blue-twilight/app/Http/Controllers/Admin/UserController.php

216 lines
5.5 KiB
PHP
Raw Normal View History

<?php
namespace App\Http\Controllers\Admin;
use App\Facade\Theme;
use App\Facade\UserConfig;
use App\User;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\View;
class UserController extends Controller
{
public function __construct()
{
$this->middleware('auth');
View::share('is_admin', true);
}
public function delete(Request $request, $id)
{
$this->authorize('admin-access');
$user = User::where('id', intval($id))->first();
if (is_null($user))
{
App::abort(404);
}
if ($user->id == Auth::user()->id)
{
$request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));
return redirect(route('users.index'));
}
return Theme::render('admin.delete_user', ['user' => $user]);
}
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index(Request $request)
{
$this->authorize('admin-access');
$users = User::orderBy('name')
->paginate(UserConfig::get('items_per_page'));
return Theme::render('admin.list_users', [
'error' => $request->session()->get('error'),
'success' => $request->session()->get('success'),
'users' => $users,
'warning' => $request->session()->get('warning')
]);
}
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\Response
*/
public function create()
{
$this->authorize('admin-access');
return Theme::render('admin.create_user');
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Requests\StoreUserRequest $request)
{
$this->authorize('admin-access');
$user = new User();
$user->fill($request->only(['name', 'email', 'password']));
$user->password = bcrypt($user->password);
$user->is_activated = true;
$user->is_admin = (strtolower($request->get('is_admin')) == 'on');
$user->save();
return redirect(route('user.index'));
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function show($id)
{
//
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function edit($id)
{
$this->authorize('admin-access');
$user = User::where('id', intval($id))->first();
if (is_null($user))
{
App::abort(404);
}
return Theme::render('admin.edit_user', ['user' => $user]);
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
* @return \Illuminate\Http\Response
*/
public function update(Requests\StoreUserRequest $request, $id)
{
$this->authorize('admin-access');
$user = User::where('id', intval($id))->first();
if (is_null($user))
{
App::abort(404);
}
$user->fill($request->only(['name', 'email']));
// Change user's password only if supplied
if (strlen($request->get('password')) > 0)
{
$user->password = bcrypt($request->get('password'));
}
// Prevent the current administrator from removing their admin rights
if (
$user->is_admin &&
$user->id == Auth::user()->id &&
strtolower($request->get('is_admin')) != 'on'
) {
$request->session()->flash('warning', trans('admin.cannot_remove_own_admin'));
}
else
{
$user->is_admin = (strtolower($request->get('is_admin')) == 'on');
}
// Manually activate account if requested
if (strtolower($request->get('is_activated')) == 'on')
{
$user->is_activated = true;
$user->activation_token = null;
}
$user->save();
return redirect(route('user.index'));
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy(Request $request, $id)
{
$this->authorize('admin-access');
/** @var User $user */
$user = User::where('id', intval($id))->first();
if (is_null($user))
{
App::abort(404);
}
if ($user->id == Auth::user()->id)
{
$request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));
return redirect(route('user.index'));
}
try
{
$user->delete();
$request->session()->flash('success', trans('admin.user_deletion_successful', [
'name' => $user->name
]));
}
catch (\Exception $ex)
{
$request->session()->flash('error', trans('admin.user_deletion_failed', [
'error_message' => $ex->getMessage(),
'name' => $user->name
]));
}
return redirect(route('user.index'));
}
}