X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/85db812feaae5f36ea6214931cec4adb67a9cb39..refs/pull/3391/head:/app/Auth/User.php

diff --git a/app/Auth/User.php b/app/Auth/User.php
index 2f3c00a4b..4e2183244 100644
--- a/app/Auth/User.php
+++ b/app/Auth/User.php
@@ -1,7 +1,10 @@
-<?php namespace BookStack\Auth;
+<?php
+
+namespace BookStack\Auth;
 
 use BookStack\Actions\Favourite;
 use BookStack\Api\ApiToken;
+use BookStack\Auth\Access\Mfa\MfaValue;
 use BookStack\Entities\Tools\SlugGenerator;
 use BookStack\Interfaces\Loggable;
 use BookStack\Interfaces\Sluggable;
@@ -15,6 +18,7 @@ use Illuminate\Auth\Passwords\CanResetPassword;
 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
 use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\BelongsToMany;
 use Illuminate\Database\Eloquent\Relations\HasMany;
@@ -22,32 +26,39 @@ use Illuminate\Notifications\Notifiable;
 use Illuminate\Support\Collection;
 
 /**
- * Class User
- * @property string $id
- * @property string $name
- * @property string $slug
- * @property string $email
- * @property string $password
- * @property Carbon $created_at
- * @property Carbon $updated_at
- * @property bool $email_confirmed
- * @property int $image_id
- * @property string $external_auth_id
- * @property string $system_name
+ * Class User.
+ *
+ * @property int        $id
+ * @property string     $name
+ * @property string     $slug
+ * @property string     $email
+ * @property string     $password
+ * @property Carbon     $created_at
+ * @property Carbon     $updated_at
+ * @property bool       $email_confirmed
+ * @property int        $image_id
+ * @property string     $external_auth_id
+ * @property string     $system_name
  * @property Collection $roles
+ * @property Collection $mfaValues
  */
 class User extends Model implements AuthenticatableContract, CanResetPasswordContract, Loggable, Sluggable
 {
-    use Authenticatable, CanResetPassword, Notifiable;
+    use HasFactory;
+    use Authenticatable;
+    use CanResetPassword;
+    use Notifiable;
 
     /**
      * The database table used by the model.
+     *
      * @var string
      */
     protected $table = 'users';
 
     /**
      * The attributes that are mass assignable.
+     *
      * @var array
      */
     protected $fillable = ['name', 'email'];
@@ -56,35 +67,37 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     /**
      * The attributes excluded from the model's JSON form.
+     *
      * @var array
      */
     protected $hidden = [
         'password', 'remember_token', 'system_name', 'email_confirmed', 'external_auth_id', 'email',
-        'created_at', 'updated_at', 'image_id',
+        'created_at', 'updated_at', 'image_id', 'roles', 'avatar', 'user_id',
     ];
 
     /**
      * This holds the user's permissions when loaded.
-     * @var ?Collection
      */
-    protected $permissions;
+    protected ?Collection $permissions;
 
     /**
      * This holds the default user when loaded.
+     *
      * @var null|User
      */
-    protected static $defaultUser = null;
+    protected static ?User $defaultUser = null;
 
     /**
      * Returns the default public user.
      */
-    public static function getDefault(): User
+    public static function getDefault(): self
     {
         if (!is_null(static::$defaultUser)) {
             return static::$defaultUser;
         }
-        
+
         static::$defaultUser = static::query()->where('system_name', '=', 'public')->first();
+
         return static::$defaultUser;
     }
 
@@ -98,13 +111,15 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     /**
      * The roles that belong to the user.
+     *
      * @return BelongsToMany
      */
     public function roles()
     {
         if ($this->id === 0) {
-            return ;
+            return;
         }
+
         return $this->belongsToMany(Role::class);
     }
 
@@ -129,7 +144,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function attachDefaultRole(): void
     {
-        $roleId = setting('registration-role');
+        $roleId = intval(setting('registration-role'));
         if ($roleId && $this->roles()->where('id', '=', $roleId)->count() === 0) {
             $this->roles()->attach($roleId);
         }
@@ -161,7 +176,6 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             ->leftJoin('permission_role', 'ru.role_id', '=', 'permission_role.role_id')
             ->leftJoin('role_permissions', 'permission_role.permission_id', '=', 'role_permissions.id')
             ->where('ru.user_id', '=', $this->id)
-            ->get()
             ->pluck('name');
 
         return $this->permissions;
@@ -194,7 +208,9 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     /**
      * Check if the user has a social account,
      * If a driver is passed it checks for that single account type.
+     *
      * @param bool|string $socialDriver
+     *
      * @return bool
      */
     public function hasSocialAccount($socialDriver = false)
@@ -207,7 +223,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     }
 
     /**
-     * Returns a URL to the user's avatar
+     * Returns a URL to the user's avatar.
      */
     public function getAvatar(int $size = 50): string
     {
@@ -222,6 +238,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         } catch (Exception $err) {
             $avatar = $default;
         }
+
         return $avatar;
     }
 
@@ -249,6 +266,14 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         return $this->hasMany(Favourite::class);
     }
 
+    /**
+     * Get the MFA values belonging to this use.
+     */
+    public function mfaValues(): HasMany
+    {
+        return $this->hasMany(MfaValue::class);
+    }
+
     /**
      * Get the last activity time for this user.
      */
@@ -268,6 +293,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     public function getEditUrl(string $path = ''): string
     {
         $uri = '/settings/users/' . $this->id . '/' . trim($path, '/');
+
         return url(rtrim($uri, '/'));
     }
 
@@ -298,7 +324,9 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     /**
      * Send the password reset notification.
-     * @param  string  $token
+     *
+     * @param string $token
+     *
      * @return void
      */
     public function sendPasswordResetNotification($token)
@@ -307,7 +335,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     }
 
     /**
-     * @inheritdoc
+     * {@inheritdoc}
      */
     public function logDescriptor(): string
     {
@@ -315,11 +343,12 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     }
 
     /**
-     * @inheritDoc
+     * {@inheritdoc}
      */
     public function refreshSlug(): string
     {
         $this->slug = app(SlugGenerator::class)->generate($this);
+
         return $this->slug;
     }
 }