UserController::__construct() - Code Metrics - Inspection of "Merge pull request #79 from butcherman/dev5" - butcherman/Tech_Bench - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 054b32...1c77af )

by Ron

created 2020-03-16 00:47 UTC

UserController::__construct() A

↳ Parent: UserController

Complexity

Conditions	1
Paths	1

Size

Total Lines	6
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	1
eloc	4
c	1
b	0
f	0
nc	1
nop	0
dl	0
loc	6
ccs	4
cts	4
cp	1
crap	1
rs	10

<?php

namespace App\Http\Controllers\Admin;

use DB;
use Mail;
use App\User;
use Carbon\Carbon;
use App\UserLogins;
use App\UserSettings;
use App\UserRoleType;
use App\UserInitialize;
use Illuminate\Support\Str;
use App\Mail\InitializeUser;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use App\Notifications\NewUserEmail;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Route;
use App\Http\Resources\UserCollection;
use App\Http\Resources\User as UserResource;
use Illuminate\Support\Facades\Notification;

class UserController extends Controller
{
    //  Constructor sets up middleware
    public function __construct()
    {
        $this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
        $this->middleware(function ($request, $next) {
            $this->authorize('hasAccess', 'Manage Users');
            return $next($request);
        });
    }

    //  Show the list of current users to edit
    public function index()
    {
        $userList = User::with('LastUserLogin')->get()->makeVisible('user_id');
        $route    = 'admin.user.edit';

        return view('admin.userIndex', [
            'userList' => $userList,
            'route'    => $route,
        ]);
    }

    //  Check if a username is in use
    public function checkUser($username, $type)
    {
        $user = User::where($type, $username)->first();

        if(!$user)
        {
            return response()->json(['duplicate' => false]);
        }

        return response()->json([
            'duplicate' => true,
            'user'      => $user->full_name,
            'active'    => $user->deleted_at == null ? 1 : 0,
        ]);
    }

    //  Show the Add User form
    public function create()
    {
        $roles = UserRoleType::all(); // Role::all();

        $roleArr = [];
        foreach($roles as $role)
        {
            if($role->role_id == 1 && Auth::user()->role_id != 1)
            {
                continue;
            }
            else if($role->role_id == 2 && Auth::user()->role_id > 1)
            {
                continue;
            }
            else
            {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        return view('admin.newUser', [
            'roles' => $roleArr
        ]);
    }

    //  Submit the Add User form
    public function store(Request $request)
    {
        //  Validate the new user form
        $request->validate([
            'role'       => 'required|numeric|exists:user_role_types,role_id',
            'username'   => 'required|unique:users|regex:/^[a-zA-Z0-9_]*$/',
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => 'required|unique:users',
        ]);

        //  Create the user
        $newUser = User::create([
            'role_id'    => $request->role,
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'password'   => bcrypt(strtolower(Str::random(15))),
        ]);
        $userID = $newUser->user_id;
        //  Create the user settings table
        UserSettings::create([
            'user_id' => $userID,
        ]);

        //  Create the setup user link
        $hash = strtolower(Str::random(30));
        UserInitialize::create([
            'username' => $request->username,
            'token'    => $hash
        ]);

        //  Email the new user
        Notification::send($newUser, new NewUserEmail($newUser, $hash));

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('User Data - ', $newUser->toArray());
        Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);

        // return redirect()->back()->with('success', 'New User Created');
        return response()->json(['success' => true]);
    }

    //  List all inactive users
    public function show($type)
    {
        $route    = '';

        if($type !== 'inactive')
        {
            return abort(404);
        }
        $userList = new UserCollection(User::onlyTrashed()->get()
                /** @scrutinizer ignore-call */
                ->makeVisible('user_id'));

        return view('admin.userDeleted', [
            'userList' => $userList,
            'route'    => $route,
        ]);

    }

    //  Open the edit user form
    public function edit($id)
    {
        $roles = UserRoleType::all(); // Role::all();
        $user  = new UserResource(User::findOrFail($id));

        //  Make sure that the user is not trying to deactivate someone with more permissions
        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        //  Good to go - update user password
        $roleArr = [];
        foreach ($roles as $role) {
            if ($role->role_id == 1 && Auth::user()->role_id != 1) {
                continue;
            } else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
                continue;
            } else {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        return view('admin.userEdit', [
            'roles' => $roleArr,
            'user'  => $user->
            /** @scrutinizer ignore-call */
            makeVisible(['user_id', 'username']),
        ]);
    }

    //  Reactivate a disabled user
    public function reactivateUser($id)
    {
        User::withTrashed()->where('user_id', $id)->restore();

        return response()->json([
            'success' => true,
        ]);
    }

    //  Submit the update user form
    public function update(Request $request, $id)
    {
        $request->validate([
            'username'   => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'role'       => 'required',
        ]);

        //  Update the user data
        $user = User::findOrFail($id);

        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        $user->update(
        [
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'role_id'    => $request->role,
        ]);

        //  Update the user's role
        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('Edit user form submitted for User ID-'.$id.'  Data - ', $request->toArray());
        Log::notice('User ID-'.$id.' has updated their information.');
        return response()->json(['success' => true]);
    }

    //  Submit the change password form
    public function submitPassword(Request $request)
    {
        $request->validate([
            'password' => 'required|string|min:6|confirmed',
            'user_id'  => 'required',
        ]);

        // $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;

        if($request->force_change)
        {
            $nextChange = Carbon::now()->subDay();
        }
        else
        {
            $nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
        }

        $user = User::find($request->user_id);

        //  Verify this is a valid user ID
        if (!$user) {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if ($user->role_id < Auth::user()->role_id) {
            $success = false;
            $reason  = 'You cannot change password for a user with higher permissions that you.  If this user has locked themselves out, have then use the reset link on the login page.';
        }
        //  Good to go - update user password
        else {
            //  Update the user data
            $user->update(
            [
                'password'         => bcrypt($request->password),
                'password_expires' => $nextChange
            ]);
            $success = true;
            $reason  = 'Password for ' . $user->full_name . ' successfully reset.';
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }

    //  Disable the user
    public function destroy($id)
    {
        $user = User::find($id);

        //  Verify this is a valid user ID
        if(!$user)
        {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make suer that the user is not trying to deactivate themselves
        else if(Auth::user()->user_id == $id)
        {
            $success = false;
            $reason  = 'You cannot deactivate yourself';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if($user->role_id < Auth::user()->role_id)
        {
            $success = false;
            $reason  = 'You cannot deactivate a user with higher permissions that you.';
        }
        //  Good to go - deactivate user
        else
        {
            // $user->update(['active' => 0]);
            $user->delete();
            $success = true;
            $reason  = 'User '.$user->full_name.' successfully deactivated.';
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }
}


1		<?php
2
3		namespace App\Http\Controllers\Admin;
4
5		use DB;
6		use Mail;
7		use App\User;
8		use Carbon\Carbon;
9		use App\UserLogins;
10		use App\UserSettings;
11		use App\UserRoleType;
12		use App\UserInitialize;
13		use Illuminate\Support\Str;
14		use App\Mail\InitializeUser;
15		use Illuminate\Http\Request;
16		use Illuminate\Validation\Rule;
17		use App\Notifications\NewUserEmail;
18		use Illuminate\Support\Facades\Log;
19		use Illuminate\Support\Facades\Auth;
20		use App\Http\Controllers\Controller;
21		use Illuminate\Support\Facades\Route;
22		use App\Http\Resources\UserCollection;
23		use App\Http\Resources\User as UserResource;
24		use Illuminate\Support\Facades\Notification;
25
26		class UserController extends Controller
27		{
28		// Constructor sets up middleware
29	128	public function __construct()
30		{
31	128	$this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
32		$this->middleware(function ($request, $next) {
33	108	$this->authorize('hasAccess', 'Manage Users');
34	88	return $next($request);
35	128	});
36	128	}
37
38		// Show the list of current users to edit
39	2	public function index()
40		{
41	2	$userList = User::with('LastUserLogin')->get()->makeVisible('user_id');
42	2	$route = 'admin.user.edit';
43
44	2	return view('admin.userIndex', [
45	2	'userList' => $userList,
46	2	'route' => $route,
47		]);
48		}
49
50		// Check if a username is in use
51	12	public function checkUser($username, $type)
52		{
53	12	$user = User::where($type, $username)->first();
54
55	12	if(!$user)
56		{
57	4	return response()->json(['duplicate' => false]);
58		}
59
60	8	return response()->json([
61	8	'duplicate' => true,
62	8	'user' => $user->full_name,
63	8	'active' => $user->deleted_at == null ? 1 : 0,
64		]);
65		}
66
67		// Show the Add User form
68	2	public function create()
69		{
70	2	$roles = UserRoleType::all(); // Role::all();
71
72	2	$roleArr = [];
73	2	foreach($roles as $role)
74		{
75	2	if($role->role_id == 1 && Auth::user()->role_id != 1)
76		{
77		continue;
78		}
79	2	else if($role->role_id == 2 && Auth::user()->role_id > 1)
80		{
81		continue;
82		}
83		else
84		{
85		// $roleArr[$role->role_id] = $role->name;
86	2	$roleArr[] = [
87	2	'value' => $role->role_id,
88	2	'text' => $role->name,
89		];
90		}
91		}
92
93	2	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
94	2	return view('admin.newUser', [
95	2	'roles' => $roleArr
96		]);
97		}
98
99		// Submit the Add User form
100	16	public function store(Request $request)
101		{
102		// Validate the new user form
103	16	$request->validate([
104	16	'role' => 'required\|numeric\|exists:user_role_types,role_id',
105		'username' => 'required\|unique:users\|regex:/^[a-zA-Z0-9_]*$/',
106		'first_name' => 'required',
107		'last_name' => 'required',
108		'email' => 'required\|unique:users',
109		]);
110
111		// Create the user
112	2	$newUser = User::create([
113	2	'role_id' => $request->role,
114	2	'username' => $request->username,
115	2	'first_name' => $request->first_name,
116	2	'last_name' => $request->last_name,
117	2	'email' => $request->email,
118	2	'password' => bcrypt(strtolower(Str::random(15))),
119		]);
120	2	$userID = $newUser->user_id;
121		// Create the user settings table
122	2	UserSettings::create([
123	2	'user_id' => $userID,
124		]);
125
126		// Create the setup user link
127	2	$hash = strtolower(Str::random(30));
128	2	UserInitialize::create([
129	2	'username' => $request->username,
130	2	'token' => $hash
131		]);
132
133		// Email the new user
134	2	Notification::send($newUser, new NewUserEmail($newUser, $hash));
135
136	2	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
137	2	Log::debug('User Data - ', $newUser->toArray());
138	2	Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);
139
140		// return redirect()->back()->with('success', 'New User Created');
141	2	return response()->json(['success' => true]);
142		}
143
144		// List all inactive users
145	4	public function show($type)
146		{
147	4	$route = '';
148
149	4	if($type !== 'inactive')
150		{
151		return abort(404);
152		}
153	4	$userList = new UserCollection(User::onlyTrashed()->get()
154		/** @scrutinizer ignore-call */
155	4	->makeVisible('user_id'));
156
157	4	return view('admin.userDeleted', [
158	4	'userList' => $userList,
159	4	'route' => $route,
160		]);
161
162		}
163
164		// Open the edit user form
165	6	public function edit($id)
166		{
167	6	$roles = UserRoleType::all(); // Role::all();
168	6	$user = new UserResource(User::findOrFail($id));
169
170		// Make sure that the user is not trying to deactivate someone with more permissions
171	4	if ($user->role_id < Auth::user()->role_id)
172		{
173	2	return abort(403);
174		}
175
176		// Good to go - update user password
177	2	$roleArr = [];
178	2	foreach ($roles as $role) {
179	2	if ($role->role_id == 1 && Auth::user()->role_id != 1) {
180		continue;
181	2	} else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
182		continue;
183		} else {
184		// $roleArr[$role->role_id] = $role->name;
185	2	$roleArr[] = [
186	2	'value' => $role->role_id,
187	2	'text' => $role->name,
188		];
189		}
190		}
191
192	2	Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
193	2	return view('admin.userEdit', [
194	2	'roles' => $roleArr,
195		'user' => $user->
196		/** @scrutinizer ignore-call */
197	2	makeVisible(['user_id', 'username']),
198		]);
199		}
200
201		// Reactivate a disabled user
202	4	public function reactivateUser($id)
203		{
204	4	User::withTrashed()->where('user_id', $id)->restore();
205
206	4	return response()->json([
207	4	'success' => true,
208		]);
209		}
210
211		// Submit the update user form
212	22	public function update(Request $request, $id)
213		{
214	22	$request->validate([
215		'username' => [
216	22	'required',
217	22	Rule::unique('users')->ignore($id, 'user_id')
218		],
219	22	'first_name' => 'required',
220	22	'last_name' => 'required',
221		'email' => [
222	22	'required',
223	22	Rule::unique('users')->ignore($id, 'user_id')
224		],
225	22	'role' => 'required',
226		]);
227
228		// Update the user data
229	8	$user = User::findOrFail($id);
230
231	6	if ($user->role_id < Auth::user()->role_id)
232		{
233	2	return abort(403);
234		}
235
236	4	$user->update(
237		[
238	4	'username' => $request->username,
239	4	'first_name' => $request->first_name,
240	4	'last_name' => $request->last_name,
241	4	'email' => $request->email,
242	4	'role_id' => $request->role,
243		]);
244
245		// Update the user's role
246	4	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
247	4	Log::debug('Edit user form submitted for User ID-'.$id.' Data - ', $request->toArray());
248	4	Log::notice('User ID-'.$id.' has updated their information.');
249	4	return response()->json(['success' => true]);
250		}
251
252		// Submit the change password form
253	12	public function submitPassword(Request $request)
254		{
255	12	$request->validate([
256	12	'password' => 'required\|string\|min:6\|confirmed',
257		'user_id' => 'required',
258		]);
259
260		// $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;
261
262	8	if($request->force_change)
263		{
264	6	$nextChange = Carbon::now()->subDay();
265		}
266		else
267		{
268	2	$nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
269		}
270
271	8	$user = User::find($request->user_id);
272
273		// Verify this is a valid user ID
274	8	if (!$user) {
275	2	$success = false;
276	2	$reason = 'Cannot find user with this ID';
277		}
278		// Make sure that the user is not trying to deactivate someone with more permissions
279	6	else if ($user->role_id < Auth::user()->role_id) {
280	2	$success = false;
281	2	$reason = 'You cannot change password for a user with higher permissions that you. If this user has locked themselves out, have then use the reset link on the login page.';
282		}
283		// Good to go - update user password
284		else {
285		// Update the user data
286	4	$user->update(
287		[
288	4	'password' => bcrypt($request->password),
289	4	'password_expires' => $nextChange
290		]);
291	4	$success = true;
292	4	$reason = 'Password for ' . $user->full_name . ' successfully reset.';
293		}
294
295	8	Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
296	8	Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
297	8	'success' => $success,
298	8	'reason' => $reason,
299		]);
300
301	8	return response()->json([
302	8	'success' => $success,
303	8	'reason' => $reason,
304		]);
305		}
306
307		// Disable the user
308	8	public function destroy($id)
309		{
310	8	$user = User::find($id);
311
312		// Verify this is a valid user ID
313	8	if(!$user)
314		{
315	2	$success = false;
316	2	$reason = 'Cannot find user with this ID';
317		}
318		// Make suer that the user is not trying to deactivate themselves
319	6	else if(Auth::user()->user_id == $id)
320		{
321	2	$success = false;
322	2	$reason = 'You cannot deactivate yourself';
323		}
324		// Make sure that the user is not trying to deactivate someone with more permissions
325	4	else if($user->role_id < Auth::user()->role_id)
326		{
327	2	$success = false;
328	2	$reason = 'You cannot deactivate a user with higher permissions that you.';
329		}
330		// Good to go - deactivate user
331		else
332		{
333		// $user->update(['active' => 0]);
334	2	$user->delete();
335	2	$success = true;
336	2	$reason = 'User '.$user->full_name.' successfully deactivated.';
337		}
338
339	8	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
340	8	Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
341	8	'success' => $success,
342	8	'reason' => $reason,
343		]);
344
345	8	return response()->json([
346	8	'success' => $success,
347	8	'reason' => $reason,
348		]);
349		}
350		}
351

butcherman / Tech_Bench

Push — master ( 054b32...1c77af )

UserController::__construct() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like