DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-09-21 16:27:35 -07:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
snipe-it/app/Http/Controllers/Users/UsersController.php

673 lines
26 KiB
PHP
Raw Normal View History

Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
<?php
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
namespace App\Http\Controllers\Users;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use App\Helpers\Helper;
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
use App\Http\Controllers\Controller;
use App\Http\Controllers\UserNotFoundException;
Add image upload to user edit [ch10508] (#7877) * Use correct Request include * Updated to use additional form request * Added SVG sanitizer * Added response method to form request * Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete * Fixed upload path for avatars * Added fieldname variable to blade partial for image upload * Added enctype="multipart/form-data" to form to allow uploads * Added image field * Updated Request::old() to use $request->old() * Fixed derp in edit blade referring to $item when it should be $user * Added svg+xml to image rule
2020-03-05 18:00:24 -08:00
use App\Http\Requests\ImageUploadRequest;
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
use App\Http\Requests\SaveUserRequest;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use App\Models\Asset;
use App\Models\Company;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use App\Models\Group;
use App\Models\Ldap;
Added #6489: show asset assignments under user assignments (#7293) * Add a setting to show assets assigned to other assets #6489 * Update user's views to show assets assigned to other assets #6489 * Add ukrainian and russian translation for the feature #6489 in settings
2019-12-06 10:57:48 -08:00
use App\Models\Setting;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use App\Models\User;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use App\Notifications\WelcomeNotification;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use Auth;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use Illuminate\Database\Eloquent\ModelNotFoundException;
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
use Illuminate\Http\Request;
Allow password reset from user profile Signed-off-by: snipe <snipe@snipe.net>
2021-05-26 15:32:23 -07:00
use Illuminate\Support\Facades\Password;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use Input;
use Redirect;
use Str;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use Symfony\Component\HttpFoundation\StreamedResponse;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use View;
adds button to email user list of assets from profile
2022-06-29 11:15:15 -07:00
use App\Notifications\CurrentInventory;
Fixes groups for cloning users
2016-06-02 00:41:10 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
/**
Updated docblocks
2016-04-07 13:21:09 -07:00
* This controller handles all actions related to Users for
* the Snipe-IT Asset Management application.
*
* @version v1.0
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
*/
class UsersController extends Controller
{
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Returns a view that invokes the ajax tables which actually contains
* the content for the users listing, which is generated in getDatatable().
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @see UsersController::getDatatable() method that generates the JSON response
* @since [v1.0]
* @return \Illuminate\Contracts\View\View
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function index()
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('index', User::class);
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/index');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Returns a view that displays the user creation form.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @return \Illuminate\Contracts\View\View
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
WIP: Upgrade develop to Laravel 6.6.1 (#7637) I'm going ahead and merging this, since the upgrade doesn't break Flysystem any worse than the current develop is broken, so far as I can tell. * Upgraded framework to Laravel 6 ### TO DO: - Fix password restriction rules- the old library isn’t compatible with Laravel 6 :( - Figure out why in-app API calls are returning “Unauthorized” * More updates from Input:: to Request:: helper * Switch to Request:: from Input * Added passport config * Fixed goofy password minimum in seeder * Added laravel/helpers * Changed ($item) to ($item->id) in forms I have no idea why this is necessary * Changed ($item) to ($item->id) in forms * Updated API middleware to auth:api * Updated with added laravel auth.php values * FIxed *&!^$%^&$^%!!!! ajax issue * Switch to Request::get from Input::get * Switched to Request facade * Added password security minimums back in The package we were using has not been updated to Laravel v6, so I created custom validators instead * Added language strings for error messages for password rules * Fixed `($item)` issue in formActions for partials
2019-12-10 19:32:50 -08:00
public function create(Request $request)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('create', User::class);
Fixes #1997 - save user groups without Sentry crap
2016-05-12 15:26:48 -07:00
$groups = Group::pluck('name', 'id');
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
$userGroups = collect();
Add image upload to user edit [ch10508] (#7877) * Use correct Request include * Updated to use additional form request * Added SVG sanitizer * Added response method to form request * Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete * Fixed upload path for avatars * Added fieldname variable to blade partial for image upload * Added enctype="multipart/form-data" to form to allow uploads * Added image field * Updated Request::old() to use $request->old() * Fixed derp in edit blade referring to $item when it should be $user * Added svg+xml to image rule
2020-03-05 18:00:24 -08:00
if ($request->old('groups')) {
$userGroups = Group::whereIn('id', $request->old('groups'))->pluck('name', 'id');
Fixes #1997 and #1996 - replace sentry functions
2016-04-28 21:59:43 -07:00
}
Moved group sync
2016-06-15 11:51:10 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$permissions = config('permissions');
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$userPermissions = Helper::selectedPermissionsArray($permissions, $request->old('permissions', []));
Rework permissions view (#2756) * Early layout work on a cleaner permissions interface * Cleanup layout. Make new permissions view work. Still needs some css and javascript improvements. Also need to do the same thing to the group view. * Improve styling, add javascript to toggle an entire group of permissions if choosing the permission on the header row. Would be nice to add collapsing of sections in the future. * Toggle viewing sections. * Special case places where we only have one item in a group to only display the item once. * Filter getCreate the same way.
2016-10-12 12:06:28 -07:00
$permissions = $this->filterDisplayable($permissions);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Set activated checkbox to 1 by default on new user
2018-08-14 18:17:37 -07:00
$user = new User;
$user->activated = 1;
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/edit', compact('groups', 'userGroups', 'permissions', 'userPermissions'))
Set activated checkbox to 1 by default on new user
2018-08-14 18:17:37 -07:00
->with('user', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Validate and store the new user data, or return an error.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param SaveUserRequest $request
* @return \Illuminate\Http\RedirectResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function store(SaveUserRequest $request)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('create', User::class);
Cleanup namespaces a bit
2016-03-25 19:26:22 -07:00
$user = new User;
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
//Username, email, and password need to be handled specially because the need to respect config values on an edit.
Do a trim() before inserting/updating Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 06:18:52 -08:00
$user->email = trim($request->input('email'));
$user->username = trim($request->input('username'));
Change $request->has to $request->filled unilaterally
2018-07-24 22:51:31 -07:00
if ($request->filled('password')) {
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$user->password = bcrypt($request->input('password'));
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
$user->locale = $request->input('locale');
$user->employee_num = $request->input('employee_num');
Fixed activated issue for strict mode
2018-07-24 13:28:59 -07:00
$user->activated = $request->input('activated', 0);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->jobtitle = $request->input('jobtitle');
$user->phone = $request->input('phone');
Move sanitization of input to the model attribute setters. This cleans up a lot of checks in the various controller methods and ensures data will be set in the model accurately regardless of where it's set. Add unit tests for these methods (#3102)
2016-12-26 15:17:46 -08:00
$user->location_id = $request->input('location_id', null);
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
$user->department_id = $request->input('department_id', null);
Move sanitization of input to the model attribute setters. This cleans up a lot of checks in the various controller methods and ensures data will be set in the model accurately regardless of where it's set. Add unit tests for these methods (#3102)
2016-12-26 15:17:46 -08:00
$user->company_id = Company::getIdForUser($request->input('company_id', null));
$user->manager_id = $request->input('manager_id', null);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->notes = $request->input('notes');
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->address = $request->input('address', null);
$user->city = $request->input('city', null);
$user->state = $request->input('state', null);
$user->country = $request->input('country', null);
$user->zip = $request->input('zip', null);
Add remote option to user Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 05:35:26 -08:00
$user->remote = $request->input('remote', 0);
Added website field that was missing from update and store method.
2022-06-17 06:09:39 -07:00
$user->website = $request->input('website', null);
Save the user id who is creating the user Signed-off-by: snipe <snipe@snipe.net>
2022-06-23 17:19:08 -07:00
$user->created_by = Auth::user()->id;
Store data for start and end Signed-off-by: snipe <snipe@snipe.net>
2022-10-05 16:58:26 -07:00
$user->start_date = $request->input('start_date', null);
$user->end_date = $request->input('end_date', null);
missed a few renames
2023-01-18 08:57:59 -08:00
$user->autoassign_licenses= $request->input('autoassign_licenses', 1);
Unset superadmin by non-superadmins on user create
2016-10-31 19:08:24 -07:00
// Strip out the superuser permission if the user isn't a superadmin
$permissions_array = $request->input('permission');
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
if (! Auth::user()->isSuperUser()) {
Unset superadmin by non-superadmins on user create
2016-10-31 19:08:24 -07:00
unset($permissions_array['superuser']);
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$user->permissions = json_encode($permissions_array);
Fixed the other upload handleUploads signatures
2020-08-24 18:32:40 -07:00
// we have to invoke the
Shorten the additiona form request invocation to just `ImageUploadRequest` We already have the `use App\Http\Requests\ImageUploadRequest` clause at the top of this file. Signed-off-by: snipe <snipe@snipe.net>
2023-01-23 21:37:35 -08:00
app(ImageUploadRequest::class)->handleImages($user, 600, 'avatar', 'avatars', 'avatar');
Add image upload to user edit [ch10508] (#7877) * Use correct Request include * Updated to use additional form request * Added SVG sanitizer * Added response method to form request * Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete * Fixed upload path for avatars * Added fieldname variable to blade partial for image upload * Added enctype="multipart/form-data" to form to allow uploads * Added image field * Updated Request::old() to use $request->old() * Fixed derp in edit blade referring to $item when it should be $user * Added svg+xml to image rule
2020-03-05 18:00:24 -08:00
Moved group sync
2016-06-15 11:51:10 -07:00
if ($user->save()) {
Change $request->has to $request->filled unilaterally
2018-07-24 22:51:31 -07:00
if ($request->filled('groups')) {
Moved group sync
2016-06-15 11:51:10 -07:00
$user->groups()->sync($request->input('groups'));
} else {
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$user->groups()->sync([]);
Moved group sync
2016-06-15 11:51:10 -07:00
}
Pass users path to get_src
2016-07-28 05:49:41 -07:00
Change $request->has to $request->filled unilaterally
2018-07-24 22:51:31 -07:00
if (($request->input('email_user') == 1) && ($request->filled('email'))) {
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
// Send the credentials through email
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$data = [];
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$data['email'] = e($request->input('email'));
$data['username'] = e($request->input('username'));
$data['first_name'] = e($request->input('first_name'));
New First Admin Notification (#5147) * New First Admin Notification * Include Last name in Welcome and First admin Notifications
2018-03-03 14:37:42 -08:00
$data['last_name'] = e($request->input('last_name'));
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$data['password'] = e($request->input('password'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
New Welcome Notification (#5146) * New Test Notification Created Test Notification. Updated Vendor Mail message.blade files. Updated api settings controller to use Notification Façade. * Add show URL in Emails condition * New Welcome Notification
2018-03-03 12:44:41 -08:00
$user->notify(new WelcomeNotification($data));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Make delete routes work. (#3077) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls.
2016-12-19 10:42:33 -08:00
return redirect::route('users.index')->with('success', trans('admin/users/message.success.create'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
return redirect()->back()->withInput()->withErrors($user->getErrors());
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
private function filterDisplayable($permissions)
{
$output = null;
foreach ($permissions as $key => $permission) {
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
$output[$key] = array_filter($permission, function ($p) {
return $p['display'] === true;
});
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
return $output;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* Returns a view that displays the edit user form
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param $permissions
* @return View
* @internal param int $id
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
public function edit($id)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
if ($user = User::find($id)) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', $user);
Fixes #1997 and #1996 - replace sentry functions
2016-04-28 21:59:43 -07:00
$permissions = config('permissions');
$groups = Group::pluck('name', 'id');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Fixes #1997 and #1996 - replace sentry functions
2016-04-28 21:59:43 -07:00
$userGroups = $user->groups()->pluck('name', 'id');
$user->permissions = $user->decodePermissions();
$userPermissions = Helper::selectedPermissionsArray($permissions, $user->permissions);
Rework permissions view (#2756) * Early layout work on a cleaner permissions interface * Cleanup layout. Make new permissions view work. Still needs some css and javascript improvements. Also need to do the same thing to the group view. * Improve styling, add javascript to toggle an entire group of permissions if choosing the permission on the header row. Would be nice to add collapsing of sections in the future. * Toggle viewing sections. * Special case places where we only have one item in a group to only display the item once. * Filter getCreate the same way.
2016-10-12 12:06:28 -07:00
$permissions = $this->filterDisplayable($permissions);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
More ajax menu fixes
2017-10-28 11:17:52 -07:00
return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions'))->with('item', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Add remote option to user Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 05:35:26 -08:00
return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* Validate and save edited user data from edit form.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* @param SaveUserRequest $request
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @param int $id
* @return \Illuminate\Http\RedirectResponse
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
Remove/Reorganize logic to make codacy happier.
2020-05-23 11:58:44 -07:00
public function update(SaveUserRequest $request, $id = null)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Fixed user image upload TODO: We should probably rename the avatar field on the user’s table, to make it more consistent with the other model images
2020-08-26 02:30:23 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// We need to reverse the UI specific logic for our
// permissions here before we update the user.
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$permissions = $request->input('permissions', []);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
app('request')->request->set('permissions', $permissions);
Prevent editing special users demo mode
2019-02-04 19:13:55 -08:00
// This is a janky hack to prevent people from changing admin demo user data on the public demo.
// The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
// Thanks, jerks. You are why we can't have nice things. - snipe
if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
return redirect()->route('users.index')->with('error', 'Permission denied. You cannot update user information for superadmins on the demo.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
try {
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
$user = User::findOrFail($id);
bugfix: updating a user when an admin (not a superuser) would remove any groups from the user. (#5914)
2018-07-21 23:02:06 -07:00
} catch (ModelNotFoundException $e) {
return redirect()->route('users.index')
Checkout update locationid (#5919) * Fix missing punctuation. Bad merge. * If we're checking out to an location, use it's id instead of location_id
2018-07-23 06:47:21 -07:00
->with('error', trans('admin/users/message.user_not_found', compact('id')));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Remove/Reorganize logic to make codacy happier.
2020-05-23 11:58:44 -07:00
$this->authorize('update', $user);
// Figure out of this user was an admin before this edit
$orig_permissions_array = $user->decodePermissions();
$orig_superuser = '0';
if (is_array($orig_permissions_array)) {
if (array_key_exists('superuser', $orig_permissions_array)) {
$orig_superuser = $orig_permissions_array['superuser'];
}
}
Do not makes group editable if the user is not an admin This fixes a bug where the field was (correctly) disabled if the editing user isn’t a superadmin, but because the field was disabled, it would clear the permission groups.
2016-10-31 18:57:35 -07:00
// Only save groups if the user is a super user
if (Auth::user()->isSuperUser()) {
Fixed #6061 - Assigned user group cannot be removed
2019-02-12 23:49:42 -08:00
$user->groups()->sync($request->input('groups'));
Added inheritance back into users/groups
2016-06-15 20:45:45 -07:00
}
Do not makes group editable if the user is not an admin This fixes a bug where the field was (correctly) disabled if the editing user isn’t a superadmin, but because the field was disabled, it would clear the permission groups.
2016-10-31 18:57:35 -07:00
Remove/Reorganize logic to make codacy happier.
2020-05-23 11:58:44 -07:00
// Update the user
Change $request->has to $request->filled unilaterally
2018-07-24 22:51:31 -07:00
if ($request->filled('username')) {
Do a trim() before inserting/updating Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 06:18:52 -08:00
$user->username = trim($request->input('username'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Do a trim() before inserting/updating Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 06:18:52 -08:00
$user->email = trim($request->input('email'));
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
Add presenters for models. (#3098) * Add presenters for models. Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot. Move view specific modifications from the models to the presenters as well. * Fix some issues found by travis and codacy * Fix a few more issues found while testing. * Attempt another acceptance test fix * Try something else * Maybe..
2016-12-23 17:52:00 -08:00
$user->two_factor_optin = $request->input('two_factor_optin') ?: 0;
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->locale = $request->input('locale');
$user->employee_num = $request->input('employee_num');
Set activated to zero if no values passed for active user
2018-07-18 08:27:26 -07:00
$user->activated = $request->input('activated', 0);
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->jobtitle = $request->input('jobtitle', null);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->phone = $request->input('phone');
Move sanitization of input to the model attribute setters. This cleans up a lot of checks in the various controller methods and ensures data will be set in the model accurately regardless of where it's set. Add unit tests for these methods (#3102)
2016-12-26 15:17:46 -08:00
$user->location_id = $request->input('location_id', null);
$user->company_id = Company::getIdForUser($request->input('company_id', null));
$user->manager_id = $request->input('manager_id', null);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->notes = $request->input('notes');
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
$user->department_id = $request->input('department_id', null);
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->address = $request->input('address', null);
$user->city = $request->input('city', null);
$user->state = $request->input('state', null);
$user->country = $request->input('country', null);
Fix activated check for login
2018-07-16 23:48:46 -07:00
$user->activated = $request->input('activated', 0);
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->zip = $request->input('zip', null);
Add remote option to user Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 05:35:26 -08:00
$user->remote = $request->input('remote', 0);
Added website field that was missing from update and store method.
2022-06-17 06:09:39 -07:00
$user->website = $request->input('website', null);
Store data for start and end Signed-off-by: snipe <snipe@snipe.net>
2022-10-05 16:58:26 -07:00
$user->start_date = $request->input('start_date', null);
$user->end_date = $request->input('end_date', null);
missed a few renames
2023-01-18 08:57:59 -08:00
$user->autoassign_licenses = $request->input('autoassign_licenses', 1);
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
Fixed updating the assigned assets location if user’s location changes
2017-10-30 19:33:52 -07:00
// Update the location of any assets checked out to this user
Asset::where('assigned_type', User::class)
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
->where('assigned_to', $user->id)
->update(['location_id' => $request->input('location_id', null)]);
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
// Do we want to update the user password?
Change $request->has to $request->filled unilaterally
2018-07-24 22:51:31 -07:00
if ($request->filled('password')) {
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
$user->password = bcrypt($request->input('password'));
}
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
Only save user permissions if the user is a superadmin
2016-10-31 19:07:55 -07:00
$permissions_array = $request->input('permission');
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
// Strip out the superuser permission if the user isn't a superadmin
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
if (! Auth::user()->isSuperUser()) {
Only save user permissions if the user is a superadmin
2016-10-31 19:07:55 -07:00
unset($permissions_array['superuser']);
Check if the edited users permissioms are superuser before edit
2016-10-31 19:37:24 -07:00
$permissions_array['superuser'] = $orig_superuser;
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$user->permissions = json_encode($permissions_array);
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
Misc Flysystem/image upload request fixes
2020-08-26 11:53:36 -07:00
// Handle uploaded avatar
Shorten the additiona form request invocation to just `ImageUploadRequest` We already have the `use App\Http\Requests\ImageUploadRequest` clause at the top of this file. Signed-off-by: snipe <snipe@snipe.net>
2023-01-23 21:37:35 -08:00
app(ImageUploadRequest::class)->handleImages($user, 600, 'avatar', 'avatars', 'avatar');
Fixed user image upload TODO: We should probably rename the avatar field on the user’s table, to make it more consistent with the other model images
2020-08-26 02:30:23 -07:00
Misc Flysystem/image upload request fixes
2020-08-26 11:53:36 -07:00
//\Log::debug(print_r($user, true));
Add image upload to user edit [ch10508] (#7877) * Use correct Request include * Updated to use additional form request * Added SVG sanitizer * Added response method to form request * Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete * Fixed upload path for avatars * Added fieldname variable to blade partial for image upload * Added enctype="multipart/form-data" to form to allow uploads * Added image field * Updated Request::old() to use $request->old() * Fixed derp in edit blade referring to $item when it should be $user * Added svg+xml to image rule
2020-03-05 18:00:24 -08:00
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
// Was the user updated?
Move checks back into methods instead of having an extra helper method. Also remove unnecessary lock_passwords checks because there is a check at the top of the method that does this already.
2016-06-27 21:11:59 -07:00
if ($user->save()) {
// Redirect to the user page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
->with('success', trans('admin/users/message.success.update'));
Move checks back into methods instead of having an extra helper method. Also remove unnecessary lock_passwords checks because there is a check at the top of the method that does this already.
2016-06-27 21:11:59 -07:00
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
return redirect()->back()->withInput()->withErrors($user->getErrors());
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Delete a user
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $id
* @return \Illuminate\Http\RedirectResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function destroy($id = null)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
try {
// Get user information
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
$user = User::findOrFail($id);
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
// Authorize takes care of many of our logic checks now.
$this->authorize('delete', User::class);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Check if we are not trying to delete ourselves
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
if ($user->id === Auth::id()) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
->with('error', 'We would feel really bad if you deleted yourself, please reconsider.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Make sure $user->item exists before trying to count on it
2019-12-11 14:43:46 -08:00
if (($user->assets()) && (($assetsCount = $user->assets()->count()) > 0)) {
Fixes #4056 - check for assets before deleting user
2017-09-28 19:57:52 -07:00
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
->with('error', 'This user still has '.$assetsCount.' assets associated with them.');
Fixes #4056 - check for assets before deleting user
2017-09-28 19:57:52 -07:00
}
Make sure $user->item exists before trying to count on it
2019-12-11 14:43:46 -08:00
if (($user->licenses()) && (($licensesCount = $user->licenses()->count())) > 0) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
->with('error', 'This user still has '.$licensesCount.' licenses associated with them.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Make sure $user->item exists before trying to count on it
2019-12-11 14:43:46 -08:00
if (($user->accessories()) && (($accessoriesCount = $user->accessories()->count()) > 0)) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
->with('error', 'This user still has '.$accessoriesCount.' accessories associated with them.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Make sure $user->item exists before trying to count on it
2019-12-11 14:43:46 -08:00
if (($user->managedLocations()) && (($managedLocationsCount = $user->managedLocations()->count())) > 0) {
Check for accessories
2016-04-21 21:01:45 -07:00
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
->with('error', 'This user still has '.$managedLocationsCount.' locations that they manage.');
Check for accessories
2016-04-21 21:01:45 -07:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Delete the user
$user->delete();
// Prepare the success message
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')->with('success', trans('admin/users/message.success.delete'));
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
} catch (ModelNotFoundException $e) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Prepare the error message
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
->with('error', trans('admin/users/message.user_not_found', compact('id')));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Restore a deleted user
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* @param int $id
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
* @return \Illuminate\Http\RedirectResponse
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
public function getRestore($id = null)
{
Fix issues with update permission naming (#7493) This solves an issue when admin would be able to create and delete categories but not edit them.
2019-10-28 11:44:48 -07:00
$this->authorize('update', User::class);
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
// Get user information
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
if (! User::onlyTrashed()->find($id)) {
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', trans('admin/users/messages.user_not_found'));
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
}
Check for accessories
2016-04-21 21:01:45 -07:00
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
// Restore the user
if (User::withTrashed()->where('id', $id)->restore()) {
return redirect()->route('users.index')->with('success', trans('admin/users/message.success.restored'));
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
return redirect()->route('users.index')->with('error', 'User could not be restored.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Return a view with user detail
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $userId
* @return \Illuminate\Contracts\View\View
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function show($userId = null)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
if (! $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($userId)) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
->with('error', trans('admin/users/message.user_not_found', ['id' => $userId]));
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Actionlog Class: Improvements and polymorphism (#2561) * Save progress * Create a new action_log table to replace asset_log. Use Polymorphism to generalize class and targets. Port everything I can find to use it. Add a migration to port the asset_logs table to action_logs. * Allow accepted_id to be nullable. * Comment out the thread_id migration, because it b0rks on a new database with the move. I'm unsure if the thread_id does anything...It doesn't seem to be used * Clean up all old methods from Actionlog model. Port everything to use new cleaner interface. * Port the actionlog factory to fix travis. * Adjust code to work on php5. Also fix lurking adminlog call. * Remove weird code * Port the pave command. Also fix dangling adminlog
2016-09-06 19:39:42 -07:00
$userlog = $user->userlog->load('item');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
$this->authorize('view', $user);
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Added #6489: show asset assignments under user assignments (#7293) * Add a setting to show assets assigned to other assets #6489 * Update user's views to show assets assigned to other assets #6489 * Add ukrainian and russian translation for the feature #6489 in settings
2019-12-06 10:57:48 -08:00
return view('users/view', compact('user', 'userlog'))
->with('settings', Setting::getSettings());
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Unsuspend a user.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $id
* @return Redirect
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
public function getUnsuspend($id = null)
{
try {
// Get user information
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
$user = User::findOrFail($id);
Fix issues with update permission naming (#7493) This solves an issue when admin would be able to create and delete categories but not edit them.
2019-10-28 11:44:48 -07:00
$this->authorize('update', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Check if we are not trying to unsuspend ourselves
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
if ($user->id === Auth::id()) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Prepare the error message
Updated to use 5.2 trans() instead of Lang::get for localization
2016-04-07 13:39:35 -07:00
$error = trans('admin/users/message.error.unsuspend');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', $error);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
// Do we have permission to unsuspend this user?
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
if ($user->isSuperUser() && ! Auth::user()->isSuperUser()) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', 'Insufficient permissions!');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')->with('success', trans('admin/users/message.success.unsuspend'));
} catch (ModelNotFoundException $e) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
->with('error', trans('admin/users/message.user_not_found', compact('id')));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
/**
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* Return a view containing a pre-populated new user form,
* populated with some fields from an existing user.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $id
* @return \Illuminate\Contracts\View\View
* @throws \Illuminate\Auth\Access\AuthorizationException
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
*/
Use $request->input over Request::get()
2019-12-11 11:09:54 -08:00
public function getClone(Request $request, $id = null)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('create', User::class);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// We need to reverse the UI specific logic for our
// permissions here before we update the user.
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$permissions = $request->input('permissions', []);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
app('request')->request->set('permissions', $permissions);
try {
// Get the user information
Fixed restore again. For some reason, $user->restore() isn't working? WTF.
2016-04-21 20:52:32 -07:00
$user_to_clone = User::withTrashed()->find($id);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$user = clone $user_to_clone;
$user->first_name = '';
$user->last_name = '';
$user->email = substr($user->email, ($pos = strpos($user->email, '@')) !== false ? $pos : 0);
$user->id = null;
// Get this user groups
Addec clone button back to models, assets, licenses, etc
2017-07-07 18:45:49 -07:00
$userGroups = $user_to_clone->groups()->pluck('name', 'id');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Get all the available permissions
$permissions = config('permissions');
Add a clone button the the user table. (#2241) Also preserve permissions when cloning a user, instead of nulling them by default.
2016-07-10 18:43:10 -07:00
$clonedPermissions = $user_to_clone->decodePermissions();
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
$userPermissions = Helper::selectedPermissionsArray($permissions, $clonedPermissions);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Show the page
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/edit', compact('permissions', 'userPermissions'))
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
->with('user', $user)
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
->with('groups', Group::pluck('name', 'id'))
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
->with('userGroups', $userGroups)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
->with('clone_user', $user_to_clone);
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
} catch (ModelNotFoundException $e) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Prepare the error message
// Redirect to the user management page
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return redirect()->route('users.index')
->with('error', trans('admin/users/message.user_not_found', compact('id')));
Reworked LDAP login. Fixes #2218 LDAP no longer fails completely when the connection settings are wrong, or when app key is messed up. Rather than auth as the admin user and search, we auth as the user themselves. Admin auth is only for LDAP sync now. This should mean much fewer problems with donked LDAP settings and login.
2016-07-13 05:50:24 -07:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
/**
* Exports users to CSV
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.5]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return StreamedResponse
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
* @throws \Illuminate\Auth\Access\AuthorizationException
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
*/
public function getExportUserCsv()
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('view', User::class);
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
\Debugbar::disable();
Small phpcbf cleanup
2016-12-29 14:02:18 -08:00
$response = new StreamedResponse(function () {
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
// Open output stream
$handle = fopen('php://output', 'w');
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
User::with('assets', 'accessories', 'consumables', 'department', 'licenses', 'manager', 'groups', 'userloc', 'company')
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
->orderBy('created_at', 'DESC')
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
->chunk(500, function ($users) use ($handle) {
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
$headers = [
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
// strtolower to prevent Excel from trying to open it as a SYLK file
strtolower(trans('general.id')),
trans('admin/companies/table.title'),
trans('admin/users/table.title'),
Fixed duplication for a couple of items, removed TODO markers, added lots of translation strings where there was a TODO
2022-01-06 03:35:37 -08:00
trans('general.employee_number'),
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
trans('admin/users/table.name'),
trans('admin/users/table.username'),
trans('admin/users/table.email'),
trans('admin/users/table.manager'),
trans('admin/users/table.location'),
trans('general.department'),
trans('general.assets'),
trans('general.licenses'),
trans('general.accessories'),
trans('general.consumables'),
trans('admin/users/table.groups'),
trans('general.notes'),
trans('admin/users/table.activated'),
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
trans('general.created_at'),
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
];
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
fputcsv($handle, $headers);
foreach ($users as $user) {
$user_groups = '';
foreach ($user->groups as $user_group) {
$user_groups .= $user_group->name.', ';
}
// Add a new row with data
$values = [
$user->id,
($user->company) ? $user->company->name : '',
$user->jobtitle,
$user->employee_num,
$user->present()->fullName(),
$user->username,
$user->email,
($user->manager) ? $user->manager->present()->fullName() : '',
($user->userloc) ? $user->userloc->name : '',
($user->department) ? $user->department->name : '',
$user->assets->count(),
$user->licenses->count(),
$user->accessories->count(),
$user->consumables->count(),
$user_groups,
$user->notes,
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
($user->activated == '1') ? trans('general.yes') : trans('general.no'),
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
$user->created_at,
];
fputcsv($handle, $values);
}
});
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
// Close the output stream
fclose($handle);
}, 200, [
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
'Content-Type' => 'text/csv; charset=UTF-8',
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
'Content-Disposition' => 'attachment; filename="users-'.date('Y-m-d-his').'.csv"',
]);
return $response;
}
Fixes #106 - adds Google Authenticator support (#2842) * refactor to clean up LDAP login, and make the login method easier to handle. * Login refactor cleanup * Google 2FA package * Adds Google Authenticator two-factor * Removed unused blade * Added optin setting in profile * Removed dumb comments * Made lock_passwords check more consistent * Additional two factor strings * Lock passwords check * Display feature disabled text if in demo mode * Two factor admin reset options * Translation strings
2016-10-29 05:50:55 -07:00
Starter print template for all assets assigned to a user
2017-12-05 01:55:24 -08:00
/**
Added routes, language Signed-off-by: snipe <snipe@snipe.net>
2022-10-04 15:45:25 -07:00
* Print inventory
Starter print template for all assets assigned to a user
2017-12-05 01:55:24 -08:00
*
* @author Aladin Alaily
* @since [v1.8]
* @return \Illuminate\Http\RedirectResponse
*/
Fixed #4581 - renamed print method
2017-12-06 11:17:42 -08:00
public function printInventory($id)
Starter print template for all assets assigned to a user
2017-12-05 01:55:24 -08:00
{
Fixed #6349 - add view permission for print all assigned
2018-10-19 16:46:46 -07:00
$this->authorize('view', User::class);
Fixed #5811 - Non US Characters in user export (#6132) * Added Freebsd as vagrant machine for development * Ran npm audit fix Manually added peer depenencies * Added charset=UTF-8 to content-type Removed reference to throttle model as is is not longer included.
2018-08-28 12:37:58 -07:00
$show_user = User::where('id', $id)->withTrashed()->first();
Added #2562 - print view of all assigned inventory
2017-12-05 12:34:16 -08:00
$assets = Asset::where('assigned_to', $id)->where('assigned_type', User::class)->with('model', 'model.category')->get();
Fixed #4581 - renamed print method
2017-12-06 11:17:42 -08:00
$accessories = $show_user->accessories()->get();
$consumables = $show_user->consumables()->get();
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Monster: Cleanup/Refactor http controllers. (#5916) * Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods. * Use same image upload/layout in accessories as consum+components. * Monster: Cleanup/Refactor http controllers. This cleans up docblocks, pulls most non-crudy actions into their own controllers, and does general cleanup/logic refactoring. There /should/ be no functional changes, but we all know how should works.. Extract checkin/checkout functions to a separate controller for accessories. Move controllers to subdirectory. Cleanup AssetModelsController Extract component checkin/checkout Assorted cleanups/doc/formatting in controllers. Refactor LicenseController. Refactor UsersController Update viewassetscontroller. * Codacy cleanups * More codacy cleanups. Extract a LicenseCheckout Form request as well. * A bit more refactor/cleaning of the license checkout method. * Review Related Cleanups * Fix most of the item_not_found translations. In many cases, the string being generated did not even use the id parameter. Where it does, pass it as id instead of as a different value. * Remove some old $data arrays from when we manually sent emails from the controllers. This has been superseeded by the notification system (yay!) * Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
2018-07-24 19:35:26 -07:00
return view('users/print')->with('assets', $assets)
->with('licenses', $show_user->licenses()->get())
->with('accessories', $accessories)
->with('consumables', $consumables)
Added #6489: show asset assignments under user assignments (#7293) * Add a setting to show assets assigned to other assets #6489 * Update user's views to show assets assigned to other assets #6489 * Add ukrainian and russian translation for the feature #6489 in settings
2019-12-06 10:57:48 -08:00
->with('show_user', $show_user)
->with('settings', Setting::getSettings());
Starter print template for all assets assigned to a user
2017-12-05 01:55:24 -08:00
}
adds docblock
2022-06-29 13:01:29 -07:00
/**
* Emails user a list of assigned assets
*
* @author [G. Martinez] [<godmartinz@gmail.com>]
* @since [v6.0.5]
* @param \App\Http\Controllers\Users\UsersController $id
* @return \Illuminate\Http\RedirectResponse
*/
adds button to email user list of assets from profile
2022-06-29 11:15:15 -07:00
public function emailAssetList($id)
{
$this->authorize('view', User::class);
Fixes Email List of All Assigned being "successful" when the user has no email Added check in view to disable button if there is no email Added translation for title on disabled button and for email check in controller Fixed missing trans for user not found message
2022-07-11 18:02:10 -07:00
if (!$user = User::find($id)) {
return redirect()->back()
->with('error', trans('admin/users/message.user_not_found', ['id' => $id]));
}
if (empty($user->email)) {
return redirect()->back()->with('error', trans('admin/users/message.user_has_no_email'));
}
adds button to email user list of assets from profile
2022-06-29 11:15:15 -07:00
Fixes Email List of All Assigned being "successful" when the user has no email Added check in view to disable button if there is no email Added translation for title on disabled button and for email check in controller Fixed missing trans for user not found message
2022-07-11 18:02:10 -07:00
$user->notify((new CurrentInventory($user)));
return redirect()->back()->with('success', trans('admin/users/general.user_notified'));
adds button to email user list of assets from profile
2022-06-29 11:15:15 -07:00
}
Allow password reset from user profile Signed-off-by: snipe <snipe@snipe.net>
2021-05-26 15:32:23 -07:00
/**
* Send individual password reset email
*
* @author A. Gianotto
* @since [v5.0.15]
* @return \Illuminate\Http\RedirectResponse
*/
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
public function sendPasswordReset($id)
{
if (($user = User::find($id)) && ($user->activated == '1') && ($user->email != '') && ($user->ldap_import == '0')) {
Do a trim() before inserting/updating Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 06:18:52 -08:00
$credentials = ['email' => trim($user->email)];
Allow password reset from user profile Signed-off-by: snipe <snipe@snipe.net>
2021-05-26 15:32:23 -07:00
try {
Fixed #11100 for individual users Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 12:07:18 -07:00
Password::sendResetLink($credentials);
Allow password reset from user profile Signed-off-by: snipe <snipe@snipe.net>
2021-05-26 15:32:23 -07:00
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
return redirect()->back()->with('success', trans('admin/users/message.password_reset_sent', ['email' => $user->email]));
Allow password reset from user profile Signed-off-by: snipe <snipe@snipe.net>
2021-05-26 15:32:23 -07:00
} catch (\Exception $e) {
return redirect()->back()->with('error', ' Error sending email. :( ');
}
}
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 13:15:52 -07:00
Allow password reset from user profile Signed-off-by: snipe <snipe@snipe.net>
2021-05-26 15:32:23 -07:00
return redirect()->back()->with('error', 'User is not activated, is LDAP synced, or does not have an email address ');
}
Added website field that was missing from update and store method.
2022-06-17 06:09:39 -07:00
}
Reference in a new issue Copy permalink