middleware([ "auth" ])->only("logout"); $this->middleware([ "guest" ])->only("login"); $this->middleware([ "check.auth:user.list" ])->only("index"); $this->middleware([ "check.auth:user.show" ])->only("show"); $this->middleware([ "check.auth:user.create" ])->only("create"); $this->middleware([ "check.auth:user.edit" ])->only("edit", "update"); $this->middleware([ "check.auth:user.delete" ])->only("delete"); } /** * Display a listing of the resource. * * @param Request $request * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function index(Request $request) { $users = User::query()->paginate($request->query("page", 20)); return Response::detect("users.index", [ "users" => $users ]); } /** * Show the form for creating a new resource. * * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function create() { $roles = Role::all(); return Response::detect("users.create", ['roles' => $roles]); } /** * Store a newly created resource in storage. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function store(Request $request) { $data = $request->validate([ "name_first" => "required|max:255", "name_last" => "required|max:255", "email" => "required|email|unique:users", "password" => "required|max:60", "phone" => "required|unique:users", ]); $rolez = $request->input("roles", [ "User" ]); $user = new User($data); $user->assignRole($rolez); $user->save(); return Response::detect("users.store"); } /** * Display the specified resource. * * @param int $id * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function show($id) { $user = User::find($id); return Response::detect("users.show", [ "user" => $user ]); } /** * Show the form for editing the specified resource. * * @param int $id * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function edit($id) { $roles = Role::all(); $user = User::find($id); return Response::detect("users.edit", [ "user" => $user, "roles" => $roles, ]); } /** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @param int $id * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function update(Request $request, $id) { $data = $request->all(); // $data = $request->validate([ // "name_first" => "max:255", // "name_last" => "max:255", // "email" => "email|unique:users", // "password" => "max:60", // "phone" => "unique:users", // ]); // Validates if the user is updating itself or another user. // if($id === Auth::id()) { // $user = Auth::user(); // // $user->update($data); // // $user->save(); // return Response::detect("users.edit", [ // "user" => $user // ]); // } //TODO: Implement when security's ready!!! // else if(Auth::user()->hasPermissionTo("user.edit")) { $user = User::find($id); if ($request->roles != null) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles /** @var User $user */ $user->update($data); $user->roles()->detach(); $user->forgetCachedPermissions(); foreach ($request->roles as $role){ $user->assignRole($role); } //$user->save(); } else { // Else if you're not on the admin site (user site) if ($request->input('password') != null) { // If you're editing the password if ($request->input('password') != $request->input('confirmpassword')) { // If new password and new password confirm is not the same, go back with fail message. return redirect()->route("users.accounteditpass")->with('error#notsamepass', '
Der stod ikke det samme i `Nyt Password` & `Bekræft Nyt Password`!
'); } elseif (!Hash::check($request->input('oldpassword'), $user->password)) { // If the written current password and current password in DB is not the same, go back with fail message. return redirect()->route("users.accounteditpass")->with('error#oldpass', 'Det indtastede password i `Nuværende Password` er ikke dit nuværende password!
'); } else { // If new password and current password is the same AND current written and current DB password is the same. Then update and logout. /** @var User $user */ $user->update($data); Auth::logout(); return redirect()->route("users.login")->with('success#passwordchange', 'Dit password er hermed ændret!
'); } } else { // Else if you're not editing the password but anything else (Email, Phone Number). Then update user. $user->update($data); } } // } $users = User::query()->paginate(20); return Response::detect("users.index", [ "users" => $users ]); } /** * Remove the specified resource from storage. * * @param int $id * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function destroy($id) { // if($id === Auth::id()) { // $user = Auth::user(); // $user->delete(); // } // else if(Auth::user()->hasPermissionTo("user.delete")) { $user = User::find($id); $user->delete(); // } return redirect()->route("users.index"); } /*******************************************/ /* Authentication */ /*******************************************/ public function showLogin() { return Response::detect("users.login"); } public function login(Request $request) { $data = $request->only("email", "password"); if(Auth::attempt($data)) { //TODO: Implement home? return redirect()->route("root.index"); } return redirect()->back(303); } public function logout(Request $request) { Auth::logout(); return redirect()->route("users.login"); } /*******************************************/ /* Forgot password */ /*******************************************/ public function showForgot(){ return Response::detect('users.forgot'); } public function forgot(Request $request){ $user = User::query()->where('email', '=', $request->email)->first(); if($user == null){ return redirect()->back(); } //Send email //TODO: Implement mail. return redirect()->route('users.login'); } public function account() { return Response::detect("users.account"); } public function accountedit() { return Response::detect("users.edit"); } public function accounteditpass() { return Response::detect("users.editpass"); } public function search(Request $request){ if($request->ajax()){ $output = "