*/
public function edit(int $id, SocialAuthService $socialAuthService)
{
- $this->preventGuestAccess();
- $this->checkPermissionOrCurrentUser('users-manage', $id);
+ $this->checkPermission('users-manage');
$user = $this->userRepo->getById($id);
$user->load(['apiTokens', 'mfaValues']);
public function update(Request $request, int $id)
{
$this->preventAccessInDemoMode();
- $this->preventGuestAccess();
- $this->checkPermissionOrCurrentUser('users-manage', $id);
+ $this->checkPermission('users-manage');
$validated = $this->validate($request, [
'name' => ['min:2', 'max:100'],
]);
$user = $this->userRepo->getById($id);
- $this->userRepo->update($user, $validated, userCan('users-manage'));
+ $this->userRepo->update($user, $validated, true);
// Save profile image if in request
if ($request->hasFile('profile_image')) {
$user->save();
}
- $redirectUrl = userCan('users-manage') ? '/settings/users' : "/settings/users/{$user->id}";
-
- return redirect($redirectUrl);
+ return redirect('/settings/users');
}
/**
*/
public function delete(int $id)
{
- $this->preventGuestAccess();
- $this->checkPermissionOrCurrentUser('users-manage', $id);
+ $this->checkPermission('users-manage');
$user = $this->userRepo->getById($id);
$this->setPageTitle(trans('settings.users_delete_named', ['userName' => $user->name]));
public function destroy(Request $request, int $id)
{
$this->preventAccessInDemoMode();
- $this->preventGuestAccess();
- $this->checkPermissionOrCurrentUser('users-manage', $id);
+ $this->checkPermission('users-manage');
$user = $this->userRepo->getById($id);
$newOwnerId = intval($request->get('new_owner_id')) ?: null;
projects / bookstack / blobdiff