public function actionRegister()
{
$account = new User();
//$account->name = $_POST['name'];
$account->email = $_POST['email'];
$account->createUser();
$account->setPassword($_POST['password']);
View::display('main.tmpl');
}
public function run()
{
$user = User::where('email', '*****@*****.**')->first();
if (!$user) {
$user = User::Create(['name' => 'administrator', 'email' => '*****@*****.**', 'password' => bcrypt('admin'), 'is_admin' => true]);
}
}
/**
* 增加工作流步骤用户关联时的日志记录
*/
public function handler()
{
if (Request::method() !== 'POST') {
return false;
}
if (!$this->isLog()) {
return false;
}
$extDatas = $this->getExtDatas();
if (!isset($extDatas['userIds']) or !is_array($extDatas['userIds']) or empty($extDatas['userIds']) or !isset($extDatas['stepInfo'])) {
return false;
}
$manager = new Process();
$workflowInfo = $manager->workflowInfo(['id' => $extDatas['stepInfo']['workflow_id']]);
$userModel = new User();
foreach ($extDatas['userIds'] as $userId) {
$userInfo = $userModel->getOneUserById($userId);
event(new ActionLog(Lang::get('actionlog.set_step_user', ['workflow_step' => $extDatas['stepInfo']['name'], 'workflow' => $workflowInfo['name'], 'username' => $userInfo['realname']])));
}
}
/**
* Boot the authentication services for the application.
*
* @return void
*/
public function boot()
{
// Here you may define how you wish users to be authenticated for your Lumen
// application. The callback which receives the incoming request instance
// should return either a User instance or null. You're free to obtain
// the User instance via an API token or any other method necessary.
$this->app['auth']->viaRequest('token', function (Request $request) {
if ($request->header('apitoken')) {
return User::where('api_token', $request->header('apitoken'))->first();
}
});
}
/**
* Validate and Send email to user
* @param Request
* @return Notification
*/
public function forgotPassword(Request $request)
{
$this->validate($request, ['username' => 'required']);
$user = User::where('email', $request->input("username"))->orWhere('username', $request->input("username"))->first();
if (!empty($user)) {
// @todo email implementation goes here
$success = new Notification();
$success->notify("We have sent an email to your registered email. Please follow the steps to reset your password.", 5200, "success");
return $this->respondWithCORS($success);
} else {
$error = new Notification();
$error->notify("User not found.", 5200);
return $this->respondWithCORS($error);
}
}
public function search($input)
{
$query = User::query();
$columns = Schema::getColumnListing('users');
$attributes = array();
foreach ($columns as $attribute) {
if (isset($input[$attribute]) and !empty($input[$attribute])) {
$query->where($attribute, $input[$attribute]);
$attributes[$attribute] = $input[$attribute];
} else {
$attributes[$attribute] = null;
}
}
return [$query->get(), $attributes];
}
/**
* validateLogin validates the username/email and password from database.
* @param Request
* @return Notification
*/
public function validateLogin(Request $request)
{
$emailLogin = ['email' => $request->input("username"), 'password' => hash('sha1', $request->input("password"))];
$usernameLogin = ['username' => $request->input("username"), 'password' => hash('sha1', $request->input("password"))];
$user = User::where($emailLogin)->orWhere($usernameLogin)->first();
if (!empty($user)) {
$salt = new Salt();
$user->api_token = hash('sha1', $salt->spiceItUp($user->email));
$user->save();
return $user;
} else {
$error = new Notification();
$error->notify("Provided Username and Password doesn't match. Please try again.", 5000);
return $error;
}
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
* @return Response
*/
public function edit($id)
{
try {
$model = $this->getModel($id);
$users = [null => 'Empty'] + User::withTrashed()->lists('display_name', 'id');
return view($this->edit_view, compact(['model', 'users']));
} catch (Exception $e) {
Flash::warning(trans($this->resource_name . 'not_found', ['model' => $this->model_name, 'id' => $id]));
return $this->index();
}
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function index()
{
header('Access-Control-Allow-Origin: *');
$users['users'] = User::all();
return response()->json(['status' => 'ok', 'response' => $users], 200);
}
public function confirmEmailRegistration($activation_code)
{
if (!$activation_code) {
return redirect('admin')->withErrors(['credentials' => trans('register.activation_code_required')]);
}
if (!Session::has('unverified_email')) {
return redirect('admin')->withErrors(['credentials' => trans('register.missing_session_email')]);
}
$user = User::whereActivationCode($activation_code)->first();
if (!$user) {
return redirect('admin')->withErrors(['credentials' => trans('register.invalid_registration_code')]);
}
$user->email = session('unverified_email');
$user->activation_code = null;
$user->save();
return redirect('admin')->with('flash_message', trans('register.registration-success'));
}
/**
* 检测当前用户的用户组的等级是否比其它用户或用户组的高,如果低于,则不能操作。
* 该函数只要用于用户列表和用户组列表的相关操作。
*
* @param intval $id 用户或用户组的ID
* @param string $type 标识传进来的ID是用户ID('user')还是用户组ID('group'),还是level值(level)
* @return boolean
*/
public function checkGroupLevelPermission($id, $type)
{
if (!$id) {
return false;
}
//如果是超级用户,那么直接返回true
if ($this->isSuperSystemManager()) {
return true;
}
//当前登陆用户的信息
$userObj = SC::getLoginSession();
$groupModel = new Group();
$userModel = new User();
//当前登陆用户的用户组信息
$currentGroupInfo = $groupModel->getOneGroupById($userObj->group_id);
if (empty($currentGroupInfo)) {
return false;
}
//通过用户组的level来做判断
if ($type === self::GROUP_LEVEL_TYPE_LEVEL) {
return $id <= $currentGroupInfo['level'] ? false : true;
}
//通过用户来做判断
if ($type === self::GROUP_LEVEL_TYPE_USER) {
$userInfo = $userModel->getOneUserById($id);
if ($userInfo['name'] == self::ADMIN_NAME) {
return false;
}
$toGroupInfo = $groupModel->getOneGroupById($userInfo['group_id']);
}
//通过用户组来做判断
if ($type === self::GROUP_LEVEL_TYPE_GROUP) {
$toGroupInfo = $groupModel->getOneGroupById($id);
}
//开始判断他们的level情况
if (isset($toGroupInfo) and $toGroupInfo['level'] <= $currentGroupInfo['level']) {
return false;
}
return true;
}
/**
* 编辑用户的资料
*
* @access public
*/
public function edit()
{
if (Request::method() == 'POST') {
return $this->updateUserInfoToDatabase();
}
Session::flashInput(['http_referer' => Session::getOldInput('http_referer')]);
$id = Request::input('id');
$userId = url_param_decode($id);
if (!$userId or !is_numeric($userId)) {
return Js::error(Lang::get('common.illegal_operation'), true);
}
$userModel = new User();
$groupModel = new Group();
$userInfo = $userModel->getOneUserById($userId);
if (empty($userInfo)) {
return Js::error(Lang::get('user.user_not_found'), true);
}
if (!(new Acl())->checkGroupLevelPermission($userId, Acl::GROUP_LEVEL_TYPE_USER)) {
return Js::error(Lang::get('common.account_level_deny'), true);
}
//根据当前用户的权限获取用户组列表
$groupInfo = $groupModel->getOneGroupById(SC::getLoginSession()->group_id);
$isSuperSystemManager = (new Acl())->isSuperSystemManager();
if ($isSuperSystemManager) {
$groupInfo['level'] = 0;
}
$groupList = $groupModel->getGroupLevelLessThenCurrentUser($groupInfo['level']);
$formUrl = R('common', 'foundation.user.edit');
return view('admin.user.add', compact('userInfo', 'formUrl', 'id', 'groupList'));
}
/**
* Store a newly created resource in storage.
*
* @return Response
*/
public function store(ModelNewRequest $request)
{
try {
$roles = $request->input('roles', []);
$departments = $request->input('departments', []);
$user_id = $request->input('user_id', null);
$model = new User($request->all());
try {
DB::beginTransaction();
$model->user_id = $user_id;
$model->save();
$model->roles()->sync($roles);
$model->departments()->sync($departments);
if ($request->hasFile('photo')) {
$uploaded_file = $request->file('photo');
if ($uploaded_file->isValid()) {
$picture = new Picture();
$picture->filename = $this->save_picture($model->name, $uploaded_file);
$picture->mime_type = $uploaded_file->getMimeType();
$picture->extension = $uploaded_file->guessExtension();
if (!$picture->extension) {
$picture->extension = $uploaded_file->getExtension();
}
$picture->user_id = $model->id;
$picture->save();
}
}
DB::commit();
Flash::info(trans($this->resource_name . 'saved', ['model' => $this->model_name]));
return redirect(route($this->show_route, [$model->id]));
} catch (Exception $e) {
DB::rollBack();
throw $e;
}
} catch (Exception $e) {
$errors = [];
if ($e->getCode() == 23000) {
$errors['email'] = trans($this->resource_name . 'duplicated_email');
} else {
Flash::error($e->getMessage());
}
return $request->response($errors);
}
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return Response
*/
public function destroy($id)
{
$user = User::find($id);
//Remove avatar picture is exist
if ($user->avatar) {
$this->avatar_remove($user->avatar);
}
//Remove user record
$user->delete();
Session::flash('flash_message', trans('admin/users.form.delete_confirm'));
}
public function listUsers()
{
$ex = User::join('role_user', 'users.id', '=', 'role_user.user_id')->join('roles', 'role_user.role_id', '=', 'roles.id')->where('role_title', '=', 'Cliente')->where('active', '=', '1')->has('clientes', '<', 1)->get(['users.*'])->lists('username', 'id')->toArray();
$ac = User::where('id', '=', $this->user_id)->lists('username', 'id')->toArray();
return $ex + $ac;
}
/**
* index method gets logged in user from Auth:user and returns a json object.
* @param void
* @return loggedInUser
*/
public function index()
{
$loggedInuser = Auth::user();
$user = User::where("user_id", $loggedInuser->user_id)->first();
return $this->respondWithCORS($user);
}
/**
* Delete the user by user_id
* @param User
* @return Notification
*/
public function deleteUser($user_id)
{
$user = User::where('user_id', $user_id)->first();
if (!empty($user)) {
$user->delete();
$success = new Notification();
$success->notify("User deleted.", 5102, "success");
return $this->respondWithCORS($success);
} else {
$error = new Notification();
$error->notify("User not found.", 5103);
return $this->respondWithCORS($error);
}
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
public function create(array $data)
{
return User::create(['name' => $data['name'], 'email' => $data['email'], 'password' => bcrypt($data['password'])]);
}
/**
* 对用户进行权限设置
*
* @access public
*/
public function user(UserModel $userModel, Acl $acl, AclProcess $process)
{
if (Request::method() == 'POST') {
return $this->saveUserPermission();
}
$id = url_param_decode(Request::input('id'));
if (!$id or !is_numeric($id)) {
return Js::error(Lang::get('common.illegal_operation'), true);
}
$info = $userModel->getOneUserById(intval($id));
if (empty($info)) {
return Js::error(Lang::get('common.illegal_operation'), true);
}
if (!$acl->checkGroupLevelPermission($id, Acl::GROUP_LEVEL_TYPE_USER)) {
return Js::error(Lang::get('common.account_level_deny'), true);
}
$zTree = $process->prepareDataForZtree($process->getUserAccessPermissionIds($id));
$all = $process->prepareUserPermissionIds();
$router = 'user';
return view('admin.acl.setpermission', compact('zTree', 'id', 'info', 'router', 'all'));
}
static function treeUsers($route_show, $id, $indent, $name)
{
if ($indent < 15) {
$users = User::withTrashed()->whereUserId($id)->orderBy('name')->get();
if ($users->count() > 0) {
static::$treeResult .= PHP_EOL . '<ul>';
foreach ($users as $user) {
static::$treeResult .= PHP_EOL . '<li>' . link_to_route($route_show, $user->name, ['id' => $user->id]) . ' - ' . ($user->trashed() ? '<del>' . e($user->display_name) . '</del>' : e($user->display_name));
static::treeUsers($route_show, $user->id, $indent + 1, $user->name);
static::$treeResult .= PHP_EOL . '</li>';
}
static::$treeResult .= PHP_EOL . '</ul>';
}
}
}
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
User::create(['name' => 'Admin', 'username' => 'admin', 'email' => '*****@*****.**', 'role' => 1, 'password' => hash('sha1', 'admin'), 'api_token' => 'test', 'created_by' => 1, 'updated_by' => 1]);
User::create(['name' => 'User', 'username' => 'user', 'email' => '*****@*****.**', 'role' => 2, 'password' => hash('sha1', 'user'), 'api_token' => 'test2', 'created_by' => 1, 'updated_by' => 1]);
}
public function confirmRegistration($activation_code)
{
if (!$activation_code) {
return redirect('login')->withErrors(['credentials' => trans('register.activation_code_required')]);
}
$user = User::whereActivationCode($activation_code)->first();
if (!$user) {
return redirect('login')->withErrors(['credentials' => trans('register.invalid_registration_code')]);
}
$user->active = 1;
$user->activation_code = null;
$user->save();
return redirect('login')->with('registration-success', trans('register.registration-success'));
}
/**
* 删除用户
*
* @access public
*/
public function delete(UserValidate $userValidate, User $userModel, UserProcess $manager)
{
$id = $userValidate->deleteIds((array) Request::input('id'));
if (!$id or !is_array($id)) {
return responseJson(Lang::get('common.action_error'));
}
$userInfos = $userModel->getUserInIds($id);
if (!$manager->detele($id)) {
return responseJson($manager->getErrorMessage());
}
$this->setActionLog(['userInfos' => $userInfos]);
return responseJson(Lang::get('common.action_success'), true);
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
* @return Response
*/
public function edit($id)
{
if ($id == Folder::ROOT_FOLDER) {
Flash::error(trans($this->resource_name . 'forbidden'));
return redirect(route($this->show_route, [$id]));
}
try {
$model = $this->getModel($id);
$excluded = $model->children()->lists('id');
$excluded[] = $model->id;
$folders = Folder::ListItems($excluded);
$users = User::withTrashed()->lists('display_name', 'id');
$roots = Folder::whereFolderId(Folder::ROOT_FOLDER)->orWhere('id', Folder::ROOT_FOLDER)->withTrashed()->lists('name', 'id');
return view($this->edit_view, compact(['model', 'folders', 'users', 'roots']));
} catch (Exception $e) {
if ($e instanceof PDOException) {
Flash::error($e->errorInfo[2]);
} else {
Flash::warning(trans($this->resource_name . 'not_found', ['model' => $this->model_name, 'id' => $id]));
}
return $this->index();
}
}