UserController::update() - Code Metrics - Inspection of "Updated System Types Page" - butcherman/Tech_Bench - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — dev5 ( 8206b9...846a42 )

by Ron

created 2019-12-07 01:12 UTC

UserController::update() A

↳ Parent: UserController

Complexity

Conditions	2
Paths	2

Size

Total Lines	38
Code Lines	23

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	22
CRAP Score	2

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	2
eloc	23
c	1
b	0
f	0
nc	2
nop	2
dl	0
loc	38
ccs	22
cts	22
cp	1
crap	2
rs	9.552

<?php

namespace App\Http\Controllers\Admin;

use DB;
use Mail;
// use App\Role;
use App\User;
use Carbon\Carbon;
use App\UserInitialize;
use Illuminate\Support\Str;
use App\Mail\InitializeUser;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Notification;
use App\Notifications\NewUserEmail;

use App\UserRoleType;
use App\UserLogins;
use App\Http\Resources\UserCollection;
use App\Http\Resources\User as UserResource;

class UserController extends Controller
{
    //  Constructor sets up middleware
    public function __construct()
    {
        $this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
        $this->middleware(function ($request, $next) {
            $this->authorize('hasAccess', 'Manage Users');
            return $next($request);
        });
    }

    //  Show the list of current users to edit
    public function index()
    {
        $userList = new UserCollection(User::with(['UserLogins' => function ($query) {
            $query->latest()->limit(1);
        }])->get()
            /** @scrutinizer ignore-call */
            ->makeVisible('user_id'));
        $route    = 'admin.user.edit';

        return view('admin.userIndex', [
            'userList' => $userList,
            'route'    => $route,
        ]);
    }

    //  Check if a username is in use
    public function checkUser($username, $type)
    {
        $user = User::where($type, $username)->first();

        if(!$user)
        {
            return response()->json(['duplicate' => false]);
        }

        return response()->json([
            'duplicate' => true,
            'user'      => $user->full_name,
            'active'    => $user->deleted_at == null ? 1 : 0,
        ]);
    }

    //  Show the Add User form
    public function create()
    {
        $roles = UserRoleType::all(); // Role::all();

        $roleArr = [];
        foreach($roles as $role)
        {
            if($role->role_id == 1 && Auth::user()->role_id != 1)
            {
                continue;
            }
            else if($role->role_id == 2 && Auth::user()->role_id > 1)
            {
                continue;
            }
            else
            {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        return view('admin.newUser', [
            'roles' => $roleArr
        ]);
    }

    //  Submit the Add User form
    public function store(Request $request)
    {
        //  Validate the new user form
        $request->validate([
            'role'       => 'required|numeric',  //  TODO - add validation rule - is in user roles table
            'username'   => 'required|unique:users|regex:/^[a-zA-Z0-9_]*$/',
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => 'required|unique:users',
        ]);

        //  Create the user
        $newUser = User::create([
            'role_id'    => $request->role,
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'password'   => bcrypt(strtolower(Str::random(15))),
        ]);

        $userID = $newUser->user_id;

        //  Create the setup user link
        $hash = strtolower(Str::random(30));
        UserInitialize::create([
            'username' => $request->username,
            'token'    => $hash
        ]);

        //  Email the new user
        // Mail::to($request->email)->send(new InitializeUser($hash, $request->username, $request->first_name.' '.$request->last_name));
        Notification::send($newUser, new NewUserEmail($newUser, $hash));

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('User Data - ', $newUser->toArray());
        Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);

        // return redirect()->back()->with('success', 'New User Created');
        return response()->json(['success' => true]);
    }

    //  List all inactive users
    public function show($type)
    {
        $route    = '';

        if($type !== 'inactive')
        {
            return abort(404);
        }
        $userList = new UserCollection(User::onlyTrashed()->get()
                /** @scrutinizer ignore-call */
                ->makeVisible('user_id'));

        return view('admin.userDeleted', [
            'userList' => $userList,
            'route'    => $route,
        ]);

    }

    //  Open the edit user form
    public function edit($id)
    {
        $roles = UserRoleType::all(); // Role::all();
        $user  = new UserResource(User::findOrFail($id));

        //  Make sure that the user is not trying to deactivate someone with more permissions
        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        //  Good to go - update user password
        $roleArr = [];
        foreach ($roles as $role) {
            if ($role->role_id == 1 && Auth::user()->role_id != 1) {
                continue;
            } else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
                continue;
            } else {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        return view('admin.userEdit', [
            'roles' => $roleArr,
            'user'  => $user->
            /** @scrutinizer ignore-call */
            makeVisible(['user_id', 'username']),
        ]);
    }

    //  Reactivate a disabled user
    public function reactivateUser($id)
    {
        User::withTrashed()->where('user_id', $id)->restore();

        return response()->json([
            'success' => true,
        ]);
    }

    //  Submit the update user form
    public function update(Request $request, $id)
    {
        $request->validate([
            'username'   => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'role'       => 'required',
        ]);

        //  Update the user data
        $user = User::findOrFail($id);

        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        $user->update(
        [
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'role_id'    => $request->role,
        ]);

        //  Update the user's role
        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('Edit user form submitted for User ID-'.$id.'  Data - ', $request->toArray());
        Log::notice('User ID-'.$id.' has updated their information.');
        return response()->json(['success' => true]);
    }

    //  Submit the change password form
    public function submitPassword(Request $request)
    {
        $request->validate([
            'password' => 'required|string|min:6|confirmed',
            'user_id'  => 'required',
        ]);

        // $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;

        if($request->force_change)
        {
            $nextChange = Carbon::now()->subDay();
        }
        else
        {
            $nextChange = config('users.passExpires') != null ? Carbon::now()->addDays(config('users.passExpires')) : null;
        }

        $user = User::find($request->user_id);

        //  Verify this is a valid user ID
        if (!$user) {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if ($user->role_id < Auth::user()->role_id) {
            $success = false;
            $reason  = 'You cannot change password for a user with higher permissions that you.  If this user has locked themselves out, have then use the reset link on the login page.';
        }
        //  Good to go - update user password
        else {
            //  Update the user data
            $user->update(
            [
                'password'         => bcrypt($request->password),
                'password_expires' => $nextChange
            ]);
            $success = true;
            $reason  = 'Password for ' . $user->full_name . ' successfully reset.';
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }

    //  Disable the user
    public function destroy($id)
    {
        $user = User::find($id);

        //  Verify this is a valid user ID
        if(!$user)
        {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make suer that the user is not trying to deactivate themselves
        else if(Auth::user()->user_id == $id)
        {
            $success = false;
            $reason  = 'You cannot deactivate yourself';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if($user->role_id < Auth::user()->role_id)
        {
            $success = false;
            $reason  = 'You cannot deactivate a user with higher permissions that you.';
        }
        //  Good to go - deactivate user
        else
        {
            // $user->update(['active' => 0]);
            $user->delete();
            $success = true;
            $reason  = 'User '.$user->full_name.' successfully deactivated.';
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }
}


1		<?php
2
3		namespace App\Http\Controllers\Admin;
4
5		use DB;
6		use Mail;
7		// use App\Role;
8		use App\User;
9		use Carbon\Carbon;
10		use App\UserInitialize;
11		use Illuminate\Support\Str;
12		use App\Mail\InitializeUser;
13		use Illuminate\Http\Request;
14		use Illuminate\Validation\Rule;
15		use Illuminate\Support\Facades\Log;
16		use Illuminate\Support\Facades\Auth;
17		use App\Http\Controllers\Controller;
18		use Illuminate\Support\Facades\Route;
19		use Illuminate\Support\Facades\Notification;
20		use App\Notifications\NewUserEmail;
21
22		use App\UserRoleType;
23		use App\UserLogins;
24		use App\Http\Resources\UserCollection;
25		use App\Http\Resources\User as UserResource;
26
27		class UserController extends Controller
28		{
29		// Constructor sets up middleware
30	128	public function __construct()
31		{
32	128	$this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
33		$this->middleware(function ($request, $next) {
34	108	$this->authorize('hasAccess', 'Manage Users');
35	88	return $next($request);
36	128	});
37	128	}
38
39		// Show the list of current users to edit
40	2	public function index()
41		{
42		$userList = new UserCollection(User::with(['UserLogins' => function ($query) {
43	2	$query->latest()->limit(1);
44	2	}])->get()
45		/** @scrutinizer ignore-call */
46	2	->makeVisible('user_id'));
47	2	$route = 'admin.user.edit';
48
49	2	return view('admin.userIndex', [
50	2	'userList' => $userList,
51	2	'route' => $route,
52		]);
53		}
54
55		// Check if a username is in use
56	12	public function checkUser($username, $type)
57		{
58	12	$user = User::where($type, $username)->first();
59
60	12	if(!$user)
61		{
62	4	return response()->json(['duplicate' => false]);
63		}
64
65	8	return response()->json([
66	8	'duplicate' => true,
67	8	'user' => $user->full_name,
68	8	'active' => $user->deleted_at == null ? 1 : 0,
69		]);
70		}
71
72		// Show the Add User form
73	2	public function create()
74		{
75	2	$roles = UserRoleType::all(); // Role::all();
76
77	2	$roleArr = [];
78	2	foreach($roles as $role)
79		{
80	2	if($role->role_id == 1 && Auth::user()->role_id != 1)
81		{
82		continue;
83		}
84	2	else if($role->role_id == 2 && Auth::user()->role_id > 1)
85		{
86		continue;
87		}
88		else
89		{
90		// $roleArr[$role->role_id] = $role->name;
91	2	$roleArr[] = [
92	2	'value' => $role->role_id,
93	2	'text' => $role->name,
94		];
95		}
96		}
97
98	2	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
99	2	return view('admin.newUser', [
100	2	'roles' => $roleArr
101		]);
102		}
103
104		// Submit the Add User form
105	16	public function store(Request $request)
106		{
107		// Validate the new user form
108	16	$request->validate([
109	16	'role' => 'required\|numeric', // TODO - add validation rule - is in user roles table
110		'username' => 'required\|unique:users\|regex:/^[a-zA-Z0-9_]*$/',
111		'first_name' => 'required',
112		'last_name' => 'required',
113		'email' => 'required\|unique:users',
114		]);
115
116		// Create the user
117	2	$newUser = User::create([
118	2	'role_id' => $request->role,
119	2	'username' => $request->username,
120	2	'first_name' => $request->first_name,
121	2	'last_name' => $request->last_name,
122	2	'email' => $request->email,
123	2	'password' => bcrypt(strtolower(Str::random(15))),
124		]);
125
126	2	$userID = $newUser->user_id;
127
128		// Create the setup user link
129	2	$hash = strtolower(Str::random(30));
130	2	UserInitialize::create([
131	2	'username' => $request->username,
132	2	'token' => $hash
133		]);
134
135		// Email the new user
136		// Mail::to($request->email)->send(new InitializeUser($hash, $request->username, $request->first_name.' '.$request->last_name));
137	2	Notification::send($newUser, new NewUserEmail($newUser, $hash));
138
139	2	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
140	2	Log::debug('User Data - ', $newUser->toArray());
141	2	Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);
142
143		// return redirect()->back()->with('success', 'New User Created');
144	2	return response()->json(['success' => true]);
145		}
146
147		// List all inactive users
148	4	public function show($type)
149		{
150	4	$route = '';
151
152	4	if($type !== 'inactive')
153		{
154		return abort(404);
155		}
156	4	$userList = new UserCollection(User::onlyTrashed()->get()
157		/** @scrutinizer ignore-call */
158	4	->makeVisible('user_id'));
159
160	4	return view('admin.userDeleted', [
161	4	'userList' => $userList,
162	4	'route' => $route,
163		]);
164
165		}
166
167		// Open the edit user form
168	6	public function edit($id)
169		{
170	6	$roles = UserRoleType::all(); // Role::all();
171	6	$user = new UserResource(User::findOrFail($id));
172
173		// Make sure that the user is not trying to deactivate someone with more permissions
174	4	if ($user->role_id < Auth::user()->role_id)
175		{
176	2	return abort(403);
177		}
178
179		// Good to go - update user password
180	2	$roleArr = [];
181	2	foreach ($roles as $role) {
182	2	if ($role->role_id == 1 && Auth::user()->role_id != 1) {
183		continue;
184	2	} else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
185		continue;
186		} else {
187		// $roleArr[$role->role_id] = $role->name;
188	2	$roleArr[] = [
189	2	'value' => $role->role_id,
190	2	'text' => $role->name,
191		];
192		}
193		}
194
195	2	Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
196	2	return view('admin.userEdit', [
197	2	'roles' => $roleArr,
198		'user' => $user->
199		/** @scrutinizer ignore-call */
200	2	makeVisible(['user_id', 'username']),
201		]);
202		}
203
204		// Reactivate a disabled user
205	4	public function reactivateUser($id)
206		{
207	4	User::withTrashed()->where('user_id', $id)->restore();
208
209	4	return response()->json([
210	4	'success' => true,
211		]);
212		}
213
214		// Submit the update user form
215	22	public function update(Request $request, $id)
216		{
217	22	$request->validate([
218		'username' => [
219	22	'required',
220	22	Rule::unique('users')->ignore($id, 'user_id')
221		],
222	22	'first_name' => 'required',
223	22	'last_name' => 'required',
224		'email' => [
225	22	'required',
226	22	Rule::unique('users')->ignore($id, 'user_id')
227		],
228	22	'role' => 'required',
229		]);
230
231		// Update the user data
232	8	$user = User::findOrFail($id);
233
234	6	if ($user->role_id < Auth::user()->role_id)
235		{
236	2	return abort(403);
237		}
238
239	4	$user->update(
240		[
241	4	'username' => $request->username,
242	4	'first_name' => $request->first_name,
243	4	'last_name' => $request->last_name,
244	4	'email' => $request->email,
245	4	'role_id' => $request->role,
246		]);
247
248		// Update the user's role
249	4	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
250	4	Log::debug('Edit user form submitted for User ID-'.$id.' Data - ', $request->toArray());
251	4	Log::notice('User ID-'.$id.' has updated their information.');
252	4	return response()->json(['success' => true]);
253		}
254
255		// Submit the change password form
256	12	public function submitPassword(Request $request)
257		{
258	12	$request->validate([
259	12	'password' => 'required\|string\|min:6\|confirmed',
260		'user_id' => 'required',
261		]);
262
263		// $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;
264
265	8	if($request->force_change)
266		{
267	6	$nextChange = Carbon::now()->subDay();
268		}
269		else
270		{
271	2	$nextChange = config('users.passExpires') != null ? Carbon::now()->addDays(config('users.passExpires')) : null;
272		}
273
274	8	$user = User::find($request->user_id);
275
276		// Verify this is a valid user ID
277	8	if (!$user) {
278	2	$success = false;
279	2	$reason = 'Cannot find user with this ID';
280		}
281		// Make sure that the user is not trying to deactivate someone with more permissions
282	6	else if ($user->role_id < Auth::user()->role_id) {
283	2	$success = false;
284	2	$reason = 'You cannot change password for a user with higher permissions that you. If this user has locked themselves out, have then use the reset link on the login page.';
285		}
286		// Good to go - update user password
287		else {
288		// Update the user data
289	4	$user->update(
290		[
291	4	'password' => bcrypt($request->password),
292	4	'password_expires' => $nextChange
293		]);
294	4	$success = true;
295	4	$reason = 'Password for ' . $user->full_name . ' successfully reset.';
296		}
297
298	8	Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
299	8	Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
300	8	'success' => $success,
301	8	'reason' => $reason,
302		]);
303
304	8	return response()->json([
305	8	'success' => $success,
306	8	'reason' => $reason,
307		]);
308		}
309
310		// Disable the user
311	8	public function destroy($id)
312		{
313	8	$user = User::find($id);
314
315		// Verify this is a valid user ID
316	8	if(!$user)
317		{
318	2	$success = false;
319	2	$reason = 'Cannot find user with this ID';
320		}
321		// Make suer that the user is not trying to deactivate themselves
322	6	else if(Auth::user()->user_id == $id)
323		{
324	2	$success = false;
325	2	$reason = 'You cannot deactivate yourself';
326		}
327		// Make sure that the user is not trying to deactivate someone with more permissions
328	4	else if($user->role_id < Auth::user()->role_id)
329		{
330	2	$success = false;
331	2	$reason = 'You cannot deactivate a user with higher permissions that you.';
332		}
333		// Good to go - deactivate user
334		else
335		{
336		// $user->update(['active' => 0]);
337	2	$user->delete();
338	2	$success = true;
339	2	$reason = 'User '.$user->full_name.' successfully deactivated.';
340		}
341
342	8	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
343	8	Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
344	8	'success' => $success,
345	8	'reason' => $reason,
346		]);
347
348	8	return response()->json([
349	8	'success' => $success,
350	8	'reason' => $reason,
351		]);
352		}
353		}
354

butcherman / Tech_Bench

Push — dev5 ( 8206b9...846a42 )

UserController::update() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like