UserController::__construct() - Code Metrics - Inspection of "Added error page for IE11 users" - butcherman/Tech_Bench - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — dev5 ( 054b32...4c0df5 )

by Ron

created 2020-02-22 21:13 UTC

UserController::__construct() A

↳ Parent: UserController

Complexity

Conditions	1
Paths	1

Size

Total Lines	6
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1.125

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	1
eloc	4
c	1
b	0
f	0
nc	1
nop	0
dl	0
loc	6
ccs	2
cts	4
cp	0.5
crap	1.125
rs	10

<?php

namespace App\Http\Controllers\Admin;

use DB;
use Mail;
use App\User;
use Carbon\Carbon;
use App\UserLogins;
use App\UserSettings;
use App\UserRoleType;
use App\UserInitialize;
use Illuminate\Support\Str;
use App\Mail\InitializeUser;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use App\Notifications\NewUserEmail;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Route;
use App\Http\Resources\UserCollection;
use App\Http\Resources\User as UserResource;
use Illuminate\Support\Facades\Notification;

class UserController extends Controller
{
    //  Constructor sets up middleware
    public function __construct()
    {
        $this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
        $this->middleware(function ($request, $next) {
            $this->authorize('hasAccess', 'Manage Users');
            return $next($request);
        });
    }

    //  Show the list of current users to edit
    public function index()
    {
        $userList = new UserCollection(User::with(['UserLogins' => function ($query) {
            $query->latest()->limit(1);
        }])->get()
            /** @scrutinizer ignore-call */
            ->makeVisible('user_id'));
        $route    = 'admin.user.edit';

        return view('admin.userIndex', [
            'userList' => $userList,
            'route'    => $route,
        ]);
    }

    //  Check if a username is in use
    public function checkUser($username, $type)
    {
        $user = User::where($type, $username)->first();

        if(!$user)
        {
            return response()->json(['duplicate' => false]);
        }

        return response()->json([
            'duplicate' => true,
            'user'      => $user->full_name,
            'active'    => $user->deleted_at == null ? 1 : 0,
        ]);
    }

    //  Show the Add User form
    public function create()
    {
        $roles = UserRoleType::all(); // Role::all();

        $roleArr = [];
        foreach($roles as $role)
        {
            if($role->role_id == 1 && Auth::user()->role_id != 1)
            {
                continue;
            }
            else if($role->role_id == 2 && Auth::user()->role_id > 1)
            {
                continue;
            }
            else
            {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        return view('admin.newUser', [
            'roles' => $roleArr
        ]);
    }

    //  Submit the Add User form
    public function store(Request $request)
    {
        //  Validate the new user form
        $request->validate([
            'role'       => 'required|numeric|exists:user_role_types,role_id',
            'username'   => 'required|unique:users|regex:/^[a-zA-Z0-9_]*$/',
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => 'required|unique:users',
        ]);

        //  Create the user
        $newUser = User::create([
            'role_id'    => $request->role,
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'password'   => bcrypt(strtolower(Str::random(15))),
        ]);
        $userID = $newUser->user_id;
        //  Create the user settings table
        UserSettings::create([
            'user_id' => $userID,
        ]);

        //  Create the setup user link
        $hash = strtolower(Str::random(30));
        UserInitialize::create([
            'username' => $request->username,
            'token'    => $hash
        ]);

        //  Email the new user
        Notification::send($newUser, new NewUserEmail($newUser, $hash));

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('User Data - ', $newUser->toArray());
        Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);

        // return redirect()->back()->with('success', 'New User Created');
        return response()->json(['success' => true]);
    }

    //  List all inactive users
    public function show($type)
    {
        $route    = '';

        if($type !== 'inactive')
        {
            return abort(404);
        }
        $userList = new UserCollection(User::onlyTrashed()->get()
                /** @scrutinizer ignore-call */
                ->makeVisible('user_id'));

        return view('admin.userDeleted', [
            'userList' => $userList,
            'route'    => $route,
        ]);

    }

    //  Open the edit user form
    public function edit($id)
    {
        $roles = UserRoleType::all(); // Role::all();
        $user  = new UserResource(User::findOrFail($id));

        //  Make sure that the user is not trying to deactivate someone with more permissions
        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        //  Good to go - update user password
        $roleArr = [];
        foreach ($roles as $role) {
            if ($role->role_id == 1 && Auth::user()->role_id != 1) {
                continue;
            } else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
                continue;
            } else {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        return view('admin.userEdit', [
            'roles' => $roleArr,
            'user'  => $user->
            /** @scrutinizer ignore-call */
            makeVisible(['user_id', 'username']),
        ]);
    }

    //  Reactivate a disabled user
    public function reactivateUser($id)
    {
        User::withTrashed()->where('user_id', $id)->restore();

        return response()->json([
            'success' => true,
        ]);
    }

    //  Submit the update user form
    public function update(Request $request, $id)
    {
        $request->validate([
            'username'   => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'role'       => 'required',
        ]);

        //  Update the user data
        $user = User::findOrFail($id);

        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        $user->update(
        [
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'role_id'    => $request->role,
        ]);

        //  Update the user's role
        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('Edit user form submitted for User ID-'.$id.'  Data - ', $request->toArray());
        Log::notice('User ID-'.$id.' has updated their information.');
        return response()->json(['success' => true]);
    }

    //  Submit the change password form
    public function submitPassword(Request $request)
    {
        $request->validate([
            'password' => 'required|string|min:6|confirmed',
            'user_id'  => 'required',
        ]);

        // $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;

        if($request->force_change)
        {
            $nextChange = Carbon::now()->subDay();
        }
        else
        {
            $nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
        }

        $user = User::find($request->user_id);

        //  Verify this is a valid user ID
        if (!$user) {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if ($user->role_id < Auth::user()->role_id) {
            $success = false;
            $reason  = 'You cannot change password for a user with higher permissions that you.  If this user has locked themselves out, have then use the reset link on the login page.';
        }
        //  Good to go - update user password
        else {
            //  Update the user data
            $user->update(
            [
                'password'         => bcrypt($request->password),
                'password_expires' => $nextChange
            ]);
            $success = true;
            $reason  = 'Password for ' . $user->full_name . ' successfully reset.';
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }

    //  Disable the user
    public function destroy($id)
    {
        $user = User::find($id);

        //  Verify this is a valid user ID
        if(!$user)
        {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make suer that the user is not trying to deactivate themselves
        else if(Auth::user()->user_id == $id)
        {
            $success = false;
            $reason  = 'You cannot deactivate yourself';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if($user->role_id < Auth::user()->role_id)
        {
            $success = false;
            $reason  = 'You cannot deactivate a user with higher permissions that you.';
        }
        //  Good to go - deactivate user
        else
        {
            // $user->update(['active' => 0]);
            $user->delete();
            $success = true;
            $reason  = 'User '.$user->full_name.' successfully deactivated.';
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }
}


1		<?php
2
3		namespace App\Http\Controllers\Admin;
4
5		use DB;
6		use Mail;
7		use App\User;
8		use Carbon\Carbon;
9		use App\UserLogins;
10		use App\UserSettings;
11		use App\UserRoleType;
12		use App\UserInitialize;
13		use Illuminate\Support\Str;
14		use App\Mail\InitializeUser;
15		use Illuminate\Http\Request;
16		use Illuminate\Validation\Rule;
17		use App\Notifications\NewUserEmail;
18		use Illuminate\Support\Facades\Log;
19		use Illuminate\Support\Facades\Auth;
20		use App\Http\Controllers\Controller;
21		use Illuminate\Support\Facades\Route;
22		use App\Http\Resources\UserCollection;
23		use App\Http\Resources\User as UserResource;
24		use Illuminate\Support\Facades\Notification;
25
26		class UserController extends Controller
27		{
28		// Constructor sets up middleware
29	128	public function __construct()
30		{
31	128	$this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
32		$this->middleware(function ($request, $next) {
33		$this->authorize('hasAccess', 'Manage Users');
34		return $next($request);
35	128	});
36	128	}
37
38		// Show the list of current users to edit
39		public function index()
40		{
41		$userList = new UserCollection(User::with(['UserLogins' => function ($query) {
42		$query->latest()->limit(1);
43		}])->get()
44		/** @scrutinizer ignore-call */
45		->makeVisible('user_id'));
46		$route = 'admin.user.edit';
47
48		return view('admin.userIndex', [
49		'userList' => $userList,
50		'route' => $route,
51		]);
52		}
53
54		// Check if a username is in use
55		public function checkUser($username, $type)
56		{
57		$user = User::where($type, $username)->first();
58
59		if(!$user)
60		{
61		return response()->json(['duplicate' => false]);
62		}
63
64		return response()->json([
65		'duplicate' => true,
66		'user' => $user->full_name,
67		'active' => $user->deleted_at == null ? 1 : 0,
68		]);
69		}
70
71		// Show the Add User form
72		public function create()
73		{
74		$roles = UserRoleType::all(); // Role::all();
75
76		$roleArr = [];
77		foreach($roles as $role)
78		{
79		if($role->role_id == 1 && Auth::user()->role_id != 1)
80		{
81		continue;
82		}
83		else if($role->role_id == 2 && Auth::user()->role_id > 1)
84		{
85		continue;
86		}
87		else
88		{
89		// $roleArr[$role->role_id] = $role->name;
90		$roleArr[] = [
91		'value' => $role->role_id,
92		'text' => $role->name,
93		];
94		}
95		}
96
97		Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
98		return view('admin.newUser', [
99		'roles' => $roleArr
100		]);
101		}
102
103		// Submit the Add User form
104		public function store(Request $request)
105		{
106		// Validate the new user form
107		$request->validate([
108		'role' => 'required\|numeric\|exists:user_role_types,role_id',
109		'username' => 'required\|unique:users\|regex:/^[a-zA-Z0-9_]*$/',
110		'first_name' => 'required',
111		'last_name' => 'required',
112		'email' => 'required\|unique:users',
113		]);
114
115		// Create the user
116		$newUser = User::create([
117		'role_id' => $request->role,
118		'username' => $request->username,
119		'first_name' => $request->first_name,
120		'last_name' => $request->last_name,
121		'email' => $request->email,
122		'password' => bcrypt(strtolower(Str::random(15))),
123		]);
124		$userID = $newUser->user_id;
125		// Create the user settings table
126		UserSettings::create([
127		'user_id' => $userID,
128		]);
129
130		// Create the setup user link
131		$hash = strtolower(Str::random(30));
132		UserInitialize::create([
133		'username' => $request->username,
134		'token' => $hash
135		]);
136
137		// Email the new user
138		Notification::send($newUser, new NewUserEmail($newUser, $hash));
139
140		Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
141		Log::debug('User Data - ', $newUser->toArray());
142		Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);
143
144		// return redirect()->back()->with('success', 'New User Created');
145		return response()->json(['success' => true]);
146		}
147
148		// List all inactive users
149		public function show($type)
150		{
151		$route = '';
152
153		if($type !== 'inactive')
154		{
155		return abort(404);
156		}
157		$userList = new UserCollection(User::onlyTrashed()->get()
158		/** @scrutinizer ignore-call */
159		->makeVisible('user_id'));
160
161		return view('admin.userDeleted', [
162		'userList' => $userList,
163		'route' => $route,
164		]);
165
166		}
167
168		// Open the edit user form
169		public function edit($id)
170		{
171		$roles = UserRoleType::all(); // Role::all();
172		$user = new UserResource(User::findOrFail($id));
173
174		// Make sure that the user is not trying to deactivate someone with more permissions
175		if ($user->role_id < Auth::user()->role_id)
176		{
177		return abort(403);
178		}
179
180		// Good to go - update user password
181		$roleArr = [];
182		foreach ($roles as $role) {
183		if ($role->role_id == 1 && Auth::user()->role_id != 1) {
184		continue;
185		} else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
186		continue;
187		} else {
188		// $roleArr[$role->role_id] = $role->name;
189		$roleArr[] = [
190		'value' => $role->role_id,
191		'text' => $role->name,
192		];
193		}
194		}
195
196		Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
197		return view('admin.userEdit', [
198		'roles' => $roleArr,
199		'user' => $user->
200		/** @scrutinizer ignore-call */
201		makeVisible(['user_id', 'username']),
202		]);
203		}
204
205		// Reactivate a disabled user
206		public function reactivateUser($id)
207		{
208		User::withTrashed()->where('user_id', $id)->restore();
209
210		return response()->json([
211		'success' => true,
212		]);
213		}
214
215		// Submit the update user form
216		public function update(Request $request, $id)
217		{
218		$request->validate([
219		'username' => [
220		'required',
221		Rule::unique('users')->ignore($id, 'user_id')
222		],
223		'first_name' => 'required',
224		'last_name' => 'required',
225		'email' => [
226		'required',
227		Rule::unique('users')->ignore($id, 'user_id')
228		],
229		'role' => 'required',
230		]);
231
232		// Update the user data
233		$user = User::findOrFail($id);
234
235		if ($user->role_id < Auth::user()->role_id)
236		{
237		return abort(403);
238		}
239
240		$user->update(
241		[
242		'username' => $request->username,
243		'first_name' => $request->first_name,
244		'last_name' => $request->last_name,
245		'email' => $request->email,
246		'role_id' => $request->role,
247		]);
248
249		// Update the user's role
250		Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
251		Log::debug('Edit user form submitted for User ID-'.$id.' Data - ', $request->toArray());
252		Log::notice('User ID-'.$id.' has updated their information.');
253		return response()->json(['success' => true]);
254		}
255
256		// Submit the change password form
257		public function submitPassword(Request $request)
258		{
259		$request->validate([
260		'password' => 'required\|string\|min:6\|confirmed',
261		'user_id' => 'required',
262		]);
263
264		// $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;
265
266		if($request->force_change)
267		{
268		$nextChange = Carbon::now()->subDay();
269		}
270		else
271		{
272		$nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
273		}
274
275		$user = User::find($request->user_id);
276
277		// Verify this is a valid user ID
278		if (!$user) {
279		$success = false;
280		$reason = 'Cannot find user with this ID';
281		}
282		// Make sure that the user is not trying to deactivate someone with more permissions
283		else if ($user->role_id < Auth::user()->role_id) {
284		$success = false;
285		$reason = 'You cannot change password for a user with higher permissions that you. If this user has locked themselves out, have then use the reset link on the login page.';
286		}
287		// Good to go - update user password
288		else {
289		// Update the user data
290		$user->update(
291		[
292		'password' => bcrypt($request->password),
293		'password_expires' => $nextChange
294		]);
295		$success = true;
296		$reason = 'Password for ' . $user->full_name . ' successfully reset.';
297		}
298
299		Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
300		Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
301		'success' => $success,
302		'reason' => $reason,
303		]);
304
305		return response()->json([
306		'success' => $success,
307		'reason' => $reason,
308		]);
309		}
310
311		// Disable the user
312		public function destroy($id)
313		{
314		$user = User::find($id);
315
316		// Verify this is a valid user ID
317		if(!$user)
318		{
319		$success = false;
320		$reason = 'Cannot find user with this ID';
321		}
322		// Make suer that the user is not trying to deactivate themselves
323		else if(Auth::user()->user_id == $id)
324		{
325		$success = false;
326		$reason = 'You cannot deactivate yourself';
327		}
328		// Make sure that the user is not trying to deactivate someone with more permissions
329		else if($user->role_id < Auth::user()->role_id)
330		{
331		$success = false;
332		$reason = 'You cannot deactivate a user with higher permissions that you.';
333		}
334		// Good to go - deactivate user
335		else
336		{
337		// $user->update(['active' => 0]);
338		$user->delete();
339		$success = true;
340		$reason = 'User '.$user->full_name.' successfully deactivated.';
341		}
342
343		Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
344		Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
345		'success' => $success,
346		'reason' => $reason,
347		]);
348
349		return response()->json([
350		'success' => $success,
351		'reason' => $reason,
352		]);
353		}
354		}
355

butcherman / Tech_Bench

Push — dev5 ( 054b32...4c0df5 )

UserController::__construct() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like