2018-09-25 19:30:50 +08:00
|
|
|
<?php namespace BookStack\Auth;
|
2015-09-05 00:16:58 +08:00
|
|
|
|
2018-01-28 22:08:14 +08:00
|
|
|
use Activity;
|
2018-10-13 18:27:55 +08:00
|
|
|
use BookStack\Entities\Repos\EntityRepo;
|
2018-01-29 02:09:26 +08:00
|
|
|
use BookStack\Exceptions\NotFoundException;
|
2018-12-31 00:11:58 +08:00
|
|
|
use BookStack\Exceptions\UserUpdateException;
|
2018-09-25 19:30:50 +08:00
|
|
|
use BookStack\Uploads\Image;
|
2016-09-18 04:33:55 +08:00
|
|
|
use Exception;
|
2018-01-28 22:08:14 +08:00
|
|
|
use Images;
|
2015-09-05 00:16:58 +08:00
|
|
|
|
|
|
|
class UserRepo
|
|
|
|
{
|
|
|
|
|
|
|
|
protected $user;
|
2015-09-06 19:14:32 +08:00
|
|
|
protected $role;
|
2016-02-20 20:37:06 +08:00
|
|
|
protected $entityRepo;
|
2015-09-05 00:16:58 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* UserRepo constructor.
|
2016-02-17 05:25:11 +08:00
|
|
|
* @param User $user
|
|
|
|
* @param Role $role
|
2016-02-20 20:37:06 +08:00
|
|
|
* @param EntityRepo $entityRepo
|
2015-09-05 00:16:58 +08:00
|
|
|
*/
|
2018-01-28 22:08:14 +08:00
|
|
|
public function __construct(User $user, Role $role, EntityRepo $entityRepo)
|
2015-09-05 00:16:58 +08:00
|
|
|
{
|
|
|
|
$this->user = $user;
|
2015-09-06 19:14:32 +08:00
|
|
|
$this->role = $role;
|
2016-02-20 20:37:06 +08:00
|
|
|
$this->entityRepo = $entityRepo;
|
2015-09-05 00:16:58 +08:00
|
|
|
}
|
|
|
|
|
2015-09-06 19:14:32 +08:00
|
|
|
/**
|
|
|
|
* @param string $email
|
|
|
|
* @return User|null
|
|
|
|
*/
|
|
|
|
public function getByEmail($email)
|
|
|
|
{
|
2015-09-05 00:16:58 +08:00
|
|
|
return $this->user->where('email', '=', $email)->first();
|
|
|
|
}
|
2015-09-06 03:25:57 +08:00
|
|
|
|
2015-09-06 19:14:32 +08:00
|
|
|
/**
|
|
|
|
* @param int $id
|
|
|
|
* @return User
|
|
|
|
*/
|
2015-09-06 03:25:57 +08:00
|
|
|
public function getById($id)
|
|
|
|
{
|
2018-12-31 00:11:58 +08:00
|
|
|
return $this->user->newQuery()->findOrFail($id);
|
2015-09-06 03:25:57 +08:00
|
|
|
}
|
2015-09-06 19:14:32 +08:00
|
|
|
|
2016-02-28 03:24:42 +08:00
|
|
|
/**
|
|
|
|
* Get all the users with their permissions.
|
|
|
|
* @return \Illuminate\Database\Eloquent\Builder|static
|
|
|
|
*/
|
|
|
|
public function getAllUsers()
|
|
|
|
{
|
|
|
|
return $this->user->with('roles', 'avatar')->orderBy('name', 'asc')->get();
|
|
|
|
}
|
|
|
|
|
2016-05-22 17:44:31 +08:00
|
|
|
/**
|
|
|
|
* Get all the users with their permissions in a paginated format.
|
|
|
|
* @param int $count
|
|
|
|
* @param $sortData
|
|
|
|
* @return \Illuminate\Database\Eloquent\Builder|static
|
|
|
|
*/
|
2018-01-29 00:58:52 +08:00
|
|
|
public function getAllUsersPaginatedAndSorted($count, $sortData)
|
2016-05-22 17:44:31 +08:00
|
|
|
{
|
|
|
|
$query = $this->user->with('roles', 'avatar')->orderBy($sortData['sort'], $sortData['order']);
|
|
|
|
|
|
|
|
if ($sortData['search']) {
|
|
|
|
$term = '%' . $sortData['search'] . '%';
|
2018-01-29 00:58:52 +08:00
|
|
|
$query->where(function ($query) use ($term) {
|
2016-05-22 17:44:31 +08:00
|
|
|
$query->where('name', 'like', $term)
|
|
|
|
->orWhere('email', 'like', $term);
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
return $query->paginate($count);
|
|
|
|
}
|
|
|
|
|
2018-08-21 09:19:25 +08:00
|
|
|
/**
|
2015-09-06 19:14:32 +08:00
|
|
|
* Creates a new user and attaches a role to them.
|
|
|
|
* @param array $data
|
2018-09-22 01:05:06 +08:00
|
|
|
* @param boolean $verifyEmail
|
2018-09-25 19:30:50 +08:00
|
|
|
* @return \BookStack\Auth\User
|
2015-09-06 19:14:32 +08:00
|
|
|
*/
|
2018-09-22 01:05:06 +08:00
|
|
|
public function registerNew(array $data, $verifyEmail = false)
|
2015-09-06 19:14:32 +08:00
|
|
|
{
|
2018-09-22 01:05:06 +08:00
|
|
|
$user = $this->create($data, $verifyEmail);
|
2015-12-16 03:27:36 +08:00
|
|
|
$this->attachDefaultRole($user);
|
2018-12-23 03:29:19 +08:00
|
|
|
$this->downloadAndAssignUserAvatar($user);
|
2016-01-17 23:20:07 +08:00
|
|
|
|
2015-12-16 03:27:36 +08:00
|
|
|
return $user;
|
|
|
|
}
|
2015-09-06 19:14:32 +08:00
|
|
|
|
2015-12-16 03:27:36 +08:00
|
|
|
/**
|
|
|
|
* Give a user the default role. Used when creating a new user.
|
2018-09-23 05:09:34 +08:00
|
|
|
* @param User $user
|
2015-12-16 03:27:36 +08:00
|
|
|
*/
|
2018-09-23 05:09:34 +08:00
|
|
|
public function attachDefaultRole(User $user)
|
2015-12-16 03:27:36 +08:00
|
|
|
{
|
2016-03-06 20:55:08 +08:00
|
|
|
$roleId = setting('registration-role');
|
2018-09-23 05:09:34 +08:00
|
|
|
if ($roleId !== false && $user->roles()->where('id', '=', $roleId)->count() === 0) {
|
|
|
|
$user->attachRoleId($roleId);
|
2018-01-29 00:58:52 +08:00
|
|
|
}
|
2015-09-06 19:14:32 +08:00
|
|
|
}
|
|
|
|
|
2018-01-29 02:09:26 +08:00
|
|
|
/**
|
|
|
|
* Assign a user to a system-level role.
|
|
|
|
* @param User $user
|
|
|
|
* @param $systemRoleName
|
|
|
|
* @throws NotFoundException
|
|
|
|
*/
|
|
|
|
public function attachSystemRole(User $user, $systemRoleName)
|
|
|
|
{
|
|
|
|
$role = $this->role->newQuery()->where('system_name', '=', $systemRoleName)->first();
|
|
|
|
if ($role === null) {
|
|
|
|
throw new NotFoundException("Role '{$systemRoleName}' not found");
|
|
|
|
}
|
|
|
|
$user->attachRole($role);
|
|
|
|
}
|
|
|
|
|
2015-09-06 19:14:32 +08:00
|
|
|
/**
|
|
|
|
* Checks if the give user is the only admin.
|
2018-09-25 19:30:50 +08:00
|
|
|
* @param \BookStack\Auth\User $user
|
2015-09-06 19:14:32 +08:00
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function isOnlyAdmin(User $user)
|
|
|
|
{
|
2018-01-29 00:58:52 +08:00
|
|
|
if (!$user->hasSystemRole('admin')) {
|
|
|
|
return false;
|
|
|
|
}
|
2015-09-06 19:14:32 +08:00
|
|
|
|
2017-12-30 00:14:20 +08:00
|
|
|
$adminRole = $this->role->getSystemRole('admin');
|
2018-01-29 00:58:52 +08:00
|
|
|
if ($adminRole->users->count() > 1) {
|
|
|
|
return false;
|
|
|
|
}
|
2015-09-06 19:14:32 +08:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2018-12-31 00:11:58 +08:00
|
|
|
/**
|
|
|
|
* Set the assigned user roles via an array of role IDs.
|
|
|
|
* @param User $user
|
|
|
|
* @param array $roles
|
|
|
|
* @throws UserUpdateException
|
|
|
|
*/
|
|
|
|
public function setUserRoles(User $user, array $roles)
|
|
|
|
{
|
|
|
|
if ($this->demotingLastAdmin($user, $roles)) {
|
|
|
|
throw new UserUpdateException(trans('errors.role_cannot_remove_only_admin'), $user->getEditUrl());
|
|
|
|
}
|
|
|
|
|
|
|
|
$user->roles()->sync($roles);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if the given user is the last admin and their new roles no longer
|
|
|
|
* contains the admin role.
|
|
|
|
* @param User $user
|
|
|
|
* @param array $newRoles
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
protected function demotingLastAdmin(User $user, array $newRoles) : bool
|
|
|
|
{
|
|
|
|
if ($this->isOnlyAdmin($user)) {
|
|
|
|
$adminRole = $this->role->getSystemRole('admin');
|
|
|
|
if (!in_array(strval($adminRole->id), $newRoles)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2015-09-06 19:14:32 +08:00
|
|
|
/**
|
|
|
|
* Create a new basic instance of user.
|
|
|
|
* @param array $data
|
2018-09-22 01:05:06 +08:00
|
|
|
* @param boolean $verifyEmail
|
2018-09-25 19:30:50 +08:00
|
|
|
* @return \BookStack\Auth\User
|
2015-09-06 19:14:32 +08:00
|
|
|
*/
|
2018-09-22 01:05:06 +08:00
|
|
|
public function create(array $data, $verifyEmail = false)
|
2015-09-06 19:14:32 +08:00
|
|
|
{
|
2016-01-14 06:22:30 +08:00
|
|
|
return $this->user->forceCreate([
|
2015-09-06 19:14:32 +08:00
|
|
|
'name' => $data['name'],
|
|
|
|
'email' => $data['email'],
|
2016-04-03 19:16:54 +08:00
|
|
|
'password' => bcrypt($data['password']),
|
2018-09-22 01:05:06 +08:00
|
|
|
'email_confirmed' => $verifyEmail
|
2015-09-06 19:14:32 +08:00
|
|
|
]);
|
|
|
|
}
|
2015-12-16 03:27:36 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Remove the given user from storage, Delete all related content.
|
2018-09-25 19:30:50 +08:00
|
|
|
* @param \BookStack\Auth\User $user
|
2018-01-28 22:08:14 +08:00
|
|
|
* @throws Exception
|
2015-12-16 03:27:36 +08:00
|
|
|
*/
|
|
|
|
public function destroy(User $user)
|
|
|
|
{
|
|
|
|
$user->socialAccounts()->delete();
|
|
|
|
$user->delete();
|
2018-01-28 21:50:24 +08:00
|
|
|
|
2018-01-28 22:08:14 +08:00
|
|
|
// Delete user profile images
|
|
|
|
$profileImages = $images = Image::where('type', '=', 'user')->where('created_by', '=', $user->id)->get();
|
|
|
|
foreach ($profileImages as $image) {
|
2018-05-14 00:41:35 +08:00
|
|
|
Images::destroy($image);
|
2018-01-28 21:50:24 +08:00
|
|
|
}
|
2015-12-16 03:27:36 +08:00
|
|
|
}
|
2016-02-17 05:25:11 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the latest activity for a user.
|
2018-09-25 19:30:50 +08:00
|
|
|
* @param \BookStack\Auth\User $user
|
2016-02-17 05:25:11 +08:00
|
|
|
* @param int $count
|
|
|
|
* @param int $page
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function getActivity(User $user, $count = 20, $page = 0)
|
|
|
|
{
|
2018-01-28 22:08:14 +08:00
|
|
|
return Activity::userActivity($user, $count, $page);
|
2016-02-17 05:25:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2016-02-18 06:11:48 +08:00
|
|
|
* Get the recently created content for this given user.
|
2018-09-25 19:30:50 +08:00
|
|
|
* @param \BookStack\Auth\User $user
|
2016-02-17 05:25:11 +08:00
|
|
|
* @param int $count
|
|
|
|
* @return mixed
|
|
|
|
*/
|
2016-02-18 06:11:48 +08:00
|
|
|
public function getRecentlyCreated(User $user, $count = 20)
|
2016-02-17 05:25:11 +08:00
|
|
|
{
|
2016-02-18 06:11:48 +08:00
|
|
|
return [
|
2017-01-02 00:05:44 +08:00
|
|
|
'pages' => $this->entityRepo->getRecentlyCreated('page', $count, 0, function ($query) use ($user) {
|
2016-03-06 21:17:46 +08:00
|
|
|
$query->where('created_by', '=', $user->id);
|
|
|
|
}),
|
2017-01-02 00:05:44 +08:00
|
|
|
'chapters' => $this->entityRepo->getRecentlyCreated('chapter', $count, 0, function ($query) use ($user) {
|
2016-03-06 21:17:46 +08:00
|
|
|
$query->where('created_by', '=', $user->id);
|
|
|
|
}),
|
2017-01-02 00:05:44 +08:00
|
|
|
'books' => $this->entityRepo->getRecentlyCreated('book', $count, 0, function ($query) use ($user) {
|
2016-03-06 21:17:46 +08:00
|
|
|
$query->where('created_by', '=', $user->id);
|
|
|
|
})
|
2016-02-18 06:11:48 +08:00
|
|
|
];
|
2016-02-17 05:25:11 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get asset created counts for the give user.
|
2018-09-25 19:30:50 +08:00
|
|
|
* @param \BookStack\Auth\User $user
|
2016-02-17 05:25:11 +08:00
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function getAssetCounts(User $user)
|
|
|
|
{
|
|
|
|
return [
|
2018-09-26 01:00:40 +08:00
|
|
|
'pages' => $this->entityRepo->getUserTotalCreated('page', $user),
|
|
|
|
'chapters' => $this->entityRepo->getUserTotalCreated('chapter', $user),
|
|
|
|
'books' => $this->entityRepo->getUserTotalCreated('book', $user),
|
2016-02-17 05:25:11 +08:00
|
|
|
];
|
|
|
|
}
|
2016-02-18 06:11:48 +08:00
|
|
|
|
2016-05-02 02:36:53 +08:00
|
|
|
/**
|
|
|
|
* Get the roles in the system that are assignable to a user.
|
|
|
|
* @return mixed
|
|
|
|
*/
|
2016-09-29 19:43:46 +08:00
|
|
|
public function getAllRoles()
|
2016-05-02 02:36:53 +08:00
|
|
|
{
|
2019-02-03 21:45:45 +08:00
|
|
|
return $this->role->newQuery()->orderBy('name', 'asc')->get();
|
2016-05-02 02:36:53 +08:00
|
|
|
}
|
|
|
|
|
2016-02-28 18:49:41 +08:00
|
|
|
/**
|
|
|
|
* Get all the roles which can be given restricted access to
|
|
|
|
* other entities in the system.
|
|
|
|
* @return mixed
|
|
|
|
*/
|
|
|
|
public function getRestrictableRoles()
|
|
|
|
{
|
2016-09-29 19:43:46 +08:00
|
|
|
return $this->role->where('system_name', '!=', 'admin')->get();
|
2016-02-28 18:49:41 +08:00
|
|
|
}
|
2018-01-29 02:09:26 +08:00
|
|
|
|
|
|
|
/**
|
2018-12-23 03:29:19 +08:00
|
|
|
* Get an avatar image for a user and set it as their avatar.
|
|
|
|
* Returns early if avatars disabled or not set in config.
|
2018-01-29 02:09:26 +08:00
|
|
|
* @param User $user
|
|
|
|
* @return bool
|
|
|
|
*/
|
2018-12-23 03:29:19 +08:00
|
|
|
public function downloadAndAssignUserAvatar(User $user)
|
2018-01-29 02:09:26 +08:00
|
|
|
{
|
2018-12-23 03:29:19 +08:00
|
|
|
if (!Images::avatarFetchEnabled()) {
|
2018-01-29 02:09:26 +08:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
2018-12-23 03:29:19 +08:00
|
|
|
$avatar = Images::saveUserAvatar($user);
|
2018-01-29 02:09:26 +08:00
|
|
|
$user->avatar()->associate($avatar);
|
|
|
|
$user->save();
|
|
|
|
return true;
|
|
|
|
} catch (Exception $e) {
|
2018-12-23 03:29:19 +08:00
|
|
|
\Log::error('Failed to save user avatar image');
|
2018-01-29 02:09:26 +08:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
2018-08-21 09:19:25 +08:00
|
|
|
}
|