UserController::index() - Code Metrics - Inspection of "Merge pull request #81 from butcherman/dev5" - butcherman/Tech_Bench - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 3b9459...1d6d9a )

by Ron

created 2020-03-31 23:57 UTC

UserController::index() A

↳ Parent: UserController

Complexity

Conditions	1
Paths	1

Size

Total Lines	10
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	8
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	1
eloc	7
nc	1
nop	0
dl	0
loc	10
ccs	8
cts	8
cp	1
crap	1
rs	10
c	1
b	0
f	0

<?php

namespace App\Http\Controllers\Admin;

use App\User;
use Carbon\Carbon;
use App\UserSettings;
use App\UserRoleType;
use App\UserInitialize;
use Illuminate\Support\Str;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use App\Notifications\NewUserEmail;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Route;
use App\Http\Resources\UserCollection;
use App\Http\Resources\User as UserResource;
use Illuminate\Support\Facades\Notification;

class UserController extends Controller
{
    //  Constructor sets up middleware
    public function __construct()
    {
        $this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
        $this->middleware(function ($request, $next) {
            $this->authorize('hasAccess', 'Manage Users');
            return $next($request);
        });
    }

    //  Show the list of current users to edit
    public function index()
    {
        $userList = User::with('LastUserLogin')->get()->makeVisible('user_id');
        $route    = 'admin.user.edit';

        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
        Log::debug('User list:', $userList->toArray());
        return view('admin.userIndex', [
            'userList' => $userList,
            'route'    => $route,
        ]);
    }

    //  Check if a username is in use
    public function checkUser($username, $type)
    {
        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name.'. Submitted Data:', ['username' => $username, 'type' => $type]);
        $user = User::where($type, $username)->first();

        if(!$user)
        {
            Log::debug('Username '.$username.' is available for use');
            return response()->json(['duplicate' => false]);
        }

        Log::debug('Username '.$username.' is in use by '.$user->full_name);
        return response()->json([
            'duplicate' => true,
            'user'      => $user->full_name,
            'active'    => $user->deleted_at == null ? 1 : 0,
        ]);
    }

    //  Show the Add User form
    public function create()
    {
        $roles = UserRoleType::all();

        $roleArr = [];
        foreach($roles as $role)
        {
            if($role->role_id == 1 && Auth::user()->role_id != 1)
            {
                continue;
            }
            else if($role->role_id == 2 && Auth::user()->role_id > 1)
            {
                continue;
            }
            else
            {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
        Log::debug('Role data: ', $roleArr);
        return view('admin.newUser', [
            'roles' => $roleArr
        ]);
    }

    //  Submit the Add User form
    public function store(Request $request)
    {
        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name.'. Submitted Data:', $request->toArray());
        //  Validate the new user form
        $request->validate([
            'role'       => 'required|numeric|exists:user_role_types,role_id',
            'username'   => 'required|unique:users|regex:/^[a-zA-Z0-9_]*$/',
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => 'required|unique:users',
        ]);

        //  Create the user
        $newUser = User::create([
            'role_id'    => $request->role,
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'password'   => bcrypt(strtolower(Str::random(15))),
        ]);
        $userID = $newUser->user_id;
        //  Create the user settings table
        UserSettings::create([
            'user_id' => $userID,
        ]);

        //  Create the setup user link
        $hash = strtolower(Str::random(30));
        UserInitialize::create([
            'username' => $request->username,
            'token'    => $hash
        ]);

        //  Email the new user
        Notification::send($newUser, new NewUserEmail($newUser, $hash));

        Log::info('New user '.$newUser->first_name.' '.$newUser->last_name.' created by '.Auth::user()->full_name.'. User Data:', $newUser->toArray());

        // return redirect()->back()->with('success', 'New User Created');
        return response()->json(['success' => true]);
    }

    //  List all inactive users
    public function show($type)
    {
        $route    = '';

        if($type !== 'inactive')
        {
            return abort(404);
        }
        $userList = new UserCollection(User::onlyTrashed()->get()
                /** @scrutinizer ignore-call */
                ->makeVisible('user_id'));
                // dd($userList);

        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);

        return view('admin.userDeleted', [
            'userList' => $userList,
            'route'    => $route,
        ]);

    }

    //  Open the edit user form
    public function edit($id)
    {
        $roles = UserRoleType::all();
        $user  = new UserResource(User::findOrFail($id));

        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);

        //  Make sure that the user is not trying to edit someone with more permissions
        if ($user->role_id < Auth::user()->role_id)
        {
            Log::warning('User '.Auth::user()->full_name.' tried to update a user that has more permissions than they do.  This request was denied.');
            return abort(403);
        }

        //  Good to go - get role information
        $roleArr = [];
        foreach ($roles as $role) {
            if ($role->role_id == 1 && Auth::user()->role_id != 1) {
                continue;
            } else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
                continue;
            } else {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Role Data:', $roleArr);
        return view('admin.userEdit', [
            'roles' => $roleArr,
            'user'  => $user->
            /** @scrutinizer ignore-call */
            makeVisible(['user_id', 'username']),
        ]);
    }

    //  Reactivate a disabled user
    public function reactivateUser($id)
    {
        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
        User::withTrashed()->where('user_id', $id)->restore();

        Log::info('User ID '.$id.' reactivated by '.Auth::user()->full_name);
        return response()->json([
            'success' => true,
        ]);
    }

    //  Submit the update user form
    public function update(Request $request, $id)
    {
        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name.'. Submitted Data:', $request->toArray());
        $request->validate([
            'username'   => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'role'       => 'required',
        ]);

        //  Update the user data
        $user = User::findOrFail($id);

        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        $user->update(
        [
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'role_id'    => $request->role,
        ]);

        //  Update the user's role
        Log::info('User information for '.$request->first_name.' '.$request->last_name.' (ID: '.$id.') has been updated by '.Auth::user()->full_name);
        return response()->json(['success' => true]);
    }

    //  Submit the change password form
    public function submitPassword(Request $request)
    {
        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);

        $request->validate([
            'password' => 'required|string|min:6|confirmed',
            'user_id'  => 'required',
        ]);

        if($request->force_change)
        {
            $nextChange = Carbon::now()->subDay();
        }
        else
        {
            $nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
        }

        $user = User::find($request->user_id);

        //  Verify this is a valid user ID
        if (!$user) {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if ($user->role_id < Auth::user()->role_id) {
            $success = false;
            $reason  = 'You cannot change password for a user with higher permissions that you.  If this user has locked themselves out, have then use the reset link on the login page.';
        }
        //  Good to go - update user password
        else {
            //  Update the user data
            $user->update(
            [
                'password'         => bcrypt($request->password),
                'password_expires' => $nextChange
            ]);
            $success = true;
            $reason  = 'Password for ' . $user->full_name . ' successfully reset.';
        }

        Log::info('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->Full_name, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }

    //  Disable the user
    public function destroy($id)
    {
        $user = User::find($id);

        //  Verify this is a valid user ID
        if(!$user)
        {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make suer that the user is not trying to deactivate themselves
        else if(Auth::user()->user_id == $id)
        {
            $success = false;
            $reason  = 'You cannot deactivate yourself';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if($user->role_id < Auth::user()->role_id)
        {
            $success = false;
            $reason  = 'You cannot deactivate a user with higher permissions that you.';
        }
        //  Good to go - deactivate user
        else
        {
            // $user->update(['active' => 0]);
            $user->delete();
            $success = true;
            $reason  = 'User '.$user->full_name.' successfully deactivated.';
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
        Log::notice('User ID-'.$id.' disabled by '.Auth::user()->full_name, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }
}


1		<?php
2
3		namespace App\Http\Controllers\Admin;
4
5		use App\User;
6		use Carbon\Carbon;
7		use App\UserSettings;
8		use App\UserRoleType;
9		use App\UserInitialize;
10		use Illuminate\Support\Str;
11		use Illuminate\Http\Request;
12		use Illuminate\Validation\Rule;
13		use App\Notifications\NewUserEmail;
14		use Illuminate\Support\Facades\Log;
15		use Illuminate\Support\Facades\Auth;
16		use App\Http\Controllers\Controller;
17		use Illuminate\Support\Facades\Route;
18		use App\Http\Resources\UserCollection;
19		use App\Http\Resources\User as UserResource;
20		use Illuminate\Support\Facades\Notification;
21
22		class UserController extends Controller
23		{
24		// Constructor sets up middleware
25	128	public function __construct()
26		{
27	128	$this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
28		$this->middleware(function ($request, $next) {
29	108	$this->authorize('hasAccess', 'Manage Users');
30	88	return $next($request);
31	128	});
32	128	}
33
34		// Show the list of current users to edit
35	2	public function index()
36		{
37	2	$userList = User::with('LastUserLogin')->get()->makeVisible('user_id');
38	2	$route = 'admin.user.edit';
39
40	2	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
41	2	Log::debug('User list:', $userList->toArray());
42	2	return view('admin.userIndex', [
43	2	'userList' => $userList,
44	2	'route' => $route,
45		]);
46		}
47
48		// Check if a username is in use
49	12	public function checkUser($username, $type)
50		{
51	12	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name.'. Submitted Data:', ['username' => $username, 'type' => $type]);
52	12	$user = User::where($type, $username)->first();
53
54	12	if(!$user)
55		{
56	4	Log::debug('Username '.$username.' is available for use');
57	4	return response()->json(['duplicate' => false]);
58		}
59
60	8	Log::debug('Username '.$username.' is in use by '.$user->full_name);
61	8	return response()->json([
62	8	'duplicate' => true,
63	8	'user' => $user->full_name,
64	8	'active' => $user->deleted_at == null ? 1 : 0,
65		]);
66		}
67
68		// Show the Add User form
69	2	public function create()
70		{
71	2	$roles = UserRoleType::all();
72
73	2	$roleArr = [];
74	2	foreach($roles as $role)
75		{
76	2	if($role->role_id == 1 && Auth::user()->role_id != 1)
77		{
78		continue;
79		}
80	2	else if($role->role_id == 2 && Auth::user()->role_id > 1)
81		{
82		continue;
83		}
84		else
85		{
86		// $roleArr[$role->role_id] = $role->name;
87	2	$roleArr[] = [
88	2	'value' => $role->role_id,
89	2	'text' => $role->name,
90		];
91		}
92		}
93
94	2	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
95	2	Log::debug('Role data: ', $roleArr);
96	2	return view('admin.newUser', [
97	2	'roles' => $roleArr
98		]);
99		}
100
101		// Submit the Add User form
102	16	public function store(Request $request)
103		{
104	16	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name.'. Submitted Data:', $request->toArray());
105		// Validate the new user form
106	16	$request->validate([
107	16	'role' => 'required\|numeric\|exists:user_role_types,role_id',
108		'username' => 'required\|unique:users\|regex:/^[a-zA-Z0-9_]*$/',
109		'first_name' => 'required',
110		'last_name' => 'required',
111		'email' => 'required\|unique:users',
112		]);
113
114		// Create the user
115	2	$newUser = User::create([
116	2	'role_id' => $request->role,
117	2	'username' => $request->username,
118	2	'first_name' => $request->first_name,
119	2	'last_name' => $request->last_name,
120	2	'email' => $request->email,
121	2	'password' => bcrypt(strtolower(Str::random(15))),
122		]);
123	2	$userID = $newUser->user_id;
124		// Create the user settings table
125	2	UserSettings::create([
126	2	'user_id' => $userID,
127		]);
128
129		// Create the setup user link
130	2	$hash = strtolower(Str::random(30));
131	2	UserInitialize::create([
132	2	'username' => $request->username,
133	2	'token' => $hash
134		]);
135
136		// Email the new user
137	2	Notification::send($newUser, new NewUserEmail($newUser, $hash));
138
139	2	Log::info('New user '.$newUser->first_name.' '.$newUser->last_name.' created by '.Auth::user()->full_name.'. User Data:', $newUser->toArray());
140
141		// return redirect()->back()->with('success', 'New User Created');
142	2	return response()->json(['success' => true]);
143		}
144
145		// List all inactive users
146	4	public function show($type)
147		{
148	4	$route = '';
149
150	4	if($type !== 'inactive')
151		{
152		return abort(404);
153		}
154	4	$userList = new UserCollection(User::onlyTrashed()->get()
155		/** @scrutinizer ignore-call */
156	4	->makeVisible('user_id'));
157		// dd($userList);
158
159	4	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
160
161	4	return view('admin.userDeleted', [
162	4	'userList' => $userList,
163	4	'route' => $route,
164		]);
165
166		}
167
168		// Open the edit user form
169	6	public function edit($id)
170		{
171	6	$roles = UserRoleType::all();
172	6	$user = new UserResource(User::findOrFail($id));
173
174	4	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
175
176		// Make sure that the user is not trying to edit someone with more permissions
177	4	if ($user->role_id < Auth::user()->role_id)
178		{
179	2	Log::warning('User '.Auth::user()->full_name.' tried to update a user that has more permissions than they do. This request was denied.');
180	2	return abort(403);
181		}
182
183		// Good to go - get role information
184	2	$roleArr = [];
185	2	foreach ($roles as $role) {
186	2	if ($role->role_id == 1 && Auth::user()->role_id != 1) {
187		continue;
188	2	} else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
189		continue;
190		} else {
191		// $roleArr[$role->role_id] = $role->name;
192	2	$roleArr[] = [
193	2	'value' => $role->role_id,
194	2	'text' => $role->name,
195		];
196		}
197		}
198
199	2	Log::debug('Role Data:', $roleArr);
200	2	return view('admin.userEdit', [
201	2	'roles' => $roleArr,
202		'user' => $user->
203		/** @scrutinizer ignore-call */
204	2	makeVisible(['user_id', 'username']),
205		]);
206		}
207
208		// Reactivate a disabled user
209	4	public function reactivateUser($id)
210		{
211	4	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
212	4	User::withTrashed()->where('user_id', $id)->restore();
213
214	4	Log::info('User ID '.$id.' reactivated by '.Auth::user()->full_name);
215	4	return response()->json([
216	4	'success' => true,
217		]);
218		}
219
220		// Submit the update user form
221	22	public function update(Request $request, $id)
222		{
223	22	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name.'. Submitted Data:', $request->toArray());
224	22	$request->validate([
225		'username' => [
226	22	'required',
227	22	Rule::unique('users')->ignore($id, 'user_id')
228		],
229	22	'first_name' => 'required',
230	22	'last_name' => 'required',
231		'email' => [
232	22	'required',
233	22	Rule::unique('users')->ignore($id, 'user_id')
234		],
235	22	'role' => 'required',
236		]);
237
238		// Update the user data
239	8	$user = User::findOrFail($id);
240
241	6	if ($user->role_id < Auth::user()->role_id)
242		{
243	2	return abort(403);
244		}
245
246	4	$user->update(
247		[
248	4	'username' => $request->username,
249	4	'first_name' => $request->first_name,
250	4	'last_name' => $request->last_name,
251	4	'email' => $request->email,
252	4	'role_id' => $request->role,
253		]);
254
255		// Update the user's role
256	4	Log::info('User information for '.$request->first_name.' '.$request->last_name.' (ID: '.$id.') has been updated by '.Auth::user()->full_name);
257	4	return response()->json(['success' => true]);
258		}
259
260		// Submit the change password form
261	12	public function submitPassword(Request $request)
262		{
263	12	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
264
265	12	$request->validate([
266	12	'password' => 'required\|string\|min:6\|confirmed',
267		'user_id' => 'required',
268		]);
269
270	8	if($request->force_change)
271		{
272	6	$nextChange = Carbon::now()->subDay();
273		}
274		else
275		{
276	2	$nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
277		}
278
279	8	$user = User::find($request->user_id);
280
281		// Verify this is a valid user ID
282	8	if (!$user) {
283	2	$success = false;
284	2	$reason = 'Cannot find user with this ID';
285		}
286		// Make sure that the user is not trying to deactivate someone with more permissions
287	6	else if ($user->role_id < Auth::user()->role_id) {
288	2	$success = false;
289	2	$reason = 'You cannot change password for a user with higher permissions that you. If this user has locked themselves out, have then use the reset link on the login page.';
290		}
291		// Good to go - update user password
292		else {
293		// Update the user data
294	4	$user->update(
295		[
296	4	'password' => bcrypt($request->password),
297	4	'password_expires' => $nextChange
298		]);
299	4	$success = true;
300	4	$reason = 'Password for ' . $user->full_name . ' successfully reset.';
301		}
302
303	8	Log::info('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->Full_name, [
304	8	'success' => $success,
305	8	'reason' => $reason,
306		]);
307
308	8	return response()->json([
309	8	'success' => $success,
310	8	'reason' => $reason,
311		]);
312		}
313
314		// Disable the user
315	8	public function destroy($id)
316		{
317	8	$user = User::find($id);
318
319		// Verify this is a valid user ID
320	8	if(!$user)
321		{
322	2	$success = false;
323	2	$reason = 'Cannot find user with this ID';
324		}
325		// Make suer that the user is not trying to deactivate themselves
326	6	else if(Auth::user()->user_id == $id)
327		{
328	2	$success = false;
329	2	$reason = 'You cannot deactivate yourself';
330		}
331		// Make sure that the user is not trying to deactivate someone with more permissions
332	4	else if($user->role_id < Auth::user()->role_id)
333		{
334	2	$success = false;
335	2	$reason = 'You cannot deactivate a user with higher permissions that you.';
336		}
337		// Good to go - deactivate user
338		else
339		{
340		// $user->update(['active' => 0]);
341	2	$user->delete();
342	2	$success = true;
343	2	$reason = 'User '.$user->full_name.' successfully deactivated.';
344		}
345
346	8	Log::debug('Route ' . Route::currentRouteName() . ' visited by ' . Auth::user()->full_name);
347	8	Log::notice('User ID-'.$id.' disabled by '.Auth::user()->full_name, [
348	8	'success' => $success,
349	8	'reason' => $reason,
350		]);
351
352	8	return response()->json([
353	8	'success' => $success,
354	8	'reason' => $reason,
355		]);
356		}
357		}
358

butcherman / Tech_Bench

Push — master ( 3b9459...1d6d9a )

UserController::index() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like