'boolean', ]; /** * Model validation rules * * @var array */ protected $rules = [ 'first_name' => 'required|string|min:1', 'username' => 'required|string|min:1|unique_undeleted', 'email' => 'email|nullable', 'password' => 'required|min:6', 'locale' => 'max:10|nullable', ]; use Searchable; /** * The attributes that should be included when searching the model. * * @var array */ protected $searchableAttributes = [ 'first_name', 'last_name', 'email', 'username', 'notes', 'phone', 'jobtitle', 'employee_num' ]; /** * The relations and their attributes that should be included when searching the model. * * @var array */ protected $searchableRelations = [ 'userloc' => ['name'], 'department' => ['name'], 'groups' => ['name'], 'manager' => ['first_name', 'last_name', 'username'] ]; public function hasAccess($section) { if ($this->isSuperUser()) { return true; } $user_groups = $this->groups; if (($this->permissions=='') && (count($user_groups) == 0)) { return false; } $user_permissions = json_decode($this->permissions, true); //If the user is explicitly granted, return true if (($user_permissions!='') && ((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1'))) { return true; } // If the user is explicitly denied, return false if (($user_permissions=='') || array_key_exists($section, $user_permissions) && ($user_permissions[$section]=='-1')) { return false; } // Loop through the groups to see if any of them grant this permission foreach ($user_groups as $user_group) { $group_permissions = (array) json_decode($user_group->permissions, true); if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) { return true; } } return false; } public function isSuperUser() { if (!$user_permissions = json_decode($this->permissions, true)) { return false; } foreach ($this->groups as $user_group) { $group_permissions = json_decode($user_group->permissions, true); $group_array = (array)$group_permissions; if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) { return true; } } if ((array_key_exists('superuser', $user_permissions)) && ($user_permissions['superuser']=='1')) { return true; } return false; } public function company() { return $this->belongsTo('\App\Models\Company', 'company_id'); } public function department() { return $this->belongsTo('\App\Models\Department', 'department_id'); } public function getFullNameAttribute() { return $this->first_name . " " . $this->last_name; } public function getCompleteNameAttribute() { return $this->last_name . ", " . $this->first_name . " (" . $this->username . ")"; } /** * The url for slack notifications. * Used by Notifiable trait. * @return mixed */ public function routeNotificationForSlack() { // At this point the endpoint is the same for everything. // In the future this may want to be adapted for individual notifications. $this->endpoint = \App\Models\Setting::getSettings()->slack_endpoint; return $this->endpoint; } /** * Get assets assigned to this user */ public function assets() { return $this->morphMany('App\Models\Asset', 'assigned', 'assigned_type', 'assigned_to')->withTrashed(); } /** * Get assets assigned to this user */ public function assetmaintenances() { return $this->hasMany('\App\Models\AssetMaintenance', 'user_id')->withTrashed(); } /** * Get accessories assigned to this user */ public function accessories() { return $this->belongsToMany('\App\Models\Accessory', 'accessories_users', 'assigned_to', 'accessory_id')->withPivot('id')->withTrashed(); } /** * Get consumables assigned to this user */ public function consumables() { return $this->belongsToMany('\App\Models\Consumable', 'consumables_users', 'assigned_to', 'consumable_id')->withPivot('id')->withTrashed(); } /** * Get licenses assigned to this user */ public function licenses() { return $this->belongsToMany('\App\Models\License', 'license_seats', 'assigned_to', 'license_id')->withPivot('id'); } /** * Get action logs for this user */ public function userlog() { return $this->hasMany('\App\Models\Actionlog', 'target_id')->orderBy('created_at', 'DESC')->withTrashed(); } /** * Get the asset's location based on the assigned user * @todo - this should be removed once we're sure we've switched it * to location() **/ public function userloc() { return $this->belongsTo('\App\Models\Location', 'location_id')->withTrashed(); } /** * Get the asset's location based on the assigned user **/ public function location() { return $this->belongsTo('\App\Models\Location', 'location_id')->withTrashed(); } /** * Get the user's manager based on the assigned user **/ public function manager() { return $this->belongsTo('\App\Models\User', 'manager_id')->withTrashed(); } /** * Get any locations the user manages. **/ public function managedLocations() { return $this->hasMany('\App\Models\Location', 'manager_id'); } /** * Get user groups */ public function groups() { return $this->belongsToMany('\App\Models\Group', 'users_groups'); } public function accountStatus() { if ($this->throttle) { if ($this->throttle->suspended==1) { return 'suspended'; } elseif ($this->throttle->banned==1) { return 'banned'; } else { return false; } } else { return false; } } public function assetlog() { return $this->hasMany('\App\Models\Asset', 'id')->withTrashed(); } /** * Get uploads for this asset */ public function uploads() { return $this->hasMany('\App\Models\Actionlog', 'item_id') ->where('item_type', User::class) ->where('action_type', '=', 'uploaded') ->whereNotNull('filename') ->orderBy('created_at', 'desc'); } /** * Fetch Items User has requested */ public function checkoutRequests() { return $this->belongsToMany(Asset::class, 'checkout_requests', 'user_id', 'requestable_id')->whereNull('canceled_at'); } public function throttle() { return $this->hasOne('\App\Models\Throttle'); } public function scopeGetDeleted($query) { return $query->withTrashed()->whereNotNull('users.deleted_at'); } public function scopeGetNotDeleted($query) { return $query->whereNull('deleted_at'); } public function scopeMatchEmailOrUsername($query, $user_username, $user_email) { return $query->where('email', '=', $user_email) ->orWhere('username', '=', $user_username) ->orWhere('username', '=', $user_email); } public static function generateEmailFromFullName($name) { $username = User::generateFormattedNameFromFullName(Setting::getSettings()->email_format, $name); return $username['username'].'@'.Setting::getSettings()->email_domain; } public static function generateFormattedNameFromFullName($format = 'filastname', $users_name) { // If there was only one name given if (strpos($users_name, ' ') === false) { $first_name = $users_name; $last_name = ''; $username = $users_name; } else { list($first_name, $last_name) = explode(" ", $users_name, 2); // Assume filastname by default $username = str_slug(substr($first_name, 0, 1).$last_name); if ($format=='firstname.lastname') { $username = str_slug($first_name) . '.' . str_slug($last_name); } elseif ($format=='lastnamefirstinitial') { $username = str_slug($last_name.substr($first_name, 0, 1)); } elseif ($format=='firstname_lastname') { $username = str_slug($first_name).'_'.str_slug($last_name); } elseif ($format=='firstname') { $username = str_slug($first_name); } } $user['first_name'] = $first_name; $user['last_name'] = $last_name; $user['username'] = strtolower($username); return $user; } /** * Check whether two-factor authorization is requiredfor this user * * 0 = 2FA disabled * 1 = 2FA optional * 2 = 2FA universally required * * @author [A. Gianotto] [] * @since [v4.0] * * @return bool */ public function two_factor_active () { // If the 2FA is optional and the user has opted in if ((Setting::getSettings()->two_factor_enabled =='1') && ($this->two_factor_optin =='1')) { return true; } // If the 2FA is required for everyone so is implicitly active elseif (Setting::getSettings()->two_factor_enabled =='2') { return true; } return false; } /** * Check whether two-factor authorization is required and the user has activated it * and enrolled a device * * 0 = 2FA disabled * 1 = 2FA optional * 2 = 2FA universally required * * @author [A. Gianotto] [] * @since [v4.6.14] * * @return bool */ public function two_factor_active_and_enrolled () { // If the 2FA is optional and the user has opted in and is enrolled if ((Setting::getSettings()->two_factor_enabled =='1') && ($this->two_factor_optin =='1') && ($this->two_factor_enrolled =='1')) { return true; } // If the 2FA is required for everyone and the user has enrolled elseif ((Setting::getSettings()->two_factor_enabled =='2') && ($this->two_factor_enrolled)) { return true; } return false; } public function decodePermissions() { return json_decode($this->permissions, true); } /** * Query builder scope to search user by name with spaces in it. * We don't use the advancedTextSearch() scope because that searches * all of the relations as well, which is more than what we need. * * @param \Illuminate\Database\Query\Builder $query Query builder instance * @param array $terms The search terms * @return \Illuminate\Database\Query\Builder */ public function scopeSimpleNameSearch($query, $search) { $query = $query->where('first_name', 'LIKE', '%'.$search.'%') ->orWhere('last_name', 'LIKE', '%'.$search.'%') ->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$search%", "%$search%"]); return $query; } /** * Run additional, advanced searches. * * @param Illuminate\Database\Eloquent\Builder $query * @param array $term The search terms * @return Illuminate\Database\Eloquent\Builder */ public function advancedTextSearch(Builder $query, array $terms) { foreach($terms as $term) { $query = $query->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$term%", "%$term%"]); } return $query; } public function scopeByGroup($query, $id) { return $query->whereHas('groups', function ($query) use ($id) { $query->where('groups.id', '=', $id); }); } /** * Query builder scope for Deleted users * * @param Illuminate\Database\Query\Builder $query Query builder instance * * @return Illuminate\Database\Query\Builder Modified query builder */ public function scopeDeleted($query) { return $query->whereNotNull('users.deleted_at'); } /** * Query builder scope to order on manager * * @param Illuminate\Database\Query\Builder $query Query builder instance * @param text $order Order * * @return Illuminate\Database\Query\Builder Modified query builder */ public function scopeOrderManager($query, $order) { // Left join here, or it will only return results with parents return $query->leftJoin('users as users_manager', 'users.manager_id', '=', 'users_manager.id')->orderBy('users_manager.first_name', $order)->orderBy('users_manager.last_name', $order); } /** * Query builder scope to order on company * * @param Illuminate\Database\Query\Builder $query Query builder instance * @param text $order Order * * @return Illuminate\Database\Query\Builder Modified query builder */ public function scopeOrderLocation($query, $order) { return $query->leftJoin('locations as locations_users', 'users.location_id', '=', 'locations_users.id')->orderBy('locations_users.name', $order); } /** * Query builder scope to order on department * * @param Illuminate\Database\Query\Builder $query Query builder instance * @param text $order Order * * @return Illuminate\Database\Query\Builder Modified query builder */ public function scopeOrderDepartment($query, $order) { return $query->leftJoin('departments as departments_users', 'users.department_id', '=', 'departments_users.id')->orderBy('departments_users.name', $order); } }