<?php namespace BookStack\Auth;
use BookStack\Api\ApiToken;
+use BookStack\Entities\Tools\SlugGenerator;
+use BookStack\Interfaces\Loggable;
+use BookStack\Interfaces\Sluggable;
use BookStack\Model;
use BookStack\Notifications\ResetPassword;
use BookStack\Uploads\Image;
use Carbon\Carbon;
+use Exception;
use Illuminate\Auth\Authenticatable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Notifications\Notifiable;
+use Illuminate\Support\Collection;
/**
* Class User
- * @package BookStack\Auth
* @property string $id
* @property string $name
+ * @property string $slug
* @property string $email
* @property string $password
* @property Carbon $created_at
* @property int $image_id
* @property string $external_auth_id
* @property string $system_name
+ * @property Collection $roles
*/
-class User extends Model implements AuthenticatableContract, CanResetPasswordContract
+class User extends Model implements AuthenticatableContract, CanResetPasswordContract, Loggable, Sluggable
{
use Authenticatable, CanResetPassword, Notifiable;
*/
protected $fillable = ['name', 'email'];
+ protected $casts = ['last_activity_at' => 'datetime'];
+
/**
* The attributes excluded from the model's JSON form.
* @var array
*/
- protected $hidden = ['password', 'remember_token', 'system_name', 'email_confirmed', 'external_auth_id', 'email'];
+ protected $hidden = [
+ 'password', 'remember_token', 'system_name', 'email_confirmed', 'external_auth_id', 'email',
+ 'created_at', 'updated_at', 'image_id',
+ ];
/**
* This holds the user's permissions when loaded.
- * @var array
+ * @var ?Collection
*/
protected $permissions;
/**
* Returns the default public user.
- * @return User
*/
- public static function getDefault()
+ public static function getDefault(): User
{
if (!is_null(static::$defaultUser)) {
return static::$defaultUser;
}
- static::$defaultUser = static::where('system_name', '=', 'public')->first();
+ static::$defaultUser = static::query()->where('system_name', '=', 'public')->first();
return static::$defaultUser;
}
/**
* Check if the user is the default public user.
- * @return bool
*/
- public function isDefault()
+ public function isDefault(): bool
{
return $this->system_name === 'public';
}
/**
* Check if the user has a role.
- * @param $role
- * @return mixed
*/
- public function hasRole($role)
+ public function hasRole($roleId): bool
{
- return $this->roles->pluck('name')->contains($role);
+ return $this->roles->pluck('id')->contains($roleId);
}
/**
* Check if the user has a role.
- * @param $role
- * @return mixed
*/
- public function hasSystemRole($role)
+ public function hasSystemRole(string $roleSystemName): bool
{
- return $this->roles->pluck('system_name')->contains($role);
+ return $this->roles->pluck('system_name')->contains($roleSystemName);
}
/**
}
}
+ /**
+ * Check if the user has a particular permission.
+ */
+ public function can(string $permissionName): bool
+ {
+ if ($this->email === 'guest') {
+ return false;
+ }
+
+ return $this->permissions()->contains($permissionName);
+ }
+
/**
* Get all permissions belonging to a the current user.
- * @param bool $cache
- * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
*/
- public function permissions($cache = true)
+ protected function permissions(): Collection
{
- if (isset($this->permissions) && $cache) {
+ if (isset($this->permissions)) {
return $this->permissions;
}
- $this->load('roles.permissions');
- $permissions = $this->roles->map(function ($role) {
- return $role->permissions;
- })->flatten()->unique();
- $this->permissions = $permissions;
- return $permissions;
+
+ $this->permissions = $this->newQuery()->getConnection()->table('role_user', 'ru')
+ ->select('role_permissions.name as name')->distinct()
+ ->leftJoin('permission_role', 'ru.role_id', '=', 'permission_role.role_id')
+ ->leftJoin('role_permissions', 'permission_role.permission_id', '=', 'role_permissions.id')
+ ->where('ru.user_id', '=', $this->id)
+ ->get()
+ ->pluck('name');
+
+ return $this->permissions;
}
/**
- * Check if the user has a particular permission.
- * @param $permissionName
- * @return bool
+ * Clear any cached permissions on this instance.
*/
- public function can($permissionName)
+ public function clearPermissionCache()
{
- if ($this->email === 'guest') {
- return false;
- }
- return $this->permissions()->pluck('name')->contains($permissionName);
+ $this->permissions = null;
}
/**
* Attach a role to this user.
- * @param Role $role
*/
public function attachRole(Role $role)
{
/**
* Get the social account associated with this user.
- * @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
- public function socialAccounts()
+ public function socialAccounts(): HasMany
{
return $this->hasMany(SocialAccount::class);
}
}
/**
- * Returns the user's avatar,
- * @param int $size
- * @return string
+ * Returns a URL to the user's avatar
*/
- public function getAvatar($size = 50)
+ public function getAvatar(int $size = 50): string
{
$default = url('/user_avatar.png');
$imageId = $this->image_id;
try {
$avatar = $this->avatar ? url($this->avatar->getThumb($size, $size, false)) : $default;
- } catch (\Exception $err) {
+ } catch (Exception $err) {
$avatar = $default;
}
return $avatar;
/**
* Get the avatar for the user.
- * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
*/
- public function avatar()
+ public function avatar(): BelongsTo
{
return $this->belongsTo(Image::class, 'image_id');
}
return $this->hasMany(ApiToken::class);
}
+ /**
+ * Get the last activity time for this user.
+ */
+ public function scopeWithLastActivityAt(Builder $query)
+ {
+ $query->addSelect(['activities.created_at as last_activity_at'])
+ ->leftJoinSub(function (\Illuminate\Database\Query\Builder $query) {
+ $query->from('activities')->select('user_id')
+ ->selectRaw('max(created_at) as created_at')
+ ->groupBy('user_id');
+ }, 'activities', 'users.id', '=', 'activities.user_id');
+ }
+
/**
* Get the url for editing this user.
*/
*/
public function getProfileUrl(): string
{
- return url('/user/' . $this->id);
+ return url('/user/' . $this->slug);
}
/**
* Get a shortened version of the user's name.
- * @param int $chars
- * @return string
*/
- public function getShortName($chars = 8)
+ public function getShortName(int $chars = 8): string
{
if (mb_strlen($this->name) <= $chars) {
return $this->name;
{
$this->notify(new ResetPassword($token));
}
+
+ /**
+ * @inheritdoc
+ */
+ public function logDescriptor(): string
+ {
+ return "({$this->id}) {$this->name}";
+ }
+
+ /**
+ * @inheritDoc
+ */
+ public function refreshSlug(): string
+ {
+ $this->slug = app(SlugGenerator::class)->generate($this);
+ return $this->slug;
+ }
}
projects / bookstack / blobdiff