2018-10-04 19:10:43 +02:00
|
|
|
<?php
|
2019-05-11 05:32:07 +02:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Invoice Ninja (https://invoiceninja.com).
|
2019-05-11 05:32:07 +02:00
|
|
|
*
|
|
|
|
* @link https://github.com/invoiceninja/invoiceninja source repository
|
|
|
|
*
|
2023-01-28 23:21:40 +01:00
|
|
|
* @copyright Copyright (c) 2023. Invoice Ninja LLC (https://invoiceninja.com)
|
2019-05-11 05:32:07 +02:00
|
|
|
*
|
2021-06-16 08:58:16 +02:00
|
|
|
* @license https://www.elastic.co/licensing/elastic-license
|
2019-05-11 05:32:07 +02:00
|
|
|
*/
|
2018-10-04 19:10:43 +02:00
|
|
|
|
2018-10-12 13:29:34 +02:00
|
|
|
namespace App\Models;
|
2018-10-04 19:10:43 +02:00
|
|
|
|
2021-02-15 00:39:40 +01:00
|
|
|
use App\Jobs\Mail\NinjaMailer;
|
|
|
|
use App\Jobs\Mail\NinjaMailerJob;
|
|
|
|
use App\Jobs\Mail\NinjaMailerObject;
|
|
|
|
use App\Mail\Admin\ResetPasswordObject;
|
2020-10-28 11:10:49 +01:00
|
|
|
use App\Models\Presenters\UserPresenter;
|
2020-10-27 16:04:28 +01:00
|
|
|
use App\Notifications\ResetPasswordNotification;
|
2021-03-03 23:39:24 +01:00
|
|
|
use App\Services\User\UserService;
|
2018-11-20 05:36:56 +01:00
|
|
|
use App\Utils\Traits\MakesHash;
|
2019-01-07 12:30:28 +01:00
|
|
|
use App\Utils\Traits\UserSessionAttributes;
|
2019-01-15 23:00:25 +01:00
|
|
|
use App\Utils\Traits\UserSettings;
|
2022-03-13 10:18:15 +01:00
|
|
|
use App\Utils\TruthSource;
|
2018-10-15 07:00:48 +02:00
|
|
|
use Illuminate\Contracts\Auth\MustVerifyEmail;
|
2020-10-01 12:49:47 +02:00
|
|
|
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
2020-10-28 11:10:49 +01:00
|
|
|
use Illuminate\Database\Eloquent\Model;
|
2018-11-20 05:36:56 +01:00
|
|
|
use Illuminate\Database\Eloquent\SoftDeletes;
|
2018-10-15 07:00:48 +02:00
|
|
|
use Illuminate\Foundation\Auth\User as Authenticatable;
|
2018-11-20 05:36:56 +01:00
|
|
|
use Illuminate\Notifications\Notifiable;
|
2019-10-04 13:54:03 +02:00
|
|
|
use Illuminate\Support\Carbon;
|
2019-11-04 21:50:10 +01:00
|
|
|
use Illuminate\Support\Facades\Auth;
|
2022-03-13 10:18:15 +01:00
|
|
|
use Laracasts\Presenter\PresentableTrait;
|
2018-10-04 19:10:43 +02:00
|
|
|
|
2019-11-04 21:50:10 +01:00
|
|
|
class User extends Authenticatable implements MustVerifyEmail
|
2018-10-04 19:10:43 +02:00
|
|
|
{
|
|
|
|
use Notifiable;
|
2018-10-15 14:40:34 +02:00
|
|
|
use SoftDeletes;
|
2018-10-22 14:04:37 +02:00
|
|
|
use PresentableTrait;
|
2018-11-20 05:36:56 +01:00
|
|
|
use MakesHash;
|
2019-01-07 12:30:28 +01:00
|
|
|
use UserSessionAttributes;
|
2019-01-15 23:00:25 +01:00
|
|
|
use UserSettings;
|
2019-04-25 13:33:03 +02:00
|
|
|
use Filterable;
|
2020-10-01 12:49:47 +02:00
|
|
|
use HasFactory;
|
2022-03-15 13:28:16 +01:00
|
|
|
use \Awobaz\Compoships\Compoships;
|
2020-10-28 11:10:49 +01:00
|
|
|
|
2018-10-15 07:00:48 +02:00
|
|
|
protected $guard = 'user';
|
2022-06-21 12:03:51 +02:00
|
|
|
|
2020-10-28 11:10:49 +01:00
|
|
|
protected $presenter = UserPresenter::class;
|
2018-10-22 14:04:37 +02:00
|
|
|
|
2019-12-29 23:06:42 +01:00
|
|
|
protected $with = []; // ? companies also
|
2019-06-12 01:15:17 +02:00
|
|
|
|
2019-07-09 02:01:29 +02:00
|
|
|
protected $dateFormat = 'Y-m-d H:i:s.u';
|
|
|
|
|
2019-06-12 01:15:17 +02:00
|
|
|
public $company;
|
|
|
|
|
2019-08-02 02:31:48 +02:00
|
|
|
protected $appends = [
|
2020-09-06 11:38:10 +02:00
|
|
|
'hashed_id',
|
2019-08-02 02:31:48 +02:00
|
|
|
];
|
2020-09-06 11:38:10 +02:00
|
|
|
|
2018-10-04 19:10:43 +02:00
|
|
|
/**
|
|
|
|
* The attributes that are mass assignable.
|
|
|
|
*
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected $fillable = [
|
2018-10-15 14:40:34 +02:00
|
|
|
'first_name',
|
|
|
|
'last_name',
|
2019-11-04 01:22:59 +01:00
|
|
|
'email',
|
|
|
|
'phone',
|
2018-10-15 14:40:34 +02:00
|
|
|
'signature',
|
|
|
|
'avatar',
|
2019-09-24 13:22:41 +02:00
|
|
|
'accepted_terms_version',
|
|
|
|
'oauth_user_id',
|
|
|
|
'oauth_provider_id',
|
2019-12-04 02:14:55 +01:00
|
|
|
'oauth_user_token',
|
2020-05-13 11:02:38 +02:00
|
|
|
'oauth_user_refresh_token',
|
2019-12-17 11:57:15 +01:00
|
|
|
'custom_value1',
|
|
|
|
'custom_value2',
|
|
|
|
'custom_value3',
|
|
|
|
'custom_value4',
|
2020-02-26 04:26:07 +01:00
|
|
|
'is_deleted',
|
2021-06-06 11:21:05 +02:00
|
|
|
// 'google_2fa_secret',
|
2018-10-04 19:10:43 +02:00
|
|
|
];
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The attributes that should be hidden for arrays.
|
|
|
|
*
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected $hidden = [
|
2018-10-15 14:40:34 +02:00
|
|
|
'remember_token',
|
|
|
|
'google_2fa_secret',
|
|
|
|
'google_2fa_phone',
|
|
|
|
'remember_2fa_token',
|
|
|
|
'slack_webhook_url',
|
2018-10-04 19:10:43 +02:00
|
|
|
];
|
2018-10-15 14:40:34 +02:00
|
|
|
|
2019-07-09 02:01:29 +02:00
|
|
|
protected $casts = [
|
2020-05-16 13:13:32 +02:00
|
|
|
'oauth_user_token' => 'object',
|
2020-05-16 12:26:16 +02:00
|
|
|
'settings' => 'object',
|
|
|
|
'updated_at' => 'timestamp',
|
|
|
|
'created_at' => 'timestamp',
|
|
|
|
'deleted_at' => 'timestamp',
|
2022-06-22 11:15:31 +02:00
|
|
|
'oauth_user_token_expiry' => 'datetime',
|
2019-07-09 02:01:29 +02:00
|
|
|
];
|
|
|
|
|
2021-02-22 10:54:46 +01:00
|
|
|
public function name()
|
|
|
|
{
|
2022-06-21 11:57:17 +02:00
|
|
|
return $this->first_name.' '.$this->last_name;
|
2021-02-22 10:54:46 +01:00
|
|
|
}
|
|
|
|
|
2020-05-06 13:49:42 +02:00
|
|
|
public function getEntityType()
|
|
|
|
{
|
2020-09-06 11:38:10 +02:00
|
|
|
return self::class;
|
2020-05-06 13:49:42 +02:00
|
|
|
}
|
|
|
|
|
2019-09-26 00:27:26 +02:00
|
|
|
public function getHashedIdAttribute()
|
|
|
|
{
|
|
|
|
return $this->encodePrimaryKey($this->id);
|
|
|
|
}
|
|
|
|
|
2019-03-28 11:07:45 +01:00
|
|
|
/**
|
|
|
|
* Returns a account.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2020-10-28 11:10:49 +01:00
|
|
|
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
|
2019-03-28 11:07:45 +01:00
|
|
|
*/
|
2019-03-28 03:36:36 +01:00
|
|
|
public function account()
|
|
|
|
{
|
|
|
|
return $this->belongsTo(Account::class);
|
|
|
|
}
|
|
|
|
|
2019-04-18 08:11:37 +02:00
|
|
|
/**
|
2019-06-12 01:15:17 +02:00
|
|
|
* Returns all company tokens.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2020-10-28 11:10:49 +01:00
|
|
|
* @return \Illuminate\Database\Eloquent\Relations\HasMany
|
2019-04-18 08:11:37 +02:00
|
|
|
*/
|
2019-06-12 01:15:17 +02:00
|
|
|
public function tokens()
|
|
|
|
{
|
|
|
|
return $this->hasMany(CompanyToken::class)->orderBy('id', 'ASC');
|
|
|
|
}
|
2019-03-27 05:50:13 +01:00
|
|
|
|
2022-03-13 09:48:57 +01:00
|
|
|
public function token()
|
|
|
|
{
|
2022-03-13 10:24:58 +01:00
|
|
|
$truth = app()->make(TruthSource::class);
|
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($truth->getCompanyToken()) {
|
2022-03-13 10:24:58 +01:00
|
|
|
return $truth->getCompanyToken();
|
|
|
|
}
|
|
|
|
|
2022-03-13 09:48:57 +01:00
|
|
|
if (request()->header('X-API-TOKEN')) {
|
2022-03-13 10:18:15 +01:00
|
|
|
return CompanyToken::with(['cu'])->where('token', request()->header('X-API-TOKEN'))->first();
|
2022-03-13 09:48:57 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return $this->tokens()->first();
|
|
|
|
}
|
|
|
|
|
2019-01-15 23:00:25 +01:00
|
|
|
/**
|
|
|
|
* Returns all companies a user has access to.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2020-10-28 11:10:49 +01:00
|
|
|
* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
|
2019-01-15 23:00:25 +01:00
|
|
|
*/
|
2019-01-07 12:30:28 +01:00
|
|
|
public function companies()
|
|
|
|
{
|
2020-01-07 01:13:47 +01:00
|
|
|
return $this->belongsToMany(Company::class)->using(CompanyUser::class)->withPivot('permissions', 'settings', 'is_admin', 'is_owner', 'is_locked')->withTimestamps();
|
2019-01-07 12:30:28 +01:00
|
|
|
}
|
2018-10-29 04:16:17 +01:00
|
|
|
|
2019-06-12 01:15:17 +02:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* As we are authenticating on CompanyToken,
|
|
|
|
* we need to link the company to the user manually. This allows
|
|
|
|
* us to decouple a $user and their attached companies.
|
2020-10-28 11:10:49 +01:00
|
|
|
* @param $company
|
2020-09-06 11:38:10 +02:00
|
|
|
*/
|
2019-06-12 01:15:17 +02:00
|
|
|
public function setCompany($company)
|
|
|
|
{
|
|
|
|
$this->company = $company;
|
2021-07-05 12:45:00 +02:00
|
|
|
|
|
|
|
return $this;
|
2019-06-12 01:15:17 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns the currently set Company.
|
2019-06-12 01:15:17 +02:00
|
|
|
*/
|
|
|
|
public function getCompany()
|
|
|
|
{
|
2022-03-13 10:18:15 +01:00
|
|
|
$truth = app()->make(TruthSource::class);
|
2020-02-24 11:15:30 +01:00
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($this->company) {
|
2021-05-24 02:41:23 +02:00
|
|
|
return $this->company;
|
2022-06-21 11:57:17 +02:00
|
|
|
} elseif ($truth->getCompany()) {
|
2022-03-13 10:18:15 +01:00
|
|
|
return $truth->getCompany();
|
2022-06-21 11:57:17 +02:00
|
|
|
} elseif (request()->header('X-API-TOKEN')) {
|
2022-02-26 08:48:22 +01:00
|
|
|
$company_token = CompanyToken::with(['company'])->where('token', request()->header('X-API-TOKEN'))->first();
|
2020-11-13 11:42:06 +01:00
|
|
|
return $company_token->company;
|
|
|
|
}
|
2021-05-19 06:27:47 +02:00
|
|
|
|
2021-05-13 14:41:32 +02:00
|
|
|
throw new \Exception('No Company Found');
|
2019-06-12 01:15:17 +02:00
|
|
|
}
|
|
|
|
|
2021-05-18 04:13:00 +02:00
|
|
|
public function companyIsSet()
|
|
|
|
{
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($this->company) {
|
2021-05-18 04:13:00 +02:00
|
|
|
return true;
|
2022-06-21 11:57:17 +02:00
|
|
|
}
|
2021-05-18 04:13:00 +02:00
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2019-03-28 11:07:45 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns the current company.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2022-12-14 01:26:07 +01:00
|
|
|
* @return App\Models\Company $company
|
2019-12-30 22:59:12 +01:00
|
|
|
*/
|
2019-03-28 10:05:13 +01:00
|
|
|
public function company()
|
2019-03-28 06:03:18 +01:00
|
|
|
{
|
2019-06-12 01:15:17 +02:00
|
|
|
return $this->getCompany();
|
2019-01-25 11:47:23 +01:00
|
|
|
}
|
|
|
|
|
2019-11-04 21:50:10 +01:00
|
|
|
private function setCompanyByGuard()
|
|
|
|
{
|
2019-12-30 22:59:12 +01:00
|
|
|
if (Auth::guard('contact')->check()) {
|
2019-11-04 21:50:10 +01:00
|
|
|
$this->setCompany(auth()->user()->client->company);
|
2019-12-30 22:59:12 +01:00
|
|
|
}
|
2019-11-04 21:50:10 +01:00
|
|
|
}
|
|
|
|
|
2019-07-14 11:34:49 +02:00
|
|
|
public function company_users()
|
|
|
|
{
|
2020-03-01 11:45:23 +01:00
|
|
|
return $this->hasMany(CompanyUser::class)->withTrashed();
|
2019-01-25 11:47:23 +01:00
|
|
|
}
|
|
|
|
|
2020-12-26 09:03:24 +01:00
|
|
|
public function co_user()
|
|
|
|
{
|
2022-03-13 10:18:15 +01:00
|
|
|
$truth = app()->make(TruthSource::class);
|
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($truth->getCompanyUser()) {
|
2022-03-13 10:26:45 +01:00
|
|
|
return $truth->getCompanyUser();
|
2022-03-13 10:18:15 +01:00
|
|
|
}
|
2022-03-13 11:40:29 +01:00
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
return $this->token()->cu;
|
2020-12-26 09:03:24 +01:00
|
|
|
}
|
|
|
|
|
2019-11-13 12:32:53 +01:00
|
|
|
public function company_user()
|
|
|
|
{
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($this->companyId()) {
|
2022-03-15 13:28:16 +01:00
|
|
|
return $this->belongsTo(CompanyUser::class)->where('company_id', $this->companyId())->withTrashed();
|
2022-06-21 11:57:17 +02:00
|
|
|
}
|
2022-03-13 10:18:15 +01:00
|
|
|
|
2022-03-13 10:26:45 +01:00
|
|
|
$truth = app()->make(TruthSource::class);
|
2021-01-29 13:05:03 +01:00
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($truth->getCompanyUser()) {
|
2022-03-13 10:26:45 +01:00
|
|
|
return $truth->getCompanyUser();
|
2022-06-21 11:57:17 +02:00
|
|
|
}
|
|
|
|
|
2022-03-13 10:26:45 +01:00
|
|
|
return $this->token()->cu;
|
2021-01-29 13:05:03 +01:00
|
|
|
|
2022-03-15 13:28:16 +01:00
|
|
|
// return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'user_id', 'id', 'user_id')
|
|
|
|
// ->withTrashed();
|
2019-11-13 12:32:53 +01:00
|
|
|
}
|
|
|
|
|
2019-01-25 11:47:23 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns the currently set company id for the user.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2019-01-25 11:47:23 +01:00
|
|
|
* @return int
|
|
|
|
*/
|
|
|
|
public function companyId() :int
|
|
|
|
{
|
2019-03-28 10:05:13 +01:00
|
|
|
return $this->company()->id;
|
2019-01-07 12:30:28 +01:00
|
|
|
}
|
2018-11-02 11:54:46 +01:00
|
|
|
|
2019-12-22 11:28:41 +01:00
|
|
|
public function clients()
|
|
|
|
{
|
|
|
|
return $this->hasMany(Client::class);
|
|
|
|
}
|
|
|
|
|
2019-01-15 23:00:25 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns a comma separated list of user permissions.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2019-12-10 21:25:54 +01:00
|
|
|
* @return comma separated list
|
2019-01-15 23:00:25 +01:00
|
|
|
*/
|
2019-01-07 12:30:28 +01:00
|
|
|
public function permissions()
|
2018-10-29 04:16:17 +01:00
|
|
|
{
|
2022-03-13 09:48:57 +01:00
|
|
|
return $this->token()->cu->permissions;
|
2022-06-21 11:57:17 +02:00
|
|
|
|
2022-03-13 09:48:57 +01:00
|
|
|
// return $this->company_user->permissions;
|
2019-01-07 12:30:28 +01:00
|
|
|
}
|
|
|
|
|
2019-01-15 23:00:25 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns a object of User Settings.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2019-01-15 23:00:25 +01:00
|
|
|
* @return stdClass
|
|
|
|
*/
|
|
|
|
public function settings()
|
|
|
|
{
|
2022-03-13 09:48:57 +01:00
|
|
|
return json_decode($this->token()->cu->settings);
|
|
|
|
|
|
|
|
//return json_decode($this->company_user->settings);
|
2019-01-15 23:00:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns a boolean of the administrator status of the user.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2019-01-15 23:00:25 +01:00
|
|
|
* @return bool
|
|
|
|
*/
|
2019-01-19 11:35:21 +01:00
|
|
|
public function isAdmin() : bool
|
2019-01-07 12:30:28 +01:00
|
|
|
{
|
2022-03-13 09:48:57 +01:00
|
|
|
return $this->token()->cu->is_admin;
|
|
|
|
|
2022-06-21 11:57:17 +02:00
|
|
|
// return $this->company_user->is_admin;
|
2018-10-15 14:40:34 +02:00
|
|
|
}
|
|
|
|
|
2019-12-18 03:45:18 +01:00
|
|
|
public function isOwner() : bool
|
|
|
|
{
|
2022-03-13 09:48:57 +01:00
|
|
|
return $this->token()->cu->is_owner;
|
2022-06-21 11:57:17 +02:00
|
|
|
|
2022-03-13 09:48:57 +01:00
|
|
|
// return $this->company_user->is_owner;
|
2019-12-18 03:45:18 +01:00
|
|
|
}
|
|
|
|
|
2023-01-25 01:28:23 +01:00
|
|
|
/**
|
|
|
|
* Returns true is user is an admin _or_ owner
|
2023-02-16 02:36:09 +01:00
|
|
|
*
|
2023-01-25 01:28:23 +01:00
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function isSuperUser() :bool
|
|
|
|
{
|
|
|
|
return $this->token()->cu->is_owner || $this->token()->cu->is_admin;
|
|
|
|
}
|
|
|
|
|
2019-01-15 23:00:25 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns all user created contacts.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2020-10-28 11:10:49 +01:00
|
|
|
* @return \Illuminate\Database\Eloquent\Relations\HasMany
|
2019-01-15 23:00:25 +01:00
|
|
|
*/
|
2018-10-15 14:40:34 +02:00
|
|
|
public function contacts()
|
|
|
|
{
|
2019-07-08 02:08:57 +02:00
|
|
|
return $this->hasMany(ClientContact::class);
|
2018-10-15 14:40:34 +02:00
|
|
|
}
|
|
|
|
|
2019-01-15 23:00:25 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns a boolean value if the user owns the current Entity.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2019-01-15 23:00:25 +01:00
|
|
|
* @param string Entity
|
|
|
|
* @return bool
|
|
|
|
*/
|
2019-01-07 12:30:28 +01:00
|
|
|
public function owns($entity) : bool
|
2018-10-15 14:40:34 +02:00
|
|
|
{
|
|
|
|
return ! empty($entity->user_id) && $entity->user_id == $this->id;
|
|
|
|
}
|
2019-01-07 12:30:28 +01:00
|
|
|
|
2019-11-05 11:16:38 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns a boolean value if the user is assigned to the current Entity.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2019-11-05 11:16:38 +01:00
|
|
|
* @param string Entity
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function assigned($entity) : bool
|
|
|
|
{
|
|
|
|
return ! empty($entity->assigned_user_id) && $entity->assigned_user_id == $this->id;
|
|
|
|
}
|
|
|
|
|
2019-01-20 06:00:50 +01:00
|
|
|
/**
|
2020-09-06 11:38:10 +02:00
|
|
|
* Returns true if permissions exist in the map.
|
2019-12-30 22:59:12 +01:00
|
|
|
*
|
2019-01-20 06:00:50 +01:00
|
|
|
* @param string permission
|
2020-09-06 11:38:10 +02:00
|
|
|
* @return bool
|
2019-01-20 06:00:50 +01:00
|
|
|
*/
|
2019-01-19 11:35:21 +01:00
|
|
|
public function hasPermission($permission) : bool
|
2019-12-30 22:59:12 +01:00
|
|
|
{
|
2023-02-16 02:36:09 +01:00
|
|
|
/**
|
|
|
|
* We use the limit parameter here to ensure we don't split on permissions that have multiple underscores.
|
|
|
|
*
|
|
|
|
* For example view_recurring_invoice without the limit would split to view bank recurring invoice
|
|
|
|
*
|
|
|
|
* Using only part 0 and 1 would search for permission view_recurring / edit_recurring so this would
|
|
|
|
* leak permissions for other recurring_* entities
|
|
|
|
*
|
|
|
|
* The solution here will split the word - consistently - into view _ {entity} and edit _ {entity}
|
|
|
|
*
|
|
|
|
*/
|
2023-01-31 12:21:23 +01:00
|
|
|
$parts = explode('_', $permission, 2);
|
2023-01-24 23:31:57 +01:00
|
|
|
$all_permission = '____';
|
2023-01-31 12:21:23 +01:00
|
|
|
$edit_all = '____';
|
|
|
|
$edit_entity = '____';
|
2020-04-01 14:34:50 +02:00
|
|
|
|
2023-01-31 12:21:23 +01:00
|
|
|
/* If we have multiple parts, then make sure we search for the _all permission */
|
2020-04-04 12:32:42 +02:00
|
|
|
if (count($parts) > 1) {
|
2020-09-06 11:38:10 +02:00
|
|
|
$all_permission = $parts[0].'_all';
|
2023-01-31 12:21:23 +01:00
|
|
|
|
|
|
|
/*If this is a view search, make sure we add in the edit_{entity} AND edit_all permission into the checks*/
|
2023-02-16 02:36:09 +01:00
|
|
|
if ($parts[0] == 'view') {
|
2023-01-31 12:21:23 +01:00
|
|
|
$edit_all = 'edit_all';
|
|
|
|
$edit_entity = "edit_{$parts[1]}";
|
|
|
|
}
|
2020-04-04 12:32:42 +02:00
|
|
|
}
|
2020-04-01 14:34:50 +02:00
|
|
|
|
2023-02-20 09:52:50 +01:00
|
|
|
return $this->isSuperUser() ||
|
2023-01-31 12:21:23 +01:00
|
|
|
(stripos($this->token()->cu->permissions, $permission) !== false) ||
|
2023-01-24 23:31:57 +01:00
|
|
|
(stripos($this->token()->cu->permissions, $all_permission) !== false) ||
|
2023-01-31 12:21:23 +01:00
|
|
|
(stripos($this->token()->cu->permissions, $edit_all) !== false) ||
|
|
|
|
(stripos($this->token()->cu->permissions, $edit_entity) !== false);
|
2019-01-07 12:30:28 +01:00
|
|
|
}
|
2019-01-15 23:00:25 +01:00
|
|
|
|
2023-01-21 06:52:24 +01:00
|
|
|
/**
|
|
|
|
* Used when we need to match exactly what permission
|
|
|
|
* the user has, and not aggregate owner and admins.
|
|
|
|
*
|
|
|
|
* This method is used when we need to scope down the query
|
|
|
|
* and display a limited subset.
|
2023-02-16 02:36:09 +01:00
|
|
|
*
|
2023-01-21 06:52:24 +01:00
|
|
|
* @param string $permission '["view_all"]'
|
2023-02-16 02:36:09 +01:00
|
|
|
* @return boolean
|
2023-01-21 06:52:24 +01:00
|
|
|
*/
|
2023-02-20 08:46:26 +01:00
|
|
|
public function hasExactPermissionAndAll(string $permission = '___'): bool
|
2023-01-21 06:52:24 +01:00
|
|
|
{
|
|
|
|
$parts = explode('_', $permission);
|
2023-01-25 00:43:18 +01:00
|
|
|
$all_permission = '__';
|
2023-01-21 06:52:24 +01:00
|
|
|
|
|
|
|
if (count($parts) > 1) {
|
|
|
|
$all_permission = $parts[0].'_all';
|
|
|
|
}
|
|
|
|
|
2023-01-25 00:43:18 +01:00
|
|
|
return (stripos($this->token()->cu->permissions, $all_permission) !== false) ||
|
|
|
|
(stripos($this->token()->cu->permissions, $permission) !== false);
|
2023-01-21 06:52:24 +01:00
|
|
|
}
|
|
|
|
|
2023-01-25 01:28:23 +01:00
|
|
|
/**
|
|
|
|
* Used when we need to match a range of permissions
|
|
|
|
* the user
|
|
|
|
*
|
|
|
|
* This method is used when we need to scope down the query
|
|
|
|
* and display a limited subset.
|
2023-02-16 02:36:09 +01:00
|
|
|
*
|
|
|
|
* @param array $permissions
|
|
|
|
* @return boolean
|
2023-01-25 01:28:23 +01:00
|
|
|
*/
|
|
|
|
public function hasIntersectPermissions(array $permissions = []): bool
|
|
|
|
{
|
2023-02-16 02:36:09 +01:00
|
|
|
foreach ($permissions as $permission) {
|
2023-02-20 08:46:26 +01:00
|
|
|
if ($this->hasExactPermissionAndAll($permission)) {
|
2023-01-25 01:28:23 +01:00
|
|
|
return true;
|
2023-02-16 02:36:09 +01:00
|
|
|
}
|
2023-01-25 01:28:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2023-02-20 08:46:26 +01:00
|
|
|
/**
|
|
|
|
* Used when we need to match exactly what permission
|
|
|
|
* the user has, and not aggregate owner and admins.
|
|
|
|
*
|
|
|
|
* This method is used when we need to scope down the query
|
|
|
|
* and display a limited subset.
|
|
|
|
*
|
|
|
|
* @param string $permission '["view_all"]'
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function hasExactPermission(string $permission = '___'): bool
|
|
|
|
{
|
|
|
|
return (stripos($this->token()->cu->permissions, $permission) !== false);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2023-01-25 02:58:24 +01:00
|
|
|
/**
|
|
|
|
* Used when we need to match a range of permissions
|
|
|
|
* the user
|
|
|
|
*
|
|
|
|
* This method is used when we need to scope down the query
|
|
|
|
* and display a limited subset.
|
2023-02-16 02:36:09 +01:00
|
|
|
*
|
|
|
|
* @param array $permissions
|
|
|
|
* @return boolean
|
2023-01-25 02:58:24 +01:00
|
|
|
*/
|
|
|
|
public function hasIntersectPermissionsOrAdmin(array $permissions = []): bool
|
|
|
|
{
|
2023-02-16 02:36:09 +01:00
|
|
|
if ($this->isSuperUser()) {
|
2023-01-25 02:58:24 +01:00
|
|
|
return true;
|
2023-02-16 02:36:09 +01:00
|
|
|
}
|
2023-01-25 02:58:24 +01:00
|
|
|
|
2023-02-16 02:36:09 +01:00
|
|
|
foreach ($permissions as $permission) {
|
2023-02-20 08:46:26 +01:00
|
|
|
if ($this->hasExactPermissionAndAll($permission)) {
|
2023-01-25 02:58:24 +01:00
|
|
|
return true;
|
2023-02-16 02:36:09 +01:00
|
|
|
}
|
2023-01-25 02:58:24 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
2023-02-20 08:46:26 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Used when we need to filter permissions carefully.
|
|
|
|
*
|
|
|
|
* For instance, users that have view_client permissions should not
|
|
|
|
* see the client balance, however if they also have
|
|
|
|
* view_invoice or view_all etc, then they should be able to see the balance.
|
|
|
|
*
|
|
|
|
* First we pass over the excluded permissions and return false if we find a match.
|
|
|
|
*
|
|
|
|
* If those permissions are not hit, then we can iterate through the matched_permissions and search for a hit.
|
|
|
|
*
|
|
|
|
* Note, returning FALSE here means the user does NOT have the permission we want to exclude
|
|
|
|
*
|
|
|
|
* @param array $matched_permission
|
|
|
|
* @param array $excluded_permissions
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function hasExcludedPermissions(array $matched_permission = [], array $excluded_permissions = []): bool
|
|
|
|
{
|
|
|
|
if ($this->isSuperUser()) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
foreach ($excluded_permissions as $permission) {
|
|
|
|
if ($this->hasExactPermission($permission)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
foreach($matched_permission as $permission) {
|
|
|
|
if ($this->hasExactPermission($permission)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-02-20 10:00:10 +01:00
|
|
|
return false;
|
2023-02-20 08:46:26 +01:00
|
|
|
}
|
2023-01-25 01:28:23 +01:00
|
|
|
|
2019-04-28 07:31:32 +02:00
|
|
|
public function documents()
|
|
|
|
{
|
|
|
|
return $this->morphMany(Document::class, 'documentable');
|
|
|
|
}
|
2019-10-04 13:54:03 +02:00
|
|
|
|
2021-02-25 22:06:43 +01:00
|
|
|
public function isVerified()
|
|
|
|
{
|
|
|
|
return is_null($this->email_verified_at) ? false : true;
|
|
|
|
}
|
|
|
|
|
2019-10-04 13:54:03 +02:00
|
|
|
public function getEmailVerifiedAt()
|
|
|
|
{
|
2019-12-30 22:59:12 +01:00
|
|
|
if ($this->email_verified_at) {
|
2019-10-05 02:11:04 +02:00
|
|
|
return Carbon::parse($this->email_verified_at)->timestamp;
|
2019-12-30 22:59:12 +01:00
|
|
|
} else {
|
2019-10-04 13:54:03 +02:00
|
|
|
return null;
|
2019-12-30 22:59:12 +01:00
|
|
|
}
|
2019-10-04 13:54:03 +02:00
|
|
|
}
|
2019-11-04 01:22:59 +01:00
|
|
|
|
|
|
|
public function routeNotificationForSlack($notification)
|
|
|
|
{
|
2022-06-21 11:57:17 +02:00
|
|
|
if ($this->token()->cu->slack_webhook_url) {
|
2022-03-13 09:48:57 +01:00
|
|
|
return $this->token()->cu->slack_webhook_url;
|
2022-06-21 11:57:17 +02:00
|
|
|
}
|
2019-11-04 01:22:59 +01:00
|
|
|
}
|
|
|
|
|
2019-11-04 21:50:10 +01:00
|
|
|
public function routeNotificationForMail($notification)
|
|
|
|
{
|
|
|
|
return $this->email;
|
|
|
|
}
|
2019-11-05 00:26:15 +01:00
|
|
|
|
2019-11-05 23:52:57 +01:00
|
|
|
/**
|
|
|
|
* Retrieve the model for a bound value.
|
|
|
|
*
|
2020-10-28 11:10:49 +01:00
|
|
|
* @param mixed $value
|
|
|
|
* @param null $field
|
|
|
|
* @return Model|null
|
2019-11-05 23:52:57 +01:00
|
|
|
*/
|
2020-11-25 15:19:52 +01:00
|
|
|
public function resolveRouteBinding($value, $field = null)
|
2019-11-05 23:52:57 +01:00
|
|
|
{
|
|
|
|
return $this
|
|
|
|
->withTrashed()
|
2023-01-22 06:34:47 +01:00
|
|
|
->where('id', $this->decodePrimaryKey($value))
|
|
|
|
->where('account_id', auth()->user()->account_id)
|
|
|
|
->firstOrFail();
|
2019-11-05 23:52:57 +01:00
|
|
|
}
|
2020-10-27 16:04:28 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Send the password reset notification.
|
|
|
|
*
|
|
|
|
* @param string $token
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function sendPasswordResetNotification($token)
|
|
|
|
{
|
2021-02-15 00:39:40 +01:00
|
|
|
$nmo = new NinjaMailerObject;
|
2022-06-21 11:57:17 +02:00
|
|
|
$nmo->mailable = new NinjaMailer((new ResetPasswordObject($token, $this, $this->account->default_company))->build());
|
2021-02-15 00:39:40 +01:00
|
|
|
$nmo->to_user = $this;
|
|
|
|
$nmo->settings = $this->account->default_company->settings;
|
|
|
|
$nmo->company = $this->account->default_company;
|
|
|
|
|
2021-05-22 06:45:09 +02:00
|
|
|
NinjaMailerJob::dispatch($nmo, true);
|
2021-02-15 00:39:40 +01:00
|
|
|
|
|
|
|
//$this->notify(new ResetPasswordNotification($token));
|
2020-10-27 16:04:28 +01:00
|
|
|
}
|
2021-03-03 23:39:24 +01:00
|
|
|
|
2021-03-04 00:12:34 +01:00
|
|
|
public function service()
|
2021-03-03 23:39:24 +01:00
|
|
|
{
|
|
|
|
return new UserService($this);
|
|
|
|
}
|
2022-04-06 02:38:01 +02:00
|
|
|
|
|
|
|
public function translate_entity()
|
|
|
|
{
|
|
|
|
return ctrans('texts.user');
|
|
|
|
}
|
2018-10-04 19:10:43 +02:00
|
|
|
}
|