2016-10-01 15:24:22 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Http\Controllers\Admin;
|
|
|
|
|
|
|
|
use App\Facade\Theme;
|
|
|
|
use App\Facade\UserConfig;
|
2017-02-14 11:03:58 +00:00
|
|
|
use App\Group;
|
2016-10-01 15:24:22 +01:00
|
|
|
use App\User;
|
|
|
|
|
|
|
|
use App\Http\Requests;
|
|
|
|
use App\Http\Controllers\Controller;
|
2016-10-03 14:11:24 +01:00
|
|
|
use Illuminate\Http\Request;
|
|
|
|
use Illuminate\Support\Facades\App;
|
|
|
|
use Illuminate\Support\Facades\Auth;
|
2016-10-05 16:31:37 +01:00
|
|
|
use Illuminate\Support\Facades\View;
|
2016-10-01 15:24:22 +01:00
|
|
|
|
|
|
|
class UserController extends Controller
|
|
|
|
{
|
2016-10-05 16:31:37 +01:00
|
|
|
public function __construct()
|
|
|
|
{
|
|
|
|
$this->middleware('auth');
|
|
|
|
View::share('is_admin', true);
|
|
|
|
}
|
|
|
|
|
2016-10-03 14:11:24 +01:00
|
|
|
public function delete(Request $request, $id)
|
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2016-10-03 14:11:24 +01:00
|
|
|
|
|
|
|
$user = User::where('id', intval($id))->first();
|
|
|
|
if (is_null($user))
|
|
|
|
{
|
|
|
|
App::abort(404);
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($user->id == Auth::user()->id)
|
|
|
|
{
|
|
|
|
$request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));
|
2017-02-13 10:36:53 +00:00
|
|
|
return redirect(route('users.index'));
|
2016-10-03 14:11:24 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return Theme::render('admin.delete_user', ['user' => $user]);
|
|
|
|
}
|
|
|
|
|
2016-10-01 15:24:22 +01:00
|
|
|
/**
|
|
|
|
* Display a listing of the resource.
|
|
|
|
*
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
2016-10-03 14:11:24 +01:00
|
|
|
public function index(Request $request)
|
2016-10-01 15:24:22 +01:00
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2016-10-01 15:24:22 +01:00
|
|
|
|
|
|
|
$users = User::orderBy('name')
|
|
|
|
->paginate(UserConfig::get('items_per_page'));
|
|
|
|
|
|
|
|
return Theme::render('admin.list_users', [
|
2016-10-03 14:11:24 +01:00
|
|
|
'error' => $request->session()->get('error'),
|
|
|
|
'success' => $request->session()->get('success'),
|
|
|
|
'users' => $users,
|
|
|
|
'warning' => $request->session()->get('warning')
|
2016-10-01 15:24:22 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Show the form for creating a new resource.
|
|
|
|
*
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
|
|
|
public function create()
|
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2016-10-01 15:24:22 +01:00
|
|
|
|
|
|
|
return Theme::render('admin.create_user');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Store a newly created resource in storage.
|
|
|
|
*
|
|
|
|
* @param \Illuminate\Http\Request $request
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
|
|
|
public function store(Requests\StoreUserRequest $request)
|
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2016-10-01 15:24:22 +01:00
|
|
|
|
|
|
|
$user = new User();
|
|
|
|
$user->fill($request->only(['name', 'email', 'password']));
|
2016-10-03 14:11:24 +01:00
|
|
|
$user->password = bcrypt($user->password);
|
2016-10-01 15:24:22 +01:00
|
|
|
$user->is_activated = true;
|
|
|
|
$user->is_admin = (strtolower($request->get('is_admin')) == 'on');
|
2017-03-21 21:48:55 +00:00
|
|
|
$user->can_create_albums = (strtolower($request->get('can_create_albums')) == 'on');
|
2016-10-01 15:24:22 +01:00
|
|
|
$user->save();
|
|
|
|
|
2017-02-13 11:57:53 +00:00
|
|
|
return redirect(route('users.index'));
|
2016-10-01 15:24:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Display the specified resource.
|
|
|
|
*
|
|
|
|
* @param int $id
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
|
|
|
public function show($id)
|
|
|
|
{
|
|
|
|
//
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Show the form for editing the specified resource.
|
|
|
|
*
|
|
|
|
* @param int $id
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
2017-03-26 21:29:10 +01:00
|
|
|
public function edit(Request $request, $id)
|
2016-10-01 15:24:22 +01:00
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2016-10-03 14:11:24 +01:00
|
|
|
|
|
|
|
$user = User::where('id', intval($id))->first();
|
|
|
|
if (is_null($user))
|
|
|
|
{
|
|
|
|
App::abort(404);
|
|
|
|
}
|
|
|
|
|
2017-02-14 11:03:58 +00:00
|
|
|
$groups = Group::orderBy('name')->get();
|
|
|
|
$usersGroups = [];
|
|
|
|
foreach ($user->groups()->get() as $group)
|
|
|
|
{
|
|
|
|
$usersGroups[] = $group->id;
|
|
|
|
}
|
|
|
|
|
2017-03-26 21:29:10 +01:00
|
|
|
if (!$request->session()->has('_old_input'))
|
|
|
|
{
|
|
|
|
$request->session()->flash('_old_input', $user->toArray());
|
|
|
|
}
|
|
|
|
|
2017-02-14 11:03:58 +00:00
|
|
|
return Theme::render('admin.edit_user', ['user' => $user, 'groups' => $groups, 'users_groups' => $usersGroups]);
|
2016-10-01 15:24:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Update the specified resource in storage.
|
|
|
|
*
|
|
|
|
* @param \Illuminate\Http\Request $request
|
|
|
|
* @param int $id
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
2016-10-03 14:11:24 +01:00
|
|
|
public function update(Requests\StoreUserRequest $request, $id)
|
2016-10-01 15:24:22 +01:00
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2016-10-03 14:11:24 +01:00
|
|
|
|
|
|
|
$user = User::where('id', intval($id))->first();
|
|
|
|
if (is_null($user))
|
|
|
|
{
|
|
|
|
App::abort(404);
|
|
|
|
}
|
|
|
|
|
|
|
|
$user->fill($request->only(['name', 'email']));
|
|
|
|
|
|
|
|
// Change user's password only if supplied
|
|
|
|
if (strlen($request->get('password')) > 0)
|
|
|
|
{
|
|
|
|
$user->password = bcrypt($request->get('password'));
|
|
|
|
}
|
|
|
|
|
|
|
|
// Prevent the current administrator from removing their admin rights
|
|
|
|
if (
|
|
|
|
$user->is_admin &&
|
|
|
|
$user->id == Auth::user()->id &&
|
|
|
|
strtolower($request->get('is_admin')) != 'on'
|
|
|
|
) {
|
|
|
|
$request->session()->flash('warning', trans('admin.cannot_remove_own_admin'));
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$user->is_admin = (strtolower($request->get('is_admin')) == 'on');
|
|
|
|
}
|
|
|
|
|
2017-03-21 21:48:55 +00:00
|
|
|
$user->can_create_albums = (strtolower($request->get('can_create_albums')) == 'on');
|
|
|
|
|
2016-10-03 14:11:24 +01:00
|
|
|
// Manually activate account if requested
|
|
|
|
if (strtolower($request->get('is_activated')) == 'on')
|
|
|
|
{
|
|
|
|
$user->is_activated = true;
|
|
|
|
$user->activation_token = null;
|
|
|
|
}
|
|
|
|
|
2017-02-14 11:03:58 +00:00
|
|
|
// Sync the group memberships
|
|
|
|
$data = $request->all();
|
|
|
|
$syncData = [];
|
|
|
|
|
|
|
|
if (isset($data['user_group_id']))
|
|
|
|
{
|
|
|
|
foreach ($data['user_group_id'] as $groupID)
|
|
|
|
{
|
|
|
|
$syncData[$groupID] = ['created_at' => new \DateTime(), 'updated_at' => new \DateTime()];
|
|
|
|
}
|
|
|
|
|
|
|
|
$user->groups()->sync($syncData);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$user->groups()->detach();
|
|
|
|
}
|
|
|
|
|
2016-10-03 14:11:24 +01:00
|
|
|
$user->save();
|
|
|
|
|
2017-02-13 11:57:53 +00:00
|
|
|
return redirect(route('users.index'));
|
2016-10-01 15:24:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Remove the specified resource from storage.
|
|
|
|
*
|
|
|
|
* @param int $id
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
2016-10-03 14:11:24 +01:00
|
|
|
public function destroy(Request $request, $id)
|
2016-10-01 15:24:22 +01:00
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2016-10-03 14:11:24 +01:00
|
|
|
|
|
|
|
/** @var User $user */
|
|
|
|
$user = User::where('id', intval($id))->first();
|
|
|
|
if (is_null($user))
|
|
|
|
{
|
|
|
|
App::abort(404);
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($user->id == Auth::user()->id)
|
|
|
|
{
|
|
|
|
$request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));
|
2017-02-13 11:57:53 +00:00
|
|
|
return redirect(route('users.index'));
|
2016-10-03 14:11:24 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
try
|
|
|
|
{
|
|
|
|
$user->delete();
|
|
|
|
$request->session()->flash('success', trans('admin.user_deletion_successful', [
|
|
|
|
'name' => $user->name
|
|
|
|
]));
|
|
|
|
}
|
|
|
|
catch (\Exception $ex)
|
|
|
|
{
|
|
|
|
$request->session()->flash('error', trans('admin.user_deletion_failed', [
|
|
|
|
'error_message' => $ex->getMessage(),
|
|
|
|
'name' => $user->name
|
|
|
|
]));
|
|
|
|
}
|
|
|
|
|
2017-02-13 11:57:53 +00:00
|
|
|
return redirect(route('users.index'));
|
2016-10-01 15:24:22 +01:00
|
|
|
}
|
2017-03-21 21:48:55 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns a list of users in JSON format - either all users or users matching the "q" query string parameter
|
|
|
|
*
|
|
|
|
* @param string $q Search term
|
|
|
|
* @return \Illuminate\Http\Response
|
|
|
|
*/
|
|
|
|
public function searchJson(Request $request)
|
|
|
|
{
|
2017-04-15 09:41:15 +01:00
|
|
|
$this->authorizeAccessToAdminPanel();
|
2017-03-21 21:48:55 +00:00
|
|
|
|
|
|
|
$limit = intval($request->get('n'));
|
|
|
|
if ($limit == 0)
|
|
|
|
{
|
|
|
|
$limit = 100;
|
|
|
|
}
|
|
|
|
|
|
|
|
$q = $request->get('q');
|
|
|
|
if (strlen($q) == 0)
|
|
|
|
{
|
|
|
|
return User::limit($limit)->get()->toJson();
|
|
|
|
}
|
|
|
|
|
|
|
|
return User::where('name', 'like', '%' . $q . '%')
|
|
|
|
->limit($limit)
|
|
|
|
->orderBy('name')
|
|
|
|
->get()
|
|
|
|
->toJson();
|
|
|
|
}
|
2016-10-01 15:24:22 +01:00
|
|
|
}
|