middleware([ "auth" ])->only("logout"); $this->middleware([ "guest" ])->only("login"); $this->middleware([ "check.auth:user.list" ])->only("index"); $this->middleware([ "check.auth:user.show" ])->only("show"); $this->middleware([ "check.auth:user.create" ])->only("create"); $this->middleware([ "check.auth:user.edit" ])->only(["edit", "update"]); $this->middleware([ "check.auth:user.delete" ])->only("delete"); $this->middleware([ "check.auth:ownuser.edit" ])->only(["accountupdate", "accountedit", "accounteditpass", "account"]); } /** * Display a listing of the resource. * * @param Request $request * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function index(Request $request) { //$users = User::query()->paginate($request->query("page", 20)); $users = User::query()->orderBy('id', 'asc')->paginate(20); return Response::detect("users.index", [ "users" => $users ]); } /** * Show the form for creating a new resource. * * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function create() { $roles = Role::all(); return Response::detect("users.create", ['roles' => $roles]); } /** * Store a newly created resource in storage. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function store(Request $request) { $data = $request->validate([ "name_first" => "required|max:255", "name_last" => "required|max:255", "email" => "required", "password" => "required|max:60", "phone" => "required", ]); $allUsersEmail = User::query()->where('email', '=', $request->email)->get(); $allUsersPhone = User::query()->where('phone', '=', $request->phone)->get(); if ($request->password != $request->password2) return redirect()->route('users.create')->with('error#notsamepass', '
Der stod ikke det samme i `Password` & `Confirm Password`!
'); elseif (count($allUsersEmail) > 0) return redirect()->route('users.create')->with('EmailExists', 'Der findes allerede en bruger med den Email!
'); elseif (count($allUsersPhone) > 0) return redirect()->route('users.create')->with('PhoneExists', 'Der findes allerede en bruger med det Telefon Nr.!
'); $roles = $request->input("roles", [ "User" ]); $user = new User($data); $user->assignRole($roles); $user->save(); return redirect()->route('users.index'); } /** * Display the specified resource. * * @param int $id * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function show($id) { $user = User::find($id); return Response::detect("users.show", [ "user" => $user ]); } /** * Show the form for editing the specified resource. * * @param int $id * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function edit($id) { $roles = Role::all(); $user = User::find($id); return Response::detect("users.edit", [ "user" => $user, "roles" => $roles, ]); } /** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @param int $id * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function update(Request $request, $id) { $user = User::find($id); $allUsersEmail = User::query()->where('email', '=', $request->email)->where('id', '!=', $id)->get(); $allUsersPhone = User::query()->where('phone', '=', $request->phone)->where('id', '!=', $id)->get(); if($id === Auth::id() || auth()->user()->hasPermissionTo("user.edit")) { if ($request->roles != null && auth()->user()->hasPermissionTo("user.edit")) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles if(count($allUsersEmail) > 0) return redirect()->route('users.edit', ['user' => $id])->with('EmailExists', 'Der findes allerede en bruger med den Email!
'); elseif(count($allUsersPhone) > 0) return redirect()->route('users.edit', ['user' => $id])->with('PhoneExists', 'Der findes allerede en bruger med det Telefon Nr.!
'); elseif ($request->password != "") { // If you have edited the password, then run this if ($request->password == $request->password2) { // If the password is the same as confirm password, then update everything from user $data = $request->all(); /** @var User $user */ $user->update($data); } else // Else go back with an error message return redirect()->route("users.edit", ['user' => $id])->with('error#notsamepass', 'Der stod ikke det samme i `Password` & `Confirm Password`!
'); } else { // If you haven't touched the password, then update everything else but password $data = $request->only(['name_first', 'name_last', 'email', 'phone', 'roles']); /** @var User $user */ $user->update($data); } $user->roles()->detach(); $user->forgetCachedPermissions(); foreach ($request->roles as $role) { $user->assignRole($role); } } } $users = User::query()->paginate(20); return Response::detect("users.index", [ "users" => $users ]); } /** * Remove the specified resource from storage. * * @param int $id * @return \Illuminate\Http\RedirectResponse */ public function destroy($id) { if(Auth::user()->hasPermissionTo("user.delete")) { $user = User::find($id); $user->delete(); } return redirect()->route("users.index"); } /*******************************************/ /* Authentication */ /*******************************************/ public function showLogin() { if(Auth::user() == null) return Response::detect("users.login"); else return redirect()->back(); } public function login(Request $request) { $data = $request->only("email", "password"); if(Auth::attempt($data)) { //TODO: Implement home? return redirect()->route("root.index"); } return redirect()->back(303); } public function logout(Request $request) { Auth::logout(); return redirect()->route("users.login"); } /*******************************************/ /* Forgot password */ /*******************************************/ public function showForgot(){ return Response::detect('users.forgot'); } public function forgot(Request $request){ $user = User::query()->where('email', '=', $request->email)->first(); if($user == null){ return redirect()->back()->with('errornosuchuser', 'Denne email findes ikke i systemet!
'); } //Send email $email = $user->email; $pswd = ""; //Generate password $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $n = 6; $randomString = ''; for ($i = 0; $i < $n; $i++) { $index = rand(0, strlen($characters) - 1); $randomString .= $characters[$index]; } $pswd = $randomString; $user->setPasswordAttribute($pswd); $user->update(); $subject = "SDE Skolehjem reset password"; $msg = "Hej " . $user->name_first . " ". $user->name_last . ".\n\nDin adgangskode er nu: " . $pswd; mail($email, $subject, $msg); return redirect()->route('users.login'); } public function account() { return Response::detect("users.account"); } public function accountedit() { return Response::detect("users.edit"); } public function accounteditpass() { return Response::detect("users.editpass"); } /** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function accountupdate(Request $request) { $user = User::find(Auth::id()); if ($request->input('password') != null) { // If you're editing the password $data = $request->only(['name_first', 'name_last', 'email', 'phone', 'password']); if ($request->input('password') != $request->input('confirmpassword')) { // If new password and new password confirm is not the same, go back with fail message. return redirect()->route("users.accounteditpass")->with('error#notsamepass', 'Der stod ikke det samme i `Nyt Password` & `Confirm Password`!
'); } elseif (!Hash::check($request->input('oldpassword'), $user->password)) { // If the written current password and current password in DB is not the same, go back with fail message. return redirect()->route("users.accounteditpass")->with('error#oldpass', 'Det indtastede password i `Nuværende Password` er ikke dit nuværende password!
'); } else { // If new password and current password is the same AND current written and current DB password is the same. Then update and logout. /** @var User $user */ $user->update($data); Auth::logout(); return redirect()->route("users.login")->with('success#passwordchange', 'Dit password er hermed ændret!
'); } } else { // Else if you're not editing the password but anything else (Email, Phone Number). Then update user. $data = $request->only(['email', 'phone']); $user->update($data); return redirect()->route("users.account")->with('success#credentialschanged', 'Dine oplysninger er hermed ændret!
'); } $users = User::query()->paginate(20); return Response::detect("users.index", [ "users" => $users ]); } public function search(Request $request){ if($request->ajax()){ $output = "