.delete" ])->only("delete");
2020-06-15 06:59:15 +00:00
}
2020-06-08 13:08:46 +00:00
/**
* Display a listing of the resource.
*
2020-06-10 06:25:21 +00:00
* @param Request $request
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
2020-06-08 13:08:46 +00:00
*/
2020-06-10 06:25:21 +00:00
public function index(Request $request)
2020-06-08 13:08:46 +00:00
{
2020-06-22 12:53:00 +00:00
$users = User::query()->paginate($request->query("page", 20));
2020-06-10 06:25:21 +00:00
2020-06-23 04:42:43 +00:00
return Response::detect("users.index", [ "users" => $users ]);
2020-06-08 13:08:46 +00:00
}
/**
* Show the form for creating a new resource.
*
2020-06-10 06:25:21 +00:00
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
2020-06-08 13:08:46 +00:00
*/
public function create()
{
2020-06-30 10:08:31 +00:00
$roles = Role::all();
return Response::detect("users.create", ['roles' => $roles]);
2020-06-08 13:08:46 +00:00
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
2020-06-10 06:25:21 +00:00
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
2020-06-08 13:08:46 +00:00
*/
public function store(Request $request)
{
2020-06-29 12:28:09 +00:00
// Log::debug("STORE FUNCTION");
2020-06-22 12:53:00 +00:00
2020-06-10 06:25:21 +00:00
$data = $request->validate([
"name_first" => "required|max:255",
"name_last" => "required|max:255",
"email" => "required|email|unique:users",
"password" => "required|max:60",
"phone" => "required|unique:users",
2020-06-30 10:17:47 +00:00
"roles" => "max:255"
2020-06-10 06:25:21 +00:00
]);
2020-06-29 12:28:09 +00:00
// Log::debug("FINISHED VALIDATION?");
2020-06-22 12:53:00 +00:00
2020-06-10 06:25:21 +00:00
$user = new User($data);
2020-06-22 12:53:00 +00:00
2020-06-29 12:28:09 +00:00
// Log::debug("CREATED USER [NOT PERSISTED YET]");
2020-06-22 12:53:00 +00:00
2020-06-30 10:41:28 +00:00
$user->assignRole([ "R1", "R2" ]);
2020-06-10 06:25:21 +00:00
$user->save();
2020-06-29 12:28:09 +00:00
// Log::debug("SAVED USER");
2020-06-22 12:53:00 +00:00
2020-06-29 12:28:09 +00:00
return Response::detect("users.store");
2020-06-08 13:08:46 +00:00
}
/**
* Display the specified resource.
*
* @param int $id
2020-06-10 06:25:21 +00:00
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
2020-06-08 13:08:46 +00:00
*/
public function show($id)
{
2020-06-10 06:25:21 +00:00
$user = User::find($id);
2020-06-25 08:34:10 +00:00
return Response::detect("users.show", [
2020-06-10 06:25:21 +00:00
"user" => $user
]);
2020-06-08 13:08:46 +00:00
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
2020-06-10 06:25:21 +00:00
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
2020-06-08 13:08:46 +00:00
*/
public function edit($id)
{
2020-06-30 10:11:18 +00:00
$roles = Role::all();
2020-06-10 06:25:21 +00:00
$user = User::find($id);
return Response::detect("users.edit", [
2020-06-30 10:11:18 +00:00
"user" => $user,
"roles" => $roles,
2020-06-10 06:25:21 +00:00
]);
2020-06-08 13:08:46 +00:00
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
2020-06-10 10:30:44 +00:00
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
2020-06-08 13:08:46 +00:00
*/
public function update(Request $request, $id)
{
2020-06-29 07:08:49 +00:00
$data = $request->all();
2020-06-10 10:30:44 +00:00
2020-06-29 07:08:49 +00:00
// $data = $request->validate([
// "name_first" => "max:255",
// "name_last" => "max:255",
// "email" => "email|unique:users",
// "password" => "max:60",
// "phone" => "unique:users",
// ]);
2020-06-10 10:30:44 +00:00
2020-06-29 07:08:49 +00:00
// Validates if the user is updating itself or another user.
// if($id === Auth::id()) {
// $user = Auth::user();
2020-06-29 06:50:50 +00:00
//
// $user->update($data);
//
// $user->save();
2020-06-29 07:08:49 +00:00
// return Response::detect("users.edit", [
// "user" => $user
// ]);
2020-06-29 06:50:50 +00:00
// }
2020-06-10 10:30:44 +00:00
2020-06-29 07:08:49 +00:00
//TODO: Implement when security's ready!!!
// else if(Auth::user()->hasPermissionTo("user.edit")) {
$user = User::find($id);
2020-07-27 12:01:04 +00:00
if ($request->roles != null) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles
2020-07-27 11:09:51 +00:00
/** @var User $user */
$user->update($data);
2020-07-01 08:13:49 +00:00
$user->roles()->detach();
$user->forgetCachedPermissions();
2020-07-01 08:13:49 +00:00
foreach ($request->roles as $role){
$user->assignRole($role);
}
2020-07-27 11:09:51 +00:00
//$user->save();
2020-07-27 12:01:04 +00:00
} else { // Else if you're not on the admin site (user site)
if ($request->input('password') != null) { // If you're editing the password
if ($request->input('password') != $request->input('confirmpassword')) { // If new password and new password confirm is not the same, go back.
2020-07-27 11:22:45 +00:00
return Response::detect("users.editpass");
2020-07-27 12:01:04 +00:00
} elseif (!Hash::check($request->input('oldpassword'), $user->password)) { // If the written current password and current password in DB is not the same, go back.
2020-07-27 11:22:45 +00:00
return Response::detect("users.editpass");
2020-07-27 12:01:04 +00:00
} else { // If new password and current password is the same AND current written and current DB password is the same. Then update and logout.
2020-07-27 11:22:45 +00:00
/** @var User $user */
$user->update($data);
Auth::logout();
return redirect()->route("users.login");
}
2020-07-27 12:01:04 +00:00
} else { // Else if you're not editing the password but anything else (Email, Phone Number). Then update user.
2020-07-27 11:09:51 +00:00
$user->update($data);
}
2020-07-27 11:22:45 +00:00
}
2020-06-29 07:08:49 +00:00
// }
$users = User::query()->paginate(20);
return Response::detect("users.index", [
"users" => $users
2020-06-10 10:30:44 +00:00
]);
2020-06-08 13:08:46 +00:00
}
/**
* Remove the specified resource from storage.
*
* @param int $id
2020-06-10 10:30:44 +00:00
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
2020-06-08 13:08:46 +00:00
*/
public function destroy($id)
{
2020-06-29 07:08:49 +00:00
// if($id === Auth::id()) {
// $user = Auth::user();
// $user->delete();
// }
// else if(Auth::user()->hasPermissionTo("user.delete")) {
2020-06-10 10:30:44 +00:00
$user = User::find($id);
$user->delete();
2020-06-29 07:08:49 +00:00
// }
2020-06-10 10:30:44 +00:00
2020-06-29 07:08:49 +00:00
return redirect()->route("users.index");
2020-06-08 13:08:46 +00:00
}
2020-06-10 06:25:21 +00:00
/*******************************************/
/* Authentication */
/*******************************************/
2020-06-16 06:13:24 +00:00
public function showLogin() {
2020-06-29 12:28:09 +00:00
return Response::detect("users.login");
2020-06-16 06:13:24 +00:00
}
2020-06-10 06:25:21 +00:00
public function login(Request $request) {
$data = $request->only("email", "password");
if(Auth::attempt($data)) {
2020-06-10 10:30:44 +00:00
//TODO: Implement home?
2020-06-29 12:28:09 +00:00
return redirect()->route("root.index");
2020-06-10 06:25:21 +00:00
}
2020-06-16 06:13:24 +00:00
return redirect()->back(303);
2020-06-10 10:30:44 +00:00
}
public function logout(Request $request) {
Auth::logout();
2020-06-30 08:42:10 +00:00
return redirect()->route("users.login");
2020-06-10 06:25:21 +00:00
}
/*******************************************/
/* Forgot password */
/*******************************************/
public function showForgot(){
return Response::detect('users.forgot');
}
public function forgot(Request $request){
$user = User::query()->where('email', '=', $request->email)->first();
if($user == null){
return redirect()->back();
}
//Send email
//TODO: Implement mail.
return redirect()->route('users.login');
}
2020-06-30 12:40:46 +00:00
public function account()
{
return Response::detect("users.account");
}
public function accountedit()
{
return Response::detect("users.edit");
}
2020-07-01 08:13:49 +00:00
public function accounteditpass()
{
return Response::detect("users.editpass");
}
2020-07-01 09:46:29 +00:00
2020-07-27 14:03:49 +00:00
public function search(Request $request){
if($request->ajax()){
$output = "<tr>".
"<th>Fornavn</th>".
"<th>Efternavn</th>".
"<th>Email</th>".
"<th>Tlf nr</th>".
"<th>Rolle(r)</th>".
"<th style=\"width: 1em;\"><img class=\"w-100\" src=\"http://127.0.0.1:8000/images/icons/pencil.svg\" alt=\"Update\"></th>".
"<th style=\"width: 1em;\"><img class=\"w-100\" src=\"http://127.0.0.1:8000/images/icons/trashcan.svg\" alt=\"Delete\"></th>".
"</tr>";
2020-07-28 06:18:45 +00:00
$users = User::query()->where('name_first', 'LIKE',$request->search.'%')
2020-07-27 14:03:49 +00:00
->orWhere('name_last','LIKE', $request->search.'%')
->orWhere('phone','LIKE', $request->search.'%')
->orWhere('email','LIKE',$request->search. '%')->get();
if(count($users) !== 0){
foreach ($users as $key => $user){
$roles = null;
$rolesString = null;
foreach (User::all() as $usr) {
if($usr->id == $user->id)
$roles = $usr->roles;
}
for($i = 0; $i < count($roles); $i++) {
if(count($roles)-1 != $i) {
$rolesString .= $roles[$i]->name.",";
}else {
$rolesString = $roles[$i]->name;
}
}
$output.='<tr>'.
'<td>' . $user->name_first . '</td>'.
'<td>' . $user->name_last . '</td>'.
'<td>' . $user->email . '</td>'.
'<td>' . $user->phone .'</td>'.
'<td>' . $rolesString .'</td>'.
'<td><a href="'. route("users.edit", [ "user" => $user->id ]) . '"><img class="w-100" src="'. asset('/images/icons/pencil-dark.svg') . '" alt="Update"></a></td>'.
'<td><form method="post" action="' .route("users.destroy", [ "user" => $user->id ]). '" class="w-100 nostyle">'.
csrf_field().
method_field("delete").
'<button class="w-100 nostyle" onclick="return confirm(\'Are you sure you want to delete?\');" type="submit"><img class="w-100 cursor-pointer" src="'. asset('/images/icons/trashcan-dark.svg') . '" alt="Delete"></button>'.
'</form>'.
'</td>'.
'</tr>';
}
}
return Response($output);
}
}
2020-06-08 13:08:46 +00:00
}