blue-twilight/app/Http/Controllers/Admin/UserController.php

<?php

namespace App\Http\Controllers\Admin;

use App\Facade\Theme;
use App\Facade\UserConfig;
use App\User;

use App\Http\Requests;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\View;

class UserController extends Controller
{
    public function __construct()
    {
        $this->middleware('auth');
        View::share('is_admin', true);
    }

    public function delete(Request $request, $id)
    {
        $this->authorize('admin-access');

        $user = User::where('id', intval($id))->first();
        if (is_null($user))
        {
            App::abort(404);
        }

        if ($user->id == Auth::user()->id)
        {
            $request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));
            return redirect(route('user.index'));
        }

        return Theme::render('admin.delete_user', ['user' => $user]);
    }

    /**
     * Display a listing of the resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function index(Request $request)
    {
        $this->authorize('admin-access');

        $users = User::orderBy('name')
            ->paginate(UserConfig::get('items_per_page'));

        return Theme::render('admin.list_users', [
            'error' => $request->session()->get('error'),
            'success' => $request->session()->get('success'),
            'users' => $users,
            'warning' => $request->session()->get('warning')
        ]);
    }

    /**
     * Show the form for creating a new resource.
     *
     * @return \Illuminate\Http\Response
     */
    public function create()
    {
        $this->authorize('admin-access');

        return Theme::render('admin.create_user');
    }

    /**
     * Store a newly created resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function store(Requests\StoreUserRequest $request)
    {
        $this->authorize('admin-access');

        $user = new User();
        $user->fill($request->only(['name', 'email', 'password']));
        $user->password = bcrypt($user->password);
        $user->is_activated = true;
        $user->is_admin = (strtolower($request->get('is_admin')) == 'on');
        $user->save();

        return redirect(route('user.index'));
    }

    /**
     * Display the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function show($id)
    {
        //
    }

    /**
     * Show the form for editing the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function edit($id)
    {
        $this->authorize('admin-access');

        $user = User::where('id', intval($id))->first();
        if (is_null($user))
        {
            App::abort(404);
        }

        return Theme::render('admin.edit_user', ['user' => $user]);
    }

    /**
     * Update the specified resource in storage.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function update(Requests\StoreUserRequest $request, $id)
    {
        $this->authorize('admin-access');

        $user = User::where('id', intval($id))->first();
        if (is_null($user))
        {
            App::abort(404);
        }

        $user->fill($request->only(['name', 'email']));

        // Change user's password only if supplied
        if (strlen($request->get('password')) > 0)
        {
            $user->password = bcrypt($request->get('password'));
        }

        // Prevent the current administrator from removing their admin rights
        if (
            $user->is_admin &&
            $user->id == Auth::user()->id &&
            strtolower($request->get('is_admin')) != 'on'
        ) {
            $request->session()->flash('warning', trans('admin.cannot_remove_own_admin'));
        }
        else
        {
            $user->is_admin = (strtolower($request->get('is_admin')) == 'on');
        }

        // Manually activate account if requested
        if (strtolower($request->get('is_activated')) == 'on')
        {
            $user->is_activated = true;
            $user->activation_token = null;
        }

        $user->save();

        return redirect(route('user.index'));
    }

    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function destroy(Request $request, $id)
    {
        $this->authorize('admin-access');

        /** @var User $user */
        $user = User::where('id', intval($id))->first();
        if (is_null($user))
        {
            App::abort(404);
        }

        if ($user->id == Auth::user()->id)
        {
            $request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));
            return redirect(route('user.index'));
        }

        try
        {
            $user->delete();
            $request->session()->flash('success', trans('admin.user_deletion_successful', [
                'name' => $user->name
            ]));
        }
        catch (\Exception $ex)
        {
            $request->session()->flash('error', trans('admin.user_deletion_failed', [
                'error_message' => $ex->getMessage(),
                'name' => $user->name
            ]));
        }

        return redirect(route('user.index'));
    }
}
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`<?php`

			`namespace App\Http\Controllers\Admin;`

			`use App\Facade\Theme;`
			`use App\Facade\UserConfig;`
			`use App\User;`

			`use App\Http\Requests;`
			`use App\Http\Controllers\Controller;`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`use Illuminate\Http\Request;`
			`use Illuminate\Support\Facades\App;`
			`use Illuminate\Support\Facades\Auth;`
Added copyright/powered by notices to the footers of all pages. Added a config option to turn it off on the public-facing gallery pages 2016-10-05 16:31:37 +01:00			`use Illuminate\Support\Facades\View;`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00
			`class UserController extends Controller`
			`{`
Added copyright/powered by notices to the footers of all pages. Added a config option to turn it off on the public-facing gallery pages 2016-10-05 16:31:37 +01:00			`public function __construct()`
			`{`
			`$this->middleware('auth');`
			`View::share('is_admin', true);`
			`}`

#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`public function delete(Request $request, $id)`
			`{`
			`$this->authorize('admin-access');`

			`$user = User::where('id', intval($id))->first();`
			`if (is_null($user))`
			`{`
			`App::abort(404);`
			`}`

			`if ($user->id == Auth::user()->id)`
			`{`
			`$request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));`
			`return redirect(route('user.index'));`
			`}`

			`return Theme::render('admin.delete_user', ['user' => $user]);`
			`}`

User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`/**`
			`* Display a listing of the resource.`
			`*`
			`* @return \Illuminate\Http\Response`
			`*/`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`public function index(Request $request)`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`{`
			`$this->authorize('admin-access');`

			`$users = User::orderBy('name')`
			`->paginate(UserConfig::get('items_per_page'));`

			`return Theme::render('admin.list_users', [`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`'error' => $request->session()->get('error'),`
			`'success' => $request->session()->get('success'),`
			`'users' => $users,`
			`'warning' => $request->session()->get('warning')`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`]);`
			`}`

			`/**`
			`* Show the form for creating a new resource.`
			`*`
			`* @return \Illuminate\Http\Response`
			`*/`
			`public function create()`
			`{`
			`$this->authorize('admin-access');`

			`return Theme::render('admin.create_user');`
			`}`

			`/**`
			`* Store a newly created resource in storage.`
			`*`
			`* @param \Illuminate\Http\Request $request`
			`* @return \Illuminate\Http\Response`
			`*/`
			`public function store(Requests\StoreUserRequest $request)`
			`{`
			`$this->authorize('admin-access');`

			`$user = new User();`
			`$user->fill($request->only(['name', 'email', 'password']));`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`$user->password = bcrypt($user->password);`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`$user->is_activated = true;`
			`$user->is_admin = (strtolower($request->get('is_admin')) == 'on');`
			`$user->save();`

			`return redirect(route('user.index'));`
			`}`

			`/**`
			`* Display the specified resource.`
			`*`
			`* @param int $id`
			`* @return \Illuminate\Http\Response`
			`*/`
			`public function show($id)`
			`{`
			`//`
			`}`

			`/**`
			`* Show the form for editing the specified resource.`
			`*`
			`* @param int $id`
			`* @return \Illuminate\Http\Response`
			`*/`
			`public function edit($id)`
			`{`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`$this->authorize('admin-access');`

			`$user = User::where('id', intval($id))->first();`
			`if (is_null($user))`
			`{`
			`App::abort(404);`
			`}`

			`return Theme::render('admin.edit_user', ['user' => $user]);`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`}`

			`/**`
			`* Update the specified resource in storage.`
			`*`
			`* @param \Illuminate\Http\Request $request`
			`* @param int $id`
			`* @return \Illuminate\Http\Response`
			`*/`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`public function update(Requests\StoreUserRequest $request, $id)`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`{`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`$this->authorize('admin-access');`

			`$user = User::where('id', intval($id))->first();`
			`if (is_null($user))`
			`{`
			`App::abort(404);`
			`}`

			`$user->fill($request->only(['name', 'email']));`

			`// Change user's password only if supplied`
			`if (strlen($request->get('password')) > 0)`
			`{`
			`$user->password = bcrypt($request->get('password'));`
			`}`

			`// Prevent the current administrator from removing their admin rights`
			`if (`
			`$user->is_admin &&`
			`$user->id == Auth::user()->id &&`
			`strtolower($request->get('is_admin')) != 'on'`
			`) {`
			`$request->session()->flash('warning', trans('admin.cannot_remove_own_admin'));`
			`}`
			`else`
			`{`
			`$user->is_admin = (strtolower($request->get('is_admin')) == 'on');`
			`}`

			`// Manually activate account if requested`
			`if (strtolower($request->get('is_activated')) == 'on')`
			`{`
			`$user->is_activated = true;`
			`$user->activation_token = null;`
			`}`

			`$user->save();`

			`return redirect(route('user.index'));`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`}`

			`/**`
			`* Remove the specified resource from storage.`
			`*`
			`* @param int $id`
			`* @return \Illuminate\Http\Response`
			`*/`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`public function destroy(Request $request, $id)`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`{`
#1: User accounts can now be deleted. The current user account cannot be deleted, or have the admin privileges removed. Accounts can now be activated manually. New user accounts passwords are encrypted correctly before being saved. 2016-10-03 14:11:24 +01:00			`$this->authorize('admin-access');`

			`/** @var User $user */`
			`$user = User::where('id', intval($id))->first();`
			`if (is_null($user))`
			`{`
			`App::abort(404);`
			`}`

			`if ($user->id == Auth::user()->id)`
			`{`
			`$request->session()->flash('warning', trans('admin.cannot_delete_own_user_account'));`
			`return redirect(route('user.index'));`
			`}`

			`try`
			`{`
			`$user->delete();`
			`$request->session()->flash('success', trans('admin.user_deletion_successful', [`
			`'name' => $user->name`
			`]));`
			`}`
			`catch (\Exception $ex)`
			`{`
			`$request->session()->flash('error', trans('admin.user_deletion_failed', [`
			`'error_message' => $ex->getMessage(),`
			`'name' => $user->name`
			`]));`
			`}`

			`return redirect(route('user.index'));`
User accounts can now be created using the new user management screen. Added cURL as a required PHP extension 2016-10-01 15:24:22 +01:00			`}`
			`}`