/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
$route_uri = $request->route()->getName();
$route = strstr($route_uri, '.', true);
if (Auth::check()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
$permission = UserHelper::get_route_permission($route);
if ($route_uri == $route . '.index' && isset($permission->list) && $permission->list == 1) {
return $next($request);
} elseif ($route_uri == $route . '.show' && isset($permission->view) && $permission->view == 1) {
return $next($request);
} elseif ($route_uri == $route . '.create' && isset($permission->add) && $permission->add == 1) {
return $next($request);
} elseif ($route_uri == $route . '.store' && isset($permission->add) && $permission->add == 1) {
return $next($request);
} elseif ($route_uri == $route . '.edit' && isset($permission->edit) && $permission->edit == 1) {
return $next($request);
} elseif ($route_uri == $route . '.update' && isset($permission->edit) && $permission->edit == 1) {
return $next($request);
} else {
Session()->flash('warning_message', 'You do not have permission to access!');
if (isset($permission->list) && $permission->list == 1) {
return redirect($route);
} else {
return redirect('/home');
}
}
}
} else {
return redirect()->guest('login');
}
}
/**
* @return \Illuminate\Contracts\Routing\ResponseFactory|\Symfony\Component\HttpFoundation\Response
*/
public function get()
{
$response = new AjaxResponse();
// Get user settings
$settings = Auth::user()->settings()->public()->first();
$settings->email = Auth::user()->email;
$response->addExtraFields(['data' => $settings, 'subscription_info' => UserHelper::remainingSubscriptionFormatted()]);
$response->setSuccessMessage('success');
return response($response->get());
}
public function deleteUser(Request $request)
{
self::ensureAdmin();
$user_id = $request->input('user_id');
$user = UserHelper::getUserById($user_id);
if (!$user) {
abort(404, 'User not found.');
}
$user->delete();
return "OK";
}
/**
* Send the response after the user was authenticated.
*
* @param \Illuminate\Http\Request $request
* @param bool $throttles
* @return \Illuminate\Http\Response
*/
protected function handleUserWasAuthenticated(Request $request, $throttles)
{
// Put menus to cache
Cache::forever('menu', UserHelper::get_task_module_component('position_left_01'));
if ($throttles) {
$this->clearLoginAttempts($request);
}
if (method_exists($this, 'authenticated')) {
return $this->authenticated($request, Auth::user());
}
return redirect()->intended($this->redirectPath());
}
public static function get_task_module_component($position = null, $action = 'list')
{
$modules = UserHelper::get_task_module($position, $action);
$components = array();
foreach ($modules as $module) {
$components[$module['component_id']]['id'] = $module['component_id'];
$components[$module['component_id']]['component_name'] = $module['component_name'];
$components[$module['component_id']]['component_icon'] = $module['component_icon'];
$components[$module['component_id']]['modules'][] = $module;
}
return $components;
}
public function performSignup(Request $request)
{
if (env('POLR_ALLOW_ACCT_CREATION') == false) {
return redirect(route('index'))->with('error', 'Sorry, but registration is disabled.');
}
$username = $request->input('username');
$password = $request->input('password');
$email = $request->input('email');
if (!self::checkRequiredArgs([$username, $password, $email])) {
// missing a required argument
return redirect(route('signup'))->with('error', 'Please fill in all required fields.');
}
$ip = $request->ip();
$user_exists = UserHelper::userExists($username);
$email_exists = UserHelper::emailExists($email);
if ($user_exists || $email_exists) {
// if user or email email
return redirect(route('signup'))->with('error', 'Sorry, your email or username already exists. Try again.');
}
$email_valid = UserHelper::validateEmail($email);
if ($email_valid == false) {
return redirect(route('signup'))->with('error', 'Please use a valid email to sign up.');
}
$acct_activation_needed = env('POLR_ACCT_ACTIVATION');
if ($acct_activation_needed == false) {
// if no activation is necessary
$active = 1;
$response = redirect(route('login'))->with('success', 'Thanks for signing up! You may now log in.');
} else {
// email activation is necessary
$response = redirect(route('login'))->with('success', 'Thanks for signing up! Please confirm your email to continue..');
$active = 0;
}
$api_active = false;
$api_key = null;
if (env('SETTING_AUTO_API') == 'on') {
// if automatic API key assignment is on
$api_active = 1;
$api_key = CryptoHelper::generateRandomHex(env('_API_KEY_LENGTH'));
}
$user = UserFactory::createUser($username, $email, $password, $active, $ip, $api_key, $api_active);
if ($acct_activation_needed) {
Mail::send('emails.activation', ['username' => $username, 'recovery_key' => $user->recovery_key, 'ip' => $ip], function ($m) use($user) {
$m->from(env('MAIL_FROM_ADDRESS'), env('MAIL_FROM_NAME'));
$m->to($email, $username)->subject(env('APP_NAME') . ' account activation');
});
}
return $response;
}
/**
* Initialize required stuff.
*/
public function __construct()
{
if (Auth::check()) {
// Check if admin center should be displayed
$roles = new Roles();
$showAdminCenter = false;
if ($roles->getAdminRoleId() === Auth::user()->role_id || $roles->getModeratorRoleId() === Auth::user()->role_id) {
$showAdminCenter = true;
}
View::share(['showAdminCenter' => $showAdminCenter, 'validSubscription' => UserHelper::validSubscription()]);
// Set language
App::setLocale(Settings::language());
// Check if user subscription is expired
if (UserHelper::subscriptionLeftDays(Auth::user()->id) < 0) {
UserTrialPeriod::where('user_id', Auth::user()->id)->update(['expired' => true]);
}
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
$user = Auth::user();
$route_uri = $request->route()->getName();
$route = strstr($route_uri, '.', true);
$currentYear = CommonHelper::get_current_financial_year();
$closingStatus = DB::table('account_closings')->where(['year' => $currentYear, 'workspace_id' => $user->workspace_id])->value('status');
$existingYearDetail = DB::table('financial_years')->where('year', $currentYear)->first();
$permission = UserHelper::get_route_permission($route);
if (!isset($closingStatus) || $closingStatus == 1 && $existingYearDetail->end_date < strtotime(date('Y-m-d'))) {
return $next($request);
} else {
Session()->flash('warning_message', 'Year closed already! If you want to do any Transaction, Please request for the Rollback!');
if (isset($permission->list) && $permission->list == 1) {
return redirect($route);
} else {
return redirect('/home');
}
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
$route_uri = $request->route();
$route = $route_uri->uri();
if (Auth::check()) {
$permission = UserHelper::get_route_permission($route);
if (isset($permission->list) && ($permission->list == 1 || $permission->view == 1)) {
return $next($request);
} else {
Session()->flash('flash_message', 'You do not have permission to access!');
if (isset($permission->list) && $permission->list == 1) {
return redirect($route);
} else {
return redirect('/home');
}
}
} else {
return redirect()->guest('login');
}
}
public function changePassword(Request $request)
{
if (!$this->isLoggedIn()) {
return abort(404);
}
$username = session('username');
$old_password = $request->input('current_password');
$new_password = $request->input('new_password');
if (UserHelper::checkCredentials($username, $old_password) == false) {
// Invalid credentials
return redirect('admin')->with('error', 'Current password invalid. Try again.');
} else {
// Credentials are correct
$user = UserHelper::getUserByUsername($username);
$user->password = Hash::make($new_password);
$user->save();
$request->session()->flash('success', "Password changed successfully.");
return redirect(route('admin'));
}
}
public static function isAdminAuthority($users)
{
$isIncluded = UserHelper::isLoggedUserIncluded($users);
}
?>
<?php
echo Html::img(Param::value('User.noAvatarImage'), ['class' => 'profile-user-img img-responsive img-circle']);
?>
<h3 class="profile-username text-center">
<?php
echo Html::encode($model->name);
?>
</h3>
<p class="text-muted text-center">
<?php
echo Yii::t('app', 'Member since {date}', ['date' => Yii::$app->formatter->asDate(Yii::$app->user->identity->created_at)]);
?>
</p>
<?php
echo ItemList::widget(['items' => [['title' => 'ID', 'value' => $model->getUser()->id], ['title' => Yii::t('app', 'Status'), 'value' => UserHelper::status($model->getUser())], ['title' => Yii::t('app', 'Last login'), 'value' => Yii::$app->formatter->asRelativeTime($model->getUser()->logged_at)]]]);
?>
<?php
Box::end();
?>
</div>
<div class="col-md-9">
<div class="nav-tabs-custom profile-tabs">
<?php
echo Tabs::widget(['items' => [['label' => Yii::t('app', 'Account'), 'content' => $this->render('_profile_account', ['model' => $model]), 'active' => $tab == 'account'], ['label' => Yii::t('app', 'Administer'), 'content' => $this->render('_profile_admin', ['model' => $model]), 'visible' => Yii::$app->user->can('updateAnyUser'), 'active' => $tab == 'admin']]]);
?>
</div>
</div>
</div>
/**
* Handle the event.
*
* @param UserLoggedIn $event
* @return void
*/
public function handle(UserLoggedIn $event)
{
UserHelper::updateSubscriptionIfExpired();
}
<br>
<p class="card-text">
<?php
if (empty($model->categories)) {
echo 'Нет категорий';
} else {
echo '<b>Категории</b>: ' . implode(', ', CategoryHelper::getList($model->categories));
}
?>
</p>
<p class="card-text">
<?php
if (empty($model->users)) {
echo 'Нет авторов';
} else {
echo '<b>Авторы</b>: ' . implode(', ', UserHelper::getList($model->users));
}
?>
</p>
<?php
if (!empty($model->cover)) {
?>
<div class="text-center">
<a href="<?php
echo $model->file;
?>
" class="btn btn-danger">Скачать</a>
</div>
<?php
}
?>
Pjax::begin(['modal' => true]);
?>
<div class="btn-group">
<?php
if (Yii::$app->user->can('createUser')) {
?>
<?php
Modal::begin(['header' => '<b>' . Yii::t('app', 'Create a new user') . '</b>', 'toggleButton' => ['label' => Yii::t('app', 'Create'), 'class' => ['btn btn-flat btn-default']]]);
?>
<?php
echo $this->render('_create_modal', ['register' => $register]);
?>
<?php
Modal::end();
?>
<?php
}
?>
</div>
<?php
echo GridView::widget(['dataProvider' => $userProvider, 'columns' => ['id', ['attribute' => 'name', 'format' => 'raw', 'value' => function ($model) {
return UserHelper::userLink($model, ['data-pjax' => 0]);
}], 'email', ['header' => Yii::t('app', 'Roles'), 'format' => 'html', 'value' => function ($user) {
return Html::ul(ArrayHelper::getColumn($user->getRoles(), 'name'));
}], ['attribute' => 'status', 'format' => 'html', 'value' => function ($model) {
return UserHelper::status($model);
}], 'created_at:relativeTime', 'logged_at:relativeTime', ['class' => DeleteColumn::className(), 'visible' => Yii::$app->user->can('deleteAnyUser')]]]);
?>
<?php
Pjax::end();
Box::end();