/**
* @param array $action
* @param array $options
* @return bool
*/
public function action($action, $options = [])
{
if (!empty($options['user_id'])) {
$user = User::find($options['user_id']);
} else {
/** @var User $user */
$user = $this->user();
$options['user_id'] = $user->id;
}
return !empty($user) && $user->role->check_action($action, $options);
}
public function forgottenPassword()
{
$view_data = array();
$rules = array('email' => 'required|email');
$validation = Validator::make(Request::all(), $rules);
if ($_POST && $validation->fails()) {
FormMessage::set($validation->messages());
} elseif ($_POST) {
$email_addr = Request::input('email');
$user = User::where('email', '=', $email_addr)->first();
if ($user !== null) {
if (!Auth::action('account.password', ['user_id' => $user->id])) {
FormMessage::add('email', 'You can\'t change the password for this account');
} else {
$code = urlencode(str_random(32) . microtime());
$user->tmp_code = $code;
$user->tmp_code_created = new Carbon();
$user->save();
Mail::send('coaster::emails.forgotten_password', array('code' => $code), function ($message) use($email_addr) {
$message->from(config('coaster::site.email'));
$message->to($email_addr);
$message->subject(config('coaster::site.name') . ': Forgotten Password');
});
$failures = Mail::failures();
if (empty($failures)) {
$view_data['success'] = 'We have sent an email to you with a link to change your password.';
} else {
FormMessage::add('email', 'There was an error sending mail, please contact <a href="mailto:support@web-feet.co.uk?Subject=' . config('coaster::site.name') . ': Forgotten Password">support</a>.');
}
}
} else {
FormMessage::add('email', 'We couldn\'t find your records.');
}
}
$this->layoutData['title'] = 'Forgotten Password';
$this->layoutData['content'] = View::make('coaster::pages.forgotten_password', $view_data);
}
public function postDelete()
{
$v = Validator::make(Request::all(), array('new_role' => 'required|integer'));
$error = 'Invalid new role ID: ' . Request::input('new_role');
if ($v->passes()) {
$error = 'Role does not exist with ID: ' . Request::input('role');
if ($role = UserRole::find(Request::input('role'))) {
$error = 'New role ID must be different from the role being deleted';
if (Request::input('new_role') != $role->id) {
User::where('role_id', '=', Request::input('role'))->update(['role_id' => Request::input('new_role')]);
return json_encode($role->delete());
}
}
}
return Response::make($error, 500);
}
public function saveAdminUser()
{
$details = Request::all();
if (User::count() == 0 || $details['skip'] != 'Skip') {
$v = Validator::make($details, array('email' => 'required|email', 'password' => 'required|confirmed|min:4'));
if (!$v->passes()) {
FormMessage::set($v->messages());
return $this->setupAdminUser();
}
$date = new Carbon();
DB::table('users')->insert(array(array('active' => 1, 'password' => Hash::make($details['password']), 'email' => $details['email'], 'role_id' => '1', 'created_at' => $date, 'updated_at' => $date)));
}
Install::setInstallState('coaster.install.theme');
return \redirect()->route('coaster.install.theme');
}
public static function userAliases()
{
if (!isset(self::$_aliases)) {
self::$_aliases = [];
foreach (User::all() as $user) {
self::$_aliases[$user->id] = $user->name ?: $user->email;
}
}
return self::$_aliases;
}
public function postDelete($userId = 0)
{
$error = 'User with ID ' . $userId . ' not found';
if ($user = User::find($userId)) {
if (Auth::user()->role->admin >= $user->role->admin && Auth::user()->id != $user->id) {
return json_encode($user->delete());
}
$error = 'Can\'t remove super admin or your own account';
}
return Response::make($error, 500);
}
/**
* Convert user id to name if not custom
* @param null|string $content
* @return null|string
*/
public function generateSearchText($content)
{
$userAliases = $content ? User::userAliases() : [];
$userName = is_numeric($content) && !empty($userAliases[$content]) ? $userAliases[$content] : $content;
return parent::generateSearchText($userName);
}