Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/UsersController.php
Show All 11 Lines | |||||
use Illuminate\Http\Request; | use Illuminate\Http\Request; | ||||
use Illuminate\Support\Facades\Auth; | use Illuminate\Support\Facades\Auth; | ||||
use Illuminate\Support\Facades\DB; | use Illuminate\Support\Facades\DB; | ||||
use Illuminate\Support\Facades\Validator; | use Illuminate\Support\Facades\Validator; | ||||
use Illuminate\Support\Str; | use Illuminate\Support\Str; | ||||
class UsersController extends Controller | class UsersController extends Controller | ||||
{ | { | ||||
// List of user settings keys available for modification in UI | /** @const array List of user setting keys available for modification in UI */ | ||||
public const USER_SETTINGS = [ | public const USER_SETTINGS = [ | ||||
'billing_address', | 'billing_address', | ||||
'country', | 'country', | ||||
'currency', | 'currency', | ||||
'external_email', | 'external_email', | ||||
'first_name', | 'first_name', | ||||
'last_name', | 'last_name', | ||||
'organization', | 'organization', | ||||
'phone', | 'phone', | ||||
]; | ]; | ||||
/** | /** | ||||
* On user create it is filled with a user object to force-delete | |||||
* before the creation of a new user record is possible. | |||||
* | |||||
* @var \App\User|null | |||||
*/ | |||||
protected $deleteBeforeCreate; | |||||
/** | |||||
* Delete a user. | * Delete a user. | ||||
* | * | ||||
* @param int $id User identifier | * @param int $id User identifier | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse The response | * @return \Illuminate\Http\JsonResponse The response | ||||
*/ | */ | ||||
public function destroy($id) | public function destroy($id) | ||||
{ | { | ||||
▲ Show 20 Lines • Show All 224 Lines • ▼ Show 20 Lines | // 'cost' => $ent->cost, | ||||
{ | { | ||||
$current_user = $this->guard()->user(); | $current_user = $this->guard()->user(); | ||||
$owner = $current_user->wallet()->owner; | $owner = $current_user->wallet()->owner; | ||||
if ($owner->id != $current_user->id) { | if ($owner->id != $current_user->id) { | ||||
return $this->errorResponse(403); | return $this->errorResponse(403); | ||||
} | } | ||||
$this->deleteBeforeCreate = null; | |||||
if ($error_response = $this->validateUserRequest($request, null, $settings)) { | if ($error_response = $this->validateUserRequest($request, null, $settings)) { | ||||
return $error_response; | return $error_response; | ||||
} | } | ||||
if (empty($request->package) || !($package = \App\Package::find($request->package))) { | if (empty($request->package) || !($package = \App\Package::find($request->package))) { | ||||
$errors = ['package' => \trans('validation.packagerequired')]; | $errors = ['package' => \trans('validation.packagerequired')]; | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
if ($package->isDomain()) { | if ($package->isDomain()) { | ||||
$errors = ['package' => \trans('validation.packageinvalid')]; | $errors = ['package' => \trans('validation.packageinvalid')]; | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
DB::beginTransaction(); | DB::beginTransaction(); | ||||
if ($this->deleteBeforeCreate) { | |||||
$this->deleteBeforeCreate->forceDelete(); | |||||
} | |||||
// Create user record | // Create user record | ||||
$user = User::create([ | $user = User::create([ | ||||
'email' => $request->email, | 'email' => $request->email, | ||||
'password' => $request->password, | 'password' => $request->password, | ||||
]); | ]); | ||||
$owner->assignPackage($package, $user); | $owner->assignPackage($package, $user); | ||||
▲ Show 20 Lines • Show All 252 Lines • ▼ Show 20 Lines | protected function validateUserRequest(Request $request, $user, &$settings = []) | ||||
$controller = $user ? $user->wallet()->owner : $this->guard()->user(); | $controller = $user ? $user->wallet()->owner : $this->guard()->user(); | ||||
// For new user validate email address | // For new user validate email address | ||||
if (empty($user)) { | if (empty($user)) { | ||||
$email = $request->email; | $email = $request->email; | ||||
if (empty($email)) { | if (empty($email)) { | ||||
$errors['email'] = \trans('validation.required', ['attribute' => 'email']); | $errors['email'] = \trans('validation.required', ['attribute' => 'email']); | ||||
} elseif ($error = self::validateEmail($email, $controller)) { | } elseif ($error = self::validateEmail($email, $controller, $this->deleteBeforeCreate)) { | ||||
$errors['email'] = $error; | $errors['email'] = $error; | ||||
} | } | ||||
} | } | ||||
// Validate aliases input | // Validate aliases input | ||||
if (isset($request->aliases)) { | if (isset($request->aliases)) { | ||||
$aliases = []; | $aliases = []; | ||||
$existing_aliases = $user ? $user->aliases()->get()->pluck('alias')->toArray() : []; | $existing_aliases = $user ? $user->aliases()->get()->pluck('alias')->toArray() : []; | ||||
▲ Show 20 Lines • Show All 86 Lines • ▼ Show 20 Lines | public static function execProcessStep(User $user, string $step): ?bool | ||||
} | } | ||||
return false; | return false; | ||||
} | } | ||||
/** | /** | ||||
* Email address validation for use as a user mailbox (login). | * Email address validation for use as a user mailbox (login). | ||||
* | * | ||||
* @param string $email Email address | * @param string $email Email address | ||||
* @param \App\User $user The account owner | * @param \App\User $user The account owner | ||||
* @param ?\App\User $deleted Filled with an instance of a deleted user with | |||||
* the specified email address, if exists | |||||
* | * | ||||
* @return ?string Error message on validation error | * @return ?string Error message on validation error | ||||
*/ | */ | ||||
public static function validateEmail(string $email, \App\User $user): ?string | public static function validateEmail(string $email, \App\User $user, &$deleted = null): ?string | ||||
{ | { | ||||
$deleted = null; | |||||
if (strpos($email, '@') === false) { | if (strpos($email, '@') === false) { | ||||
return \trans('validation.entryinvalid', ['attribute' => 'email']); | return \trans('validation.entryinvalid', ['attribute' => 'email']); | ||||
} | } | ||||
list($login, $domain) = explode('@', Str::lower($email)); | list($login, $domain) = explode('@', Str::lower($email)); | ||||
if (strlen($login) === 0 || strlen($domain) === 0) { | if (strlen($login) === 0 || strlen($domain) === 0) { | ||||
return \trans('validation.entryinvalid', ['attribute' => 'email']); | return \trans('validation.entryinvalid', ['attribute' => 'email']); | ||||
Show All 19 Lines | public static function validateEmail(string $email, \App\User $user, &$deleted = null): ?string | ||||
// Check if it is one of domains available to the user | // Check if it is one of domains available to the user | ||||
$domains = \collect($user->domains())->pluck('namespace')->all(); | $domains = \collect($user->domains())->pluck('namespace')->all(); | ||||
if (!in_array($domain->namespace, $domains)) { | if (!in_array($domain->namespace, $domains)) { | ||||
return \trans('validation.entryexists', ['attribute' => 'domain']); | return \trans('validation.entryexists', ['attribute' => 'domain']); | ||||
} | } | ||||
// Check if a user with specified address already exists | // Check if a user with specified address already exists | ||||
if (User::emailExists($email)) { | if ($existing_user = User::emailExists($email, true)) { | ||||
// TODO: Allow force-delete if this is a deleted user in the same custom domain | // If this is a deleted user in the same custom domain | ||||
// we'll force delete him before | |||||
if (!$domain->isPublic() && $existing_user->trashed()) { | |||||
$deleted = $existing_user; | |||||
} else { | |||||
return \trans('validation.entryexists', ['attribute' => 'email']); | return \trans('validation.entryexists', ['attribute' => 'email']); | ||||
} | } | ||||
} | |||||
// Check if an alias with specified address already exists. | // Check if an alias with specified address already exists. | ||||
if (User::aliasExists($email)) { | if (User::aliasExists($email)) { | ||||
return \trans('validation.entryexists', ['attribute' => 'email']); | return \trans('validation.entryexists', ['attribute' => 'email']); | ||||
} | } | ||||
return null; | return null; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 65 Lines • Show Last 20 Lines |