SherifElfadaly /
Laravel-Api-Skeleton
@@ -1,7 +1,5 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -use Illuminate\Http\Request; |
|
| 4 | - |
|
| 5 | 3 | /* |
| 6 | 4 | |-------------------------------------------------------------------------- |
| 7 | 5 | | API Routes |
@@ -13,209 +13,209 @@ discard block |
||
| 13 | 13 | public function up() |
| 14 | 14 | { |
| 15 | 15 | /** |
| 16 | - * Insert the permissions related to this module. |
|
| 17 | - */ |
|
| 18 | - DB::table('permissions')->insert( |
|
| 19 | - [ |
|
| 20 | - /** |
|
| 21 | - * Users model permissions. |
|
| 22 | - */ |
|
| 23 | - [ |
|
| 24 | - 'name' => 'save', |
|
| 25 | - 'model' => 'users', |
|
| 26 | - 'created_at' => \DB::raw('NOW()'), |
|
| 27 | - 'updated_at' => \DB::raw('NOW()') |
|
| 28 | - ], |
|
| 29 | - [ |
|
| 30 | - 'name' => 'delete', |
|
| 31 | - 'model' => 'users', |
|
| 32 | - 'created_at' => \DB::raw('NOW()'), |
|
| 33 | - 'updated_at' => \DB::raw('NOW()') |
|
| 34 | - ], |
|
| 35 | - [ |
|
| 36 | - 'name' => 'find', |
|
| 37 | - 'model' => 'users', |
|
| 38 | - 'created_at' => \DB::raw('NOW()'), |
|
| 39 | - 'updated_at' => \DB::raw('NOW()') |
|
| 40 | - ], |
|
| 41 | - [ |
|
| 42 | - 'name' => 'list', |
|
| 43 | - 'model' => 'users', |
|
| 44 | - 'created_at' => \DB::raw('NOW()'), |
|
| 45 | - 'updated_at' => \DB::raw('NOW()') |
|
| 46 | - ], |
|
| 47 | - [ |
|
| 48 | - 'name' => 'search', |
|
| 49 | - 'model' => 'users', |
|
| 50 | - 'created_at' => \DB::raw('NOW()'), |
|
| 51 | - 'updated_at' => \DB::raw('NOW()') |
|
| 52 | - ], |
|
| 53 | - [ |
|
| 54 | - 'name' => 'findby', |
|
| 55 | - 'model' => 'users', |
|
| 56 | - 'created_at' => \DB::raw('NOW()'), |
|
| 57 | - 'updated_at' => \DB::raw('NOW()') |
|
| 58 | - ], |
|
| 59 | - [ |
|
| 60 | - 'name' => 'first', |
|
| 61 | - 'model' => 'users', |
|
| 62 | - 'created_at' => \DB::raw('NOW()'), |
|
| 63 | - 'updated_at' => \DB::raw('NOW()') |
|
| 64 | - ], |
|
| 65 | - [ |
|
| 66 | - 'name' => 'paginate', |
|
| 67 | - 'model' => 'users', |
|
| 68 | - 'created_at' => \DB::raw('NOW()'), |
|
| 69 | - 'updated_at' => \DB::raw('NOW()') |
|
| 70 | - ], |
|
| 71 | - [ |
|
| 72 | - 'name' => 'paginateby', |
|
| 73 | - 'model' => 'users', |
|
| 74 | - 'created_at' => \DB::raw('NOW()'), |
|
| 75 | - 'updated_at' => \DB::raw('NOW()') |
|
| 76 | - ], |
|
| 77 | - [ |
|
| 78 | - 'name' => 'assigngroups', |
|
| 79 | - 'model' => 'users', |
|
| 80 | - 'created_at' => \DB::raw('NOW()'), |
|
| 81 | - 'updated_at' => \DB::raw('NOW()') |
|
| 82 | - ], |
|
| 83 | - [ |
|
| 84 | - 'name' => 'block', |
|
| 85 | - 'model' => 'users', |
|
| 86 | - 'created_at' => \DB::raw('NOW()'), |
|
| 87 | - 'updated_at' => \DB::raw('NOW()') |
|
| 88 | - ], |
|
| 89 | - [ |
|
| 90 | - 'name' => 'unblock', |
|
| 91 | - 'model' => 'users', |
|
| 92 | - 'created_at' => \DB::raw('NOW()'), |
|
| 93 | - 'updated_at' => \DB::raw('NOW()') |
|
| 94 | - ], |
|
| 95 | - [ |
|
| 96 | - 'name' => 'group', |
|
| 97 | - 'model' => 'users', |
|
| 98 | - 'created_at' => \DB::raw('NOW()'), |
|
| 99 | - 'updated_at' => \DB::raw('NOW()') |
|
| 100 | - ], |
|
| 16 | + * Insert the permissions related to this module. |
|
| 17 | + */ |
|
| 18 | + DB::table('permissions')->insert( |
|
| 19 | + [ |
|
| 20 | + /** |
|
| 21 | + * Users model permissions. |
|
| 22 | + */ |
|
| 23 | + [ |
|
| 24 | + 'name' => 'save', |
|
| 25 | + 'model' => 'users', |
|
| 26 | + 'created_at' => \DB::raw('NOW()'), |
|
| 27 | + 'updated_at' => \DB::raw('NOW()') |
|
| 28 | + ], |
|
| 29 | + [ |
|
| 30 | + 'name' => 'delete', |
|
| 31 | + 'model' => 'users', |
|
| 32 | + 'created_at' => \DB::raw('NOW()'), |
|
| 33 | + 'updated_at' => \DB::raw('NOW()') |
|
| 34 | + ], |
|
| 35 | + [ |
|
| 36 | + 'name' => 'find', |
|
| 37 | + 'model' => 'users', |
|
| 38 | + 'created_at' => \DB::raw('NOW()'), |
|
| 39 | + 'updated_at' => \DB::raw('NOW()') |
|
| 40 | + ], |
|
| 41 | + [ |
|
| 42 | + 'name' => 'list', |
|
| 43 | + 'model' => 'users', |
|
| 44 | + 'created_at' => \DB::raw('NOW()'), |
|
| 45 | + 'updated_at' => \DB::raw('NOW()') |
|
| 46 | + ], |
|
| 47 | + [ |
|
| 48 | + 'name' => 'search', |
|
| 49 | + 'model' => 'users', |
|
| 50 | + 'created_at' => \DB::raw('NOW()'), |
|
| 51 | + 'updated_at' => \DB::raw('NOW()') |
|
| 52 | + ], |
|
| 53 | + [ |
|
| 54 | + 'name' => 'findby', |
|
| 55 | + 'model' => 'users', |
|
| 56 | + 'created_at' => \DB::raw('NOW()'), |
|
| 57 | + 'updated_at' => \DB::raw('NOW()') |
|
| 58 | + ], |
|
| 59 | + [ |
|
| 60 | + 'name' => 'first', |
|
| 61 | + 'model' => 'users', |
|
| 62 | + 'created_at' => \DB::raw('NOW()'), |
|
| 63 | + 'updated_at' => \DB::raw('NOW()') |
|
| 64 | + ], |
|
| 65 | + [ |
|
| 66 | + 'name' => 'paginate', |
|
| 67 | + 'model' => 'users', |
|
| 68 | + 'created_at' => \DB::raw('NOW()'), |
|
| 69 | + 'updated_at' => \DB::raw('NOW()') |
|
| 70 | + ], |
|
| 71 | + [ |
|
| 72 | + 'name' => 'paginateby', |
|
| 73 | + 'model' => 'users', |
|
| 74 | + 'created_at' => \DB::raw('NOW()'), |
|
| 75 | + 'updated_at' => \DB::raw('NOW()') |
|
| 76 | + ], |
|
| 77 | + [ |
|
| 78 | + 'name' => 'assigngroups', |
|
| 79 | + 'model' => 'users', |
|
| 80 | + 'created_at' => \DB::raw('NOW()'), |
|
| 81 | + 'updated_at' => \DB::raw('NOW()') |
|
| 82 | + ], |
|
| 83 | + [ |
|
| 84 | + 'name' => 'block', |
|
| 85 | + 'model' => 'users', |
|
| 86 | + 'created_at' => \DB::raw('NOW()'), |
|
| 87 | + 'updated_at' => \DB::raw('NOW()') |
|
| 88 | + ], |
|
| 89 | + [ |
|
| 90 | + 'name' => 'unblock', |
|
| 91 | + 'model' => 'users', |
|
| 92 | + 'created_at' => \DB::raw('NOW()'), |
|
| 93 | + 'updated_at' => \DB::raw('NOW()') |
|
| 94 | + ], |
|
| 95 | + [ |
|
| 96 | + 'name' => 'group', |
|
| 97 | + 'model' => 'users', |
|
| 98 | + 'created_at' => \DB::raw('NOW()'), |
|
| 99 | + 'updated_at' => \DB::raw('NOW()') |
|
| 100 | + ], |
|
| 101 | 101 | |
| 102 | - /** |
|
| 103 | - * Permissions model permissions. |
|
| 104 | - */ |
|
| 105 | - [ |
|
| 106 | - 'name' => 'find', |
|
| 107 | - 'model' => 'permissions', |
|
| 108 | - 'created_at' => \DB::raw('NOW()'), |
|
| 109 | - 'updated_at' => \DB::raw('NOW()') |
|
| 110 | - ], |
|
| 111 | - [ |
|
| 112 | - 'name' => 'search', |
|
| 113 | - 'model' => 'permissions', |
|
| 114 | - 'created_at' => \DB::raw('NOW()'), |
|
| 115 | - 'updated_at' => \DB::raw('NOW()') |
|
| 116 | - ], |
|
| 117 | - [ |
|
| 118 | - 'name' => 'list', |
|
| 119 | - 'model' => 'permissions', |
|
| 120 | - 'created_at' => \DB::raw('NOW()'), |
|
| 121 | - 'updated_at' => \DB::raw('NOW()') |
|
| 122 | - ], |
|
| 123 | - [ |
|
| 124 | - 'name' => 'findby', |
|
| 125 | - 'model' => 'permissions', |
|
| 126 | - 'created_at' => \DB::raw('NOW()'), |
|
| 127 | - 'updated_at' => \DB::raw('NOW()') |
|
| 128 | - ], |
|
| 129 | - [ |
|
| 130 | - 'name' => 'first', |
|
| 131 | - 'model' => 'permissions', |
|
| 132 | - 'created_at' => \DB::raw('NOW()'), |
|
| 133 | - 'updated_at' => \DB::raw('NOW()') |
|
| 134 | - ], |
|
| 135 | - [ |
|
| 136 | - 'name' => 'paginate', |
|
| 137 | - 'model' => 'permissions', |
|
| 138 | - 'created_at' => \DB::raw('NOW()'), |
|
| 139 | - 'updated_at' => \DB::raw('NOW()') |
|
| 140 | - ], |
|
| 141 | - [ |
|
| 142 | - 'name' => 'paginateby', |
|
| 143 | - 'model' => 'permissions', |
|
| 144 | - 'created_at' => \DB::raw('NOW()'), |
|
| 145 | - 'updated_at' => \DB::raw('NOW()') |
|
| 146 | - ], |
|
| 102 | + /** |
|
| 103 | + * Permissions model permissions. |
|
| 104 | + */ |
|
| 105 | + [ |
|
| 106 | + 'name' => 'find', |
|
| 107 | + 'model' => 'permissions', |
|
| 108 | + 'created_at' => \DB::raw('NOW()'), |
|
| 109 | + 'updated_at' => \DB::raw('NOW()') |
|
| 110 | + ], |
|
| 111 | + [ |
|
| 112 | + 'name' => 'search', |
|
| 113 | + 'model' => 'permissions', |
|
| 114 | + 'created_at' => \DB::raw('NOW()'), |
|
| 115 | + 'updated_at' => \DB::raw('NOW()') |
|
| 116 | + ], |
|
| 117 | + [ |
|
| 118 | + 'name' => 'list', |
|
| 119 | + 'model' => 'permissions', |
|
| 120 | + 'created_at' => \DB::raw('NOW()'), |
|
| 121 | + 'updated_at' => \DB::raw('NOW()') |
|
| 122 | + ], |
|
| 123 | + [ |
|
| 124 | + 'name' => 'findby', |
|
| 125 | + 'model' => 'permissions', |
|
| 126 | + 'created_at' => \DB::raw('NOW()'), |
|
| 127 | + 'updated_at' => \DB::raw('NOW()') |
|
| 128 | + ], |
|
| 129 | + [ |
|
| 130 | + 'name' => 'first', |
|
| 131 | + 'model' => 'permissions', |
|
| 132 | + 'created_at' => \DB::raw('NOW()'), |
|
| 133 | + 'updated_at' => \DB::raw('NOW()') |
|
| 134 | + ], |
|
| 135 | + [ |
|
| 136 | + 'name' => 'paginate', |
|
| 137 | + 'model' => 'permissions', |
|
| 138 | + 'created_at' => \DB::raw('NOW()'), |
|
| 139 | + 'updated_at' => \DB::raw('NOW()') |
|
| 140 | + ], |
|
| 141 | + [ |
|
| 142 | + 'name' => 'paginateby', |
|
| 143 | + 'model' => 'permissions', |
|
| 144 | + 'created_at' => \DB::raw('NOW()'), |
|
| 145 | + 'updated_at' => \DB::raw('NOW()') |
|
| 146 | + ], |
|
| 147 | 147 | |
| 148 | - /** |
|
| 149 | - * Groups model permissions. |
|
| 150 | - */ |
|
| 151 | - [ |
|
| 152 | - 'name' => 'save', |
|
| 153 | - 'model' => 'groups', |
|
| 154 | - 'created_at' => \DB::raw('NOW()'), |
|
| 155 | - 'updated_at' => \DB::raw('NOW()') |
|
| 156 | - ], |
|
| 157 | - [ |
|
| 158 | - 'name' => 'delete', |
|
| 159 | - 'model' => 'groups', |
|
| 160 | - 'created_at' => \DB::raw('NOW()'), |
|
| 161 | - 'updated_at' => \DB::raw('NOW()') |
|
| 162 | - ], |
|
| 163 | - [ |
|
| 164 | - 'name' => 'find', |
|
| 165 | - 'model' => 'groups', |
|
| 166 | - 'created_at' => \DB::raw('NOW()'), |
|
| 167 | - 'updated_at' => \DB::raw('NOW()') |
|
| 168 | - ], |
|
| 169 | - [ |
|
| 170 | - 'name' => 'search', |
|
| 171 | - 'model' => 'groups', |
|
| 172 | - 'created_at' => \DB::raw('NOW()'), |
|
| 173 | - 'updated_at' => \DB::raw('NOW()') |
|
| 174 | - ], |
|
| 175 | - [ |
|
| 176 | - 'name' => 'list', |
|
| 177 | - 'model' => 'groups', |
|
| 178 | - 'created_at' => \DB::raw('NOW()'), |
|
| 179 | - 'updated_at' => \DB::raw('NOW()') |
|
| 180 | - ], |
|
| 181 | - [ |
|
| 182 | - 'name' => 'findby', |
|
| 183 | - 'model' => 'groups', |
|
| 184 | - 'created_at' => \DB::raw('NOW()'), |
|
| 185 | - 'updated_at' => \DB::raw('NOW()') |
|
| 186 | - ], |
|
| 187 | - [ |
|
| 188 | - 'name' => 'first', |
|
| 189 | - 'model' => 'groups', |
|
| 190 | - 'created_at' => \DB::raw('NOW()'), |
|
| 191 | - 'updated_at' => \DB::raw('NOW()') |
|
| 192 | - ], |
|
| 193 | - [ |
|
| 194 | - 'name' => 'paginate', |
|
| 195 | - 'model' => 'groups', |
|
| 196 | - 'created_at' => \DB::raw('NOW()'), |
|
| 197 | - 'updated_at' => \DB::raw('NOW()') |
|
| 198 | - ], |
|
| 199 | - [ |
|
| 200 | - 'name' => 'paginateby', |
|
| 201 | - 'model' => 'groups', |
|
| 202 | - 'created_at' => \DB::raw('NOW()'), |
|
| 203 | - 'updated_at' => \DB::raw('NOW()') |
|
| 204 | - ], |
|
| 205 | - [ |
|
| 206 | - 'name' => 'assignpermissions', |
|
| 207 | - 'model' => 'groups', |
|
| 208 | - 'created_at' => \DB::raw('NOW()'), |
|
| 209 | - 'updated_at' => \DB::raw('NOW()') |
|
| 210 | - ], |
|
| 211 | - [ |
|
| 212 | - 'name' => 'users', |
|
| 213 | - 'model' => 'groups', |
|
| 214 | - 'created_at' => \DB::raw('NOW()'), |
|
| 215 | - 'updated_at' => \DB::raw('NOW()') |
|
| 216 | - ], |
|
| 217 | - ] |
|
| 218 | - ); |
|
| 148 | + /** |
|
| 149 | + * Groups model permissions. |
|
| 150 | + */ |
|
| 151 | + [ |
|
| 152 | + 'name' => 'save', |
|
| 153 | + 'model' => 'groups', |
|
| 154 | + 'created_at' => \DB::raw('NOW()'), |
|
| 155 | + 'updated_at' => \DB::raw('NOW()') |
|
| 156 | + ], |
|
| 157 | + [ |
|
| 158 | + 'name' => 'delete', |
|
| 159 | + 'model' => 'groups', |
|
| 160 | + 'created_at' => \DB::raw('NOW()'), |
|
| 161 | + 'updated_at' => \DB::raw('NOW()') |
|
| 162 | + ], |
|
| 163 | + [ |
|
| 164 | + 'name' => 'find', |
|
| 165 | + 'model' => 'groups', |
|
| 166 | + 'created_at' => \DB::raw('NOW()'), |
|
| 167 | + 'updated_at' => \DB::raw('NOW()') |
|
| 168 | + ], |
|
| 169 | + [ |
|
| 170 | + 'name' => 'search', |
|
| 171 | + 'model' => 'groups', |
|
| 172 | + 'created_at' => \DB::raw('NOW()'), |
|
| 173 | + 'updated_at' => \DB::raw('NOW()') |
|
| 174 | + ], |
|
| 175 | + [ |
|
| 176 | + 'name' => 'list', |
|
| 177 | + 'model' => 'groups', |
|
| 178 | + 'created_at' => \DB::raw('NOW()'), |
|
| 179 | + 'updated_at' => \DB::raw('NOW()') |
|
| 180 | + ], |
|
| 181 | + [ |
|
| 182 | + 'name' => 'findby', |
|
| 183 | + 'model' => 'groups', |
|
| 184 | + 'created_at' => \DB::raw('NOW()'), |
|
| 185 | + 'updated_at' => \DB::raw('NOW()') |
|
| 186 | + ], |
|
| 187 | + [ |
|
| 188 | + 'name' => 'first', |
|
| 189 | + 'model' => 'groups', |
|
| 190 | + 'created_at' => \DB::raw('NOW()'), |
|
| 191 | + 'updated_at' => \DB::raw('NOW()') |
|
| 192 | + ], |
|
| 193 | + [ |
|
| 194 | + 'name' => 'paginate', |
|
| 195 | + 'model' => 'groups', |
|
| 196 | + 'created_at' => \DB::raw('NOW()'), |
|
| 197 | + 'updated_at' => \DB::raw('NOW()') |
|
| 198 | + ], |
|
| 199 | + [ |
|
| 200 | + 'name' => 'paginateby', |
|
| 201 | + 'model' => 'groups', |
|
| 202 | + 'created_at' => \DB::raw('NOW()'), |
|
| 203 | + 'updated_at' => \DB::raw('NOW()') |
|
| 204 | + ], |
|
| 205 | + [ |
|
| 206 | + 'name' => 'assignpermissions', |
|
| 207 | + 'model' => 'groups', |
|
| 208 | + 'created_at' => \DB::raw('NOW()'), |
|
| 209 | + 'updated_at' => \DB::raw('NOW()') |
|
| 210 | + ], |
|
| 211 | + [ |
|
| 212 | + 'name' => 'users', |
|
| 213 | + 'model' => 'groups', |
|
| 214 | + 'created_at' => \DB::raw('NOW()'), |
|
| 215 | + 'updated_at' => \DB::raw('NOW()') |
|
| 216 | + ], |
|
| 217 | + ] |
|
| 218 | + ); |
|
| 219 | 219 | |
| 220 | 220 | /** |
| 221 | 221 | * Create Default groups. |
@@ -232,29 +232,29 @@ discard block |
||
| 232 | 232 | * Create Default users. |
| 233 | 233 | */ |
| 234 | 234 | $adminUserId = DB::table('users')->insertGetId( |
| 235 | - [ |
|
| 235 | + [ |
|
| 236 | 236 | 'email' => '[email protected]', |
| 237 | 237 | 'password' => bcrypt('123456'), |
| 238 | 238 | 'created_at' => \DB::raw('NOW()'), |
| 239 | 239 | 'updated_at' => \DB::raw('NOW()') |
| 240 | 240 | ] |
| 241 | - ); |
|
| 241 | + ); |
|
| 242 | 242 | |
| 243 | 243 | /** |
| 244 | 244 | * Assign users to groups. |
| 245 | 245 | */ |
| 246 | 246 | DB::table('users_groups')->insert( |
| 247 | - [ |
|
| 248 | - [ |
|
| 247 | + [ |
|
| 248 | + [ |
|
| 249 | 249 | 'user_id' => $adminUserId, |
| 250 | 250 | 'group_id' => $adminGroupId, |
| 251 | 251 | 'created_at' => \DB::raw('NOW()'), |
| 252 | 252 | 'updated_at' => \DB::raw('NOW()') |
| 253 | - ] |
|
| 254 | - ] |
|
| 255 | - ); |
|
| 253 | + ] |
|
| 254 | + ] |
|
| 255 | + ); |
|
| 256 | 256 | |
| 257 | - /** |
|
| 257 | + /** |
|
| 258 | 258 | * Assign the permissions to the admin group. |
| 259 | 259 | */ |
| 260 | 260 | $permissionIds = DB::table('permissions')->whereIn('model', ['users', 'permissions', 'groups'])->select('id')->pluck('id'); |
@@ -4,338 +4,338 @@ |
||
| 4 | 4 | |
| 5 | 5 | class UserRepository extends AbstractRepository |
| 6 | 6 | { |
| 7 | - /** |
|
| 8 | - * Return the model full namespace. |
|
| 9 | - * |
|
| 10 | - * @return string |
|
| 11 | - */ |
|
| 12 | - protected function getModel() |
|
| 13 | - { |
|
| 14 | - return 'App\Modules\V1\Acl\AclUser'; |
|
| 15 | - } |
|
| 16 | - |
|
| 17 | - /** |
|
| 18 | - * Return the logged in user account. |
|
| 19 | - * |
|
| 20 | - * @param array $relations |
|
| 21 | - * @return boolean |
|
| 22 | - */ |
|
| 23 | - public function account($relations = []) |
|
| 24 | - { |
|
| 25 | - $permissions = []; |
|
| 26 | - $user = \Core::users()->find(\JWTAuth::parseToken()->authenticate()->id, $relations); |
|
| 27 | - foreach ($user->groups()->get() as $group) |
|
| 28 | - { |
|
| 29 | - $group->permissions->each(function ($permission) use (&$permissions){ |
|
| 30 | - $permissions[$permission->model][$permission->id] = $permission->name; |
|
| 31 | - }); |
|
| 32 | - } |
|
| 33 | - $user->permissions = $permissions; |
|
| 34 | - |
|
| 35 | - return $user; |
|
| 36 | - } |
|
| 37 | - |
|
| 38 | - /** |
|
| 39 | - * Check if the logged in user or the given user |
|
| 40 | - * has the given permissions on the given model. |
|
| 41 | - * |
|
| 42 | - * @param string $nameOfPermission |
|
| 43 | - * @param string $model |
|
| 44 | - * @param boolean $user |
|
| 45 | - * @return boolean |
|
| 46 | - */ |
|
| 47 | - public function can($nameOfPermission, $model, $user = false ) |
|
| 48 | - { |
|
| 49 | - $user = $user ?: \JWTAuth::parseToken()->authenticate(); |
|
| 50 | - $permissions = []; |
|
| 51 | - |
|
| 52 | - if ( ! $user = $this->find($user->id, ['groups.permissions'])) |
|
| 53 | - { |
|
| 54 | - \ErrorHandler::tokenExpired(); |
|
| 55 | - } |
|
| 56 | - |
|
| 57 | - $user->groups->pluck('permissions')->each(function ($permission) use (&$permissions, $model){ |
|
| 58 | - $permissions = array_merge($permissions, $permission->where('model', $model)->pluck('name')->toArray()); |
|
| 59 | - }); |
|
| 7 | + /** |
|
| 8 | + * Return the model full namespace. |
|
| 9 | + * |
|
| 10 | + * @return string |
|
| 11 | + */ |
|
| 12 | + protected function getModel() |
|
| 13 | + { |
|
| 14 | + return 'App\Modules\V1\Acl\AclUser'; |
|
| 15 | + } |
|
| 16 | + |
|
| 17 | + /** |
|
| 18 | + * Return the logged in user account. |
|
| 19 | + * |
|
| 20 | + * @param array $relations |
|
| 21 | + * @return boolean |
|
| 22 | + */ |
|
| 23 | + public function account($relations = []) |
|
| 24 | + { |
|
| 25 | + $permissions = []; |
|
| 26 | + $user = \Core::users()->find(\JWTAuth::parseToken()->authenticate()->id, $relations); |
|
| 27 | + foreach ($user->groups()->get() as $group) |
|
| 28 | + { |
|
| 29 | + $group->permissions->each(function ($permission) use (&$permissions){ |
|
| 30 | + $permissions[$permission->model][$permission->id] = $permission->name; |
|
| 31 | + }); |
|
| 32 | + } |
|
| 33 | + $user->permissions = $permissions; |
|
| 34 | + |
|
| 35 | + return $user; |
|
| 36 | + } |
|
| 37 | + |
|
| 38 | + /** |
|
| 39 | + * Check if the logged in user or the given user |
|
| 40 | + * has the given permissions on the given model. |
|
| 41 | + * |
|
| 42 | + * @param string $nameOfPermission |
|
| 43 | + * @param string $model |
|
| 44 | + * @param boolean $user |
|
| 45 | + * @return boolean |
|
| 46 | + */ |
|
| 47 | + public function can($nameOfPermission, $model, $user = false ) |
|
| 48 | + { |
|
| 49 | + $user = $user ?: \JWTAuth::parseToken()->authenticate(); |
|
| 50 | + $permissions = []; |
|
| 51 | + |
|
| 52 | + if ( ! $user = $this->find($user->id, ['groups.permissions'])) |
|
| 53 | + { |
|
| 54 | + \ErrorHandler::tokenExpired(); |
|
| 55 | + } |
|
| 56 | + |
|
| 57 | + $user->groups->pluck('permissions')->each(function ($permission) use (&$permissions, $model){ |
|
| 58 | + $permissions = array_merge($permissions, $permission->where('model', $model)->pluck('name')->toArray()); |
|
| 59 | + }); |
|
| 60 | 60 | |
| 61 | - return in_array($nameOfPermission, $permissions); |
|
| 62 | - } |
|
| 63 | - |
|
| 64 | - /** |
|
| 65 | - * Check if the logged in user has the given group. |
|
| 66 | - * |
|
| 67 | - * @param string $groupName |
|
| 68 | - * @return boolean |
|
| 69 | - */ |
|
| 70 | - public function hasGroup($groupName) |
|
| 71 | - { |
|
| 72 | - $groups = $this->find(\JWTAuth::parseToken()->authenticate()->id)->groups; |
|
| 73 | - return $groups->pluck('name')->search($groupName, true) === false ? false : true; |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - /** |
|
| 77 | - * Assign the given group ids to the given user. |
|
| 78 | - * |
|
| 79 | - * @param integer $user_id |
|
| 80 | - * @param array $group_ids |
|
| 81 | - * @return object |
|
| 82 | - */ |
|
| 83 | - public function assignGroups($user_id, $group_ids) |
|
| 84 | - { |
|
| 85 | - \DB::transaction(function () use ($user_id, $group_ids) { |
|
| 86 | - $user = $this->find($user_id); |
|
| 87 | - $user->groups()->detach(); |
|
| 88 | - $user->groups()->attach($group_ids); |
|
| 89 | - }); |
|
| 90 | - |
|
| 91 | - return $this->find($user_id); |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - /** |
|
| 95 | - * Handle a login request to the application. |
|
| 96 | - * |
|
| 97 | - * @param array $credentials |
|
| 98 | - * @param boolean $adminLogin |
|
| 99 | - * @return array |
|
| 100 | - */ |
|
| 101 | - public function login($credentials, $adminLogin = false) |
|
| 102 | - { |
|
| 103 | - if ( ! $user = $this->first(['email' => $credentials['email']])) |
|
| 104 | - { |
|
| 105 | - \ErrorHandler::loginFailed(); |
|
| 106 | - } |
|
| 107 | - else if ($adminLogin && $user->groups->pluck('name')->search('Admin', true) === false) |
|
| 108 | - { |
|
| 109 | - \ErrorHandler::loginFailed(); |
|
| 110 | - } |
|
| 111 | - else if ( ! $adminLogin && $user->groups->pluck('name')->search('Admin', true) !== false) |
|
| 112 | - { |
|
| 113 | - \ErrorHandler::loginFailed(); |
|
| 114 | - } |
|
| 115 | - else if ($user->blocked) |
|
| 116 | - { |
|
| 117 | - \ErrorHandler::userIsBlocked(); |
|
| 118 | - } |
|
| 119 | - else if ($token = \JWTAuth::attempt($credentials)) |
|
| 120 | - { |
|
| 121 | - return ['token' => $token]; |
|
| 122 | - } |
|
| 123 | - else |
|
| 124 | - { |
|
| 125 | - \ErrorHandler::loginFailed(); |
|
| 126 | - } |
|
| 127 | - } |
|
| 128 | - |
|
| 129 | - /** |
|
| 130 | - * Handle a social login request of the none admin to the application. |
|
| 131 | - * |
|
| 132 | - * @param array $credentials |
|
| 133 | - * @return array |
|
| 134 | - */ |
|
| 135 | - public function loginSocial($credentials) |
|
| 136 | - { |
|
| 137 | - $access_token = $credentials['auth_code'] ? \Socialite::driver($credentials['type'])->getAccessToken($credentials['auth_code']) : $credentials['access_token']; |
|
| 138 | - $user = \Socialite::driver($credentials['type'])->userFromToken($access_token); |
|
| 139 | - |
|
| 140 | - if ( ! $user->email) |
|
| 141 | - { |
|
| 142 | - \ErrorHandler::noSocialEmail(); |
|
| 143 | - } |
|
| 144 | - |
|
| 145 | - if ( ! $registeredUser = $this->model->where('email', $user->email)->first()) |
|
| 146 | - { |
|
| 147 | - $data = ['email' => $user->email, 'password' => '']; |
|
| 148 | - return $this->register($data); |
|
| 149 | - } |
|
| 150 | - else |
|
| 151 | - { |
|
| 152 | - if ( ! \Auth::attempt(['email' => $registeredUser->email, 'password' => ''])) |
|
| 153 | - { |
|
| 154 | - \ErrorHandler::userAlreadyRegistered(); |
|
| 155 | - } |
|
| 156 | - return $this->login(['email' => $registeredUser->email, 'password' => ''], false); |
|
| 157 | - } |
|
| 158 | - } |
|
| 61 | + return in_array($nameOfPermission, $permissions); |
|
| 62 | + } |
|
| 63 | + |
|
| 64 | + /** |
|
| 65 | + * Check if the logged in user has the given group. |
|
| 66 | + * |
|
| 67 | + * @param string $groupName |
|
| 68 | + * @return boolean |
|
| 69 | + */ |
|
| 70 | + public function hasGroup($groupName) |
|
| 71 | + { |
|
| 72 | + $groups = $this->find(\JWTAuth::parseToken()->authenticate()->id)->groups; |
|
| 73 | + return $groups->pluck('name')->search($groupName, true) === false ? false : true; |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + /** |
|
| 77 | + * Assign the given group ids to the given user. |
|
| 78 | + * |
|
| 79 | + * @param integer $user_id |
|
| 80 | + * @param array $group_ids |
|
| 81 | + * @return object |
|
| 82 | + */ |
|
| 83 | + public function assignGroups($user_id, $group_ids) |
|
| 84 | + { |
|
| 85 | + \DB::transaction(function () use ($user_id, $group_ids) { |
|
| 86 | + $user = $this->find($user_id); |
|
| 87 | + $user->groups()->detach(); |
|
| 88 | + $user->groups()->attach($group_ids); |
|
| 89 | + }); |
|
| 90 | + |
|
| 91 | + return $this->find($user_id); |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + /** |
|
| 95 | + * Handle a login request to the application. |
|
| 96 | + * |
|
| 97 | + * @param array $credentials |
|
| 98 | + * @param boolean $adminLogin |
|
| 99 | + * @return array |
|
| 100 | + */ |
|
| 101 | + public function login($credentials, $adminLogin = false) |
|
| 102 | + { |
|
| 103 | + if ( ! $user = $this->first(['email' => $credentials['email']])) |
|
| 104 | + { |
|
| 105 | + \ErrorHandler::loginFailed(); |
|
| 106 | + } |
|
| 107 | + else if ($adminLogin && $user->groups->pluck('name')->search('Admin', true) === false) |
|
| 108 | + { |
|
| 109 | + \ErrorHandler::loginFailed(); |
|
| 110 | + } |
|
| 111 | + else if ( ! $adminLogin && $user->groups->pluck('name')->search('Admin', true) !== false) |
|
| 112 | + { |
|
| 113 | + \ErrorHandler::loginFailed(); |
|
| 114 | + } |
|
| 115 | + else if ($user->blocked) |
|
| 116 | + { |
|
| 117 | + \ErrorHandler::userIsBlocked(); |
|
| 118 | + } |
|
| 119 | + else if ($token = \JWTAuth::attempt($credentials)) |
|
| 120 | + { |
|
| 121 | + return ['token' => $token]; |
|
| 122 | + } |
|
| 123 | + else |
|
| 124 | + { |
|
| 125 | + \ErrorHandler::loginFailed(); |
|
| 126 | + } |
|
| 127 | + } |
|
| 128 | + |
|
| 129 | + /** |
|
| 130 | + * Handle a social login request of the none admin to the application. |
|
| 131 | + * |
|
| 132 | + * @param array $credentials |
|
| 133 | + * @return array |
|
| 134 | + */ |
|
| 135 | + public function loginSocial($credentials) |
|
| 136 | + { |
|
| 137 | + $access_token = $credentials['auth_code'] ? \Socialite::driver($credentials['type'])->getAccessToken($credentials['auth_code']) : $credentials['access_token']; |
|
| 138 | + $user = \Socialite::driver($credentials['type'])->userFromToken($access_token); |
|
| 139 | + |
|
| 140 | + if ( ! $user->email) |
|
| 141 | + { |
|
| 142 | + \ErrorHandler::noSocialEmail(); |
|
| 143 | + } |
|
| 144 | + |
|
| 145 | + if ( ! $registeredUser = $this->model->where('email', $user->email)->first()) |
|
| 146 | + { |
|
| 147 | + $data = ['email' => $user->email, 'password' => '']; |
|
| 148 | + return $this->register($data); |
|
| 149 | + } |
|
| 150 | + else |
|
| 151 | + { |
|
| 152 | + if ( ! \Auth::attempt(['email' => $registeredUser->email, 'password' => ''])) |
|
| 153 | + { |
|
| 154 | + \ErrorHandler::userAlreadyRegistered(); |
|
| 155 | + } |
|
| 156 | + return $this->login(['email' => $registeredUser->email, 'password' => ''], false); |
|
| 157 | + } |
|
| 158 | + } |
|
| 159 | 159 | |
| 160 | - /** |
|
| 161 | - * Handle a registration request. |
|
| 162 | - * |
|
| 163 | - * @param array $credentials |
|
| 164 | - * @return array |
|
| 165 | - */ |
|
| 166 | - public function register($credentials) |
|
| 167 | - { |
|
| 168 | - return ['token' => \JWTAuth::fromUser($this->model->create($credentials))]; |
|
| 169 | - } |
|
| 170 | - |
|
| 171 | - /** |
|
| 172 | - * Logout the user. |
|
| 173 | - * |
|
| 174 | - * @return boolean |
|
| 175 | - */ |
|
| 176 | - public function logout() |
|
| 177 | - { |
|
| 178 | - return \JWTAuth::invalidate(\JWTAuth::getToken()); |
|
| 179 | - } |
|
| 180 | - |
|
| 181 | - /** |
|
| 182 | - * Block the user. |
|
| 183 | - * |
|
| 184 | - * @param integer $user_id |
|
| 185 | - * @return object |
|
| 186 | - */ |
|
| 187 | - public function block($user_id) |
|
| 188 | - { |
|
| 189 | - if ( ! $user = $this->find($user_id)) |
|
| 190 | - { |
|
| 191 | - \ErrorHandler::notFound('user'); |
|
| 192 | - } |
|
| 193 | - if ( ! $this->hasGroup('Admin')) |
|
| 194 | - { |
|
| 195 | - \ErrorHandler::noPermissions(); |
|
| 196 | - } |
|
| 197 | - else if (\JWTAuth::parseToken()->authenticate()->id == $user_id) |
|
| 198 | - { |
|
| 199 | - \ErrorHandler::noPermissions(); |
|
| 200 | - } |
|
| 201 | - else if ($user->groups->pluck('name')->search('Admin', true) !== false) |
|
| 202 | - { |
|
| 203 | - \ErrorHandler::noPermissions(); |
|
| 204 | - } |
|
| 205 | - |
|
| 206 | - $user->blocked = 1; |
|
| 207 | - $user->save(); |
|
| 160 | + /** |
|
| 161 | + * Handle a registration request. |
|
| 162 | + * |
|
| 163 | + * @param array $credentials |
|
| 164 | + * @return array |
|
| 165 | + */ |
|
| 166 | + public function register($credentials) |
|
| 167 | + { |
|
| 168 | + return ['token' => \JWTAuth::fromUser($this->model->create($credentials))]; |
|
| 169 | + } |
|
| 170 | + |
|
| 171 | + /** |
|
| 172 | + * Logout the user. |
|
| 173 | + * |
|
| 174 | + * @return boolean |
|
| 175 | + */ |
|
| 176 | + public function logout() |
|
| 177 | + { |
|
| 178 | + return \JWTAuth::invalidate(\JWTAuth::getToken()); |
|
| 179 | + } |
|
| 180 | + |
|
| 181 | + /** |
|
| 182 | + * Block the user. |
|
| 183 | + * |
|
| 184 | + * @param integer $user_id |
|
| 185 | + * @return object |
|
| 186 | + */ |
|
| 187 | + public function block($user_id) |
|
| 188 | + { |
|
| 189 | + if ( ! $user = $this->find($user_id)) |
|
| 190 | + { |
|
| 191 | + \ErrorHandler::notFound('user'); |
|
| 192 | + } |
|
| 193 | + if ( ! $this->hasGroup('Admin')) |
|
| 194 | + { |
|
| 195 | + \ErrorHandler::noPermissions(); |
|
| 196 | + } |
|
| 197 | + else if (\JWTAuth::parseToken()->authenticate()->id == $user_id) |
|
| 198 | + { |
|
| 199 | + \ErrorHandler::noPermissions(); |
|
| 200 | + } |
|
| 201 | + else if ($user->groups->pluck('name')->search('Admin', true) !== false) |
|
| 202 | + { |
|
| 203 | + \ErrorHandler::noPermissions(); |
|
| 204 | + } |
|
| 205 | + |
|
| 206 | + $user->blocked = 1; |
|
| 207 | + $user->save(); |
|
| 208 | 208 | |
| 209 | - return $user; |
|
| 210 | - } |
|
| 211 | - |
|
| 212 | - /** |
|
| 213 | - * Unblock the user. |
|
| 214 | - * |
|
| 215 | - * @param integer $user_id |
|
| 216 | - * @return object |
|
| 217 | - */ |
|
| 218 | - public function unblock($user_id) |
|
| 219 | - { |
|
| 220 | - if ( ! $this->hasGroup('Admin')) |
|
| 221 | - { |
|
| 222 | - \ErrorHandler::noPermissions(); |
|
| 223 | - } |
|
| 224 | - |
|
| 225 | - $user = $this->find($user_id); |
|
| 226 | - $user->blocked = 0; |
|
| 227 | - $user->save(); |
|
| 228 | - |
|
| 229 | - return $user; |
|
| 230 | - } |
|
| 231 | - |
|
| 232 | - /** |
|
| 233 | - * Send a reset link to the given user. |
|
| 234 | - * |
|
| 235 | - * @param string $url |
|
| 236 | - * @param string $email |
|
| 237 | - * @return void |
|
| 238 | - */ |
|
| 239 | - public function sendReset($email, $url) |
|
| 240 | - { |
|
| 241 | - view()->composer('auth.emails.password', function($view) use ($url) { |
|
| 242 | - $view->with(['url' => $url]); |
|
| 243 | - }); |
|
| 244 | - |
|
| 245 | - $response = \Password::sendResetLink($email, function (\Illuminate\Mail\Message $message) { |
|
| 246 | - $message->subject('Your Password Reset Link'); |
|
| 247 | - }); |
|
| 248 | - |
|
| 249 | - switch ($response) |
|
| 250 | - { |
|
| 251 | - case \Password::INVALID_USER: |
|
| 252 | - \ErrorHandler::notFound('email'); |
|
| 253 | - } |
|
| 254 | - } |
|
| 255 | - |
|
| 256 | - /** |
|
| 257 | - * Reset the given user's password. |
|
| 258 | - * |
|
| 259 | - * @param array $credentials |
|
| 260 | - * @return array |
|
| 261 | - */ |
|
| 262 | - public function resetPassword($credentials) |
|
| 263 | - { |
|
| 264 | - $token = false; |
|
| 265 | - $response = \Password::reset($credentials, function ($user, $password) use (&$token) { |
|
| 266 | - $user->password = bcrypt($password); |
|
| 267 | - $user->save(); |
|
| 268 | - |
|
| 269 | - $token = \JWTAuth::fromUser($user); |
|
| 270 | - }); |
|
| 271 | - |
|
| 272 | - switch ($response) { |
|
| 273 | - case \Password::PASSWORD_RESET: |
|
| 274 | - return ['token' => $token]; |
|
| 209 | + return $user; |
|
| 210 | + } |
|
| 211 | + |
|
| 212 | + /** |
|
| 213 | + * Unblock the user. |
|
| 214 | + * |
|
| 215 | + * @param integer $user_id |
|
| 216 | + * @return object |
|
| 217 | + */ |
|
| 218 | + public function unblock($user_id) |
|
| 219 | + { |
|
| 220 | + if ( ! $this->hasGroup('Admin')) |
|
| 221 | + { |
|
| 222 | + \ErrorHandler::noPermissions(); |
|
| 223 | + } |
|
| 224 | + |
|
| 225 | + $user = $this->find($user_id); |
|
| 226 | + $user->blocked = 0; |
|
| 227 | + $user->save(); |
|
| 228 | + |
|
| 229 | + return $user; |
|
| 230 | + } |
|
| 231 | + |
|
| 232 | + /** |
|
| 233 | + * Send a reset link to the given user. |
|
| 234 | + * |
|
| 235 | + * @param string $url |
|
| 236 | + * @param string $email |
|
| 237 | + * @return void |
|
| 238 | + */ |
|
| 239 | + public function sendReset($email, $url) |
|
| 240 | + { |
|
| 241 | + view()->composer('auth.emails.password', function($view) use ($url) { |
|
| 242 | + $view->with(['url' => $url]); |
|
| 243 | + }); |
|
| 244 | + |
|
| 245 | + $response = \Password::sendResetLink($email, function (\Illuminate\Mail\Message $message) { |
|
| 246 | + $message->subject('Your Password Reset Link'); |
|
| 247 | + }); |
|
| 248 | + |
|
| 249 | + switch ($response) |
|
| 250 | + { |
|
| 251 | + case \Password::INVALID_USER: |
|
| 252 | + \ErrorHandler::notFound('email'); |
|
| 253 | + } |
|
| 254 | + } |
|
| 255 | + |
|
| 256 | + /** |
|
| 257 | + * Reset the given user's password. |
|
| 258 | + * |
|
| 259 | + * @param array $credentials |
|
| 260 | + * @return array |
|
| 261 | + */ |
|
| 262 | + public function resetPassword($credentials) |
|
| 263 | + { |
|
| 264 | + $token = false; |
|
| 265 | + $response = \Password::reset($credentials, function ($user, $password) use (&$token) { |
|
| 266 | + $user->password = bcrypt($password); |
|
| 267 | + $user->save(); |
|
| 268 | + |
|
| 269 | + $token = \JWTAuth::fromUser($user); |
|
| 270 | + }); |
|
| 271 | + |
|
| 272 | + switch ($response) { |
|
| 273 | + case \Password::PASSWORD_RESET: |
|
| 274 | + return ['token' => $token]; |
|
| 275 | 275 | |
| 276 | - case \Password::INVALID_TOKEN: |
|
| 277 | - \ErrorHandler::invalidResetToken('token'); |
|
| 278 | - |
|
| 279 | - case \Password::INVALID_PASSWORD: |
|
| 280 | - \ErrorHandler::invalidResetPassword('email'); |
|
| 281 | - |
|
| 282 | - case \Password::INVALID_USER: |
|
| 283 | - \ErrorHandler::notFound('user'); |
|
| 284 | - |
|
| 285 | - default: |
|
| 286 | - \ErrorHandler::generalError(); |
|
| 287 | - } |
|
| 288 | - } |
|
| 289 | - |
|
| 290 | - /** |
|
| 291 | - * Change the logged in user password. |
|
| 292 | - * |
|
| 293 | - * @param array $credentials |
|
| 294 | - * @return void |
|
| 295 | - */ |
|
| 296 | - public function changePassword($credentials) |
|
| 297 | - { |
|
| 298 | - $user = $this->find(\JWTAuth::parseToken()->authenticate()->id, $relations); |
|
| 299 | - if ( ! \Hash::check($credentials['old_password'], $user->password)) |
|
| 300 | - { |
|
| 301 | - \ErrorHandler::invalidOldPassword(); |
|
| 302 | - } |
|
| 303 | - |
|
| 304 | - $user->password = $credentials['password']; |
|
| 305 | - $user->save(); |
|
| 306 | - } |
|
| 307 | - |
|
| 308 | - /** |
|
| 309 | - * Refresh the expired login token. |
|
| 310 | - * |
|
| 311 | - * @return array |
|
| 312 | - */ |
|
| 313 | - public function refreshtoken() |
|
| 314 | - { |
|
| 315 | - $token = \JWTAuth::parseToken()->refresh(); |
|
| 316 | - |
|
| 317 | - return ['token' => $token]; |
|
| 318 | - } |
|
| 319 | - |
|
| 320 | - /** |
|
| 321 | - * Paginate all users in the given group. |
|
| 322 | - * |
|
| 323 | - * @param string $groupName |
|
| 324 | - * @param array $relations |
|
| 325 | - * @param integer $perPage |
|
| 326 | - * @param string $sortBy |
|
| 327 | - * @param boolean $desc |
|
| 328 | - * @return \Illuminate\Http\Response |
|
| 329 | - */ |
|
| 330 | - public function group($groupName, $relations, $perPage, $sortBy, $desc) |
|
| 331 | - { |
|
| 332 | - $sort = $desc ? 'desc' : 'asc'; |
|
| 333 | - $model = call_user_func_array("{$this->getModel()}::with", array($relations)); |
|
| 334 | - |
|
| 335 | - $model->whereHas('groups', function($q) use ($groupName){ |
|
| 336 | - $q->where('name', $groupName); |
|
| 337 | - }); |
|
| 338 | - |
|
| 339 | - return $model->orderBy($sortBy, $sort)->paginate($perPage); |
|
| 340 | - } |
|
| 276 | + case \Password::INVALID_TOKEN: |
|
| 277 | + \ErrorHandler::invalidResetToken('token'); |
|
| 278 | + |
|
| 279 | + case \Password::INVALID_PASSWORD: |
|
| 280 | + \ErrorHandler::invalidResetPassword('email'); |
|
| 281 | + |
|
| 282 | + case \Password::INVALID_USER: |
|
| 283 | + \ErrorHandler::notFound('user'); |
|
| 284 | + |
|
| 285 | + default: |
|
| 286 | + \ErrorHandler::generalError(); |
|
| 287 | + } |
|
| 288 | + } |
|
| 289 | + |
|
| 290 | + /** |
|
| 291 | + * Change the logged in user password. |
|
| 292 | + * |
|
| 293 | + * @param array $credentials |
|
| 294 | + * @return void |
|
| 295 | + */ |
|
| 296 | + public function changePassword($credentials) |
|
| 297 | + { |
|
| 298 | + $user = $this->find(\JWTAuth::parseToken()->authenticate()->id, $relations); |
|
| 299 | + if ( ! \Hash::check($credentials['old_password'], $user->password)) |
|
| 300 | + { |
|
| 301 | + \ErrorHandler::invalidOldPassword(); |
|
| 302 | + } |
|
| 303 | + |
|
| 304 | + $user->password = $credentials['password']; |
|
| 305 | + $user->save(); |
|
| 306 | + } |
|
| 307 | + |
|
| 308 | + /** |
|
| 309 | + * Refresh the expired login token. |
|
| 310 | + * |
|
| 311 | + * @return array |
|
| 312 | + */ |
|
| 313 | + public function refreshtoken() |
|
| 314 | + { |
|
| 315 | + $token = \JWTAuth::parseToken()->refresh(); |
|
| 316 | + |
|
| 317 | + return ['token' => $token]; |
|
| 318 | + } |
|
| 319 | + |
|
| 320 | + /** |
|
| 321 | + * Paginate all users in the given group. |
|
| 322 | + * |
|
| 323 | + * @param string $groupName |
|
| 324 | + * @param array $relations |
|
| 325 | + * @param integer $perPage |
|
| 326 | + * @param string $sortBy |
|
| 327 | + * @param boolean $desc |
|
| 328 | + * @return \Illuminate\Http\Response |
|
| 329 | + */ |
|
| 330 | + public function group($groupName, $relations, $perPage, $sortBy, $desc) |
|
| 331 | + { |
|
| 332 | + $sort = $desc ? 'desc' : 'asc'; |
|
| 333 | + $model = call_user_func_array("{$this->getModel()}::with", array($relations)); |
|
| 334 | + |
|
| 335 | + $model->whereHas('groups', function($q) use ($groupName){ |
|
| 336 | + $q->where('name', $groupName); |
|
| 337 | + }); |
|
| 338 | + |
|
| 339 | + return $model->orderBy($sortBy, $sort)->paginate($perPage); |
|
| 340 | + } |
|
| 341 | 341 | } |
@@ -7,222 +7,222 @@ |
||
| 7 | 7 | |
| 8 | 8 | class UsersController extends BaseApiController |
| 9 | 9 | { |
| 10 | - /** |
|
| 11 | - * The name of the model that is used by the base api controller |
|
| 12 | - * to preform actions like (add, edit ... etc). |
|
| 13 | - * @var string |
|
| 14 | - */ |
|
| 15 | - protected $model = 'users'; |
|
| 16 | - |
|
| 17 | - /** |
|
| 18 | - * List of all route actions that the base api controller |
|
| 19 | - * will skip permissions check for them. |
|
| 20 | - * @var array |
|
| 21 | - */ |
|
| 22 | - protected $skipPermissionCheck = ['account', 'logout', 'sendreset']; |
|
| 23 | - |
|
| 24 | - /** |
|
| 25 | - * List of all route actions that the base api controller |
|
| 26 | - * will skip login check for them. |
|
| 27 | - * @var array |
|
| 28 | - */ |
|
| 29 | - protected $skipLoginCheck = ['login', 'loginSocial', 'register', 'sendreset', 'resetpassword', 'refreshtoken']; |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * The validations rules used by the base api controller |
|
| 33 | - * to check before add. |
|
| 34 | - * @var array |
|
| 35 | - */ |
|
| 36 | - protected $validationRules = [ |
|
| 37 | - 'full_name' => 'string|max:100', |
|
| 38 | - 'user_name' => 'string|unique:users,user_name,{id}', |
|
| 39 | - 'email' => 'required|email|unique:users,email,{id}', |
|
| 40 | - 'mobile_number' => 'string|unique:users,mobile_number,{id}', |
|
| 41 | - 'password' => 'required|min:6' |
|
| 42 | - ]; |
|
| 43 | - |
|
| 44 | - /** |
|
| 45 | - * Return the logged in user account. |
|
| 46 | - * |
|
| 47 | - * @return \Illuminate\Http\Response |
|
| 48 | - */ |
|
| 49 | - public function account() |
|
| 50 | - { |
|
| 51 | - $relations = $this->relations && $this->relations['account'] ? $this->relations['account'] : []; |
|
| 52 | - return \Response::json(\Core::users()->account($relations), 200); |
|
| 53 | - } |
|
| 54 | - |
|
| 55 | - /** |
|
| 56 | - * Block the user. |
|
| 57 | - * |
|
| 58 | - * @param integer $id |
|
| 59 | - * @return \Illuminate\Http\Response |
|
| 60 | - */ |
|
| 61 | - public function block($id) |
|
| 62 | - { |
|
| 63 | - return \Response::json(\Core::users()->block($id), 200); |
|
| 64 | - } |
|
| 65 | - |
|
| 66 | - /** |
|
| 67 | - * Unblock the user. |
|
| 68 | - * |
|
| 69 | - * @param integer $id |
|
| 70 | - * @return \Illuminate\Http\Response |
|
| 71 | - */ |
|
| 72 | - public function unblock($id) |
|
| 73 | - { |
|
| 74 | - return \Response::json(\Core::users()->unblock($id), 200); |
|
| 75 | - } |
|
| 76 | - |
|
| 77 | - /** |
|
| 78 | - * Logout the user. |
|
| 79 | - * |
|
| 80 | - * @return \Illuminate\Http\Response |
|
| 81 | - */ |
|
| 82 | - public function logout() |
|
| 83 | - { |
|
| 84 | - return \Response::json(\Core::users()->logout(), 200); |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - /** |
|
| 88 | - * Handle a registration request. |
|
| 89 | - * |
|
| 90 | - * @param \Illuminate\Http\Request $request |
|
| 91 | - * @return \Illuminate\Http\Response |
|
| 92 | - */ |
|
| 93 | - public function register(Request $request) |
|
| 94 | - { |
|
| 95 | - $this->validate($request, [ |
|
| 96 | - 'full_name' => 'string|max:100', |
|
| 97 | - 'user_name' => 'string|unique:users,user_name,{id}', |
|
| 98 | - 'email' => 'required|email|unique:users,email,{id}', |
|
| 99 | - 'mobile_number' => 'string|unique:users,mobile_number,{id}', |
|
| 100 | - 'password' => 'required|min:6' |
|
| 101 | - ]); |
|
| 102 | - |
|
| 103 | - return \Response::json(\Core::users()->register($request->only('email', 'password')), 200); |
|
| 104 | - } |
|
| 105 | - |
|
| 106 | - /** |
|
| 107 | - * Handle a login request of the none admin to the application. |
|
| 108 | - * |
|
| 109 | - * @param \Illuminate\Http\Request $request |
|
| 110 | - * @return \Illuminate\Http\Response |
|
| 111 | - */ |
|
| 112 | - public function login(Request $request) |
|
| 113 | - { |
|
| 114 | - $this->validate($request, [ |
|
| 115 | - 'email' => 'required|email', |
|
| 116 | - 'password' => 'required|min:6', |
|
| 117 | - 'admin' => 'boolean' |
|
| 118 | - ]); |
|
| 119 | - |
|
| 120 | - return \Response::json(\Core::users()->login($request->only('email', 'password'), $request->get('admin')), 200); |
|
| 121 | - } |
|
| 122 | - |
|
| 123 | - /** |
|
| 124 | - * Handle a social login request of the none admin to the application. |
|
| 125 | - * |
|
| 126 | - * @param \Illuminate\Http\Request $request |
|
| 127 | - * @return \Illuminate\Http\Response |
|
| 128 | - */ |
|
| 129 | - public function loginSocial(Request $request) |
|
| 130 | - { |
|
| 131 | - $this->validate($request, [ |
|
| 132 | - 'auth_code' => 'required_without:access_token', |
|
| 133 | - 'access_token' => 'required_without:auth_code', |
|
| 134 | - 'type' => 'required|in:facebook,google' |
|
| 135 | - ]); |
|
| 136 | - |
|
| 137 | - return \Response::json(\Core::users()->loginSocial($request->only('auth_code', 'access_token', 'type')), 200); |
|
| 138 | - } |
|
| 139 | - |
|
| 140 | - /** |
|
| 141 | - * Handle an assign groups to user request. |
|
| 142 | - * |
|
| 143 | - * @param \Illuminate\Http\Request $request |
|
| 144 | - * @return \Illuminate\Http\Response |
|
| 145 | - */ |
|
| 146 | - public function assigngroups(Request $request) |
|
| 147 | - { |
|
| 148 | - $this->validate($request, [ |
|
| 149 | - 'group_ids' => 'required|exists:groups,id', |
|
| 150 | - 'user_id' => 'required|exists:users,id' |
|
| 151 | - ]); |
|
| 152 | - |
|
| 153 | - return \Response::json(\Core::users()->assignGroups($request->get('user_id'), $request->get('group_ids')), 200); |
|
| 154 | - } |
|
| 155 | - |
|
| 156 | - /** |
|
| 157 | - * Send a reset link to the given user. |
|
| 158 | - * |
|
| 159 | - * @param \Illuminate\Http\Request $request |
|
| 160 | - * @return \Illuminate\Http\Response |
|
| 161 | - */ |
|
| 162 | - public function sendreset(Request $request) |
|
| 163 | - { |
|
| 164 | - $this->validate($request, ['email' => 'required|email', 'url' => 'required|url']); |
|
| 165 | - |
|
| 166 | - return \Response::json(\Core::users()->sendReset($request->only('email'), $request->get('url')), 200); |
|
| 167 | - } |
|
| 168 | - |
|
| 169 | - /** |
|
| 170 | - * Reset the given user's password. |
|
| 171 | - * |
|
| 172 | - * @param \Illuminate\Http\Request $request |
|
| 173 | - * @return \Illuminate\Http\Response |
|
| 174 | - */ |
|
| 175 | - public function resetpassword(Request $request) |
|
| 176 | - { |
|
| 177 | - $this->validate($request, [ |
|
| 178 | - 'token' => 'required', |
|
| 179 | - 'email' => 'required|email', |
|
| 180 | - 'password' => 'required|confirmed|min:6', |
|
| 181 | - 'password_confirmation' => 'required', |
|
| 182 | - ]); |
|
| 183 | - |
|
| 184 | - return \Response::json(\Core::users()->resetPassword($request->only('email', 'password', 'password_confirmation', 'token')), 200); |
|
| 185 | - } |
|
| 186 | - |
|
| 187 | - /** |
|
| 188 | - * Change the logged in user password. |
|
| 189 | - * |
|
| 190 | - * @param \Illuminate\Http\Request $request |
|
| 191 | - * @return \Illuminate\Http\Response |
|
| 192 | - */ |
|
| 193 | - public function changePassword(Request $request) |
|
| 194 | - { |
|
| 195 | - $this->validate($request, [ |
|
| 196 | - 'old_password' => 'required', |
|
| 197 | - 'password' => 'required|confirmed|min:6', |
|
| 198 | - 'password_confirmation' => 'required', |
|
| 199 | - ]); |
|
| 200 | - |
|
| 201 | - return \Response::json(\Core::users()->changePassword($request->only('old_password', 'password', 'password_confirmation')), 200); |
|
| 202 | - } |
|
| 203 | - |
|
| 204 | - /** |
|
| 205 | - * Refresh the expired login token. |
|
| 206 | - * |
|
| 207 | - * @return \Illuminate\Http\Response |
|
| 208 | - */ |
|
| 209 | - public function refreshtoken() |
|
| 210 | - { |
|
| 211 | - return \Response::json(\Core::users()->refreshtoken(), 200); |
|
| 212 | - } |
|
| 213 | - |
|
| 214 | - /** |
|
| 215 | - * Paginate all users with inthe given group. |
|
| 216 | - * |
|
| 217 | - * @param string $groupName |
|
| 218 | - * @param integer $perPage |
|
| 219 | - * @param string $sortBy |
|
| 220 | - * @param boolean $desc |
|
| 221 | - * @return \Illuminate\Http\Response |
|
| 222 | - */ |
|
| 223 | - public function group($groupName, $perPage = 15, $sortBy = 'created_at', $desc = 1) |
|
| 224 | - { |
|
| 225 | - $relations = $this->relations && $this->relations['group'] ? $this->relations['group'] : []; |
|
| 226 | - return \Response::json(\Core::users()->group($groupName, $relations, $perPage, $sortBy, $desc), 200); |
|
| 227 | - } |
|
| 10 | + /** |
|
| 11 | + * The name of the model that is used by the base api controller |
|
| 12 | + * to preform actions like (add, edit ... etc). |
|
| 13 | + * @var string |
|
| 14 | + */ |
|
| 15 | + protected $model = 'users'; |
|
| 16 | + |
|
| 17 | + /** |
|
| 18 | + * List of all route actions that the base api controller |
|
| 19 | + * will skip permissions check for them. |
|
| 20 | + * @var array |
|
| 21 | + */ |
|
| 22 | + protected $skipPermissionCheck = ['account', 'logout', 'sendreset']; |
|
| 23 | + |
|
| 24 | + /** |
|
| 25 | + * List of all route actions that the base api controller |
|
| 26 | + * will skip login check for them. |
|
| 27 | + * @var array |
|
| 28 | + */ |
|
| 29 | + protected $skipLoginCheck = ['login', 'loginSocial', 'register', 'sendreset', 'resetpassword', 'refreshtoken']; |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * The validations rules used by the base api controller |
|
| 33 | + * to check before add. |
|
| 34 | + * @var array |
|
| 35 | + */ |
|
| 36 | + protected $validationRules = [ |
|
| 37 | + 'full_name' => 'string|max:100', |
|
| 38 | + 'user_name' => 'string|unique:users,user_name,{id}', |
|
| 39 | + 'email' => 'required|email|unique:users,email,{id}', |
|
| 40 | + 'mobile_number' => 'string|unique:users,mobile_number,{id}', |
|
| 41 | + 'password' => 'required|min:6' |
|
| 42 | + ]; |
|
| 43 | + |
|
| 44 | + /** |
|
| 45 | + * Return the logged in user account. |
|
| 46 | + * |
|
| 47 | + * @return \Illuminate\Http\Response |
|
| 48 | + */ |
|
| 49 | + public function account() |
|
| 50 | + { |
|
| 51 | + $relations = $this->relations && $this->relations['account'] ? $this->relations['account'] : []; |
|
| 52 | + return \Response::json(\Core::users()->account($relations), 200); |
|
| 53 | + } |
|
| 54 | + |
|
| 55 | + /** |
|
| 56 | + * Block the user. |
|
| 57 | + * |
|
| 58 | + * @param integer $id |
|
| 59 | + * @return \Illuminate\Http\Response |
|
| 60 | + */ |
|
| 61 | + public function block($id) |
|
| 62 | + { |
|
| 63 | + return \Response::json(\Core::users()->block($id), 200); |
|
| 64 | + } |
|
| 65 | + |
|
| 66 | + /** |
|
| 67 | + * Unblock the user. |
|
| 68 | + * |
|
| 69 | + * @param integer $id |
|
| 70 | + * @return \Illuminate\Http\Response |
|
| 71 | + */ |
|
| 72 | + public function unblock($id) |
|
| 73 | + { |
|
| 74 | + return \Response::json(\Core::users()->unblock($id), 200); |
|
| 75 | + } |
|
| 76 | + |
|
| 77 | + /** |
|
| 78 | + * Logout the user. |
|
| 79 | + * |
|
| 80 | + * @return \Illuminate\Http\Response |
|
| 81 | + */ |
|
| 82 | + public function logout() |
|
| 83 | + { |
|
| 84 | + return \Response::json(\Core::users()->logout(), 200); |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + /** |
|
| 88 | + * Handle a registration request. |
|
| 89 | + * |
|
| 90 | + * @param \Illuminate\Http\Request $request |
|
| 91 | + * @return \Illuminate\Http\Response |
|
| 92 | + */ |
|
| 93 | + public function register(Request $request) |
|
| 94 | + { |
|
| 95 | + $this->validate($request, [ |
|
| 96 | + 'full_name' => 'string|max:100', |
|
| 97 | + 'user_name' => 'string|unique:users,user_name,{id}', |
|
| 98 | + 'email' => 'required|email|unique:users,email,{id}', |
|
| 99 | + 'mobile_number' => 'string|unique:users,mobile_number,{id}', |
|
| 100 | + 'password' => 'required|min:6' |
|
| 101 | + ]); |
|
| 102 | + |
|
| 103 | + return \Response::json(\Core::users()->register($request->only('email', 'password')), 200); |
|
| 104 | + } |
|
| 105 | + |
|
| 106 | + /** |
|
| 107 | + * Handle a login request of the none admin to the application. |
|
| 108 | + * |
|
| 109 | + * @param \Illuminate\Http\Request $request |
|
| 110 | + * @return \Illuminate\Http\Response |
|
| 111 | + */ |
|
| 112 | + public function login(Request $request) |
|
| 113 | + { |
|
| 114 | + $this->validate($request, [ |
|
| 115 | + 'email' => 'required|email', |
|
| 116 | + 'password' => 'required|min:6', |
|
| 117 | + 'admin' => 'boolean' |
|
| 118 | + ]); |
|
| 119 | + |
|
| 120 | + return \Response::json(\Core::users()->login($request->only('email', 'password'), $request->get('admin')), 200); |
|
| 121 | + } |
|
| 122 | + |
|
| 123 | + /** |
|
| 124 | + * Handle a social login request of the none admin to the application. |
|
| 125 | + * |
|
| 126 | + * @param \Illuminate\Http\Request $request |
|
| 127 | + * @return \Illuminate\Http\Response |
|
| 128 | + */ |
|
| 129 | + public function loginSocial(Request $request) |
|
| 130 | + { |
|
| 131 | + $this->validate($request, [ |
|
| 132 | + 'auth_code' => 'required_without:access_token', |
|
| 133 | + 'access_token' => 'required_without:auth_code', |
|
| 134 | + 'type' => 'required|in:facebook,google' |
|
| 135 | + ]); |
|
| 136 | + |
|
| 137 | + return \Response::json(\Core::users()->loginSocial($request->only('auth_code', 'access_token', 'type')), 200); |
|
| 138 | + } |
|
| 139 | + |
|
| 140 | + /** |
|
| 141 | + * Handle an assign groups to user request. |
|
| 142 | + * |
|
| 143 | + * @param \Illuminate\Http\Request $request |
|
| 144 | + * @return \Illuminate\Http\Response |
|
| 145 | + */ |
|
| 146 | + public function assigngroups(Request $request) |
|
| 147 | + { |
|
| 148 | + $this->validate($request, [ |
|
| 149 | + 'group_ids' => 'required|exists:groups,id', |
|
| 150 | + 'user_id' => 'required|exists:users,id' |
|
| 151 | + ]); |
|
| 152 | + |
|
| 153 | + return \Response::json(\Core::users()->assignGroups($request->get('user_id'), $request->get('group_ids')), 200); |
|
| 154 | + } |
|
| 155 | + |
|
| 156 | + /** |
|
| 157 | + * Send a reset link to the given user. |
|
| 158 | + * |
|
| 159 | + * @param \Illuminate\Http\Request $request |
|
| 160 | + * @return \Illuminate\Http\Response |
|
| 161 | + */ |
|
| 162 | + public function sendreset(Request $request) |
|
| 163 | + { |
|
| 164 | + $this->validate($request, ['email' => 'required|email', 'url' => 'required|url']); |
|
| 165 | + |
|
| 166 | + return \Response::json(\Core::users()->sendReset($request->only('email'), $request->get('url')), 200); |
|
| 167 | + } |
|
| 168 | + |
|
| 169 | + /** |
|
| 170 | + * Reset the given user's password. |
|
| 171 | + * |
|
| 172 | + * @param \Illuminate\Http\Request $request |
|
| 173 | + * @return \Illuminate\Http\Response |
|
| 174 | + */ |
|
| 175 | + public function resetpassword(Request $request) |
|
| 176 | + { |
|
| 177 | + $this->validate($request, [ |
|
| 178 | + 'token' => 'required', |
|
| 179 | + 'email' => 'required|email', |
|
| 180 | + 'password' => 'required|confirmed|min:6', |
|
| 181 | + 'password_confirmation' => 'required', |
|
| 182 | + ]); |
|
| 183 | + |
|
| 184 | + return \Response::json(\Core::users()->resetPassword($request->only('email', 'password', 'password_confirmation', 'token')), 200); |
|
| 185 | + } |
|
| 186 | + |
|
| 187 | + /** |
|
| 188 | + * Change the logged in user password. |
|
| 189 | + * |
|
| 190 | + * @param \Illuminate\Http\Request $request |
|
| 191 | + * @return \Illuminate\Http\Response |
|
| 192 | + */ |
|
| 193 | + public function changePassword(Request $request) |
|
| 194 | + { |
|
| 195 | + $this->validate($request, [ |
|
| 196 | + 'old_password' => 'required', |
|
| 197 | + 'password' => 'required|confirmed|min:6', |
|
| 198 | + 'password_confirmation' => 'required', |
|
| 199 | + ]); |
|
| 200 | + |
|
| 201 | + return \Response::json(\Core::users()->changePassword($request->only('old_password', 'password', 'password_confirmation')), 200); |
|
| 202 | + } |
|
| 203 | + |
|
| 204 | + /** |
|
| 205 | + * Refresh the expired login token. |
|
| 206 | + * |
|
| 207 | + * @return \Illuminate\Http\Response |
|
| 208 | + */ |
|
| 209 | + public function refreshtoken() |
|
| 210 | + { |
|
| 211 | + return \Response::json(\Core::users()->refreshtoken(), 200); |
|
| 212 | + } |
|
| 213 | + |
|
| 214 | + /** |
|
| 215 | + * Paginate all users with inthe given group. |
|
| 216 | + * |
|
| 217 | + * @param string $groupName |
|
| 218 | + * @param integer $perPage |
|
| 219 | + * @param string $sortBy |
|
| 220 | + * @param boolean $desc |
|
| 221 | + * @return \Illuminate\Http\Response |
|
| 222 | + */ |
|
| 223 | + public function group($groupName, $perPage = 15, $sortBy = 'created_at', $desc = 1) |
|
| 224 | + { |
|
| 225 | + $relations = $this->relations && $this->relations['group'] ? $this->relations['group'] : []; |
|
| 226 | + return \Response::json(\Core::users()->group($groupName, $relations, $perPage, $sortBy, $desc), 200); |
|
| 227 | + } |
|
| 228 | 228 | } |
