1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-11 21:52:35 +01:00
invoiceninja/app/controllers/UserController.php

471 lines
14 KiB
PHP
Raw Normal View History

2013-11-26 13:45:07 +01:00
<?php
/*
|--------------------------------------------------------------------------
| Confide Controller Template
|--------------------------------------------------------------------------
|
| This is the default Confide controller template for controlling user
| authentication. Feel free to change to your needs.
|
*/
2014-04-13 10:19:10 +02:00
use ninja\repositories\AccountRepository;
use ninja\mailers\ContactMailer;
2014-07-23 17:02:56 +02:00
use ninja\mailers\UserMailer;
2014-04-13 10:19:10 +02:00
2013-11-26 13:45:07 +01:00
class UserController extends BaseController {
2014-04-13 10:19:10 +02:00
protected $accountRepo;
protected $contactMailer;
2014-07-23 17:02:56 +02:00
protected $userMailer;
2014-04-13 10:19:10 +02:00
2014-07-23 17:02:56 +02:00
public function __construct(AccountRepository $accountRepo, ContactMailer $contactMailer, UserMailer $userMailer)
2014-04-13 10:19:10 +02:00
{
parent::__construct();
$this->accountRepo = $accountRepo;
$this->contactMailer = $contactMailer;
2014-07-23 17:02:56 +02:00
$this->userMailer = $userMailer;
2014-04-13 10:19:10 +02:00
}
2014-07-23 17:02:56 +02:00
public function getDatatable()
{
$query = DB::table('users')
->where('users.account_id', '=', Auth::user()->account_id)
->where('users.deleted_at', '=', null)
->where('users.public_id', '>', 0)
->select('users.public_id', 'users.first_name', 'users.last_name', 'users.email', 'users.confirmed', 'users.public_id');
return Datatable::query($query)
->addColumn('first_name', function($model) { return link_to('users/' . $model->public_id . '/edit', $model->first_name . ' ' . $model->last_name); })
->addColumn('email', function($model) { return $model->email; })
->addColumn('confirmed', function($model) { return $model->confirmed ? trans('texts.active') : trans('texts.pending'); })
->addColumn('dropdown', function($model)
{
return '<div class="btn-group tr-action" style="visibility:hidden;">
<button type="button" class="btn btn-xs btn-default dropdown-toggle" data-toggle="dropdown">
'.trans('texts.select').' <span class="caret"></span>
</button>
<ul class="dropdown-menu" role="menu">
<li><a href="' . URL::to('users/'.$model->public_id) . '/edit">'.uctrans('texts.edit_user').'</a></li>
<li class="divider"></li>
<li><a href="javascript:deleteUser(' . $model->public_id. ')">'.uctrans('texts.delete_user').'</a></li>
</ul>
</div>';
})
->orderColumns(['first_name', 'email', 'confirmed'])
->make();
}
2013-12-05 16:23:24 +01:00
public function setTheme()
{
$user = User::find(Auth::user()->id);
$user->theme_id = Input::get('theme_id');
$user->save();
return Redirect::to(Input::get('path'));
}
2014-03-23 10:30:48 +01:00
public function forcePDFJS()
{
$user = Auth::user();
$user->force_pdfjs = true;
$user->save();
2014-04-02 20:20:01 +02:00
Session::flash('message', trans('texts.confide.updated_settings'));
2014-03-23 10:30:48 +01:00
2014-04-02 20:20:01 +02:00
return Redirect::to('/dashboard');
2014-03-23 10:30:48 +01:00
}
2014-07-23 17:02:56 +02:00
public function edit($publicId)
{
$user = User::where('account_id', '=', Auth::user()->account_id)
->where('public_id', '=', $publicId)->firstOrFail();
$data = [
'showBreadcrumbs' => false,
'user' => $user,
'method' => 'PUT',
'url' => 'users/' . $publicId,
'title' => trans('texts.edit_user')
];
return View::make('users.edit', $data);
}
public function update($publicId)
{
return $this->save($publicId);
}
public function store()
{
return $this->save();
}
2013-11-26 13:45:07 +01:00
/**
* Displays the form for account creation
*
*/
public function create()
{
2014-07-23 17:02:56 +02:00
if (!Auth::user()->confirmed)
{
Session::flash('error', trans('texts.register_to_add_user'));
return Redirect::to('company/advanced_settings/user_management');
}
if (Utils::isNinja())
{
$count = User::where('account_id', '=', Auth::user()->account_id)->count();
if ($count >= MAX_NUM_USERS)
{
Session::flash('error', trans('texts.limit_users'));
return Redirect::to('company/advanced_settings/user_management');
}
}
$data = [
'showBreadcrumbs' => false,
'user' => null,
'method' => 'POST',
'url' => 'users',
'title' => trans('texts.add_user')
];
return View::make('users.edit', $data);
}
public function delete()
{
$userPublicId = Input::get('userPublicId');
$user = User::where('account_id', '=', Auth::user()->account_id)
->where('public_id', '=', $userPublicId)->firstOrFail();
$user->delete();
Session::flash('message', trans('texts.deleted_user'));
return Redirect::to('company/advanced_settings/user_management');
2013-11-26 13:45:07 +01:00
}
/**
* Stores new account
*
*/
2014-07-23 17:02:56 +02:00
public function save($userPublicId = false)
2013-11-26 13:45:07 +01:00
{
2014-07-23 17:02:56 +02:00
$rules = [
'first_name' => 'required',
'last_name' => 'required',
];
2013-11-26 13:45:07 +01:00
2014-07-23 17:02:56 +02:00
if ($userPublicId)
{
$user = User::where('account_id', '=', Auth::user()->account_id)
->where('public_id', '=', $userPublicId)->firstOrFail();
2013-11-26 13:45:07 +01:00
2014-07-23 17:02:56 +02:00
$rules['email'] = 'required|email|unique:users,email,' . $user->id . ',id';
}
else
{
$rules['email'] = 'required|email|unique:users';
}
2013-11-26 13:45:07 +01:00
2014-07-23 17:02:56 +02:00
$validator = Validator::make(Input::all(), $rules);
2013-11-26 13:45:07 +01:00
2014-07-23 17:02:56 +02:00
if ($validator->fails())
2013-11-26 13:45:07 +01:00
{
2014-07-23 17:02:56 +02:00
return Redirect::to($userPublicId ? 'users/edit' : 'users/create')->withInput()->withErrors($validator);
}
if ($userPublicId)
{
$user->first_name = trim(Input::get('first_name'));
$user->last_name = trim(Input::get('last_name'));
$user->username = trim(Input::get('email'));
$user->email = trim(Input::get('email'));
2013-11-26 13:45:07 +01:00
}
else
{
2014-07-23 17:02:56 +02:00
$lastUser = User::withTrashed()->where('account_id', '=', Auth::user()->account_id)
->orderBy('public_id', 'DESC')->first();
$user = new User;
$user->account_id = Auth::user()->account_id;
$user->first_name = trim(Input::get('first_name'));
$user->last_name = trim(Input::get('last_name'));
$user->username = trim(Input::get('email'));
$user->email = trim(Input::get('email'));
$user->registered = true;
$user->password = str_random(RANDOM_KEY_LENGTH);
$user->password_confirmation = $user->password;
$user->public_id = $lastUser->public_id + 1;
}
$user->save();
2013-11-26 13:45:07 +01:00
2014-07-23 17:02:56 +02:00
if (!$user->confirmed)
{
$this->userMailer->sendConfirmation($user, Auth::user());
$message = trans('texts.sent_invite');
2013-11-26 13:45:07 +01:00
}
2014-07-23 17:02:56 +02:00
else
{
$message = trans('texts.updated_user');
}
Session::flash('message', $message);
return Redirect::to('company/advanced_settings/user_management');
2013-11-26 13:45:07 +01:00
}
/**
* Displays the login form
*
*/
public function login()
{
if( Confide::user() )
{
2014-01-08 21:09:47 +01:00
Event::fire('user.login');
2014-04-02 20:20:01 +02:00
Session::reflash();
2014-02-02 21:13:28 +01:00
2014-04-12 20:55:40 +02:00
return Redirect::to('/dashboard');
/*
2014-02-02 21:13:28 +01:00
$invoice = Invoice::scope()->orderBy('id', 'desc')->first();
if ($invoice)
{
return Redirect::to('/invoices/' . $invoice->public_id);
}
else
{
2014-04-02 20:20:01 +02:00
return Redirect::to('/dashboard');
2014-02-02 21:13:28 +01:00
}
2014-04-12 20:55:40 +02:00
*/
2013-11-26 13:45:07 +01:00
}
else
{
return View::make(Config::get('confide::login_form'));
}
}
/**
* Attempt to do login
*
*/
public function do_login()
{
$input = array(
2014-01-12 19:55:33 +01:00
'email' => Input::get( 'login_email' ), // May be the username too
'username' => Input::get( 'login_email' ), // so we have to pass both
'password' => Input::get( 'login_password' ),
2013-12-07 19:45:00 +01:00
'remember' => true,
2013-11-26 13:45:07 +01:00
);
// If you wish to only allow login from confirmed users, call logAttempt
// with the second parameter as true.
// logAttempt will check if the 'email' perhaps is the username.
// Get the value from the config file instead of changing the controller
2014-03-23 10:30:48 +01:00
if ( Input::get( 'login_email' ) && Confide::logAttempt( $input, false ) )
2013-12-07 19:45:00 +01:00
{
2013-12-15 13:55:50 +01:00
Event::fire('user.login');
2013-11-26 13:45:07 +01:00
// Redirect the user to the URL they were trying to access before
// caught by the authentication filter IE Redirect::guest('user/login').
// Otherwise fallback to '/'
// Fix pull #145
2014-03-23 10:30:48 +01:00
return Redirect::intended('/dashboard'); // change it to '/admin', '/dashboard' or something
2013-11-26 13:45:07 +01:00
}
else
{
2014-03-23 10:30:48 +01:00
//$user = new User;
2013-11-26 13:45:07 +01:00
// Check if there was too many login attempts
if( Confide::isThrottled( $input ) )
{
2014-04-02 20:20:01 +02:00
$err_msg = trans('texts.confide.too_many_attempts');
2013-11-26 13:45:07 +01:00
}
2013-12-07 19:45:00 +01:00
/*
2013-11-26 13:45:07 +01:00
elseif( $user->checkUserExists( $input ) and ! $user->isConfirmed( $input ) )
{
$err_msg = Lang::get('confide::confide.alerts.not_confirmed');
}
2013-12-07 19:45:00 +01:00
*/
2013-11-26 13:45:07 +01:00
else
{
2014-04-02 20:20:01 +02:00
$err_msg = trans('texts.confide.wrong_credentials');
2013-11-26 13:45:07 +01:00
}
2014-01-16 22:12:46 +01:00
return Redirect::action('UserController@login')
2014-01-12 19:55:33 +01:00
->withInput(Input::except('login_password'))
2013-12-07 19:45:00 +01:00
->with( 'error', $err_msg );
2013-11-26 13:45:07 +01:00
}
}
/**
* Attempt to confirm account with code
*
* @param string $code
*/
public function confirm( $code )
{
if ( Confide::confirm( $code ) )
2014-07-23 17:02:56 +02:00
{
2014-04-02 20:20:01 +02:00
$notice_msg = trans('texts.confide.confirmation');
2014-07-23 17:02:56 +02:00
$user = User::where('confirmation_code', '=', $code)->get()->first();
$user->confirmation_code = '';
$user->save();
2014-04-13 10:19:10 +02:00
2014-07-23 17:02:56 +02:00
if ($user->public_id)
2014-04-13 10:19:10 +02:00
{
2014-07-23 17:02:56 +02:00
Auth::login($user);
2014-04-13 10:19:10 +02:00
2014-07-23 17:02:56 +02:00
return Redirect::to('user/reset');
}
else
{
if (Session::has(REQUESTED_PRO_PLAN))
2014-04-13 10:19:10 +02:00
{
2014-07-23 17:02:56 +02:00
Session::forget(REQUESTED_PRO_PLAN);
if ($invoice = $this->accountRepo->enableProPlan())
{
$this->contactMailer->sendInvoice($invoice);
$notice_msg = trans('texts.pro_plan_success');
}
2014-04-13 10:19:10 +02:00
}
2014-07-23 17:02:56 +02:00
return Redirect::action('UserController@login')->with( 'message', $notice_msg );
}
2013-11-26 13:45:07 +01:00
}
else
{
2014-04-02 20:20:01 +02:00
$error_msg = trans('texts.confide.wrong_confirmation');
return Redirect::action('UserController@login')->with( 'error', $error_msg );
2013-11-26 13:45:07 +01:00
}
}
/**
* Displays the forgot password form
*
*/
public function forgot_password()
{
return View::make(Config::get('confide::forgot_password_form'));
}
/**
* Attempt to send change password link to the given email
*
*/
public function do_forgot_password()
{
2013-12-07 21:33:07 +01:00
Confide::forgotPassword( Input::get( 'email' ) );
2014-04-02 20:20:01 +02:00
$notice_msg = trans('texts.confide.password_forgot');
return Redirect::action('UserController@login')
->with( 'notice', $notice_msg );
2013-12-07 21:33:07 +01:00
/*
2013-11-26 13:45:07 +01:00
if( Confide::forgotPassword( Input::get( 'email' ) ) )
{
$notice_msg = Lang::get('confide::confide.alerts.password_forgot');
return Redirect::action('UserController@login')
->with( 'notice', $notice_msg );
}
else
{
$error_msg = Lang::get('confide::confide.alerts.wrong_password_forgot');
return Redirect::action('UserController@forgot_password')
->withInput()
->with( 'error', $error_msg );
}
2013-12-07 21:33:07 +01:00
*/
2013-11-26 13:45:07 +01:00
}
/**
* Shows the change password form with the given token
*
*/
2014-07-23 17:02:56 +02:00
public function reset_password( $token = false )
2013-11-26 13:45:07 +01:00
{
return View::make(Config::get('confide::reset_password_form'))
->with('token', $token);
}
/**
* Attempt change password of the user
*
*/
public function do_reset_password()
2014-07-23 17:02:56 +02:00
{
if (Auth::check())
2013-11-26 13:45:07 +01:00
{
2014-07-23 17:02:56 +02:00
$rules = [
'password' => 'required|between:4,11|confirmed',
'password_confirmation' => 'between:4,11',
];
$validator = Validator::make(Input::all(), $rules);
if ($validator->fails())
{
return Redirect::to('user/reset')->withInput()->withErrors($validator);
}
$user = Auth::user();
$user->password = Input::get('password');
$user->save();
Session::flash('message', trans('texts.confide.password_reset'));
return Redirect::to('/dashboard');
2013-11-26 13:45:07 +01:00
}
else
{
2014-07-23 17:02:56 +02:00
$input = array(
'token'=>Input::get( 'token' ),
'password'=>Input::get( 'password' ),
'password_confirmation'=>Input::get( 'password_confirmation' ),
);
// By passing an array with the token, password and confirmation
if( Confide::resetPassword( $input ) )
{
$notice_msg = trans('texts.confide.password_reset');
return Redirect::action('UserController@login')
->with( 'notice', $notice_msg );
}
else
{
$error_msg = trans('texts.confide.wrong_password_reset');
return Redirect::action('UserController@reset_password', array('token'=>$input['token']))
->withInput()
->with( 'error', $error_msg );
}
2013-11-26 13:45:07 +01:00
}
}
/**
* Log the user out of the application.
*
*/
public function logout()
{
2014-03-20 23:12:07 +01:00
if (Auth::check())
2013-12-03 23:00:01 +01:00
{
2014-03-20 23:12:07 +01:00
if (!Auth::user()->registered)
{
$account = Auth::user()->account;
$account->forceDelete();
}
2013-12-03 23:00:01 +01:00
}
Confide::logout();
2013-12-03 23:00:01 +01:00
return Redirect::to('/')->with('clearGuestKey', true);
2013-11-26 13:45:07 +01:00
}
}