BookStack Code Mirror - bookstack/blobdiff

-<?php namespace BookStack\Auth;

+<?php

-use Activity;

+namespace BookStack\Auth;

+

+use BookStack\Actions\ActivityType;

+use BookStack\Auth\Access\UserInviteService;

use BookStack\Entities\EntityProvider;

use BookStack\Entities\Models\Book;

use BookStack\Entities\Models\Bookshelf;

use BookStack\Entities\Models\Chapter;

use BookStack\Entities\Models\Page;

use BookStack\Exceptions\NotFoundException;

use BookStack\Entities\EntityProvider;

use BookStack\Entities\Models\Book;

use BookStack\Entities\Models\Bookshelf;

use BookStack\Entities\Models\Chapter;

use BookStack\Entities\Models\Page;

use BookStack\Exceptions\NotFoundException;

+use BookStack\Exceptions\NotifyException;

use BookStack\Exceptions\UserUpdateException;

-use BookStack\Uploads\Image;

+use BookStack\Facades\Activity;

use BookStack\Uploads\UserAvatars;

use Exception;

use Illuminate\Database\Eloquent\Builder;

use Illuminate\Database\Eloquent\Collection;

use Illuminate\Pagination\LengthAwarePaginator;

use BookStack\Uploads\UserAvatars;

use Exception;

use Illuminate\Database\Eloquent\Builder;

use Illuminate\Database\Eloquent\Collection;

use Illuminate\Pagination\LengthAwarePaginator;

-use Images;

-use Log;

+use Illuminate\Support\Facades\Log;

+use Illuminate\Support\Str;

class UserRepo

{

protected $userAvatar;

class UserRepo

{

protected $userAvatar;

+ protected $inviteService;

/**

* UserRepo constructor.

*/

/**

* UserRepo constructor.

*/

- public function __construct(UserAvatars $userAvatar)

+ public function __construct(UserAvatars $userAvatar, UserInviteService $inviteService)

{

$this->userAvatar = $userAvatar;

{

$this->userAvatar = $userAvatar;

+ $this->inviteService = $inviteService;

}

/**

}

/**

}

/**

}

/**

- * Get all the users with their permissions.

+ * Get a user by their slug.

*/

- public function getAllUsers(): Collection

+ public function getBySlug(string $slug): User

{

- return User::query()->with('roles', 'avatar')->orderBy('name', 'asc')->get();

+ return User::query()->where('slug', '=', $slug)->firstOrFail();

+ }

+

+ /**

+ * Get all users as Builder for API

+ */

+ public function getApiUsersBuilder(): Builder

+ {

+ return User::query()->select(['*'])

+ ->scopes('withLastActivityAt')

+ ->with(['avatar']);

}

/**

* Get all the users with their permissions in a paginated format.

}

/**

* Get all the users with their permissions in a paginated format.

+ * Note: Due to the use of email search this should only be used when

+ * user is assumed to be trusted. (Admin users).

+ * Email search can be abused to extract email addresses.

*/

public function getAllUsersPaginatedAndSorted(int $count, array $sortData): LengthAwarePaginator

{

$sort = $sortData['sort'];

$query = User::query()->select(['*'])

*/

public function getAllUsersPaginatedAndSorted(int $count, array $sortData): LengthAwarePaginator

{

$sort = $sortData['sort'];

$query = User::query()->select(['*'])

- ->withLastActivityAt()

+ ->scopes(['withLastActivityAt'])

->with(['roles', 'avatar'])

+ ->withCount('mfaValues')

->orderBy($sort, $sortData['order']);

if ($sortData['search']) {

->orderBy($sort, $sortData['order']);

if ($sortData['search']) {

return $query->paginate($count);

}

return $query->paginate($count);

}

- /**

- * Creates a new user and attaches a role to them.

- */

- public function registerNew(array $data, bool $emailConfirmed = false): User

- {

- $user = $this->create($data, $emailConfirmed);

- $user->attachDefaultRole();

- $this->downloadAndAssignUserAvatar($user);

-

- return $user;

- }

-

/**

* Assign a user to a system-level role.

/**

* Assign a user to a system-level role.

+ *

* @throws NotFoundException

*/

public function attachSystemRole(User $user, string $systemRoleName)

* @throws NotFoundException

*/

public function attachSystemRole(User $user, string $systemRoleName)

/**

* Set the assigned user roles via an array of role IDs.

/**

* Set the assigned user roles via an array of role IDs.

+ *

* @throws UserUpdateException

*/

public function setUserRoles(User $user, array $roles)

* @throws UserUpdateException

*/

public function setUserRoles(User $user, array $roles)

* Check if the given user is the last admin and their new roles no longer

* contains the admin role.

*/

* Check if the given user is the last admin and their new roles no longer

* contains the admin role.

*/

- protected function demotingLastAdmin(User $user, array $newRoles) : bool

+ protected function demotingLastAdmin(User $user, array $newRoles): bool

{

if ($this->isOnlyAdmin($user)) {

$adminRole = Role::getSystemRole('admin');

{

if ($this->isOnlyAdmin($user)) {

$adminRole = Role::getSystemRole('admin');

}

/**

}

/**

- * Create a new basic instance of user.

+ * Create a new basic instance of user with the given pre-validated data.

+ * @param array{name: string, email: string, password: ?string, external_auth_id: ?string, language: ?string, roles: ?array} $data

*/

- public function create(array $data, bool $emailConfirmed = false): User

+ public function createWithoutActivity(array $data, bool $emailConfirmed = false): User

{

- $details = [

- 'name' => $data['name'],

- 'email' => $data['email'],

- 'password' => bcrypt($data['password']),

- 'email_confirmed' => $emailConfirmed,

- 'external_auth_id' => $data['external_auth_id'] ?? '',

- ];

- return User::query()->forceCreate($details);

+ $user = new User();

+ $user->name = $data['name'];

+ $user->email = $data['email'];

+ $user->password = bcrypt(empty($data['password']) ? Str::random(32) : $data['password']);

+ $user->email_confirmed = $emailConfirmed;

+ $user->external_auth_id = $data['external_auth_id'] ?? '';

+

+ $user->refreshSlug();

+ $user->save();

+

+ if (!empty($data['language'])) {

+ setting()->putUser($user, 'language', $data['language']);

+ }

+

+ if (isset($data['roles'])) {

+ $this->setUserRoles($user, $data['roles']);

+ }

+

+ $this->downloadAndAssignUserAvatar($user);

+

+ return $user;

+ }

+

+ /**

+ * As per "createWithoutActivity" but records a "create" activity.

+ * @param array{name: string, email: string, password: ?string, external_auth_id: ?string, language: ?string, roles: ?array} $data

+ */

+ public function create(array $data, bool $sendInvite = false): User

+ {

+ $user = $this->createWithoutActivity($data, true);

+

+ if ($sendInvite) {

+ $this->inviteService->sendInvitation($user);

+ }

+

+ Activity::add(ActivityType::USER_CREATE, $user);

+ return $user;

+ }

+

+ /**

+ * Update the given user with the given data.

+ * @param array{name: ?string, email: ?string, external_auth_id: ?string, password: ?string, roles: ?array<int>, language: ?string} $data

+ * @throws UserUpdateException

+ */

+ public function update(User $user, array $data, bool $manageUsersAllowed): User

+ {

+ if (!empty($data['name'])) {

+ $user->name = $data['name'];

+ $user->refreshSlug();

+ }

+

+ if (!empty($data['email']) && $manageUsersAllowed) {

+ $user->email = $data['email'];

+ }

+

+ if (!empty($data['external_auth_id']) && $manageUsersAllowed) {

+ $user->external_auth_id = $data['external_auth_id'];

+ }

+

+ if (isset($data['roles']) && $manageUsersAllowed) {

+ $this->setUserRoles($user, $data['roles']);

+ }

+

+ if (!empty($data['password'])) {

+ $user->password = bcrypt($data['password']);

+ }

+

+ if (!empty($data['language'])) {

+ setting()->putUser($user, 'language', $data['language']);

+ }

+

+ $user->save();

+ Activity::add(ActivityType::USER_UPDATE, $user);

+

+ return $user;

}

/**

* Remove the given user from storage, Delete all related content.

}

/**

* Remove the given user from storage, Delete all related content.

+ *

* @throws Exception

*/

public function destroy(User $user, ?int $newOwnerId = null)

{

* @throws Exception

*/

public function destroy(User $user, ?int $newOwnerId = null)

{

+ $this->ensureDeletable($user);

+

$user->socialAccounts()->delete();

$user->apiTokens()->delete();

$user->socialAccounts()->delete();

$user->apiTokens()->delete();

+ $user->favourites()->delete();

+ $user->mfaValues()->delete();

$user->delete();

-

- // Delete user profile images

- $profileImages = Image::query()->where('type', '=', 'user')

- ->where('uploaded_to', '=', $user->id)

- ->get();

- foreach ($profileImages as $image) {

- Images::destroy($image);

- }

+ // Delete user profile images

+ $this->userAvatar->destroyAllForUser($user);

if (!empty($newOwnerId)) {

$newOwner = User::query()->find($newOwnerId);

if (!empty($newOwnerId)) {

$newOwner = User::query()->find($newOwnerId);

$this->migrateOwnership($user, $newOwner);

}

$this->migrateOwnership($user, $newOwner);

}

+

+ Activity::add(ActivityType::USER_DELETE, $user);

}

/**

}

/**

- * Migrate ownership of items in the system from one user to another.

+ * @throws NotifyException

*/

- protected function migrateOwnership(User $fromUser, User $toUser)

+ protected function ensureDeletable(User $user): void

{

- $entities = (new EntityProvider)->all();

- foreach ($entities as $instance) {

- $instance->newQuery()->where('owned_by', '=', $fromUser->id)

- ->update(['owned_by' => $toUser->id]);

+ if ($this->isOnlyAdmin($user)) {

+ throw new NotifyException(trans('errors.users_cannot_delete_only_admin'), $user->getEditUrl());

+ }

+

+ if ($user->system_name === 'public') {

+ throw new NotifyException(trans('errors.users_cannot_delete_guest'), $user->getEditUrl());

}

/**

}

/**

- * Get the latest activity for a user.

+ * Migrate ownership of items in the system from one user to another.

*/

- public function getActivity(User $user, int $count = 20, int $page = 0): array

+ protected function migrateOwnership(User $fromUser, User $toUser)

{

- return Activity::userActivity($user, $count, $page);

+ $entities = (new EntityProvider())->all();

+ foreach ($entities as $instance) {

+ $instance->newQuery()->where('owned_by', '=', $fromUser->id)

+ ->update(['owned_by' => $toUser->id]);

+ }

}

/**

}

/**

};

return [

};

return [

- 'pages' => $query(Page::visible()->where('draft', '=', false)),

+ 'pages' => $query(Page::visible()->where('draft', '=', false)),

'chapters' => $query(Chapter::visible()),

- 'books' => $query(Book::visible()),

- 'shelves' => $query(Bookshelf::visible()),

+ 'books' => $query(Book::visible()),

+ 'shelves' => $query(Bookshelf::visible()),

];

}

];

}

public function getAssetCounts(User $user): array

{

$createdBy = ['created_by' => $user->id];

public function getAssetCounts(User $user): array

{

$createdBy = ['created_by' => $user->id];

+

return [

- 'pages' => Page::visible()->where($createdBy)->count(),

- 'chapters' => Chapter::visible()->where($createdBy)->count(),

- 'books' => Book::visible()->where($createdBy)->count(),

- 'shelves' => Bookshelf::visible()->where($createdBy)->count(),

+ 'pages' => Page::visible()->where($createdBy)->count(),

+ 'chapters' => Chapter::visible()->where($createdBy)->count(),

+ 'books' => Book::visible()->where($createdBy)->count(),

+ 'shelves' => Bookshelf::visible()->where($createdBy)->count(),

];

}

];

}