public function delete($id) { $user = $this->find($id); //get a super admin user $super = \User::where('role', 'super')->first(); //get all LRSs owned by user being deleted $get_lrs = \Lrs::where('owner._id', $id)->get(); //do LRS exists? if ($get_lrs) { foreach ($get_lrs as &$lrs) { //grab existing users $existing = $lrs->users; //add super admin as the admin user array_push($existing, array('_id' => $super->_id, 'email' => $super->email, 'role' => 'admin')); //add merged users $lrs->users = $existing; //set owner to super admin $lrs->owner = array('_id' => $super->_id); $lrs->save(); } } //remove users from any LRSs they are a member off \DB::table('lrs')->pull('users', array('_id' => $user->_id)); //delete user document return $user->delete(); }
/** * Is a user, a member of an LRS? * * @param $string $lrs * @param $string $user * * @return boolean * **/ public static function isMember($lrs, $user) { $isMember = \Lrs::where('users._id', $user)->where('_id', $lrs)->first(); if ($isMember) { return true; } return false; }
/** * Get the LRS details based on Auth credentials * **/ public function getLrs() { //get the lrs $key = \Request::getUser(); $secret = \Request::getPassword(); $lrs = \Lrs::where('api.basic_key', $key)->where('api.basic_secret', $secret)->first(); $this->lrs = $lrs; }
App::singleton('oauth2', function () { $storage = new OAuth2\Storage\Mongo(App::make('db')->getMongoDB()); $server = new OAuth2\Server($storage); $server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage)); return $server; }); Route::get('/', function () { if (Auth::check()) { $site = \Site::first(); $admin_dashboard = new \app\locker\data\dashboards\AdminDashboard(); //if super admin, show site dashboard, otherwise show list of LRSs can access if (Auth::user()->role == 'super') { $list = Lrs::all(); return View::make('partials.site.dashboard', array('site' => $site, 'list' => $list, 'stats' => $admin_dashboard->getFullStats(), 'graph_data' => $admin_dashboard->getGraphData(), 'dash_nav' => true)); } else { $lrs = Lrs::where('users._id', \Auth::user()->_id)->get(); return View::make('partials.lrs.list', array('lrs' => $lrs, 'list' => $lrs, 'site' => $site)); } } else { $site = \Site::first(); if (isset($site)) { return View::make('system.forms.login', array('site' => $site)); } else { return View::make('system.forms.register'); } } }); /* |------------------------------------------------------------------ | Login |------------------------------------------------------------------
/* |-------------------------------------------------------------------------- | Submit statement via basic http authentication |-------------------------------------------------------------------------- | | Login in once using key / secret to store statements or retrieve statements. | */ Route::filter('auth.statement', function () { //set passed credentials $key = Request::getUser(); $secret = Request::getPassword(); $method = Request::server('REQUEST_METHOD'); if ($method !== "OPTIONS") { //see if the lrs exists based on key and secret $lrs = \Lrs::where('api.basic_key', $key)->where('api.basic_secret', $secret)->select('owner._id')->first(); //if no id found, return error if ($lrs == NULL) { return Response::json(array('error' => true, 'message' => 'Unauthorized request.'), 401); } //attempt login once if (!Auth::onceUsingId($lrs->owner['_id'])) { return Response::json(array('error' => true, 'message' => 'Unauthorized Request'), 401); } } }); /* |-------------------------------------------------------------------------- | Check for super admin |-------------------------------------------------------------------------- |