Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/UsersController.php
<?php | <?php | ||||
namespace App\Http\Controllers\API\V4; | namespace App\Http\Controllers\API\V4; | ||||
use App\Http\Controllers\RelationController; | use App\Http\Controllers\RelationController; | ||||
use App\Domain; | use App\Domain; | ||||
use App\Group; | use App\Group; | ||||
use App\Rules\Password; | |||||
use App\Rules\UserEmailDomain; | use App\Rules\UserEmailDomain; | ||||
use App\Rules\UserEmailLocal; | use App\Rules\UserEmailLocal; | ||||
use App\Sku; | use App\Sku; | ||||
use App\User; | use App\User; | ||||
use Illuminate\Http\Request; | use Illuminate\Http\Request; | ||||
use Illuminate\Support\Facades\DB; | use Illuminate\Support\Facades\DB; | ||||
use Illuminate\Support\Facades\Validator; | use Illuminate\Support\Facades\Validator; | ||||
use Illuminate\Support\Str; | use Illuminate\Support\Str; | ||||
▲ Show 20 Lines • Show All 167 Lines • ▼ Show 20 Lines | public static function statusInfo($user): array | ||||
// TODO: This will change when we enable all users to create domains | // TODO: This will change when we enable all users to create domains | ||||
'enableDomains' => $isController && $hasCustomDomain, | 'enableDomains' => $isController && $hasCustomDomain, | ||||
// TODO: Make 'enableDistlists' working for wallet controllers that aren't account owners | // TODO: Make 'enableDistlists' working for wallet controllers that aren't account owners | ||||
'enableDistlists' => $isController && $hasCustomDomain && in_array('beta-distlists', $skus), | 'enableDistlists' => $isController && $hasCustomDomain && in_array('beta-distlists', $skus), | ||||
// TODO: Make 'enableFolders' working for wallet controllers that aren't account owners | // TODO: Make 'enableFolders' working for wallet controllers that aren't account owners | ||||
'enableFolders' => $isController && $hasCustomDomain && in_array('beta-shared-folders', $skus), | 'enableFolders' => $isController && $hasCustomDomain && in_array('beta-shared-folders', $skus), | ||||
// TODO: Make 'enableResources' working for wallet controllers that aren't account owners | // TODO: Make 'enableResources' working for wallet controllers that aren't account owners | ||||
'enableResources' => $isController && $hasCustomDomain && in_array('beta-resources', $skus), | 'enableResources' => $isController && $hasCustomDomain && in_array('beta-resources', $skus), | ||||
'enableSettings' => $isController, | |||||
'enableUsers' => $isController, | 'enableUsers' => $isController, | ||||
'enableWallets' => $isController, | 'enableWallets' => $isController, | ||||
]; | ]; | ||||
return array_merge($process, $result); | return array_merge($process, $result); | ||||
} | } | ||||
/** | /** | ||||
▲ Show 20 Lines • Show All 107 Lines • ▼ Show 20 Lines | public function update(Request $request, $id) | ||||
} | } | ||||
$this->activatePassCode($user); | $this->activatePassCode($user); | ||||
if (isset($request->aliases)) { | if (isset($request->aliases)) { | ||||
$user->setAliases($request->aliases); | $user->setAliases($request->aliases); | ||||
} | } | ||||
// TODO: Make sure that UserUpdate job is created in case of entitlements update | |||||
// and no password change. So, for example quota change is applied to LDAP | |||||
// TODO: Review use of $user->save() in the above context | |||||
DB::commit(); | DB::commit(); | ||||
$response = [ | $response = [ | ||||
'status' => 'success', | 'status' => 'success', | ||||
'message' => \trans('app.user-update-success'), | 'message' => \trans('app.user-update-success'), | ||||
]; | ]; | ||||
// For self-update refresh the statusInfo in the UI | // For self-update refresh the statusInfo in the UI | ||||
▲ Show 20 Lines • Show All 140 Lines • ▼ Show 20 Lines | protected function validateUserRequest(Request $request, $user, &$settings = []) | ||||
'last_name' => 'string|nullable|max:128', | 'last_name' => 'string|nullable|max:128', | ||||
'organization' => 'string|nullable|max:512', | 'organization' => 'string|nullable|max:512', | ||||
'billing_address' => 'string|nullable|max:1024', | 'billing_address' => 'string|nullable|max:1024', | ||||
'country' => 'string|nullable|alpha|size:2', | 'country' => 'string|nullable|alpha|size:2', | ||||
'currency' => 'string|nullable|alpha|size:3', | 'currency' => 'string|nullable|alpha|size:3', | ||||
'aliases' => 'array|nullable', | 'aliases' => 'array|nullable', | ||||
]; | ]; | ||||
$controller = ($user ?: $this->guard()->user())->walletOwner(); | |||||
// Handle generated password reset code | // Handle generated password reset code | ||||
if ($code = $request->input('passwordLinkCode')) { | if ($code = $request->input('passwordLinkCode')) { | ||||
// Accept <code>-<short-code> input | // Accept <code>-<short-code> input | ||||
if (strpos($code, '-')) { | if (strpos($code, '-')) { | ||||
$code = explode('-', $code)[0]; | $code = explode('-', $code)[0]; | ||||
} | } | ||||
$this->passCode = $this->guard()->user()->verificationcodes() | $this->passCode = $this->guard()->user()->verificationcodes() | ||||
->where('code', $code)->where('active', false)->first(); | ->where('code', $code)->where('active', false)->first(); | ||||
// Generate a password for a new user with password reset link | // Generate a password for a new user with password reset link | ||||
// FIXME: Should/can we have a user with no password set? | // FIXME: Should/can we have a user with no password set? | ||||
if ($this->passCode && empty($user)) { | if ($this->passCode && empty($user)) { | ||||
$request->password = $request->password_confirmation = Str::random(16); | $request->password = $request->password_confirmation = Str::random(16); | ||||
$ignorePassword = true; | $ignorePassword = true; | ||||
} | } | ||||
} | } | ||||
if (empty($user) || !empty($request->password) || !empty($request->password_confirmation)) { | if (empty($user) || !empty($request->password) || !empty($request->password_confirmation)) { | ||||
if (empty($ignorePassword)) { | if (empty($ignorePassword)) { | ||||
$rules['password'] = 'required|min:6|max:255|confirmed'; | $rules['password'] = ['required', 'confirmed', new Password($controller)]; | ||||
} | } | ||||
} | } | ||||
$errors = []; | $errors = []; | ||||
// Validate input | // Validate input | ||||
$v = Validator::make($request->all(), $rules); | $v = Validator::make($request->all(), $rules); | ||||
if ($v->fails()) { | if ($v->fails()) { | ||||
$errors = $v->errors()->toArray(); | $errors = $v->errors()->toArray(); | ||||
} | } | ||||
$controller = $user ? $user->wallet()->owner : $this->guard()->user(); | |||||
// For new user validate email address | // For new user validate email address | ||||
if (empty($user)) { | if (empty($user)) { | ||||
$email = $request->email; | $email = $request->email; | ||||
if (empty($email)) { | if (empty($email)) { | ||||
$errors['email'] = \trans('validation.required', ['attribute' => 'email']); | $errors['email'] = \trans('validation.required', ['attribute' => 'email']); | ||||
} elseif ($error = self::validateEmail($email, $controller, $this->deleteBeforeCreate)) { | } elseif ($error = self::validateEmail($email, $controller, $this->deleteBeforeCreate)) { | ||||
$errors['email'] = $error; | $errors['email'] = $error; | ||||
▲ Show 20 Lines • Show All 259 Lines • Show Last 20 Lines |