2018-07-24 19:35:26 -07:00
< ? php
namespace App\Http\Controllers\Users ;
use App\Helpers\Helper ;
use App\Http\Controllers\Controller ;
use App\Models\Accessory ;
use App\Models\Actionlog ;
use App\Models\Asset ;
use App\Models\Group ;
use App\Models\LicenseSeat ;
use App\Models\User ;
use Illuminate\Http\Request ;
use Illuminate\Support\Facades\Auth ;
use Illuminate\Support\Facades\DB ;
2018-07-30 20:30:47 -07:00
use Illuminate\Support\Facades\Password ;
2018-07-24 19:35:26 -07:00
class BulkUsersController extends Controller
{
/**
* Returns a view that confirms the user ' s a bulk delete will be applied to .
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ since [ v1 . 7 ]
* @ param Request $request
* @ return \Illuminate\Contracts\View\View
* @ throws \Illuminate\Auth\Access\AuthorizationException
*/
public function edit ( Request $request )
{
$this -> authorize ( 'update' , User :: class );
2018-07-30 20:37:19 -07:00
// Make sure there were users selected
2018-07-24 22:51:31 -07:00
if (( $request -> filled ( 'ids' )) && ( count ( $request -> input ( 'ids' )) > 0 )) {
2018-07-30 20:37:19 -07:00
// Get the list of affected users
2021-10-21 11:28:58 -07:00
$user_raw_array = request ( 'ids' );
$users = User :: whereIn ( 'id' , $user_raw_array )
2018-07-24 19:35:26 -07:00
-> with ( 'groups' , 'assets' , 'licenses' , 'accessories' ) -> get ();
2018-07-30 20:30:47 -07:00
2018-07-24 19:35:26 -07:00
if ( $request -> input ( 'bulk_actions' ) == 'edit' ) {
return view ( 'users/bulk-edit' , compact ( 'users' ))
-> with ( 'groups' , Group :: pluck ( 'name' , 'id' ));
2018-07-30 20:30:47 -07:00
} elseif ( $request -> input ( 'bulk_actions' ) == 'delete' ) {
2021-06-10 13:15:52 -07:00
return view ( 'users/confirm-bulk-delete' ) -> with ( 'users' , $users ) -> with ( 'statuslabel_list' , Helper :: statusLabelList ());
2018-07-30 20:30:47 -07:00
} elseif ( $request -> input ( 'bulk_actions' ) == 'bulkpasswordreset' ) {
2020-05-23 11:58:44 -07:00
foreach ( $users as $user ) {
2021-06-10 13:15:52 -07:00
if (( $user -> activated == '1' ) && ( $user -> email != '' )) {
2020-05-23 11:58:44 -07:00
$credentials = [ 'email' => $user -> email ];
2022-05-16 10:38:12 -07:00
Password :: sendResetLink ( $credentials /* , function ( Message $message ) {
$message -> subject ( $this -> getEmailSubject ()); // TODO - I'm not sure if we still need this, but this second parameter is no longer accepted in later Laravel versions.
} */ ); // TODO - so hopefully this doesn't give us generic password reset messages? But it at least _works_
2018-07-30 20:30:47 -07:00
}
}
2021-06-10 13:15:52 -07:00
return redirect () -> back () -> with ( 'success' , trans ( 'admin/users/message.password_resets_sent' ));
2018-07-30 20:30:47 -07:00
2018-07-24 19:35:26 -07:00
}
}
return redirect () -> back () -> with ( 'error' , 'No users selected' );
}
/**
* Save bulk - edited users
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ since [ v1 . 0 ]
* @ param Request $request
* @ return \Illuminate\Http\RedirectResponse
* @ throws \Illuminate\Auth\Access\AuthorizationException
*/
public function update ( Request $request )
{
$this -> authorize ( 'update' , User :: class );
2021-06-10 13:15:52 -07:00
if (( ! $request -> filled ( 'ids' )) || $request -> input ( 'ids' ) <= 0 ) {
2018-07-24 19:35:26 -07:00
return redirect () -> back () -> with ( 'error' , 'No users selected' );
}
$user_raw_array = $request -> input ( 'ids' );
// Remove the user from any updates.
$user_raw_array = array_diff ( $user_raw_array , [ Auth :: id ()]);
$manager_conflict = false ;
$users = User :: whereIn ( 'id' , $user_raw_array ) -> where ( 'id' , '!=' , Auth :: user () -> id ) -> get ();
$return_array = [
2021-06-10 13:15:52 -07:00
'success' => trans ( 'admin/users/message.success.update_bulk' ),
2018-07-24 19:35:26 -07:00
];
$this -> conditionallyAddItem ( 'location_id' )
-> conditionallyAddItem ( 'department_id' )
-> conditionallyAddItem ( 'company_id' )
-> conditionallyAddItem ( 'locale' )
2022-03-04 06:47:23 -08:00
-> conditionallyAddItem ( 'remote' )
2022-05-18 15:35:57 -07:00
-> conditionallyAddItem ( 'ldap_sync' )
2021-06-10 13:15:52 -07:00
-> conditionallyAddItem ( 'activated' );
2022-05-18 15:35:57 -07:00
//dd($this);
2022-03-04 06:47:23 -08:00
2018-07-24 19:35:26 -07:00
// If the manager_id is one of the users being updated, generate a warning.
if ( array_search ( $request -> input ( 'manager_id' ), $user_raw_array )) {
$manager_conflict = true ;
$return_array = [
2021-06-10 13:15:52 -07:00
'warning' => trans ( 'admin/users/message.bulk_manager_warn' ),
2018-07-24 19:35:26 -07:00
];
}
2021-06-10 13:15:52 -07:00
if ( ! $manager_conflict ) {
2018-07-24 19:35:26 -07:00
$this -> conditionallyAddItem ( 'manager_id' );
}
// Save the updated info
User :: whereIn ( 'id' , $user_raw_array )
-> where ( 'id' , '!=' , Auth :: id ()) -> update ( $this -> update_array );
2022-05-18 15:35:57 -07:00
if ( array_key_exists ( 'location_id' , $this -> update_array )){
2022-04-06 17:23:49 -07:00
Asset :: where ( 'assigned_type' , User :: class )
-> whereIn ( 'assigned_to' , $user_raw_array )
-> update ([ 'location_id' => $this -> update_array [ 'location_id' ]]);
}
2018-07-24 19:35:26 -07:00
// Only sync groups if groups were selected
2018-07-24 22:51:31 -07:00
if ( $request -> filled ( 'groups' )) {
2018-07-24 19:35:26 -07:00
foreach ( $users as $user ) {
$user -> groups () -> sync ( $request -> input ( 'groups' ));
}
}
return redirect () -> route ( 'users.index' )
-> with ( $return_array );
}
/**
* Array to store update data per item
2021-06-10 13:15:52 -07:00
* @ var array
2018-07-24 19:35:26 -07:00
*/
private $update_array = [];
/**
* Adds parameter to update array for an item if it exists in request
2021-06-10 13:15:52 -07:00
* @ param string $field field name
2018-07-24 19:35:26 -07:00
* @ return BulkUsersController Model for Chaining
*/
protected function conditionallyAddItem ( $field )
{
2021-06-10 13:15:52 -07:00
if ( request () -> filled ( $field )) {
2018-07-24 19:35:26 -07:00
$this -> update_array [ $field ] = request () -> input ( $field );
}
2021-06-10 13:15:52 -07:00
2018-07-24 19:35:26 -07:00
return $this ;
}
/**
* Soft - delete bulk users
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ since [ v1 . 0 ]
* @ param Request $request
* @ return \Illuminate\Http\RedirectResponse
* @ throws \Illuminate\Auth\Access\AuthorizationException
*/
public function destroy ( Request $request )
{
$this -> authorize ( 'update' , User :: class );
2021-06-10 13:15:52 -07:00
if (( ! $request -> filled ( 'ids' )) || ( count ( $request -> input ( 'ids' )) == 0 )) {
2018-07-24 19:35:26 -07:00
return redirect () -> back () -> with ( 'error' , 'No users selected' );
}
2021-06-10 13:15:52 -07:00
if (( ! $request -> filled ( 'status_id' )) || ( $request -> input ( 'status_id' ) == '' )) {
2018-07-24 19:35:26 -07:00
return redirect () -> route ( 'users.index' ) -> with ( 'error' , 'No status selected' );
}
if ( config ( 'app.lock_passwords' )) {
return redirect () -> route ( 'users.index' ) -> with ( 'error' , 'Bulk delete is not enabled in this installation' );
}
$user_raw_array = request ( 'ids' );
if (( $key = array_search ( Auth :: id (), $user_raw_array )) !== false ) {
unset ( $user_raw_array [ $key ]);
}
$users = User :: whereIn ( 'id' , $user_raw_array ) -> get ();
2021-06-10 13:16:56 -07:00
$assets = Asset :: whereIn ( 'assigned_to' , $user_raw_array ) -> where ( 'assigned_type' , \App\Models\User :: class ) -> get ();
2018-07-24 19:35:26 -07:00
$accessories = DB :: table ( 'accessories_users' ) -> whereIn ( 'assigned_to' , $user_raw_array ) -> get ();
$licenses = DB :: table ( 'license_seats' ) -> whereIn ( 'assigned_to' , $user_raw_array ) -> get ();
$this -> logItemCheckinAndDelete ( $assets , Asset :: class );
$this -> logItemCheckinAndDelete ( $accessories , Accessory :: class );
$this -> logItemCheckinAndDelete ( $licenses , LicenseSeat :: class );
Asset :: whereIn ( 'id' , $assets -> pluck ( 'id' )) -> update ([
'status_id' => e ( request ( 'status_id' )),
'assigned_to' => null ,
'assigned_type' => null ,
]);
LicenseSeat :: whereIn ( 'id' , $licenses -> pluck ( 'id' )) -> update ([ 'assigned_to' => null ]);
foreach ( $users as $user ) {
$user -> accessories () -> sync ([]);
$user -> delete ();
}
return redirect () -> route ( 'users.index' ) -> with ( 'success' , 'Your selected users have been deleted and their assets have been updated.' );
}
/**
* Generate an action log entry for each of a group of items .
* @ param $items
* @ param $itemType string name of items being passed .
*/
2021-06-10 13:15:52 -07:00
protected function logItemCheckinAndDelete ( $items , $itemType )
{
foreach ( $items as $item ) {
2018-07-24 19:35:26 -07:00
$logAction = new Actionlog ();
$logAction -> item_id = $item -> id ;
// We can't rely on get_class here because the licenses/accessories fetched above are not eloquent models, but simply arrays.
$logAction -> item_type = $itemType ;
$logAction -> target_id = $item -> assigned_to ;
$logAction -> target_type = User :: class ;
$logAction -> user_id = Auth :: id ();
$logAction -> note = 'Bulk checkin items and delete user' ;
$logAction -> logaction ( 'checkin from' );
}
}
}