2018-09-25 19:30:50 +08:00
|
|
|
<?php namespace BookStack\Auth;
|
2015-07-13 03:01:42 +08:00
|
|
|
|
2019-12-29 21:02:26 +08:00
|
|
|
use BookStack\Api\ApiToken;
|
2020-11-21 02:53:01 +08:00
|
|
|
use BookStack\Interfaces\Loggable;
|
2021-03-09 06:34:22 +08:00
|
|
|
use BookStack\Interfaces\Sluggable;
|
2018-09-25 19:30:50 +08:00
|
|
|
use BookStack\Model;
|
2016-09-18 01:22:04 +08:00
|
|
|
use BookStack\Notifications\ResetPassword;
|
2018-09-25 23:58:03 +08:00
|
|
|
use BookStack\Uploads\Image;
|
2019-08-17 22:52:33 +08:00
|
|
|
use Carbon\Carbon;
|
2021-01-11 06:43:22 +08:00
|
|
|
use Exception;
|
2015-07-13 03:01:42 +08:00
|
|
|
use Illuminate\Auth\Authenticatable;
|
|
|
|
use Illuminate\Auth\Passwords\CanResetPassword;
|
|
|
|
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
|
|
|
|
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
|
2021-01-11 06:43:22 +08:00
|
|
|
use Illuminate\Database\Eloquent\Builder;
|
|
|
|
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
2016-09-29 19:43:46 +08:00
|
|
|
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
|
2019-12-29 21:02:26 +08:00
|
|
|
use Illuminate\Database\Eloquent\Relations\HasMany;
|
2016-09-18 01:22:04 +08:00
|
|
|
use Illuminate\Notifications\Notifiable;
|
2021-01-02 09:22:41 +08:00
|
|
|
use Illuminate\Support\Collection;
|
2015-07-13 03:01:42 +08:00
|
|
|
|
2019-08-17 22:52:33 +08:00
|
|
|
/**
|
|
|
|
* Class User
|
|
|
|
* @property string $id
|
|
|
|
* @property string $name
|
2021-03-09 06:34:22 +08:00
|
|
|
* @property string $slug
|
2019-08-17 22:52:33 +08:00
|
|
|
* @property string $email
|
|
|
|
* @property string $password
|
|
|
|
* @property Carbon $created_at
|
|
|
|
* @property Carbon $updated_at
|
|
|
|
* @property bool $email_confirmed
|
|
|
|
* @property int $image_id
|
|
|
|
* @property string $external_auth_id
|
|
|
|
* @property string $system_name
|
2021-03-04 06:11:00 +08:00
|
|
|
* @property Collection $roles
|
2019-08-17 22:52:33 +08:00
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
class User extends Model implements AuthenticatableContract, CanResetPasswordContract, Loggable, Sluggable
|
2015-07-13 03:01:42 +08:00
|
|
|
{
|
2016-09-18 01:22:04 +08:00
|
|
|
use Authenticatable, CanResetPassword, Notifiable;
|
2015-07-13 03:01:42 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* The database table used by the model.
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
protected $table = 'users';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The attributes that are mass assignable.
|
|
|
|
* @var array
|
|
|
|
*/
|
2019-05-04 22:48:15 +08:00
|
|
|
protected $fillable = ['name', 'email'];
|
2015-07-13 03:01:42 +08:00
|
|
|
|
2021-01-11 06:43:22 +08:00
|
|
|
protected $casts = ['last_activity_at' => 'datetime'];
|
|
|
|
|
2015-07-13 03:01:42 +08:00
|
|
|
/**
|
|
|
|
* The attributes excluded from the model's JSON form.
|
|
|
|
* @var array
|
|
|
|
*/
|
2020-04-10 22:19:18 +08:00
|
|
|
protected $hidden = [
|
|
|
|
'password', 'remember_token', 'system_name', 'email_confirmed', 'external_auth_id', 'email',
|
2020-05-23 07:28:41 +08:00
|
|
|
'created_at', 'updated_at', 'image_id',
|
2020-04-10 22:19:18 +08:00
|
|
|
];
|
2015-08-23 20:41:35 +08:00
|
|
|
|
2015-11-27 07:45:04 +08:00
|
|
|
/**
|
|
|
|
* This holds the user's permissions when loaded.
|
2021-01-02 09:22:41 +08:00
|
|
|
* @var ?Collection
|
2015-11-27 07:45:04 +08:00
|
|
|
*/
|
|
|
|
protected $permissions;
|
|
|
|
|
2019-10-05 19:55:01 +08:00
|
|
|
/**
|
|
|
|
* This holds the default user when loaded.
|
|
|
|
* @var null|User
|
|
|
|
*/
|
|
|
|
protected static $defaultUser = null;
|
|
|
|
|
2015-08-25 04:10:04 +08:00
|
|
|
/**
|
2016-09-29 19:43:46 +08:00
|
|
|
* Returns the default public user.
|
2015-08-25 04:10:04 +08:00
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
public static function getDefault(): User
|
2015-08-25 04:10:04 +08:00
|
|
|
{
|
2019-10-05 19:55:01 +08:00
|
|
|
if (!is_null(static::$defaultUser)) {
|
|
|
|
return static::$defaultUser;
|
|
|
|
}
|
|
|
|
|
2021-03-09 06:34:22 +08:00
|
|
|
static::$defaultUser = static::query()->where('system_name', '=', 'public')->first();
|
2019-10-05 19:55:01 +08:00
|
|
|
return static::$defaultUser;
|
2016-09-29 19:43:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if the user is the default public user.
|
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
public function isDefault(): bool
|
2016-09-29 19:43:46 +08:00
|
|
|
{
|
|
|
|
return $this->system_name === 'public';
|
2015-08-25 04:10:04 +08:00
|
|
|
}
|
|
|
|
|
2015-08-29 22:03:42 +08:00
|
|
|
/**
|
|
|
|
* The roles that belong to the user.
|
2016-09-29 19:43:46 +08:00
|
|
|
* @return BelongsToMany
|
2015-08-29 22:03:42 +08:00
|
|
|
*/
|
|
|
|
public function roles()
|
|
|
|
{
|
2018-01-29 00:58:52 +08:00
|
|
|
if ($this->id === 0) {
|
|
|
|
return ;
|
|
|
|
}
|
2016-05-02 04:20:50 +08:00
|
|
|
return $this->belongsToMany(Role::class);
|
2015-08-29 22:03:42 +08:00
|
|
|
}
|
|
|
|
|
2016-02-28 03:24:42 +08:00
|
|
|
/**
|
|
|
|
* Check if the user has a role.
|
|
|
|
*/
|
2020-08-04 21:55:01 +08:00
|
|
|
public function hasRole($roleId): bool
|
2015-08-29 22:03:42 +08:00
|
|
|
{
|
2020-08-04 21:55:01 +08:00
|
|
|
return $this->roles->pluck('id')->contains($roleId);
|
2015-11-27 07:45:04 +08:00
|
|
|
}
|
|
|
|
|
2017-01-02 05:21:11 +08:00
|
|
|
/**
|
|
|
|
* Check if the user has a role.
|
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
public function hasSystemRole(string $roleSystemName): bool
|
2017-01-02 05:21:11 +08:00
|
|
|
{
|
2021-03-09 06:34:22 +08:00
|
|
|
return $this->roles->pluck('system_name')->contains($roleSystemName);
|
2017-01-02 05:21:11 +08:00
|
|
|
}
|
|
|
|
|
2020-02-03 01:31:00 +08:00
|
|
|
/**
|
|
|
|
* Attach the default system role to this user.
|
|
|
|
*/
|
|
|
|
public function attachDefaultRole(): void
|
|
|
|
{
|
|
|
|
$roleId = setting('registration-role');
|
|
|
|
if ($roleId && $this->roles()->where('id', '=', $roleId)->count() === 0) {
|
|
|
|
$this->roles()->attach($roleId);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-01-02 09:22:41 +08:00
|
|
|
/**
|
|
|
|
* Check if the user has a particular permission.
|
|
|
|
*/
|
|
|
|
public function can(string $permissionName): bool
|
|
|
|
{
|
|
|
|
if ($this->email === 'guest') {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return $this->permissions()->contains($permissionName);
|
|
|
|
}
|
|
|
|
|
2015-11-27 07:45:04 +08:00
|
|
|
/**
|
2016-02-28 03:24:42 +08:00
|
|
|
* Get all permissions belonging to a the current user.
|
2015-11-27 07:45:04 +08:00
|
|
|
*/
|
2021-01-02 09:22:41 +08:00
|
|
|
protected function permissions(): Collection
|
2015-11-27 07:45:04 +08:00
|
|
|
{
|
2021-01-02 09:22:41 +08:00
|
|
|
if (isset($this->permissions)) {
|
2018-01-29 00:58:52 +08:00
|
|
|
return $this->permissions;
|
|
|
|
}
|
2021-01-02 09:22:41 +08:00
|
|
|
|
|
|
|
$this->permissions = $this->newQuery()->getConnection()->table('role_user', 'ru')
|
|
|
|
->select('role_permissions.name as name')->distinct()
|
|
|
|
->leftJoin('permission_role', 'ru.role_id', '=', 'permission_role.role_id')
|
|
|
|
->leftJoin('role_permissions', 'permission_role.permission_id', '=', 'role_permissions.id')
|
|
|
|
->where('ru.user_id', '=', $this->id)
|
|
|
|
->get()
|
|
|
|
->pluck('name');
|
|
|
|
|
|
|
|
return $this->permissions;
|
2015-08-29 22:03:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-01-02 09:22:41 +08:00
|
|
|
* Clear any cached permissions on this instance.
|
2015-08-29 22:03:42 +08:00
|
|
|
*/
|
2021-01-02 09:22:41 +08:00
|
|
|
public function clearPermissionCache()
|
2015-08-29 22:03:42 +08:00
|
|
|
{
|
2021-01-02 09:22:41 +08:00
|
|
|
$this->permissions = null;
|
2015-08-29 22:03:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Attach a role to this user.
|
|
|
|
*/
|
|
|
|
public function attachRole(Role $role)
|
|
|
|
{
|
2020-02-03 01:31:00 +08:00
|
|
|
$this->roles()->attach($role->id);
|
2015-08-29 22:03:42 +08:00
|
|
|
}
|
|
|
|
|
2015-09-05 03:40:36 +08:00
|
|
|
/**
|
|
|
|
* Get the social account associated with this user.
|
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
public function socialAccounts(): HasMany
|
2015-09-05 03:40:36 +08:00
|
|
|
{
|
2016-05-02 04:20:50 +08:00
|
|
|
return $this->hasMany(SocialAccount::class);
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if the user has a social account,
|
|
|
|
* If a driver is passed it checks for that single account type.
|
|
|
|
* @param bool|string $socialDriver
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function hasSocialAccount($socialDriver = false)
|
|
|
|
{
|
2015-11-27 07:45:04 +08:00
|
|
|
if ($socialDriver === false) {
|
2015-09-05 03:40:36 +08:00
|
|
|
return $this->socialAccounts()->count() > 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
return $this->socialAccounts()->where('driver', '=', $socialDriver)->exists();
|
|
|
|
}
|
|
|
|
|
2015-08-23 20:41:35 +08:00
|
|
|
/**
|
2021-03-09 06:34:22 +08:00
|
|
|
* Returns a URL to the user's avatar
|
2015-08-23 20:41:35 +08:00
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
public function getAvatar(int $size = 50): string
|
2015-08-23 20:41:35 +08:00
|
|
|
{
|
2019-08-04 21:26:39 +08:00
|
|
|
$default = url('/user_avatar.png');
|
2017-01-22 20:19:50 +08:00
|
|
|
$imageId = $this->image_id;
|
2018-01-29 00:58:52 +08:00
|
|
|
if ($imageId === 0 || $imageId === '0' || $imageId === null) {
|
|
|
|
return $default;
|
|
|
|
}
|
2017-01-22 20:19:50 +08:00
|
|
|
|
|
|
|
try {
|
2019-08-04 21:26:39 +08:00
|
|
|
$avatar = $this->avatar ? url($this->avatar->getThumb($size, $size, false)) : $default;
|
2021-01-11 06:43:22 +08:00
|
|
|
} catch (Exception $err) {
|
2017-01-22 20:19:50 +08:00
|
|
|
$avatar = $default;
|
|
|
|
}
|
|
|
|
return $avatar;
|
2015-12-10 06:30:55 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the avatar for the user.
|
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
public function avatar(): BelongsTo
|
2015-12-10 06:30:55 +08:00
|
|
|
{
|
2016-05-02 04:20:50 +08:00
|
|
|
return $this->belongsTo(Image::class, 'image_id');
|
2015-08-23 20:41:35 +08:00
|
|
|
}
|
2015-09-05 03:40:36 +08:00
|
|
|
|
2019-12-29 21:02:26 +08:00
|
|
|
/**
|
|
|
|
* Get the API tokens assigned to this user.
|
|
|
|
*/
|
|
|
|
public function apiTokens(): HasMany
|
|
|
|
{
|
|
|
|
return $this->hasMany(ApiToken::class);
|
|
|
|
}
|
|
|
|
|
2020-11-21 04:10:18 +08:00
|
|
|
/**
|
2021-01-11 06:43:22 +08:00
|
|
|
* Get the last activity time for this user.
|
2020-11-21 04:10:18 +08:00
|
|
|
*/
|
2021-01-11 06:43:22 +08:00
|
|
|
public function scopeWithLastActivityAt(Builder $query)
|
2020-11-21 04:10:18 +08:00
|
|
|
{
|
2021-01-11 06:43:22 +08:00
|
|
|
$query->addSelect(['activities.created_at as last_activity_at'])
|
|
|
|
->leftJoinSub(function (\Illuminate\Database\Query\Builder $query) {
|
|
|
|
$query->from('activities')->select('user_id')
|
|
|
|
->selectRaw('max(created_at) as created_at')
|
|
|
|
->groupBy('user_id');
|
|
|
|
}, 'activities', 'users.id', '=', 'activities.user_id');
|
2020-11-21 04:10:18 +08:00
|
|
|
}
|
|
|
|
|
2015-09-22 03:54:11 +08:00
|
|
|
/**
|
|
|
|
* Get the url for editing this user.
|
|
|
|
*/
|
2019-12-29 21:02:26 +08:00
|
|
|
public function getEditUrl(string $path = ''): string
|
2015-09-05 03:40:36 +08:00
|
|
|
{
|
2019-12-29 21:02:26 +08:00
|
|
|
$uri = '/settings/users/' . $this->id . '/' . trim($path, '/');
|
|
|
|
return url(rtrim($uri, '/'));
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
2016-03-31 04:28:38 +08:00
|
|
|
|
2016-08-14 19:29:35 +08:00
|
|
|
/**
|
|
|
|
* Get the url that links to this user's profile.
|
|
|
|
*/
|
2019-12-29 21:02:26 +08:00
|
|
|
public function getProfileUrl(): string
|
2016-08-14 19:29:35 +08:00
|
|
|
{
|
2019-08-04 21:26:39 +08:00
|
|
|
return url('/user/' . $this->id);
|
2016-08-14 19:29:35 +08:00
|
|
|
}
|
|
|
|
|
2016-03-31 04:28:38 +08:00
|
|
|
/**
|
|
|
|
* Get a shortened version of the user's name.
|
|
|
|
*/
|
2021-03-09 06:34:22 +08:00
|
|
|
public function getShortName(int $chars = 8): string
|
2016-03-31 04:28:38 +08:00
|
|
|
{
|
2019-05-25 23:14:57 +08:00
|
|
|
if (mb_strlen($this->name) <= $chars) {
|
2018-01-29 00:58:52 +08:00
|
|
|
return $this->name;
|
|
|
|
}
|
2016-03-31 04:28:38 +08:00
|
|
|
|
|
|
|
$splitName = explode(' ', $this->name);
|
2019-05-25 23:14:57 +08:00
|
|
|
if (mb_strlen($splitName[0]) <= $chars) {
|
2018-01-29 00:58:52 +08:00
|
|
|
return $splitName[0];
|
|
|
|
}
|
2016-03-31 04:28:38 +08:00
|
|
|
|
|
|
|
return '';
|
|
|
|
}
|
2016-09-18 01:22:04 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Send the password reset notification.
|
|
|
|
* @param string $token
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function sendPasswordResetNotification($token)
|
|
|
|
{
|
|
|
|
$this->notify(new ResetPassword($token));
|
|
|
|
}
|
2020-11-21 02:53:01 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritdoc
|
|
|
|
*/
|
|
|
|
public function logDescriptor(): string
|
|
|
|
{
|
|
|
|
return "({$this->id}) {$this->name}";
|
|
|
|
}
|
2015-07-13 03:01:42 +08:00
|
|
|
}
|