/**
* Toggle subscription states for a user.
*
* @param Request $request
* @param $id
* @param $user_id
* @return \Illuminate\Http\RedirectResponse
*/
public function toggleSubscription(Request $request, $id, $user_id)
{
$user = User::findOrfail($user_id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
$list = EmailList::findOrFail($id);
if ($list->isSubscribed($user)) {
if ($list->unsubscribe($user)) {
$request->session()->flash('flash_message', 'You have been unsubscribed to the list ' . $list->name . '.');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
} else {
if ($list->is_member_only && !$user->member) {
$request->session()->flash('flash_message', 'This list is only for members.');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
if ($list->subscribe($user)) {
$request->session()->flash('flash_message', 'You have been subscribed to the list ' . $list->name . '.');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
}
$request->session()->flash('flash_message', 'Something went wrong toggling your subscription for ' . $list->name . '.');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
public function update($id = null, Request $request)
{
if ($id == null) {
$id = Auth::id();
}
$user = User::find($id);
if ($user == null) {
abort(404);
}
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
$userdata['email'] = $request->input('email');
$userdata['phone'] = str_replace(' ', '', $request->input('phone'));
$userdata['website'] = $request->input('website');
$userdata['phone_visible'] = $request->has('phone_visible');
$userdata['receive_sms'] = $request->has('receive_sms');
$validator = Validator::make($userdata, ['email' => 'required|email', 'phone' => 'required|regex:(\\+[0-9]{8,16})']);
if ($validator->fails()) {
return Redirect::route('user::dashboard', ['id' => $user->id])->withErrors($validator);
}
if ($userdata['email'] !== $user->email) {
$email = ['old' => $user->email, 'new' => $userdata['email']];
$name = $user->name;
Mail::queue('emails.emailchange', ['changer' => ['name' => Auth::user()->name, 'ip' => $request->ip()], 'email' => $email, 'user' => $user], function ($message) use($name, $email) {
$message->to($email['old'], $name)->to($email['new'], $name)->from('security@' . config('proto.emaildomain'), 'Have You Tried Turning It Off And On Again committee')->subject('Your e-mail address for S.A. Proto has been changed.');
});
}
$user->fill($userdata);
$user->save();
Session::flash("flash_message", "Changes saved.");
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
public static function doSearch($term)
{
$data = ['users' => [], 'pages' => [], 'events' => [], 'committees' => []];
$term = str_replace('%', '', $term);
if (strlen($term) == 0) {
return $data;
}
$term = explode(' ', $term);
if (count($term) == 0) {
return $data;
}
foreach ($term as $string) {
$string = strtolower($string);
if ($string == 'proto') {
continue;
}
foreach (User::all() as $user) {
if ((strlen($string) >= 3 && strpos(strtolower($user->name), $string) > -1 || strtolower($user->calling_name) == $string || $user->utwente_username && strlen($string) >= 5 && strpos(strtolower($user->utwente_username), $string) > -1 || intval($string) > 0 && $user->id == $string) && $user->member && Auth::check() && Auth::user()->member) {
if (array_key_exists($user->id, $data['users'])) {
$data['users'][$user->id]++;
} else {
$data['users'][$user->id] = 1;
}
}
}
foreach (Page::all() as $page) {
if ((strlen($string) >= 3 && strpos(strtolower($page->title), $string) > -1 || strlen($string) >= 3 && strpos(strtolower($page->content), $string) > -1) && (!$page->is_member_only || Auth::check() && Auth::user()->member)) {
if (array_key_exists($page->id, $data['pages'])) {
$data['pages'][$page->id] += substr_count(strtolower($page->title), $string) + substr_count(strtolower($page->content), $string);
} else {
$data['pages'][$page->id] = substr_count(strtolower($page->title), $string) + substr_count(strtolower($page->content), $string);
}
}
}
foreach (Event::all() as $event) {
if ((strlen($string) >= 3 && strpos(strtolower($event->title), $string) > -1 || strlen($string) >= 3 && strpos(strtolower($event->description), $string) > -1) && (!$event->secret || Auth::check() && Auth::user()->can('board'))) {
if (array_key_exists($event->id, $data['events'])) {
$data['events'][$event->id] += substr_count(strtolower($event->title), $string) + substr_count(strtolower($event->content), $string);
} else {
$data['events'][$event->id] = substr_count(strtolower($event->title), $string) + substr_count(strtolower($event->description), $string);
$data['events'][$event->id] -= SearchController::searchTimePenalty($event);
}
}
}
foreach (Committee::all() as $committee) {
if ((strlen($string) >= 3 && strpos(strtolower($committee->name), $string) > -1 || strlen($string) >= 3 && strpos(strtolower($committee->description), $string) > -1) && ($committee->public || Auth::check() && Auth::user()->can('board'))) {
if (array_key_exists($committee->id, $data['committees'])) {
$data['committees'][$committee->id] += substr_count(strtolower($committee->name), $string) + substr_count(strtolower($committee->description), $string);
} else {
$data['committees'][$committee->id] = substr_count(strtolower($committee->name), $string) + substr_count(strtolower($committee->description), $string);
}
}
}
}
arsort($data['users']);
arsort($data['pages']);
arsort($data['events']);
arsort($data['committees']);
return $data;
}
/**
* Create a new participation for somebody else.
*
* @return \Illuminate\Http\Response
*/
public function createFor($id, Request $request)
{
$user = User::findOrFail($request->user_id);
$event = Event::findOrFail($id);
$data = ['activity_id' => $event->activity->id, 'user_id' => $user->id];
if ($request->has('helping_committee_id')) {
$helping = HelpingCommittee::findOrFail($request->helping_committee_id);
if (!$helping->committee->isMember($user)) {
abort(500, $user->name . " is not a member of the " . $helping->committee->name . " and thus cannot help on behalf of it.");
}
$data['committees_activities_id'] = $helping->id;
}
if (!$event->activity) {
abort(500, "You cannot subscribe for " . $event->title . ".");
} elseif ($event->activity->getParticipation($user, $request->has('helping_committee_id') ? HelpingCommittee::findOrFail($request->input('helping_committee_id')) : null) !== null) {
abort(500, "You are already subscribed for " . $event->title . ".");
} elseif ($event->activity->closed) {
abort(500, "This activity is closed, you cannot change participation anymore.");
}
$request->session()->flash('flash_message', 'You added ' . $user->name . ' for ' . $event->title . '.');
$participation = new ActivityParticipation();
$participation->fill($data);
$participation->save();
return Redirect::back();
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
$user = User::findOrFail($id);
$user->photo()->dissociate();
$user->save();
Session::flash("flash_message", "Your profile picture has been cleared!");
return Redirect::back();
}
public function users()
{
$ids = [];
foreach ($this->orderlines as $orderline) {
if (!in_array($orderline->user->id, $ids)) {
$ids[] = $orderline->user->id;
}
}
return User::withTrashed()->whereIn('id', $ids)->orderBy('id', 'asc')->get();
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy(Request $request, $id)
{
$user = User::findOrFail($id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
$user->utwente_username = null;
$user->save();
$request->session()->flash('flash_message', 'The link with your University of Twente account has been deleted.');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
public function revoke(Request $request, $id, $user)
{
if ($id == config('proto.rootrole')) {
$request->session()->flash('flash_message', 'This role can only be manually removed in the database.');
return Redirect::back();
}
$role = Role::findOrFail($id);
$user = User::findOrFail($user);
$user->roles()->detach($role->id);
$request->session()->flash('flash_message', '<strong>' . $role->name . '</strong> has been revoked from ' . $user->name . '.');
return Redirect::back();
}
public function yubikeyDelete($user_id, Request $request)
{
$user = User::findOrFail($user_id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
if ($user->tfa_yubikey_identity !== null) {
$user->tfa_yubikey_identity = null;
$user->save();
}
$request->session()->flash('flash_message', 'YubiKey 2 Factor Authentication disabled!');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
/**
* Display the profile for a specific user.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function show($id = null)
{
if ($id == null) {
$id = Auth::id();
}
$user = User::find($id);
if ($user == null) {
abort(404);
}
$ldap = $user->getUtwenteData();
$pastCommittees = CommitteeMembership::onlyTrashed()->where('user_id', $user->id)->orderBy('created_at', 'desc')->get();
return view('users.profile.profile', ['user' => $user, 'ldap' => $ldap, 'pastcommittees' => $pastCommittees]);
}
public function recipients()
{
if ($this->to_user) {
return User::orderBy('name', 'asc')->get();
} elseif ($this->to_member) {
return User::has('member')->orderBy('name', 'asc')->get();
} elseif ($this->to_list) {
$userids = [];
foreach ($this->lists as $list) {
$userids = array_merge($userids, $list->users->lists('id')->toArray());
}
return User::whereIn('id', $userids)->orderBy('name', 'asc')->get();
}
}
public function startoverlayprint(Request $request)
{
$user = User::find($request->input('id'));
if (!$user) {
return "This user could not be found!";
}
if (!$user->member) {
return "Only members can have their card printed!";
}
$result = FileController::requestPrint('card', route('membercard::download', ['id' => $user->id, 'overlayonly' => 1]));
if ($result === false) {
return "Something went wrong trying to reach the printer service.";
}
return "The printer service responded: " . $result;
}
private function syncUsers($provider)
{
$activeIds = [];
$this->info("Make sure all users exist in LDAP.");
foreach (User::all() as $user) {
$activeIds[] = $user->id;
$ldapuser = $provider->search()->where('objectClass', 'user')->where('description', $user->id)->first();
$username = $user->member ? $user->member->proto_username : "******" . $user->id;
if ($ldapuser == null) {
$this->info('Creating LDAP user for ' . $user->name . '.');
$ldapuser = $provider->make()->user();
$ldapuser->cn = $username;
$ldapuser->description = $user->id;
$ldapuser->save();
}
$ldapuser->move('cn=' . $username, 'OU=Members,OU=Proto,DC=ad,DC=saproto,DC=nl');
$ldapuser->displayName = trim($user->name);
$ldapuser->givenName = trim($user->calling_name);
$ldapuser->mail = $user->email;
$ldapuser->wWWHomePage = $user->website;
if ($user->address) {
$ldapuser->l = $user->address->city;
$ldapuser->postalCode = $user->address->zipcode;
$ldapuser->streetAddress = $user->address->street . " " . $user->address->number;
$ldapuser->preferredLanguage = $user->address->country;
} else {
$ldapuser->l = null;
$ldapuser->postalCode = null;
$ldapuser->streetAddress = null;
$ldapuser->preferredLanguage = null;
}
$ldapuser->telephoneNumber = $user->phone;
$ldapuser->setAttribute('sAMAccountName', $username);
$ldapuser->setUserPrincipalName($username . config('adldap.proto')['account_suffix']);
if (!$user->member) {
$ldapuser->setUserAccountControl(AccountControl::ACCOUNTDISABLE);
}
$ldapuser->save();
}
$this->info("Removing obsolete users from LDAP.");
$users = $provider->search()->users()->get();
foreach ($users as $user) {
if (!$user->description[0] || !in_array($user->description[0], $activeIds)) {
$this->info("Deleting LDAP user " . $user->description[0] . ".");
$user->delete();
}
}
}
/**
* Bulk store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function bulkStore(Request $request)
{
for ($i = 0; $i < count($request->input('user')); $i++) {
//dd($request);
$user = User::findOrFail($request->input('user')[$i]);
$product = Product::findOrFail($request->input('product')[$i]);
$price = $request->input('price')[$i] != "" ? $request->input('price')[$i] : $product->price;
$units = $request->input('units')[$i];
$order = OrderLine::create(['user_id' => $user->id, 'product_id' => $product->id, 'original_unit_price' => $product->price, 'units' => $units, 'total_price' => $price * $units]);
$order->save();
$product->stock -= $units;
$product->save();
}
$request->session()->flash('flash_message', 'Your manual orders have been added.');
return Redirect::back();
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
if ($request->input('destination') != '') {
$alias = Alias::create(['alias' => $request->input('alias'), 'destination' => $request->input('destination')]);
$alias->save();
$request->session()->flash('flash_message', 'Destination added to alias.');
return Redirect::route('alias::index');
} elseif ($request->input('user') != 'off') {
$user = User::findOrFail($request->input('user'));
$alias = Alias::create(['alias' => $request->input('alias'), 'user_id' => $user->id]);
$alias->save();
$request->session()->flash('flash_message', 'User added to alias.');
return Redirect::route('alias::index');
} else {
$request->session()->flash('flash_message', 'No action performed.');
return Redirect::route('alias::index');
}
}
public function members(Request $request)
{
if (!Auth::check() || !Auth::user()->member) {
abort(403);
}
$users = User::all();
$data = array();
foreach ($users as $user) {
if (!$user->member) {
continue;
}
if ($request->has('term') && strpos(strtolower($user->name), strtolower($request->term)) === false) {
continue;
}
$member = new \stdClass();
$member->name = $user->name;
$member->id = $user->id;
$data[] = $member;
}
return $data;
}
/**
* Execute the console command.
*/
public function handle()
{
$users = User::where('birthdate', 'LIKE', '%-' . date('m-d'))->has('member')->get();
if ($users->count() > 0) {
$this->info('Sending birthday notification to ' . $users->count() . ' people.');
$adminoverview = [];
foreach ($users as $user) {
$adminoverview[] = ['id' => $user->id, 'name' => $user->name, 'age' => $user->age()];
$name = $user->name;
$email = $user->email;
Mail::queue('emails.users.birthdayemail', ['user' => $user], function ($message) use($name, $email) {
$message->to($email, $name)->from('internal@' . config('proto.emaildomain'), config('proto.internal'))->subject('Happy birthday!');
});
}
// For some super strange reason we cannot queue this e-mail... Well...
Mail::queue('emails.users.birthdaylist', ['users' => $adminoverview], function ($message) {
$message->to('board@' . config('proto.emaildomain'), 'S.A. Proto Board')->subject('Birthdays of today!');
});
$this->info("Done!");
} else {
$this->info("There are no jarige joppen today.");
}
}
public function postEmail(Request $request)
{
$user = User::where('email', $request->email)->first();
if ($user !== null) {
AuthController::dispatchPasswordEmailFor($user);
$request->session()->flash('flash_message', 'We\'ve dispatched an e-mail to you with instruction to reset your password.');
return Redirect::route('homepage');
} else {
$request->session()->flash('flash_message', 'We could not find a user with the e-mail address you entered.');
return Redirect::back();
}
}
/**
* Handle the event.
*
* @param Events $event
* @return void
*/
public function handle(User $user, $remember)
{
$token = new Token();
$token->generate();
Session::put('token', $token->token);
// We will grant the user all roles to which he is entitled!
$rootcommittee = Committee::where('slug', config('proto.rootcommittee'))->first();
$boardcommittee = Committee::where('slug', config('proto.boardcommittee'))->first();
$omnomcom = Committee::where('slug', config('proto.omnomcom'))->first();
$pilscie = Committee::where('slug', config('proto.pilscie'))->first();
if ($user->isInCommittee($rootcommittee)) {
if (!$user->hasRole('admin')) {
$user->attachRole(Role::where('name', '=', 'admin')->first());
}
} else {
if ($user->hasRole('admin')) {
$user->detachRole(Role::where('name', '=', 'admin')->first());
}
}
if ($user->isInCommittee($boardcommittee)) {
if (!$user->hasRole('board')) {
$user->attachRole(Role::where('name', '=', 'board')->first());
}
} else {
if ($user->hasRole('board')) {
$user->detachRole(Role::where('name', '=', 'board')->first());
}
}
if ($user->isInCommittee($omnomcom)) {
if (!$user->hasRole('omnomcom')) {
$user->attachRole(Role::where('name', '=', 'omnomcom')->first());
}
} else {
if ($user->hasRole('omnomcom')) {
$user->detachRole(Role::where('name', '=', 'omnomcom')->first());
}
}
if ($user->isInCommittee($pilscie)) {
if (!$user->hasRole('pilscie')) {
$user->attachRole(Role::where('name', '=', 'pilscie')->first());
}
} else {
if ($user->hasRole('pilscie')) {
$user->detachRole(Role::where('name', '=', 'pilscie')->first());
}
}
}
/**
* Committee membership tools below
*/
public function addMembership(Request $request)
{
$user = User::find($request->user_id);
$committee = Committee::find($request->committee_id);
if ($user == null) {
abort(404);
}
if ($committee == null) {
abort(404);
}
if (($committee->slug == config('proto.rootcommittee') || $committee->slug == config('proto.boardcommittee')) && !Auth::user()->can('admin')) {
Session::flash("flash_message", "This committee is protected. Only the Have You Tried Turning It Off And On Again committee can change this committee.");
return Redirect::back();
}
$membership = new CommitteeMembership();
$membership->role = $request->role;
$membership->edition = $request->edition;
$membership->user_id = $request->user_id;
$membership->committee_id = $request->committee_id;
if (($membership->created_at = date('Y-m-d H:i:s', strtotime($request->start))) === false) {
Session::flash("flash_message", "Ill-formatted start date.");
return Redirect::back();
}
if ($request->end != "" && ($membership->deleted_at = date('Y-m-d H:i:s', strtotime($request->end))) === false) {
Session::flash("flash_message", "Ill-formatted end date.");
return Redirect::back();
}
$membership->save();
Session::flash("flash_message", "You have added " . $membership->user->name . " to " . $membership->committee->name . ".");
return Redirect::back();
}
public function unsubscribeLink(Request $request, $hash)
{
$data = EmailList::parseUnsubscribeHash($hash);
$user = User::findOrFail($data->user);
$list = EmailList::findOrFail($data->list);
$sub = EmailListSubscription::where('user_id', $user->id)->where('list_id', $list->id)->first();
if ($sub != null) {
$request->session()->flash('flash_message', $user->name . ' has been unsubscribed from ' . $list->name);
$sub->delete();
} else {
$request->session()->flash('flash_message', $user->name . ' was already unsubscribed from ' . $list->name);
}
return Redirect::route('homepage');
}
public function toggleHidden($id, Request $request)
{
$user = User::find($id);
if ($user == null) {
abort(404);
}
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
$user->address_visible = !$user->address_visible;
$user->save();
Session::flash("flash_message", "Your primary address is now " . ($user->address_visible ? 'visible' : 'hidden') . " for members.");
return Redirect::back();
}
public function take($achievement_id, $user_id)
{
$achievement = Achievement::find($achievement_id);
$user = User::find($user_id);
if (!$user || !$achievement) {
abort(404);
}
$achieved = AchievementOwnership::all();
foreach ($achieved as $entry) {
if ($entry->achievement_id == $achievement_id && $entry->user_id == $user_id) {
$entry->delete();
Session::flash('flash_message', "Achievement {$achievement->name} taken from {$user->name}.");
}
}
return Redirect::back();
}
/**
* Delete a user from the specified withdrawal.
*
* @param $id Withdrawal id.
* @param $user_id User id.
* @return \Illuminate\Http\RedirectResponse
*/
public static function deleteFrom(Request $request, $id, $user_id)
{
$withdrawal = Withdrawal::findOrFail($id);
if ($withdrawal->closed) {
$request->session()->flash('flash_message', 'This withdrawal is already closed and cannot be edited.');
return Redirect::back();
}
$user = User::findOrFail($user_id);
foreach ($withdrawal->orderlinesForUseR($user) as $orderline) {
$orderline->withdrawal()->dissociate();
$orderline->save();
}
$request->session()->flash('flash_message', 'Orderlines for ' . $user->name . ' removed from this withdrawal.');
return Redirect::back();
}
public function delete($id)
{
$user = User::find($id);
if ($user == null) {
abort(404);
}
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
if ($user->bank == null) {
Session::flash("flash_message", "You don't have a bank authorization to revoke.");
return Redirect::route('user::dashboard', ['id' => $id]);
}
if ($user->member) {
Session::flash("flash_message", "As a member you cannot revoke your bank authorization. You can update it, though.");
return Redirect::back();
}
$user->bank->delete();
Session::flash("flash_message", "Deleted bank account.");
return Redirect::route('user::dashboard', ['id' => $id]);
}
public function canAccess(User $user)
{
$permission = $this->permission;
return $permission && $user->can($permission->name);
}
public function link($user_id, Request $request)
{
$user = User::findOrFail($user_id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
$study = Study::findOrFail($request->study);
$link = new StudyEntry();
if (($link->created_at = date('Y-m-d H:i:s', strtotime($request->start))) === false || $request->start == "") {
Session::flash("flash_message", "Ill-formatted start date.");
return Redirect::back();
}
$link->deleted_at = null;
if ($request->end != "" && ($link->deleted_at = date('Y-m-d H:i:s', strtotime($request->end))) === false) {
Session::flash("flash_message", "Ill-formatted end date.");
return Redirect::back();
}
$link->user()->associate($user);
$link->study()->associate($study);
$link->save();
Session::flash("flash_message", "Your study has been saved.");
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
public function endTempAdmin($id)
{
$user = User::findOrFail($id);
foreach ($user->tempadmin as $tempadmin) {
if (Carbon::now()->between(Carbon::parse($tempadmin->start_at), Carbon::parse($tempadmin->end_at))) {
$tempadmin->end_at = Carbon::now();
$tempadmin->save();
}
}
// Call Herbert webhook to run check through all connected admins. Will result in kick for users whose
// temporary adminpowers were removed.
file_get_contents(env('HERBERT_SERVER') . "/adminCheck");
return redirect()->route('user::member::list');
}
private function constructForwarderList()
{
$data = [];
// Constructing user forwarders.
$users = User::all();
foreach ($users as $user) {
if ($user->member && $user->isActiveMember()) {
$data[$user->member->proto_username] = [$user->email];
}
}
// Constructing committee forwarders.
$committees = Committee::all();
foreach ($committees as $committee) {
$destinations = [];
$users = CommitteeMembership::withTrashed()->where('committee_id', $committee->id)->where('created_at', '<', date('Y-m-d H:i:s'))->where(function ($q) {
$q->whereNull('deleted_at')->orWhere('deleted_at', '>', date('Y-m-d H:i:s'));
})->get();
foreach ($users as $user) {
$destinations[] = $user->user->email;
}
if (count($destinations) > 0) {
$data[$committee->slug] = $destinations;
$data['committees'][] = $committee->slug . '@' . config('proto.emaildomain');
}
}
// Constructing manual aliases.
$aliases = Alias::all();
foreach ($aliases as $alias) {
if ($alias->destination) {
$data[$alias->alias][] = $alias->destination;
} else {
$data[$alias->alias][] = $alias->user->email;
}
}
return $data;
}
