UserController::edit() - Code Metrics - Inspection of "Merge pull request #77 from butcherman/dev5" - butcherman/Tech_Bench - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( fabd45...a8694e )

by Ron

created 2020-01-26 22:38 UTC

UserController::edit() B

↳ Parent: UserController

Complexity

Conditions	7
Paths	5

Size

Total Lines	33
Code Lines	19

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	16
CRAP Score	7.0671

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	7
eloc	19
c	1
b	0
f	0
nc	5
nop	1
dl	0
loc	33
ccs	16
cts	18
cp	0.8889
crap	7.0671
rs	8.8333

<?php

namespace App\Http\Controllers\Admin;

use DB;
use Mail;
use App\User;
use Carbon\Carbon;
use App\UserLogins;
use App\UserSettings;
use App\UserRoleType;
use App\UserInitialize;
use Illuminate\Support\Str;
use App\Mail\InitializeUser;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use App\Notifications\NewUserEmail;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Route;
use App\Http\Resources\UserCollection;
use App\Http\Resources\User as UserResource;
use Illuminate\Support\Facades\Notification;

class UserController extends Controller
{
    //  Constructor sets up middleware
    public function __construct()
    {
        $this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
        $this->middleware(function ($request, $next) {
            $this->authorize('hasAccess', 'Manage Users');
            return $next($request);
        });
    }

    //  Show the list of current users to edit
    public function index()
    {
        $userList = new UserCollection(User::with(['UserLogins' => function ($query) {
            $query->latest()->limit(1);
        }])->get()
            /** @scrutinizer ignore-call */
            ->makeVisible('user_id'));
        $route    = 'admin.user.edit';

        return view('admin.userIndex', [
            'userList' => $userList,
            'route'    => $route,
        ]);
    }

    //  Check if a username is in use
    public function checkUser($username, $type)
    {
        $user = User::where($type, $username)->first();

        if(!$user)
        {
            return response()->json(['duplicate' => false]);
        }

        return response()->json([
            'duplicate' => true,
            'user'      => $user->full_name,
            'active'    => $user->deleted_at == null ? 1 : 0,
        ]);
    }

    //  Show the Add User form
    public function create()
    {
        $roles = UserRoleType::all(); // Role::all();

        $roleArr = [];
        foreach($roles as $role)
        {
            if($role->role_id == 1 && Auth::user()->role_id != 1)
            {
                continue;
            }
            else if($role->role_id == 2 && Auth::user()->role_id > 1)
            {
                continue;
            }
            else
            {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        return view('admin.newUser', [
            'roles' => $roleArr
        ]);
    }

    //  Submit the Add User form
    public function store(Request $request)
    {
        //  Validate the new user form
        $request->validate([
            'role'       => 'required|numeric|exists:user_role_types,role_id',
            'username'   => 'required|unique:users|regex:/^[a-zA-Z0-9_]*$/',
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => 'required|unique:users',
        ]);

        //  Create the user
        $newUser = User::create([
            'role_id'    => $request->role,
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'password'   => bcrypt(strtolower(Str::random(15))),
        ]);
        $userID = $newUser->user_id;
        //  Create the user settings table
        UserSettings::create([
            'user_id' => $userID,
        ]);

        //  Create the setup user link
        $hash = strtolower(Str::random(30));
        UserInitialize::create([
            'username' => $request->username,
            'token'    => $hash
        ]);

        //  Email the new user
        Notification::send($newUser, new NewUserEmail($newUser, $hash));

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('User Data - ', $newUser->toArray());
        Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);

        // return redirect()->back()->with('success', 'New User Created');
        return response()->json(['success' => true]);
    }

    //  List all inactive users
    public function show($type)
    {
        $route    = '';

        if($type !== 'inactive')
        {
            return abort(404);
        }
        $userList = new UserCollection(User::onlyTrashed()->get()
                /** @scrutinizer ignore-call */
                ->makeVisible('user_id'));

        return view('admin.userDeleted', [
            'userList' => $userList,
            'route'    => $route,
        ]);

    }

    //  Open the edit user form
    public function edit($id)
    {
        $roles = UserRoleType::all(); // Role::all();
        $user  = new UserResource(User::findOrFail($id));

        //  Make sure that the user is not trying to deactivate someone with more permissions
        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        //  Good to go - update user password
        $roleArr = [];
        foreach ($roles as $role) {
            if ($role->role_id == 1 && Auth::user()->role_id != 1) {
                continue;
            } else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
                continue;
            } else {
                // $roleArr[$role->role_id] = $role->name;
                $roleArr[] = [
                    'value' => $role->role_id,
                    'text'  => $role->name,
                ];
            }
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        return view('admin.userEdit', [
            'roles' => $roleArr,
            'user'  => $user->
            /** @scrutinizer ignore-call */
            makeVisible(['user_id', 'username']),
        ]);
    }

    //  Reactivate a disabled user
    public function reactivateUser($id)
    {
        User::withTrashed()->where('user_id', $id)->restore();

        return response()->json([
            'success' => true,
        ]);
    }

    //  Submit the update user form
    public function update(Request $request, $id)
    {
        $request->validate([
            'username'   => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'first_name' => 'required',
            'last_name'  => 'required',
            'email'      => [
                                'required',
                                Rule::unique('users')->ignore($id, 'user_id')
                            ],
            'role'       => 'required',
        ]);

        //  Update the user data
        $user = User::findOrFail($id);

        if ($user->role_id < Auth::user()->role_id)
        {
            return abort(403);
        }

        $user->update(
        [
            'username'   => $request->username,
            'first_name' => $request->first_name,
            'last_name'  => $request->last_name,
            'email'      => $request->email,
            'role_id'    => $request->role,
        ]);

        //  Update the user's role
        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::debug('Edit user form submitted for User ID-'.$id.'  Data - ', $request->toArray());
        Log::notice('User ID-'.$id.' has updated their information.');
        return response()->json(['success' => true]);
    }

    //  Submit the change password form
    public function submitPassword(Request $request)
    {
        $request->validate([
            'password' => 'required|string|min:6|confirmed',
            'user_id'  => 'required',
        ]);

        // $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;

        if($request->force_change)
        {
            $nextChange = Carbon::now()->subDay();
        }
        else
        {
            $nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
        }

        $user = User::find($request->user_id);

        //  Verify this is a valid user ID
        if (!$user) {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if ($user->role_id < Auth::user()->role_id) {
            $success = false;
            $reason  = 'You cannot change password for a user with higher permissions that you.  If this user has locked themselves out, have then use the reset link on the login page.';
        }
        //  Good to go - update user password
        else {
            //  Update the user data
            $user->update(
            [
                'password'         => bcrypt($request->password),
                'password_expires' => $nextChange
            ]);
            $success = true;
            $reason  = 'Password for ' . $user->full_name . ' successfully reset.';
        }

        Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
        Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }

    //  Disable the user
    public function destroy($id)
    {
        $user = User::find($id);

        //  Verify this is a valid user ID
        if(!$user)
        {
            $success = false;
            $reason  = 'Cannot find user with this ID';
        }
        //  Make suer that the user is not trying to deactivate themselves
        else if(Auth::user()->user_id == $id)
        {
            $success = false;
            $reason  = 'You cannot deactivate yourself';
        }
        //  Make sure that the user is not trying to deactivate someone with more permissions
        else if($user->role_id < Auth::user()->role_id)
        {
            $success = false;
            $reason  = 'You cannot deactivate a user with higher permissions that you.';
        }
        //  Good to go - deactivate user
        else
        {
            // $user->update(['active' => 0]);
            $user->delete();
            $success = true;
            $reason  = 'User '.$user->full_name.' successfully deactivated.';
        }

        Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
        Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
            'success' => $success,
            'reason'  => $reason,
        ]);

        return response()->json([
            'success' => $success,
            'reason'  => $reason,
        ]);
    }
}


1		<?php
2
3		namespace App\Http\Controllers\Admin;
4
5		use DB;
6		use Mail;
7		use App\User;
8		use Carbon\Carbon;
9		use App\UserLogins;
10		use App\UserSettings;
11		use App\UserRoleType;
12		use App\UserInitialize;
13		use Illuminate\Support\Str;
14		use App\Mail\InitializeUser;
15		use Illuminate\Http\Request;
16		use Illuminate\Validation\Rule;
17		use App\Notifications\NewUserEmail;
18		use Illuminate\Support\Facades\Log;
19		use Illuminate\Support\Facades\Auth;
20		use App\Http\Controllers\Controller;
21		use Illuminate\Support\Facades\Route;
22		use App\Http\Resources\UserCollection;
23		use App\Http\Resources\User as UserResource;
24		use Illuminate\Support\Facades\Notification;
25
26		class UserController extends Controller
27		{
28		// Constructor sets up middleware
29	128	public function __construct()
30		{
31	128	$this->middleware('auth')->except('initializeUser', 'submitInitializeUser');
32		$this->middleware(function ($request, $next) {
33	108	$this->authorize('hasAccess', 'Manage Users');
34	88	return $next($request);
35	128	});
36	128	}
37
38		// Show the list of current users to edit
39	2	public function index()
40		{
41		$userList = new UserCollection(User::with(['UserLogins' => function ($query) {
42	2	$query->latest()->limit(1);
43	2	}])->get()
44		/** @scrutinizer ignore-call */
45	2	->makeVisible('user_id'));
46	2	$route = 'admin.user.edit';
47
48	2	return view('admin.userIndex', [
49	2	'userList' => $userList,
50	2	'route' => $route,
51		]);
52		}
53
54		// Check if a username is in use
55	12	public function checkUser($username, $type)
56		{
57	12	$user = User::where($type, $username)->first();
58
59	12	if(!$user)
60		{
61	4	return response()->json(['duplicate' => false]);
62		}
63
64	8	return response()->json([
65	8	'duplicate' => true,
66	8	'user' => $user->full_name,
67	8	'active' => $user->deleted_at == null ? 1 : 0,
68		]);
69		}
70
71		// Show the Add User form
72	2	public function create()
73		{
74	2	$roles = UserRoleType::all(); // Role::all();
75
76	2	$roleArr = [];
77	2	foreach($roles as $role)
78		{
79	2	if($role->role_id == 1 && Auth::user()->role_id != 1)
80		{
81		continue;
82		}
83	2	else if($role->role_id == 2 && Auth::user()->role_id > 1)
84		{
85		continue;
86		}
87		else
88		{
89		// $roleArr[$role->role_id] = $role->name;
90	2	$roleArr[] = [
91	2	'value' => $role->role_id,
92	2	'text' => $role->name,
93		];
94		}
95		}
96
97	2	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
98	2	return view('admin.newUser', [
99	2	'roles' => $roleArr
100		]);
101		}
102
103		// Submit the Add User form
104	16	public function store(Request $request)
105		{
106		// Validate the new user form
107	16	$request->validate([
108	16	'role' => 'required\|numeric\|exists:user_role_types,role_id',
109		'username' => 'required\|unique:users\|regex:/^[a-zA-Z0-9_]*$/',
110		'first_name' => 'required',
111		'last_name' => 'required',
112		'email' => 'required\|unique:users',
113		]);
114
115		// Create the user
116	2	$newUser = User::create([
117	2	'role_id' => $request->role,
118	2	'username' => $request->username,
119	2	'first_name' => $request->first_name,
120	2	'last_name' => $request->last_name,
121	2	'email' => $request->email,
122	2	'password' => bcrypt(strtolower(Str::random(15))),
123		]);
124	2	$userID = $newUser->user_id;
125		// Create the user settings table
126	2	UserSettings::create([
127	2	'user_id' => $userID,
128		]);
129
130		// Create the setup user link
131	2	$hash = strtolower(Str::random(30));
132	2	UserInitialize::create([
133	2	'username' => $request->username,
134	2	'token' => $hash
135		]);
136
137		// Email the new user
138	2	Notification::send($newUser, new NewUserEmail($newUser, $hash));
139
140	2	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
141	2	Log::debug('User Data - ', $newUser->toArray());
142	2	Log::notice('New User ID-'.$userID.' Created by ID-'.Auth::user()->user_id);
143
144		// return redirect()->back()->with('success', 'New User Created');
145	2	return response()->json(['success' => true]);
146		}
147
148		// List all inactive users
149	4	public function show($type)
150		{
151	4	$route = '';
152
153	4	if($type !== 'inactive')
154		{
155		return abort(404);
156		}
157	4	$userList = new UserCollection(User::onlyTrashed()->get()
158		/** @scrutinizer ignore-call */
159	4	->makeVisible('user_id'));
160
161	4	return view('admin.userDeleted', [
162	4	'userList' => $userList,
163	4	'route' => $route,
164		]);
165
166		}
167
168		// Open the edit user form
169	6	public function edit($id)
170		{
171	6	$roles = UserRoleType::all(); // Role::all();
172	6	$user = new UserResource(User::findOrFail($id));
173
174		// Make sure that the user is not trying to deactivate someone with more permissions
175	4	if ($user->role_id < Auth::user()->role_id)
176		{
177	2	return abort(403);
178		}
179
180		// Good to go - update user password
181	2	$roleArr = [];
182	2	foreach ($roles as $role) {
183	2	if ($role->role_id == 1 && Auth::user()->role_id != 1) {
184		continue;
185	2	} else if ($role->role_id == 2 && Auth::user()->role_id > 1) {
186		continue;
187		} else {
188		// $roleArr[$role->role_id] = $role->name;
189	2	$roleArr[] = [
190	2	'value' => $role->role_id,
191	2	'text' => $role->name,
192		];
193		}
194		}
195
196	2	Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
197	2	return view('admin.userEdit', [
198	2	'roles' => $roleArr,
199		'user' => $user->
200		/** @scrutinizer ignore-call */
201	2	makeVisible(['user_id', 'username']),
202		]);
203		}
204
205		// Reactivate a disabled user
206	4	public function reactivateUser($id)
207		{
208	4	User::withTrashed()->where('user_id', $id)->restore();
209
210	4	return response()->json([
211	4	'success' => true,
212		]);
213		}
214
215		// Submit the update user form
216	22	public function update(Request $request, $id)
217		{
218	22	$request->validate([
219		'username' => [
220	22	'required',
221	22	Rule::unique('users')->ignore($id, 'user_id')
222		],
223	22	'first_name' => 'required',
224	22	'last_name' => 'required',
225		'email' => [
226	22	'required',
227	22	Rule::unique('users')->ignore($id, 'user_id')
228		],
229	22	'role' => 'required',
230		]);
231
232		// Update the user data
233	8	$user = User::findOrFail($id);
234
235	6	if ($user->role_id < Auth::user()->role_id)
236		{
237	2	return abort(403);
238		}
239
240	4	$user->update(
241		[
242	4	'username' => $request->username,
243	4	'first_name' => $request->first_name,
244	4	'last_name' => $request->last_name,
245	4	'email' => $request->email,
246	4	'role_id' => $request->role,
247		]);
248
249		// Update the user's role
250	4	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
251	4	Log::debug('Edit user form submitted for User ID-'.$id.' Data - ', $request->toArray());
252	4	Log::notice('User ID-'.$id.' has updated their information.');
253	4	return response()->json(['success' => true]);
254		}
255
256		// Submit the change password form
257	12	public function submitPassword(Request $request)
258		{
259	12	$request->validate([
260	12	'password' => 'required\|string\|min:6\|confirmed',
261		'user_id' => 'required',
262		]);
263
264		// $nextChange = isset($request->force_change) && $request->force_change == 'on' ? Carbon::now()->subDay() : null;
265
266	8	if($request->force_change)
267		{
268	6	$nextChange = Carbon::now()->subDay();
269		}
270		else
271		{
272	2	$nextChange = config('auth.passwords.settings.expire') != null ? Carbon::now()->addDays(config('auth.passwords.settings.expire')) : null;
273		}
274
275	8	$user = User::find($request->user_id);
276
277		// Verify this is a valid user ID
278	8	if (!$user) {
279	2	$success = false;
280	2	$reason = 'Cannot find user with this ID';
281		}
282		// Make sure that the user is not trying to deactivate someone with more permissions
283	6	else if ($user->role_id < Auth::user()->role_id) {
284	2	$success = false;
285	2	$reason = 'You cannot change password for a user with higher permissions that you. If this user has locked themselves out, have then use the reset link on the login page.';
286		}
287		// Good to go - update user password
288		else {
289		// Update the user data
290	4	$user->update(
291		[
292	4	'password' => bcrypt($request->password),
293	4	'password_expires' => $nextChange
294		]);
295	4	$success = true;
296	4	$reason = 'Password for ' . $user->full_name . ' successfully reset.';
297		}
298
299	8	Log::debug('Route ' . Route::currentRouteName() . ' visited by User ID-' . Auth::user()->user_id);
300	8	Log::notice('User ID-' . $request->user_id . ' password chagned by ' . Auth::user()->user_id, [
301	8	'success' => $success,
302	8	'reason' => $reason,
303		]);
304
305	8	return response()->json([
306	8	'success' => $success,
307	8	'reason' => $reason,
308		]);
309		}
310
311		// Disable the user
312	8	public function destroy($id)
313		{
314	8	$user = User::find($id);
315
316		// Verify this is a valid user ID
317	8	if(!$user)
318		{
319	2	$success = false;
320	2	$reason = 'Cannot find user with this ID';
321		}
322		// Make suer that the user is not trying to deactivate themselves
323	6	else if(Auth::user()->user_id == $id)
324		{
325	2	$success = false;
326	2	$reason = 'You cannot deactivate yourself';
327		}
328		// Make sure that the user is not trying to deactivate someone with more permissions
329	4	else if($user->role_id < Auth::user()->role_id)
330		{
331	2	$success = false;
332	2	$reason = 'You cannot deactivate a user with higher permissions that you.';
333		}
334		// Good to go - deactivate user
335		else
336		{
337		// $user->update(['active' => 0]);
338	2	$user->delete();
339	2	$success = true;
340	2	$reason = 'User '.$user->full_name.' successfully deactivated.';
341		}
342
343	8	Log::debug('Route '.Route::currentRouteName().' visited by User ID-'.Auth::user()->user_id);
344	8	Log::notice('User ID-'.$id.' disabled by '.Auth::user()->user_id, [
345	8	'success' => $success,
346	8	'reason' => $reason,
347		]);
348
349	8	return response()->json([
350	8	'success' => $success,
351	8	'reason' => $reason,
352		]);
353		}
354		}
355

butcherman / Tech_Bench

Push — master ( fabd45...a8694e )

UserController::edit() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like