466 lines
18 KiB
PHP
466 lines
18 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Helpers\Detector;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\Response;
|
|
use App\User;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Log;
|
|
use mysql_xdevapi\Table;
|
|
use Spatie\Permission\Models\Role;
|
|
|
|
|
|
class UserController extends Controller
|
|
{
|
|
public function __construct()
|
|
{
|
|
$this->middleware([ "auth" ])->only("logout");
|
|
$this->middleware([ "guest" ])->only("login");
|
|
|
|
$this->middleware([ "check.auth:user.list" ])->only("index");
|
|
$this->middleware([ "check.auth:user.show" ])->only("show");
|
|
$this->middleware([ "check.auth:user.create" ])->only("create");
|
|
$this->middleware([ "check.auth:user.edit" ])->only(["edit", "update"]);
|
|
$this->middleware([ "check.auth:user.delete" ])->only("delete");
|
|
|
|
$this->middleware([ "check.auth:ownuser.edit" ])->only(["accountupdate", "accountedit", "accounteditpass", "account"]);
|
|
}
|
|
|
|
/**
|
|
* Display a listing of the resource.
|
|
*
|
|
* @param Request $request
|
|
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function index(Request $request)
|
|
{
|
|
//$users = User::query()->paginate($request->query("page", 20));
|
|
$users = User::query()->orderBy('id', 'asc')->paginate(20);
|
|
|
|
return Response::detect("users.index", [ "users" => $users ]);
|
|
}
|
|
|
|
/**
|
|
* Show the form for creating a new resource.
|
|
*
|
|
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function create()
|
|
{
|
|
$roles = Role::all();
|
|
return Response::detect("users.create", ['roles' => $roles]);
|
|
|
|
}
|
|
|
|
/**
|
|
* Store a newly created resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function store(Request $request)
|
|
{
|
|
$data = $request->validate([
|
|
"name_first" => "required|max:255",
|
|
"name_last" => "required|max:255",
|
|
"email" => "required",
|
|
"password" => "required|max:60",
|
|
"phone" => "required",
|
|
]);
|
|
|
|
$allUsersEmail = User::query()->where('email', '=', $request->email)->get();
|
|
$allUsersPhone = User::query()->where('phone', '=', $request->phone)->get();
|
|
|
|
if ($request->password != $request->password2)
|
|
return redirect()->route('users.create')->with('error#notsamepass', '<p><b>Der stod ikke det samme i `Password` & `Confirm Password`!</b></p>');
|
|
elseif (count($allUsersEmail) > 0)
|
|
return redirect()->route('users.create')->with('EmailExists', '<p><b>Der findes allerede en bruger med den Email!</b></p>');
|
|
elseif (count($allUsersPhone) > 0)
|
|
return redirect()->route('users.create')->with('PhoneExists', '<p><b>Der findes allerede en bruger med det Telefon Nr.!</b></p>');
|
|
|
|
$roles = $request->input("roles", [ "User" ]);
|
|
|
|
$user = new User($data);
|
|
|
|
$user->assignRole($roles);
|
|
$user->save();
|
|
|
|
|
|
return redirect()->route('users.index');
|
|
}
|
|
|
|
/**
|
|
* Display the specified resource.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function show($id)
|
|
{
|
|
$user = User::find($id);
|
|
|
|
return Response::detect("users.show", [
|
|
"user" => $user
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Show the form for editing the specified resource.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function edit($id)
|
|
{
|
|
$roles = Role::all();
|
|
$user = User::find($id);
|
|
|
|
return Response::detect("users.edit", [
|
|
"user" => $user,
|
|
"roles" => $roles,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Update the specified resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param int $id
|
|
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function update(Request $request, $id)
|
|
{
|
|
$user = User::find($id);
|
|
|
|
$allUsersEmail = User::query()->where('email', '=', $request->email)->where('id', '!=', $id)->get();
|
|
$allUsersPhone = User::query()->where('phone', '=', $request->phone)->where('id', '!=', $id)->get();
|
|
|
|
if($id === Auth::id() || auth()->user()->hasPermissionTo("user.edit")) {
|
|
if ($request->roles != null && auth()->user()->hasPermissionTo("user.edit")) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles
|
|
if(count($allUsersEmail) > 0)
|
|
return redirect()->route('users.edit', ['user' => $id])->with('EmailExists', '<p><b>Der findes allerede en bruger med den Email!</b></p>');
|
|
elseif(count($allUsersPhone) > 0)
|
|
return redirect()->route('users.edit', ['user' => $id])->with('PhoneExists', '<p><b>Der findes allerede en bruger med det Telefon Nr.!</b></p>');
|
|
elseif ($request->password != "") { // If you have edited the password, then run this
|
|
if ($request->password == $request->password2) { // If the password is the same as confirm password, then update everything from user
|
|
$data = $request->all();
|
|
/** @var User $user */
|
|
$user->update($data);
|
|
} else // Else go back with an error message
|
|
return redirect()->route("users.edit", ['user' => $id])->with('error#notsamepass', '<p><b>Der stod ikke det samme i `Password` & `Confirm Password`!</b></p>');
|
|
}
|
|
else { // If you haven't touched the password, then update everything else but password
|
|
$data = $request->only(['name_first', 'name_last', 'email', 'phone', 'roles']);
|
|
/** @var User $user */
|
|
$user->update($data);
|
|
}
|
|
|
|
$user->roles()->detach();
|
|
$user->forgetCachedPermissions();
|
|
|
|
foreach ($request->roles as $role) {
|
|
$user->assignRole($role);
|
|
}
|
|
}
|
|
}
|
|
$users = User::query()->paginate(20);
|
|
|
|
return Response::detect("users.index", [
|
|
"users" => $users
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Remove the specified resource from storage.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Http\RedirectResponse
|
|
*/
|
|
public function destroy($id)
|
|
{
|
|
|
|
if(Auth::user()->hasPermissionTo("user.delete")) {
|
|
$user = User::find($id);
|
|
|
|
$user->delete();
|
|
}
|
|
|
|
return redirect()->route("users.index");
|
|
}
|
|
|
|
/*******************************************/
|
|
/* Authentication */
|
|
/*******************************************/
|
|
|
|
public function showLogin() {
|
|
if(Auth::user() == null)
|
|
return Response::detect("users.login");
|
|
else
|
|
return redirect()->back();
|
|
}
|
|
|
|
public function login(Request $request) {
|
|
$data = $request->only("email", "password");
|
|
|
|
if(Auth::attempt($data)) {
|
|
//TODO: Implement home?
|
|
|
|
return redirect()->route("root.index");
|
|
}
|
|
|
|
return redirect()->back(303);
|
|
}
|
|
|
|
public function logout(Request $request) {
|
|
Auth::logout();
|
|
|
|
return redirect()->route("users.login");
|
|
}
|
|
|
|
/*******************************************/
|
|
/* Forgot password */
|
|
/*******************************************/
|
|
|
|
public function showForgot(){
|
|
return Response::detect('users.forgot');
|
|
}
|
|
|
|
public function forgot(Request $request){
|
|
$user = User::query()->where('email', '=', $request->email)->first();
|
|
|
|
if($user == null){
|
|
return redirect()->back()->with('errornosuchuser', '<p>Denne email findes ikke i systemet!</p>');
|
|
}
|
|
|
|
//Send email
|
|
$email = $user->email;
|
|
$pswd = "";
|
|
|
|
//Generate password
|
|
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
|
$n = 6;
|
|
$randomString = '';
|
|
|
|
for ($i = 0; $i < $n; $i++) {
|
|
$index = rand(0, strlen($characters) - 1);
|
|
$randomString .= $characters[$index];
|
|
}
|
|
|
|
$pswd = $randomString;
|
|
|
|
$user->setPasswordAttribute($pswd);
|
|
$user->update();
|
|
|
|
$subject = "SDE Skolehjem reset password";
|
|
$msg = "Hej " . $user->name_first . " ". $user->name_last . ".\n\nDin adgangskode er nu: " . $pswd;
|
|
|
|
mail($email, $subject, $msg);
|
|
|
|
return redirect()->route('users.login');
|
|
}
|
|
|
|
public function account()
|
|
{
|
|
return Response::detect("users.account");
|
|
}
|
|
|
|
public function accountedit()
|
|
{
|
|
return Response::detect("users.edit");
|
|
}
|
|
|
|
public function accounteditpass()
|
|
{
|
|
return Response::detect("users.editpass");
|
|
}
|
|
|
|
/**
|
|
* Update the specified resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function accountupdate(Request $request)
|
|
{
|
|
$user = User::find(Auth::id());
|
|
|
|
if ($request->input('password') != null) { // If you're editing the password
|
|
$data = $request->only(['name_first', 'name_last', 'email', 'phone', 'password']);
|
|
if ($request->input('password') != $request->input('confirmpassword')) { // If new password and new password confirm is not the same, go back with fail message.
|
|
return redirect()->route("users.accounteditpass")->with('error#notsamepass', '<p class="text-center"><b>Der stod ikke det samme i `Nyt Password` & `Confirm Password`!</b></p>');
|
|
} elseif (!Hash::check($request->input('oldpassword'), $user->password)) { // If the written current password and current password in DB is not the same, go back with fail message.
|
|
return redirect()->route("users.accounteditpass")->with('error#oldpass', '<p class="text-center"><b>Det indtastede password i `Nuværende Password` er ikke dit nuværende password!</b></p>');
|
|
} else { // If new password and current password is the same AND current written and current DB password is the same. Then update and logout.
|
|
/** @var User $user */
|
|
$user->update($data);
|
|
Auth::logout();
|
|
|
|
return redirect()->route("users.login")->with('success#passwordchange', '<p class="text-center text-white"><b>Dit password er hermed ændret!</b></p>');
|
|
}
|
|
} else { // Else if you're not editing the password but anything else (Email, Phone Number). Then update user.
|
|
$data = $request->only(['email', 'phone']);
|
|
$user->update($data);
|
|
|
|
return redirect()->route("users.account")->with('success#credentialschanged', '<p class="text-center"><b>Dine oplysninger er hermed ændret!</b></p>');
|
|
}
|
|
$users = User::query()->paginate(20);
|
|
|
|
return Response::detect("users.index", [
|
|
"users" => $users
|
|
]);
|
|
}
|
|
|
|
public function search(Request $request){
|
|
if($request->ajax()){
|
|
$output = "<tr>".
|
|
"<th>Fornavn</th>".
|
|
"<th>Efternavn</th>".
|
|
"<th>Email</th>".
|
|
"<th>Tlf nr</th>".
|
|
"<th>Rolle(r)</th>".
|
|
"<th style=\"width: 1em;\"><img class=\"w-100\" src=\"http://127.0.0.1:8000/images/icons/pencil.svg\" alt=\"Update\"></th>".
|
|
"<th style=\"width: 1em;\"><img class=\"w-100\" src=\"http://127.0.0.1:8000/images/icons/trashcan.svg\" alt=\"Delete\"></th>".
|
|
"</tr>";
|
|
|
|
|
|
//Join user and roles tables
|
|
|
|
|
|
|
|
|
|
//$users = User::query()->where('Roles', 'LIKE',$request->search.'%')->with(Spatie\Permission\Models\Role)->get();
|
|
|
|
|
|
//filter search
|
|
if($request->isCheck === "navn")
|
|
$users = User::query()->where('name_first', 'LIKE',$request->search.'%')->get();
|
|
elseif ($request->isCheck === "efternavn")
|
|
$users = User::query()->where('name_last', 'LIKE',$request->search.'%')->get();
|
|
elseif ($request->isCheck === "email")
|
|
$users = User::query()->where('email', 'LIKE',$request->search.'%')->get();
|
|
elseif ($request->isCheck === "telefon")
|
|
$users = User::query()->where('phone', 'LIKE',$request->search.'%')->get();
|
|
elseif ($request->isCheck === "telefon")
|
|
$users = User::query()->where('phone', 'LIKE',$request->search.'%')->get();
|
|
elseif ($request->isCheck) {
|
|
$roles = Role::query()->where('name', 'LIKE', $request->search . '%')->get();
|
|
$usersTEMP = User::all();
|
|
$users = [];
|
|
|
|
foreach ($usersTEMP as $user) {
|
|
foreach ($roles as $role) {
|
|
if($user->hasRole($role)) {
|
|
array_push($users, $user);
|
|
break 1;
|
|
}
|
|
}
|
|
}
|
|
|
|
if($request->search == "")
|
|
$users = User::all();
|
|
|
|
} else {
|
|
$usersTEMP = User::query()
|
|
->where('name_first', 'LIKE', $request->search . '%')
|
|
->orWhere('name_last', 'LIKE', $request->search . '%')
|
|
->orWhere('phone', 'LIKE', $request->search . '%')
|
|
->orWhere('email', 'LIKE', $request->search . '%')
|
|
->get();
|
|
$roles = Role::query()->where('name', 'LIKE', $request->search . '%')->get();
|
|
|
|
$users = [];
|
|
|
|
$allUsers = User::all();
|
|
|
|
//For hver user i systemet, check om han har en af de roller der matcher søgeordet
|
|
foreach ($allUsers as $user) {
|
|
foreach ($roles as $role) {
|
|
if($user->hasRole($role)) {
|
|
array_push($users, $user);
|
|
break 1;
|
|
}
|
|
}
|
|
}
|
|
|
|
//For hver user der har data, der matcher søgeordet, check om useren allerede er i resultatet, hvis ikke så tilføj ham
|
|
foreach ($usersTEMP as $userTEMP){
|
|
$isInUsers = false;
|
|
foreach ($users as $user) {
|
|
if($userTEMP == $user) {
|
|
$isInUsers = true;
|
|
break 2;
|
|
}
|
|
}
|
|
|
|
if($isInUsers == false)
|
|
array_push($users, $userTEMP);
|
|
}
|
|
|
|
$i = 0;
|
|
foreach ($users as $user){
|
|
$i++;
|
|
foreach ($users as $userr){
|
|
if($user->id == $userr->id) {
|
|
unset($users[$i]);
|
|
break 2;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
if(count($users) !== 0){
|
|
foreach ($users as $key => $user){
|
|
|
|
$roles = null;
|
|
$rolesString = null;
|
|
|
|
foreach (User::all() as $usr) {
|
|
if($usr->id == $user->id)
|
|
$roles = $usr->roles;
|
|
}
|
|
|
|
for($i = 0; $i < count($roles); $i++) {
|
|
if(count($roles)-1 != $i) {
|
|
$rolesString .= $roles[$i]->name.",";
|
|
}else {
|
|
$rolesString = $roles[$i]->name;
|
|
}
|
|
}
|
|
|
|
$output.='<tr>'.
|
|
'<td>' . $user->name_first . '</td>'.
|
|
'<td>' . $user->name_last . '</td>'.
|
|
'<td>' . $user->email . '</td>'.
|
|
'<td>' . $user->phone .'</td>'.
|
|
'<td>' . $rolesString .'</td>'.
|
|
'<td><a href="'. route("users.edit", [ "user" => $user->id ]) . '"><img class="w-100" src="'. asset('/images/icons/pencil-dark.svg') . '" alt="Update"></a></td>'.
|
|
'<td><form method="post" action="' .route("users.destroy", [ "user" => $user->id ]). '" class="w-100 nostyle">'.
|
|
csrf_field().
|
|
method_field("delete").
|
|
|
|
'<button class="w-100 nostyle" onclick="return confirm(\'Are you sure you want to delete?\');" type="submit"><img class="w-100 cursor-pointer" src="'. asset('/images/icons/trashcan-dark.svg') . '" alt="Delete"></button>'.
|
|
'</form>'.
|
|
'</td>'.
|
|
'</tr>';
|
|
}
|
|
}else{
|
|
$output.='<tr>'.
|
|
'<td>Intet match</td>'.
|
|
'<td></td>'.
|
|
'<td></td>'.
|
|
'<td></td>'.
|
|
'<td></td>'.
|
|
'<td></td>'.
|
|
'<td></td>'.
|
|
'</tr>';
|
|
}
|
|
return Response($output);
|
|
}
|
|
}
|
|
}
|