/** * @param string $moderationName * * @param string $contentName * @param int $contentId * * @return \Illuminate\View\View */ public function renderModerationButton($moderationName, $contentName, $contentId) { $moderation = $this->moderationRegistry->get($moderationName); if ($moderation && $this->permissionChecker->hasPermission('user', null, $moderation->getPermissionName())) { return view('partials.moderation.moderation_button', ['moderation' => $moderation, 'content_name' => $contentName, 'content_id' => $contentId]); } }
/** * Check Permissions * * @param \Illuminate\Http\Request $request * * @return Boolean True if permission check passes, false otherwise */ protected function checkPermissions($request) { $action = $request->route()->getAction(); // Check for additional permissions required $requiredPermisions = isset($action['permissions']) ? explode('|', $action['permissions']) : false; return $this->permissionChecker->hasPermission('user', null, $requiredPermisions); }
/** * Get all users active in the last x minutes * * @param int $minutes The number of minutes which are considered as "online time" * @param string $orderBy * @param string $orderDir * @param int $num The number of users to return. Set to 0 to get all users * * @return mixed */ public function online($minutes = 15, $orderBy = 'last_visit', $orderDir = 'desc', $num = 20) { // If the user visited the logout page as last he's not online anymore /** @var Builder $baseQuery */ $baseQuery = $this->userModel->where('last_visit', '>=', new \DateTime("{$minutes} minutes ago"))->where('last_page', '!=', 'auth/logout')->orderBy('users.' . $orderBy, $orderDir); // No need to add anymore if the user has permission to view anyone if (!$this->permissionChecker->hasPermission('user', null, 'canViewAllOnline')) { // First get the id of our setting $settingId = Setting::where('name', 'user.showonline')->first()->id; // Now join the correct setting_values row $baseQuery->leftJoin('setting_values', function ($join) use($settingId) { $join->on('setting_values.user_id', '=', 'users.id')->where('setting_values.setting_id', '=', $settingId); }); // Either the setting is true or not set... $baseQuery->where(function ($query) { $query->where('setting_values.value', true)->orWhereNull('setting_values.value'); // ... or we're querying our row at the moment if ($this->guard->check()) { $query->orWhere('users.id', '=', $this->guard->user()->id); } }); } if ($num > 0) { return $baseQuery->paginate($num, ['users.*']); } return $baseQuery->get(['users.*']); }
/** * @return bool */ public function authorize() { if ($this->getModeration()) { return $this->permissionChecker->hasPermission('user', null, $this->getModeration()->getPermissionName()); } return true; }
/** * @return bool */ public function isOnline() { $minutes = $this->settings->get('wio.minutes', 15); // This user was logging out at last if ($this->wrappedObject->last_page == 'auth/logout') { return false; } // This user isn't online if (new \DateTime($this->wrappedObject->last_visit) < new \DateTime("{$minutes} minutes ago")) { return false; } // The user is online, now permissions // We're either testing our own account or have permissions to view everyone if ($this->permissionChecker->hasPermission('user', null, 'canViewAllOnline') || $this->guard->user()->id == $this->wrappedObject->id) { return true; } // Next we need to get the setting for this user // First get the id of our setting $settingId = Setting::where('name', 'user.showonline')->first()->id; // Now the value $settingValue = SettingValue::where('user_id', '=', $this->wrappedObject->id)->where('setting_id', '=', $settingId)->first(); // Either the value isn't set (good) or true (better), let's show this user as online if ($settingValue == null || $settingValue->value == true) { return true; } // Still here? Then the viewing user doesn't have the permissions and we show him as offline return false; }
/** * Filters a forum collection by the "canView" permission * * @param Collection $forums * * @return Collection */ private function filterUnviewableForums(Collection $forums) { return $forums->filter(function (Forum $forum) { return $this->permissionChecker->hasPermission('forum', $forum->getContentId(), $forum::getViewablePermission(), $this->guard->user()); }); }