]> BookStack Code Mirror - bookstack/blobdiff - app/Users/Controllers/UserController.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Opensearch: Fixed XML declaration when php short tags enabled
[bookstack] / app / Users / Controllers / UserController.php
diff --git a/app/Users/Controllers/UserController.php b/app/Users/Controllers/UserController.php
index 0cd48948f8ccc79a461931f141f8cb333bf41043..c6e4326e99a9593cef25bbe2c73b3dfd860eeb4a 100644 (file)
--- a/app/Users/Controllers/UserController.php
+++ b/app/Users/Controllers/UserController.php
@@ -2,7 +2,8 @@
 
 namespace BookStack\Users\Controllers;
 
-use BookStack\Access\SocialAuthService;
+use BookStack\Access\SocialDriverManager;
+use BookStack\Access\UserInviteException;
 use BookStack\Exceptions\ImageUploadException;
 use BookStack\Exceptions\UserUpdateException;
 use BookStack\Http\Controller;
@@ -14,6 +15,7 @@ use BookStack\Util\SimpleListOptions;
 use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Validation\Rules\Password;
 use Illuminate\Validation\ValidationException;
 
@@ -91,9 +93,15 @@ class UserController extends Controller
 
         $validated = $this->validate($request, array_filter($validationRules));
 
-        DB::transaction(function () use ($validated, $sendInvite) {
-            $this->userRepo->create($validated, $sendInvite);
-        });
+        try {
+            DB::transaction(function () use ($validated, $sendInvite) {
+                $this->userRepo->create($validated, $sendInvite);
+            });
+        } catch (UserInviteException $e) {
+            Log::error("Failed to send user invite with error: {$e->getMessage()}");
+            $this->showErrorNotification(trans('errors.users_could_not_send_invite'));
+            return redirect('/settings/users/create')->withInput();
+        }
 
         return redirect('/settings/users');
     }
@@ -101,16 +109,15 @@ class UserController extends Controller
     /**
      * Show the form for editing the specified user.
      */
-    public function edit(int $id, SocialAuthService $socialAuthService)
+    public function edit(int $id, SocialDriverManager $socialDriverManager)
     {
-        $this->preventGuestAccess();
-        $this->checkPermissionOrCurrentUser('users-manage', $id);
+        $this->checkPermission('users-manage');
 
         $user = $this->userRepo->getById($id);
         $user->load(['apiTokens', 'mfaValues']);
         $authMethod = ($user->system_name) ? 'system' : config('auth.method');
 
-        $activeSocialDrivers = $socialAuthService->getActiveDrivers();
+        $activeSocialDrivers = $socialDriverManager->getActive();
         $mfaMethods = $user->mfaValues->groupBy('method');
         $this->setPageTitle(trans('settings.user_profile'));
         $roles = Role::query()->orderBy('display_name', 'asc')->get();
@@ -134,11 +141,10 @@ class UserController extends Controller
     public function update(Request $request, int $id)
     {
         $this->preventAccessInDemoMode();
-        $this->preventGuestAccess();
-        $this->checkPermissionOrCurrentUser('users-manage', $id);
+        $this->checkPermission('users-manage');
 
         $validated = $this->validate($request, [
-            'name'             => ['min:2', 'max:100'],
+            'name'             => ['min:1', 'max:100'],
             'email'            => ['min:2', 'email', 'unique:users,email,' . $id],
             'password'         => ['required_with:password_confirm', Password::default()],
             'password-confirm' => ['same:password', 'required_with:password'],
@@ -150,7 +156,7 @@ class UserController extends Controller
         ]);
 
         $user = $this->userRepo->getById($id);
-        $this->userRepo->update($user, $validated, userCan('users-manage'));
+        $this->userRepo->update($user, $validated, true);
 
         // Save profile image if in request
         if ($request->hasFile('profile_image')) {
@@ -168,9 +174,7 @@ class UserController extends Controller
             $user->save();
         }
 
-        $redirectUrl = userCan('users-manage') ? '/settings/users' : "/settings/users/{$user->id}";
-
-        return redirect($redirectUrl);
+        return redirect('/settings/users');
     }
 
     /**
@@ -178,8 +182,7 @@ class UserController extends Controller
      */
     public function delete(int $id)
     {
-        $this->preventGuestAccess();
-        $this->checkPermissionOrCurrentUser('users-manage', $id);
+        $this->checkPermission('users-manage');
 
         $user = $this->userRepo->getById($id);
         $this->setPageTitle(trans('settings.users_delete_named', ['userName' => $user->name]));
@@ -195,8 +198,7 @@ class UserController extends Controller
     public function destroy(Request $request, int $id)
     {
         $this->preventAccessInDemoMode();
-        $this->preventGuestAccess();
-        $this->checkPermissionOrCurrentUser('users-manage', $id);
+        $this->checkPermission('users-manage');
 
         $user = $this->userRepo->getById($id);
         $newOwnerId = intval($request->get('new_owner_id')) ?: null;
The core source code for the BookStack project.