1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-16 08:02:40 +01:00
invoiceninja/app/Models/User.php

683 lines
20 KiB
PHP
Raw Normal View History

2018-10-04 19:10:43 +02:00
<?php
2019-05-11 05:32:07 +02:00
/**
* Invoice Ninja (https://invoiceninja.com).
2019-05-11 05:32:07 +02:00
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
2023-01-28 23:21:40 +01:00
* @copyright Copyright (c) 2023. Invoice Ninja LLC (https://invoiceninja.com)
2019-05-11 05:32:07 +02:00
*
2021-06-16 08:58:16 +02:00
* @license https://www.elastic.co/licensing/elastic-license
2019-05-11 05:32:07 +02:00
*/
2018-10-04 19:10:43 +02:00
namespace App\Models;
2018-10-04 19:10:43 +02:00
use App\Jobs\Mail\NinjaMailer;
use App\Jobs\Mail\NinjaMailerJob;
use App\Jobs\Mail\NinjaMailerObject;
use App\Mail\Admin\ResetPasswordObject;
2020-10-28 11:10:49 +01:00
use App\Models\Presenters\UserPresenter;
2023-10-26 04:57:44 +02:00
use App\Services\User\UserService;
use App\Utils\Traits\MakesHash;
use App\Utils\Traits\UserSessionAttributes;
2023-10-26 04:57:44 +02:00
use App\Utils\Traits\UserSettings;
use App\Utils\TruthSource;
use Illuminate\Contracts\Auth\MustVerifyEmail;
2020-10-01 12:49:47 +02:00
use Illuminate\Database\Eloquent\Factories\HasFactory;
2023-10-26 04:57:44 +02:00
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Foundation\Auth\User as Authenticatable;
2023-10-26 04:57:44 +02:00
use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Carbon;
use Illuminate\Support\Facades\App;
use Laracasts\Presenter\PresentableTrait;
2018-10-04 19:10:43 +02:00
2023-03-08 08:33:42 +01:00
/**
* App\Models\User
*
* @property int $id
* @property int $account_id
2023-04-28 04:10:53 +02:00
* @property int $company_id
2023-03-08 08:33:42 +01:00
* @property string|null $first_name
* @property string|null $last_name
* @property string|null $phone
* @property string|null $ip
* @property string|null $device_token
* @property string $email
* @property string|null $email_verified_at
* @property string|null $confirmation_code
* @property int|null $theme_id
* @property int|null $failed_logins
* @property string|null $referral_code
* @property string|null $oauth_user_id
* @property object|null $oauth_user_token
* @property string|null $oauth_provider_id
* @property string|null $google_2fa_secret
* @property string|null $accepted_terms_version
* @property string|null $avatar
* @property int|null $avatar_width
* @property int|null $avatar_height
* @property int|null $avatar_size
* @property bool $is_deleted
2023-03-08 08:33:42 +01:00
* @property string|null $last_login
* @property string|null $signature
* @property string $password
2023-10-01 12:52:26 +02:00
* @property string $language_id
2023-03-08 08:33:42 +01:00
* @property string|null $remember_token
* @property string|null $custom_value1
* @property string|null $custom_value2
* @property string|null $custom_value3
* @property string|null $custom_value4
* @property int|null $created_at
* @property int|null $updated_at
* @property int|null $deleted_at
* @property string|null $oauth_user_refresh_token
* @property string|null $last_confirmed_email_address
* @property bool $has_password
* @property bool $user_logged_in_notification
2023-03-08 08:33:42 +01:00
* @property Carbon|null $oauth_user_token_expiry
* @property string|null $sms_verification_code
* @property bool $verified_phone_number
2023-03-08 08:33:42 +01:00
* @property-read \App\Models\Account $account
2023-04-26 15:03:32 +02:00
* @property-read \App\Models\Company $company
2023-03-08 08:33:42 +01:00
* @property-read mixed $hashed_id
* @property-read \Illuminate\Notifications\DatabaseNotificationCollection<int, \Illuminate\Notifications\DatabaseNotification> $notifications
* @property-read int|null $notifications_count
* @property-read \Illuminate\Database\Eloquent\Collection<int, \App\Models\CompanyToken> $tokens
* @property-read int|null $tokens_count
2023-08-06 04:20:18 +02:00
* @property \App\Models\CompanyToken $token
2023-03-08 08:33:42 +01:00
* @method static \Database\Factories\UserFactory factory($count = null, $state = [])
* @method static \Illuminate\Database\Eloquent\Builder|User filter(\App\Filters\QueryFilters $filters)
* @method static \Illuminate\Database\Eloquent\Builder|User newModelQuery()
* @method static \Illuminate\Database\Eloquent\Builder|User newQuery()
* @method static \Illuminate\Database\Eloquent\Builder|User onlyTrashed()
* @method static \Illuminate\Database\Eloquent\Builder|User query()
2023-07-24 10:57:02 +02:00
* @method static \Illuminate\Database\Eloquent\Builder|User where($column, $value)
2023-03-08 08:33:42 +01:00
* @method static \Illuminate\Database\Eloquent\Builder|User withTrashed()
* @method static \Illuminate\Database\Eloquent\Builder|User withoutTrashed()
2023-04-13 07:39:12 +02:00
* @property-read \Illuminate\Database\Eloquent\Collection<int, \App\Models\CompanyUser> $company_users
* @property-read \Illuminate\Notifications\DatabaseNotificationCollection<int, \Illuminate\Notifications\DatabaseNotification> $notifications
2023-04-26 08:55:49 +02:00
* @property-read \Illuminate\Database\Eloquent\Collection<int, \App\Models\CompanyToken> $tokens
2023-08-11 06:18:58 +02:00
* @property-read \Illuminate\Database\Eloquent\Collection<int, \App\Models\Company> $companies
2024-01-14 05:51:31 +01:00
* @method static \Illuminate\Database\Eloquent\Builder|BaseModel companies()
2023-04-26 15:03:32 +02:00
* @method bool hasPermissionTo(string $permission)
2023-04-26 15:17:49 +02:00
* @method \App\Models\Company getCompany()
2023-04-26 16:11:31 +02:00
* @method \App\Models\Company company()
2023-04-26 15:03:32 +02:00
* @method bool hasExcludedPermissions(array $matched_permission, array $excluded_permissions)
* @method bool isAdmin()
* @method bool isSuperUser()
* @method bool hasIntersectPermissions(array $permissions)
* @method int companyId()
* @method bool isOwner()
2023-03-08 08:33:42 +01:00
* @mixin \Eloquent
*/
class User extends Authenticatable implements MustVerifyEmail
2018-10-04 19:10:43 +02:00
{
use Notifiable;
use SoftDeletes;
use PresentableTrait;
use MakesHash;
use UserSessionAttributes;
use UserSettings;
2019-04-25 13:33:03 +02:00
use Filterable;
2020-10-01 12:49:47 +02:00
use HasFactory;
2022-03-15 13:28:16 +01:00
use \Awobaz\Compoships\Compoships;
2020-10-28 11:10:49 +01:00
protected $guard = 'user';
2022-06-21 12:03:51 +02:00
2020-10-28 11:10:49 +01:00
protected $presenter = UserPresenter::class;
protected $with = []; // ? companies also
protected $dateFormat = 'Y-m-d H:i:s.u';
2023-05-28 08:50:45 +02:00
public ?Company $company = null;
2019-08-02 02:31:48 +02:00
protected $appends = [
'hashed_id',
2019-08-02 02:31:48 +02:00
];
2018-10-04 19:10:43 +02:00
/**
* The attributes that are mass assignable.
*
*/
protected $fillable = [
'user_logged_in_notification',
'first_name',
'last_name',
'email',
'phone',
'signature',
'avatar',
'accepted_terms_version',
'oauth_user_id',
'oauth_provider_id',
'custom_value1',
'custom_value2',
'custom_value3',
'custom_value4',
'is_deleted',
2023-05-03 06:05:29 +02:00
'shopify_user_id',
2023-10-01 12:52:26 +02:00
'language_id',
// 'oauth_user_token',
// 'oauth_user_refresh_token',
2018-10-04 19:10:43 +02:00
];
/**
* The attributes that should be hidden for arrays.
*
*/
protected $hidden = [
'remember_token',
'google_2fa_secret',
'google_2fa_phone',
'remember_2fa_token',
'slack_webhook_url',
2018-10-04 19:10:43 +02:00
];
protected $casts = [
'oauth_user_token' => 'object',
'settings' => 'object',
'updated_at' => 'timestamp',
'created_at' => 'timestamp',
'deleted_at' => 'timestamp',
2022-06-22 11:15:31 +02:00
'oauth_user_token_expiry' => 'datetime',
];
2021-02-22 10:54:46 +01:00
public function name()
{
return $this->first_name.' '.$this->last_name;
2021-02-22 10:54:46 +01:00
}
public function getEntityType()
{
return self::class;
}
public function getHashedIdAttribute()
{
return $this->encodePrimaryKey($this->id);
}
2019-03-28 11:07:45 +01:00
/**
* Returns a account.
*
2020-10-28 11:10:49 +01:00
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
2019-03-28 11:07:45 +01:00
*/
2019-03-28 03:36:36 +01:00
public function account()
{
return $this->belongsTo(Account::class);
}
2019-04-18 08:11:37 +02:00
/**
* Returns all company tokens.
*
2020-10-28 11:10:49 +01:00
* @return \Illuminate\Database\Eloquent\Relations\HasMany
2019-04-18 08:11:37 +02:00
*/
public function tokens()
{
return $this->hasMany(CompanyToken::class)->orderBy('id', 'ASC');
}
2019-03-27 05:50:13 +01:00
public function token()
{
2022-03-13 10:24:58 +01:00
$truth = app()->make(TruthSource::class);
if ($truth->getCompanyToken()) {
2022-03-13 10:24:58 +01:00
return $truth->getCompanyToken();
}
2024-03-21 02:02:54 +01:00
// if (request()->header('X-API-TOKEN')) {
if (request()->header('X-API-TOKEN')) {
return CompanyToken::with(['cu'])->where('token', request()->header('X-API-TOKEN'))->first();
}
return $this->tokens()->first();
}
/**
* Returns all companies a user has access to.
*
2020-10-28 11:10:49 +01:00
* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
*/
2023-08-04 09:12:21 +02:00
public function companies(): \Illuminate\Database\Eloquent\Relations\BelongsToMany
{
return $this->belongsToMany(Company::class)->using(CompanyUser::class)->withPivot('permissions', 'settings', 'is_admin', 'is_owner', 'is_locked')->withTimestamps();
}
/**
* As we are authenticating on CompanyToken,
* we need to link the company to the user manually. This allows
* us to decouple a $user and their attached companies.
2020-10-28 11:10:49 +01:00
* @param $company
*/
public function setCompany($company)
{
$this->company = $company;
2021-07-05 12:45:00 +02:00
return $this;
}
/**
* Returns the currently set Company.
*/
2023-04-26 15:03:32 +02:00
public function getCompany(): ?Company
{
$truth = app()->make(TruthSource::class);
if ($this->company) {
2021-05-24 02:41:23 +02:00
return $this->company;
} elseif ($truth->getCompany()) {
return $truth->getCompany();
} elseif (request()->header('X-API-TOKEN')) {
2023-04-26 23:29:40 +02:00
$company_token = CompanyToken::with('company')->where('token', request()->header('X-API-TOKEN'))->first();
return $company_token->company;
}
throw new \Exception('No Company Found');
}
2023-04-26 15:03:32 +02:00
public function companyIsSet(): bool
2021-05-18 04:13:00 +02:00
{
2023-04-26 15:03:32 +02:00
return isset($this->company);
2021-05-18 04:13:00 +02:00
}
2019-03-28 11:07:45 +01:00
/**
* Returns the current company.
*
2023-04-26 15:03:32 +02:00
* @return \App\Models\Company $company
*/
2023-08-06 09:03:12 +02:00
public function company(): \App\Models\Company
{
return $this->getCompany();
}
2023-08-04 08:40:44 +02:00
public function company_users(): \Illuminate\Database\Eloquent\Relations\HasMany
{
return $this->hasMany(CompanyUser::class)->withTrashed();
}
2020-12-26 09:03:24 +01:00
public function co_user()
{
$truth = app()->make(TruthSource::class);
if ($truth->getCompanyUser()) {
2022-03-13 10:26:45 +01:00
return $truth->getCompanyUser();
}
2022-03-13 11:40:29 +01:00
return $this->token()->cu;
2020-12-26 09:03:24 +01:00
}
public function company_user()
{
if ($this->companyId()) {
2022-03-15 13:28:16 +01:00
return $this->belongsTo(CompanyUser::class)->where('company_id', $this->companyId())->withTrashed();
}
2022-03-13 10:26:45 +01:00
$truth = app()->make(TruthSource::class);
if ($truth->getCompanyUser()) {
2022-03-13 10:26:45 +01:00
return $truth->getCompanyUser();
}
2022-03-13 10:26:45 +01:00
return $this->token()->cu;
}
/**
* Returns the currently set company id for the user.
*
* @return int
*/
2024-01-14 05:05:00 +01:00
public function companyId(): int
{
2019-03-28 10:05:13 +01:00
return $this->company()->id;
}
2023-08-04 08:40:44 +02:00
public function clients(): \Illuminate\Database\Eloquent\Relations\HasMany
{
return $this->hasMany(Client::class);
}
/**
* Returns a comma separated list of user permissions.
*
2023-04-26 15:03:32 +02:00
* @return string $permissions
*/
public function permissions()
{
return $this->token()->cu->permissions;
}
/**
* Returns a object of User Settings.
*
2023-04-26 15:03:32 +02:00
* @return \stdClass
*/
public function settings()
{
return json_decode($this->token()->cu->settings);
}
/**
* Returns a boolean of the administrator status of the user.
*
* @return bool
*/
2024-01-14 05:05:00 +01:00
public function isAdmin(): bool
{
return $this->token()->cu->is_admin;
}
2024-01-14 05:05:00 +01:00
public function isOwner(): bool
{
return $this->token()->cu->is_owner;
}
2023-12-15 04:53:00 +01:00
public function hasOwnerFlag(): bool
{
2024-01-14 05:05:00 +01:00
return $this->company_users()->where('is_owner', true)->exists();
2023-12-15 04:53:00 +01:00
}
/**
* Returns true is user is an admin _or_ owner
2023-02-16 02:36:09 +01:00
*
* @return boolean
*/
2024-01-14 05:05:00 +01:00
public function isSuperUser(): bool
{
return $this->token()->cu->is_owner || $this->token()->cu->is_admin;
}
/**
* Returns all user created contacts.
*
2020-10-28 11:10:49 +01:00
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
2023-08-04 08:40:44 +02:00
public function contacts(): \Illuminate\Database\Eloquent\Relations\HasMany
{
2019-07-08 02:08:57 +02:00
return $this->hasMany(ClientContact::class);
}
/**
* Returns a boolean value if the user owns the current Entity.
*
2023-04-26 15:03:32 +02:00
* @param mixed $entity
* @return bool
*/
2024-01-14 05:05:00 +01:00
public function owns($entity): bool
{
return ! empty($entity->user_id) && $entity->user_id == $this->id;
}
/**
* Returns a boolean value if the user is assigned to the current Entity.
*
2023-04-26 15:03:32 +02:00
* @param mixed $entity
* @return bool
*/
2024-01-14 05:05:00 +01:00
public function assigned($entity): bool
{
return ! empty($entity->assigned_user_id) && $entity->assigned_user_id == $this->id;
}
/**
* Returns true if permissions exist in the map.
*
2023-04-26 15:03:32 +02:00
* @param string $permission
* @return bool
*/
2024-01-14 05:05:00 +01:00
public function hasPermission($permission): bool
{
2023-02-16 02:36:09 +01:00
/**
* We use the limit parameter here to ensure we don't split on permissions that have multiple underscores.
*
* For example view_recurring_invoice without the limit would split to view bank recurring invoice
*
* Using only part 0 and 1 would search for permission view_recurring / edit_recurring so this would
* leak permissions for other recurring_* entities
*
* The solution here will split the word - consistently - into view _ {entity} and edit _ {entity}
*
*/
$parts = explode('_', $permission, 2);
2023-01-24 23:31:57 +01:00
$all_permission = '____';
$edit_all = '____';
$edit_entity = '____';
2020-04-01 14:34:50 +02:00
/* If we have multiple parts, then make sure we search for the _all permission */
if (count($parts) > 1) {
$all_permission = $parts[0].'_all';
/*If this is a view search, make sure we add in the edit_{entity} AND edit_all permission into the checks*/
2023-02-16 02:36:09 +01:00
if ($parts[0] == 'view') {
$edit_all = 'edit_all';
$edit_entity = "edit_{$parts[1]}";
}
}
2020-04-01 14:34:50 +02:00
return $this->isSuperUser() ||
(stripos($this->token()->cu->permissions, $permission) !== false) ||
2023-01-24 23:31:57 +01:00
(stripos($this->token()->cu->permissions, $all_permission) !== false) ||
(stripos($this->token()->cu->permissions, $edit_all) !== false) ||
(stripos($this->token()->cu->permissions, $edit_entity) !== false);
}
2023-01-21 06:52:24 +01:00
/**
* Used when we need to match exactly what permission
* the user has, and not aggregate owner and admins.
*
* This method is used when we need to scope down the query
* and display a limited subset.
2023-02-16 02:36:09 +01:00
*
2023-01-21 06:52:24 +01:00
* @param string $permission '["view_all"]'
2023-02-16 02:36:09 +01:00
* @return boolean
2023-01-21 06:52:24 +01:00
*/
public function hasExactPermissionAndAll(string $permission = '___'): bool
2023-01-21 06:52:24 +01:00
{
$parts = explode('_', $permission);
$all_permission = '__';
2023-01-21 06:52:24 +01:00
if (count($parts) > 1) {
$all_permission = $parts[0].'_all';
}
return (stripos($this->token()->cu->permissions, $all_permission) !== false) ||
(stripos($this->token()->cu->permissions, $permission) !== false);
2023-01-21 06:52:24 +01:00
}
/**
* Used when we need to match a range of permissions
* the user
*
* This method is used when we need to scope down the query
* and display a limited subset.
2023-02-16 02:36:09 +01:00
*
* @param array $permissions
* @return boolean
*/
public function hasIntersectPermissions(array $permissions = []): bool
{
2023-02-16 02:36:09 +01:00
foreach ($permissions as $permission) {
if ($this->hasExactPermissionAndAll($permission)) {
return true;
2023-02-16 02:36:09 +01:00
}
}
return false;
}
/**
* Used when we need to match exactly what permission
* the user has, and not aggregate owner and admins.
*
* This method is used when we need to scope down the query
* and display a limited subset.
*
* @param string $permission '["view_all"]'
* @return boolean
*/
public function hasExactPermission(string $permission = '___'): bool
{
return (stripos($this->token()->cu->permissions, $permission) !== false);
}
/**
* Used when we need to match a range of permissions
* the user
*
* This method is used when we need to scope down the query
* and display a limited subset.
2023-02-16 02:36:09 +01:00
*
* @param array $permissions
* @return boolean
*/
public function hasIntersectPermissionsOrAdmin(array $permissions = []): bool
{
2023-02-16 02:36:09 +01:00
if ($this->isSuperUser()) {
return true;
2023-02-16 02:36:09 +01:00
}
2023-02-16 02:36:09 +01:00
foreach ($permissions as $permission) {
if ($this->hasExactPermissionAndAll($permission)) {
return true;
2023-02-16 02:36:09 +01:00
}
}
return false;
}
2024-01-14 05:05:00 +01:00
/**
* Used when we need to filter permissions carefully.
2023-02-22 07:37:16 +01:00
*
* For instance, users that have view_client permissions should not
2023-02-22 07:37:16 +01:00
* see the client balance, however if they also have
* view_invoice or view_all etc, then they should be able to see the balance.
2023-02-22 07:37:16 +01:00
*
* First we pass over the excluded permissions and return false if we find a match.
2023-02-22 07:37:16 +01:00
*
* If those permissions are not hit, then we can iterate through the matched_permissions and search for a hit.
2023-02-22 07:37:16 +01:00
*
* Note, returning FALSE here means the user does NOT have the permission we want to exclude
*
* @param array $matched_permission
* @param array $excluded_permissions
* @return bool
*/
public function hasExcludedPermissions(array $matched_permission = [], array $excluded_permissions = []): bool
{
if ($this->isSuperUser()) {
return false;
}
2024-01-14 05:05:00 +01:00
foreach ($excluded_permissions as $permission) {
if ($this->hasExactPermission($permission)) {
return false;
}
}
2023-02-22 07:37:16 +01:00
foreach ($matched_permission as $permission) {
if ($this->hasExactPermission($permission)) {
return true;
}
}
return false;
}
2023-08-04 08:40:44 +02:00
public function documents(): \Illuminate\Database\Eloquent\Relations\MorphMany
2019-04-28 07:31:32 +02:00
{
return $this->morphMany(Document::class, 'documentable');
}
2019-10-04 13:54:03 +02:00
2023-08-04 08:40:44 +02:00
public function isVerified(): bool
2021-02-25 22:06:43 +01:00
{
return is_null($this->email_verified_at) ? false : true;
}
2019-10-04 13:54:03 +02:00
public function getEmailVerifiedAt()
{
if ($this->email_verified_at) {
2019-10-05 02:11:04 +02:00
return Carbon::parse($this->email_verified_at)->timestamp;
} else {
2019-10-04 13:54:03 +02:00
return null;
}
2019-10-04 13:54:03 +02:00
}
public function routeNotificationForSlack($notification)
{
if ($this->token()->cu->slack_webhook_url) {
return $this->token()->cu->slack_webhook_url;
}
}
public function routeNotificationForMail($notification)
{
return $this->email;
}
/**
* Retrieve the model for a bound value.
*
2020-10-28 11:10:49 +01:00
* @param mixed $value
* @param null $field
* @return Model|null
*/
2020-11-25 15:19:52 +01:00
public function resolveRouteBinding($value, $field = null)
{
return $this
->withTrashed()
->where('id', $this->decodePrimaryKey($value))
->where('account_id', auth()->user()->account_id)
->firstOrFail();
}
2020-10-27 16:04:28 +01:00
/**
* Send the password reset notification.
*
* @param string $token
* @return void
*/
public function sendPasswordResetNotification($token)
{
2023-10-02 08:20:26 +02:00
$is_react = request()->has('react') || request()->hasHeader('X-React') ? true : false;
2024-01-14 05:05:00 +01:00
$nmo = new NinjaMailerObject();
2023-10-02 08:20:26 +02:00
$nmo->mailable = new NinjaMailer((new ResetPasswordObject($token, $this, $this->account->default_company, $is_react))->build());
$nmo->to_user = $this;
$nmo->settings = $this->account->default_company->settings;
$nmo->company = $this->account->default_company;
2021-05-22 06:45:09 +02:00
NinjaMailerJob::dispatch($nmo, true);
2020-10-27 16:04:28 +01:00
}
2021-03-03 23:39:24 +01:00
2021-03-04 00:12:34 +01:00
public function service()
2021-03-03 23:39:24 +01:00
{
return new UserService($this);
}
2022-04-06 02:38:01 +02:00
2023-10-01 12:52:26 +02:00
public function language()
{
return $this->belongsTo(Language::class);
}
public function getLocale()
{
2023-10-03 10:31:17 +02:00
$locale = $this->language->locale ?? null;
2024-01-14 05:05:00 +01:00
2023-10-26 04:57:44 +02:00
if($locale) {
2023-10-01 12:52:26 +02:00
App::setLocale($locale);
2023-10-26 04:57:44 +02:00
}
2023-10-01 12:52:26 +02:00
return $locale;
}
2022-04-06 02:38:01 +02:00
public function translate_entity()
{
return ctrans('texts.user');
}
2018-10-04 19:10:43 +02:00
}