X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/14feef3679b6ecdce656d56dd754357997084632..refs/pull/438/head:/app/User.php

diff --git a/app/User.php b/app/User.php
index 4a5914afd..8033557e4 100644
--- a/app/User.php
+++ b/app/User.php
@@ -1,34 +1,31 @@
-<?php
-
-namespace BookStack;
+<?php namespace BookStack;
 
+use BookStack\Notifications\ResetPassword;
 use Illuminate\Auth\Authenticatable;
-use Illuminate\Database\Eloquent\Model;
 use Illuminate\Auth\Passwords\CanResetPassword;
 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Notifications\Notifiable;
 
 class User extends Model implements AuthenticatableContract, CanResetPasswordContract
 {
-    use Authenticatable, CanResetPassword;
+    use Authenticatable, CanResetPassword, Notifiable;
 
     /**
      * The database table used by the model.
-     *
      * @var string
      */
     protected $table = 'users';
 
     /**
      * The attributes that are mass assignable.
-     *
      * @var array
      */
     protected $fillable = ['name', 'email', 'image_id'];
 
     /**
      * The attributes excluded from the model's JSON form.
-     *
      * @var array
      */
     protected $hidden = ['password', 'remember_token'];
@@ -40,43 +37,67 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     protected $permissions;
 
     /**
-     * Returns a default guest user.
+     * Returns the default public user.
+     * @return User
      */
     public static function getDefault()
     {
-        return new static([
-            'email' => 'guest',
-            'name' => 'Guest'
-        ]);
+        return static::where('system_name', '=', 'public')->first();
     }
 
     /**
-     * Permissions and roles
+     * Check if the user is the default public user.
+     * @return bool
      */
+    public function isDefault()
+    {
+        return $this->system_name === 'public';
+    }
 
     /**
      * The roles that belong to the user.
+     * @return BelongsToMany
      */
     public function roles()
     {
-        return $this->belongsToMany('BookStack\Role');
+        if ($this->id === 0) return ;
+        return $this->belongsToMany(Role::class);
+    }
+
+    /**
+     * Check if the user has a role.
+     * @param $role
+     * @return mixed
+     */
+    public function hasRole($role)
+    {
+        return $this->roles->pluck('name')->contains($role);
     }
 
-    public function getRoleAttribute()
+    /**
+     * Check if the user has a role.
+     * @param $role
+     * @return mixed
+     */
+    public function hasSystemRole($role)
     {
-        return $this->roles()->with('permissions')->first();
+        return $this->roles->pluck('system_name')->contains('admin');
     }
 
     /**
-     * Loads the user's permissions from their role.
+     * Get all permissions belonging to a the current user.
+     * @param bool $cache
+     * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
      */
-    private function loadPermissions()
+    public function permissions($cache = true)
     {
-        if (isset($this->permissions)) return;
+        if(isset($this->permissions) && $cache) return $this->permissions;
         $this->load('roles.permissions');
-        $permissions = $this->roles[0]->permissions;
-        $permissionsArray = $permissions->pluck('name')->all();
-        $this->permissions = $permissionsArray;
+        $permissions = $this->roles->map(function($role) {
+            return $role->permissions;
+        })->flatten()->unique();
+        $this->permissions = $permissions;
+        return $permissions;
     }
 
     /**
@@ -86,11 +107,8 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function can($permissionName)
     {
-        if ($this->email == 'guest') {
-            return false;
-        }
-        $this->loadPermissions();
-        return array_search($permissionName, $this->permissions) !== false;
+        if ($this->email === 'guest') return false;
+        return $this->permissions()->pluck('name')->contains($permissionName);
     }
 
     /**
@@ -108,17 +126,16 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function attachRoleId($id)
     {
-        $this->roles()->sync([$id]);
+        $this->roles()->attach($id);
     }
 
     /**
      * Get the social account associated with this user.
-     *
      * @return \Illuminate\Database\Eloquent\Relations\HasMany
      */
     public function socialAccounts()
     {
-        return $this->hasMany('BookStack\SocialAccount');
+        return $this->hasMany(SocialAccount::class);
     }
 
     /**
@@ -138,15 +155,21 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     /**
      * Returns the user's avatar,
-     * Uses Gravatar as the avatar service.
-     *
      * @param int $size
      * @return string
      */
     public function getAvatar($size = 50)
     {
-        if ($this->image_id === 0 || $this->image_id === '0' || $this->image_id === null) return '/user_avatar.png';
-        return $this->avatar->getThumb($size, $size, false);
+        $default = baseUrl('/user_avatar.png');
+        $imageId = $this->image_id;
+        if ($imageId === 0 || $imageId === '0' || $imageId === null) return $default;
+
+        try {
+            $avatar = $this->avatar ? baseUrl($this->avatar->getThumb($size, $size, false)) : $default;
+        } catch (\Exception $err) {
+            $avatar = $default;
+        }
+        return $avatar;
     }
 
     /**
@@ -155,7 +178,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function avatar()
     {
-        return $this->belongsTo('BookStack\Image', 'image_id');
+        return $this->belongsTo(Image::class, 'image_id');
     }
 
     /**
@@ -164,6 +187,40 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function getEditUrl()
     {
-        return '/users/' . $this->id;
+        return baseUrl('/settings/users/' . $this->id);
+    }
+
+    /**
+     * Get the url that links to this user's profile.
+     * @return mixed
+     */
+    public function getProfileUrl()
+    {
+        return baseUrl('/user/' . $this->id);
+    }
+
+    /**
+     * Get a shortened version of the user's name.
+     * @param int $chars
+     * @return string
+     */
+    public function getShortName($chars = 8)
+    {
+        if (strlen($this->name) <= $chars) return $this->name;
+
+        $splitName = explode(' ', $this->name);
+        if (strlen($splitName[0]) <= $chars) return $splitName[0];
+
+        return '';
+    }
+
+    /**
+     * Send the password reset notification.
+     * @param  string  $token
+     * @return void
+     */
+    public function sendPasswordResetNotification($token)
+    {
+        $this->notify(new ResetPassword($token));
     }
 }