Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/UsersController.php
<?php | <?php | ||||
namespace App\Http\Controllers\API\V4; | namespace App\Http\Controllers\API\V4; | ||||
use App\Http\Controllers\RelationController; | use App\Http\Controllers\RelationController; | ||||
use App\Domain; | use App\Domain; | ||||
use App\Group; | |||||
use App\Rules\Password; | use App\Rules\Password; | ||||
use App\Rules\UserEmailDomain; | use App\Rules\UserEmailDomain; | ||||
use App\Rules\UserEmailLocal; | use App\Rules\UserEmailLocal; | ||||
use App\Sku; | use App\Sku; | ||||
use App\User; | use App\User; | ||||
use Illuminate\Http\Request; | use Illuminate\Http\Request; | ||||
use Illuminate\Support\Facades\DB; | use Illuminate\Support\Facades\DB; | ||||
use Illuminate\Support\Facades\Validator; | use Illuminate\Support\Facades\Validator; | ||||
▲ Show 20 Lines • Show All 112 Lines • ▼ Show 20 Lines | public function show($id) | ||||
if (!$this->guard()->user()->canRead($user)) { | if (!$this->guard()->user()->canRead($user)) { | ||||
return $this->errorResponse(403); | return $this->errorResponse(403); | ||||
} | } | ||||
$response = $this->userResponse($user); | $response = $this->userResponse($user); | ||||
$response['skus'] = \App\Entitlement::objectEntitlementsSummary($user); | $response['skus'] = \App\Entitlement::objectEntitlementsSummary($user); | ||||
$response['config'] = $user->getConfig(); | $response['config'] = $user->getConfig(); | ||||
$response['aliases'] = $user->aliases()->pluck('alias')->all(); | |||||
$code = $user->verificationcodes()->where('active', true) | $code = $user->verificationcodes()->where('active', true) | ||||
->where('expires_at', '>', \Carbon\Carbon::now()) | ->where('expires_at', '>', \Carbon\Carbon::now()) | ||||
->first(); | ->first(); | ||||
if ($code) { | if ($code) { | ||||
$response['passwordLinkCode'] = $code->short_code . '-' . $code->code; | $response['passwordLinkCode'] = $code->short_code . '-' . $code->code; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 58 Lines • ▼ Show 20 Lines | class UsersController extends RelationController | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request The API request. | * @param \Illuminate\Http\Request $request The API request. | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse The response | * @return \Illuminate\Http\JsonResponse The response | ||||
*/ | */ | ||||
public function store(Request $request) | public function store(Request $request) | ||||
{ | { | ||||
$current_user = $this->guard()->user(); | $current_user = $this->guard()->user(); | ||||
$owner = $current_user->wallet()->owner; | $owner = $current_user->walletOwner(); | ||||
if ($owner->id != $current_user->id) { | if ($owner->id != $current_user->id) { | ||||
return $this->errorResponse(403); | return $this->errorResponse(403); | ||||
} | } | ||||
$this->deleteBeforeCreate = null; | $this->deleteBeforeCreate = null; | ||||
if ($error_response = $this->validateUserRequest($request, null, $settings)) { | if ($error_response = $this->validateUserRequest($request, null, $settings)) { | ||||
▲ Show 20 Lines • Show All 170 Lines • ▼ Show 20 Lines | public static function userResponse(User $user): array | ||||
$response = array_merge($user->toArray(), self::objectState($user)); | $response = array_merge($user->toArray(), self::objectState($user)); | ||||
// Settings | // Settings | ||||
$response['settings'] = []; | $response['settings'] = []; | ||||
foreach ($user->settings()->whereIn('key', self::USER_SETTINGS)->get() as $item) { | foreach ($user->settings()->whereIn('key', self::USER_SETTINGS)->get() as $item) { | ||||
$response['settings'][$item->key] = $item->value; | $response['settings'][$item->key] = $item->value; | ||||
} | } | ||||
// Aliases | |||||
$response['aliases'] = []; | |||||
foreach ($user->aliases as $item) { | |||||
$response['aliases'][] = $item->alias; | |||||
} | |||||
// Status info | // Status info | ||||
$response['statusInfo'] = self::statusInfo($user); | $response['statusInfo'] = self::statusInfo($user); | ||||
// Add more info to the wallet object output | // Add more info to the wallet object output | ||||
$map_func = function ($wallet) use ($user) { | $map_func = function ($wallet) use ($user) { | ||||
$result = $wallet->toArray(); | $result = $wallet->toArray(); | ||||
if ($wallet->discount) { | if ($wallet->discount) { | ||||
▲ Show 20 Lines • Show All 236 Lines • ▼ Show 20 Lines | public static function validateEmail(string $email, \App\User $user, &$deleted = null): ?string | ||||
['email' => ['required', new UserEmailLocal(!$domain->isPublic())]] | ['email' => ['required', new UserEmailLocal(!$domain->isPublic())]] | ||||
); | ); | ||||
if ($v->fails()) { | if ($v->fails()) { | ||||
return $v->errors()->toArray()['email'][0]; | return $v->errors()->toArray()['email'][0]; | ||||
} | } | ||||
// Check if it is one of domains available to the user | // Check if it is one of domains available to the user | ||||
if (!$user->domains()->where('namespace', $domain->namespace)->exists()) { | if (!$domain->isPublic() && $user->id != $domain->walletOwner()->id) { | ||||
return \trans('validation.entryexists', ['attribute' => 'domain']); | return \trans('validation.entryexists', ['attribute' => 'domain']); | ||||
} | } | ||||
// Check if a user with specified address already exists | // Check if a user/group/resource/shared folder with specified address already exists | ||||
if ($existing_user = User::emailExists($email, true)) { | |||||
// If this is a deleted user in the same custom domain | |||||
// we'll force delete him before | |||||
if (!$domain->isPublic() && $existing_user->trashed()) { | |||||
$deleted = $existing_user; | |||||
} else { | |||||
return \trans('validation.entryexists', ['attribute' => 'email']); | |||||
} | |||||
} | |||||
// Check if an alias with specified address already exists. | |||||
if (User::aliasExists($email)) { | |||||
return \trans('validation.entryexists', ['attribute' => 'email']); | |||||
} | |||||
// Check if a group or resource with specified address already exists | |||||
if ( | if ( | ||||
($existing = Group::emailExists($email, true)) | ($existing = User::emailExists($email, true)) | ||||
|| ($existing = \App\Group::emailExists($email, true)) | |||||
|| ($existing = \App\Resource::emailExists($email, true)) | || ($existing = \App\Resource::emailExists($email, true)) | ||||
|| ($existing = \App\SharedFolder::emailExists($email, true)) | |||||
) { | ) { | ||||
// If this is a deleted group/resource in the same custom domain | // If this is a deleted user/group/resource/folder in the same custom domain | ||||
// we'll force delete it before | // we'll force delete it before creating the target user | ||||
if (!$domain->isPublic() && $existing->trashed()) { | if (!$domain->isPublic() && $existing->trashed()) { | ||||
$deleted = $existing; | $deleted = $existing; | ||||
} else { | } else { | ||||
return \trans('validation.entryexists', ['attribute' => 'email']); | return \trans('validation.entryexists', ['attribute' => 'email']); | ||||
} | } | ||||
} | } | ||||
// Check if an alias with specified address already exists. | |||||
if (User::aliasExists($email) || \App\SharedFolder::aliasExists($email)) { | |||||
return \trans('validation.entryexists', ['attribute' => 'email']); | |||||
} | |||||
return null; | return null; | ||||
} | } | ||||
/** | /** | ||||
* Email address validation for use as an alias. | * Email address validation for use as an alias. | ||||
* | * | ||||
* @param string $email Email address | * @param string $email Email address | ||||
* @param \App\User $user The account owner | * @param \App\User $user The account owner | ||||
Show All 25 Lines | public static function validateAlias(string $email, \App\User $user): ?string | ||||
['alias' => ['required', new UserEmailLocal(!$domain->isPublic())]] | ['alias' => ['required', new UserEmailLocal(!$domain->isPublic())]] | ||||
); | ); | ||||
if ($v->fails()) { | if ($v->fails()) { | ||||
return $v->errors()->toArray()['alias'][0]; | return $v->errors()->toArray()['alias'][0]; | ||||
} | } | ||||
// Check if it is one of domains available to the user | // Check if it is one of domains available to the user | ||||
if (!$user->domains()->where('namespace', $domain->namespace)->exists()) { | if (!$domain->isPublic() && $user->id != $domain->walletOwner()->id) { | ||||
return \trans('validation.entryexists', ['attribute' => 'domain']); | return \trans('validation.entryexists', ['attribute' => 'domain']); | ||||
} | } | ||||
// Check if a user with specified address already exists | // Check if a user with specified address already exists | ||||
if ($existing_user = User::emailExists($email, true)) { | if ($existing_user = User::emailExists($email, true)) { | ||||
// Allow an alias in a custom domain to an address that was a user before | // Allow an alias in a custom domain to an address that was a user before | ||||
if ($domain->isPublic() || !$existing_user->trashed()) { | if ($domain->isPublic() || !$existing_user->trashed()) { | ||||
return \trans('validation.entryexists', ['attribute' => 'alias']); | return \trans('validation.entryexists', ['attribute' => 'alias']); | ||||
} | } | ||||
} | } | ||||
// Check if a group/resource/shared folder with specified address already exists | |||||
if ( | |||||
\App\Group::emailExists($email) | |||||
|| \App\Resource::emailExists($email) | |||||
|| \App\SharedFolder::emailExists($email) | |||||
) { | |||||
return \trans('validation.entryexists', ['attribute' => 'alias']); | |||||
} | |||||
// Check if an alias with specified address already exists | // Check if an alias with specified address already exists | ||||
if (User::aliasExists($email)) { | if (User::aliasExists($email) || \App\SharedFolder::aliasExists($email)) { | ||||
// Allow assigning the same alias to a user in the same group account, | // Allow assigning the same alias to a user in the same group account, | ||||
// but only for non-public domains | // but only for non-public domains | ||||
if ($domain->isPublic()) { | if ($domain->isPublic()) { | ||||
return \trans('validation.entryexists', ['attribute' => 'alias']); | return \trans('validation.entryexists', ['attribute' => 'alias']); | ||||
} | } | ||||
} | } | ||||
// Check if a group with specified address already exists | |||||
if (Group::emailExists($email)) { | |||||
return \trans('validation.entryexists', ['attribute' => 'alias']); | |||||
} | |||||
return null; | return null; | ||||
} | } | ||||
/** | /** | ||||
* Activate password reset code (if set), and assign it to a user. | * Activate password reset code (if set), and assign it to a user. | ||||
* | * | ||||
* @param \App\User $user The user | * @param \App\User $user The user | ||||
*/ | */ | ||||
Show All 10 Lines |