BookStack Code Mirror - bookstack/blobdiff

use BookStack\Actions\ActivityType;

use BookStack\Auth\Access\UserInviteService;

use BookStack\Entities\EntityProvider;

use BookStack\Actions\ActivityType;

use BookStack\Auth\Access\UserInviteService;

use BookStack\Entities\EntityProvider;

-use BookStack\Entities\Models\Book;

-use BookStack\Entities\Models\Bookshelf;

-use BookStack\Entities\Models\Chapter;

-use BookStack\Entities\Models\Page;

-use BookStack\Exceptions\NotFoundException;

use BookStack\Exceptions\NotifyException;

use BookStack\Exceptions\UserUpdateException;

use BookStack\Facades\Activity;

use BookStack\Uploads\UserAvatars;

use Exception;

use BookStack\Exceptions\NotifyException;

use BookStack\Exceptions\UserUpdateException;

use BookStack\Facades\Activity;

use BookStack\Uploads\UserAvatars;

use Exception;

-use Illuminate\Database\Eloquent\Builder;

-use Illuminate\Database\Eloquent\Collection;

-use Illuminate\Pagination\LengthAwarePaginator;

use Illuminate\Support\Facades\Log;

use Illuminate\Support\Str;

class UserRepo

{

use Illuminate\Support\Facades\Log;

use Illuminate\Support\Str;

class UserRepo

{

- protected $userAvatar;

- protected $inviteService;

+ protected UserAvatars $userAvatar;

+ protected UserInviteService $inviteService;

/**

* UserRepo constructor.

/**

* UserRepo constructor.

return User::query()->where('slug', '=', $slug)->firstOrFail();

}

return User::query()->where('slug', '=', $slug)->firstOrFail();

}

- /**

- * Get all users as Builder for API.

- */

- public function getApiUsersBuilder(): Builder

- {

- return User::query()->select(['*'])

- ->scopes('withLastActivityAt')

- ->with(['avatar']);

- }

-

- /**

- * Get all the users with their permissions in a paginated format.

- * Note: Due to the use of email search this should only be used when

- * user is assumed to be trusted. (Admin users).

- * Email search can be abused to extract email addresses.

- */

- public function getAllUsersPaginatedAndSorted(int $count, array $sortData): LengthAwarePaginator

- {

- $sort = $sortData['sort'];

-

- $query = User::query()->select(['*'])

- ->scopes(['withLastActivityAt'])

- ->with(['roles', 'avatar'])

- ->withCount('mfaValues')

- ->orderBy($sort, $sortData['order']);

-

- if ($sortData['search']) {

- $term = '%' . $sortData['search'] . '%';

- $query->where(function ($query) use ($term) {

- $query->where('name', 'like', $term)

- ->orWhere('email', 'like', $term);

- });

- }

-

- return $query->paginate($count);

- }

-

- /**

- * Assign a user to a system-level role.

- *

- * @throws NotFoundException

- */

- public function attachSystemRole(User $user, string $systemRoleName)

- {

- $role = Role::getSystemRole($systemRoleName);

- if (is_null($role)) {

- throw new NotFoundException("Role '{$systemRoleName}' not found");

- }

- $user->attachRole($role);

- }

-

- /**

- * Checks if the give user is the only admin.

- */

- public function isOnlyAdmin(User $user): bool

- {

- if (!$user->hasSystemRole('admin')) {

- return false;

- }

-

- $adminRole = Role::getSystemRole('admin');

- if ($adminRole->users()->count() > 1) {

- return false;

- }

-

- return true;

- }

-

- /**

- * Set the assigned user roles via an array of role IDs.

- *

- * @throws UserUpdateException

- */

- public function setUserRoles(User $user, array $roles)

- {

- if ($this->demotingLastAdmin($user, $roles)) {

- throw new UserUpdateException(trans('errors.role_cannot_remove_only_admin'), $user->getEditUrl());

- }

-

- $user->roles()->sync($roles);

- }

-

- /**

- * Check if the given user is the last admin and their new roles no longer

- * contains the admin role.

- */

- protected function demotingLastAdmin(User $user, array $newRoles): bool

- {

- if ($this->isOnlyAdmin($user)) {

- $adminRole = Role::getSystemRole('admin');

- if (!in_array(strval($adminRole->id), $newRoles)) {

- return true;

- }

-

- return false;

- }

-

/**

* Create a new basic instance of user with the given pre-validated data.

*

/**

* Create a new basic instance of user with the given pre-validated data.

*

}

/**

}

/**

- * Get the recently created content for this given user.

+ * Get an avatar image for a user and set it as their avatar.

+ * Returns early if avatars disabled or not set in config.

*/

- public function getRecentlyCreated(User $user, int $count = 20): array

+ protected function downloadAndAssignUserAvatar(User $user): void

{

- $query = function (Builder $query) use ($user, $count) {

- return $query->orderBy('created_at', 'desc')

- ->where('created_by', '=', $user->id)

- ->take($count)

- ->get();

- };

-

- return [

- 'pages' => $query(Page::visible()->where('draft', '=', false)),

- 'chapters' => $query(Chapter::visible()),

- 'books' => $query(Book::visible()),

- 'shelves' => $query(Bookshelf::visible()),

- ];

+ try {

+ $this->userAvatar->fetchAndAssignToUser($user);

+ } catch (Exception $e) {

+ Log::error('Failed to save user avatar image');

+ }

}

/**

}

/**

- * Get asset created counts for the give user.

+ * Checks if the give user is the only admin.

*/

- public function getAssetCounts(User $user): array

+ protected function isOnlyAdmin(User $user): bool

{

- $createdBy = ['created_by' => $user->id];

-

- return [

- 'pages' => Page::visible()->where($createdBy)->count(),

- 'chapters' => Chapter::visible()->where($createdBy)->count(),

- 'books' => Book::visible()->where($createdBy)->count(),

- 'shelves' => Bookshelf::visible()->where($createdBy)->count(),

- ];

+ if (!$user->hasSystemRole('admin')) {

+ return false;

+ }

+

+ $adminRole = Role::getSystemRole('admin');

+ if ($adminRole->users()->count() > 1) {

+ return false;

+ }

+

+ return true;

}

/**

}

/**

- * Get the roles in the system that are assignable to a user.

+ * Set the assigned user roles via an array of role IDs.

+ *

+ * @throws UserUpdateException

*/

- public function getAllRoles(): Collection

+ protected function setUserRoles(User $user, array $roles)

{

- return Role::query()->orderBy('display_name', 'asc')->get();

+ if ($this->demotingLastAdmin($user, $roles)) {

+ throw new UserUpdateException(trans('errors.role_cannot_remove_only_admin'), $user->getEditUrl());

+ }

+

+ $user->roles()->sync($roles);

}

/**

}

/**

- * Get an avatar image for a user and set it as their avatar.

- * Returns early if avatars disabled or not set in config.

+ * Check if the given user is the last admin and their new roles no longer

+ * contains the admin role.

*/

- public function downloadAndAssignUserAvatar(User $user): void

+ protected function demotingLastAdmin(User $user, array $newRoles): bool

{

- try {

- $this->userAvatar->fetchAndAssignToUser($user);

- } catch (Exception $e) {

- Log::error('Failed to save user avatar image');

+ if ($this->isOnlyAdmin($user)) {

+ $adminRole = Role::getSystemRole('admin');

+ if (!in_array(strval($adminRole->id), $newRoles)) {

+ return true;

+ }

}

+

+ return false;

}