/**
* Create a new participation for somebody else.
*
* @return \Illuminate\Http\Response
*/
public function createFor($id, Request $request)
{
$user = User::findOrFail($request->user_id);
$event = Event::findOrFail($id);
$data = ['activity_id' => $event->activity->id, 'user_id' => $user->id];
if ($request->has('helping_committee_id')) {
$helping = HelpingCommittee::findOrFail($request->helping_committee_id);
if (!$helping->committee->isMember($user)) {
abort(500, $user->name . " is not a member of the " . $helping->committee->name . " and thus cannot help on behalf of it.");
}
$data['committees_activities_id'] = $helping->id;
}
if (!$event->activity) {
abort(500, "You cannot subscribe for " . $event->title . ".");
} elseif ($event->activity->getParticipation($user, $request->has('helping_committee_id') ? HelpingCommittee::findOrFail($request->input('helping_committee_id')) : null) !== null) {
abort(500, "You are already subscribed for " . $event->title . ".");
} elseif ($event->activity->closed) {
abort(500, "This activity is closed, you cannot change participation anymore.");
}
$request->session()->flash('flash_message', 'You added ' . $user->name . ' for ' . $event->title . '.');
$participation = new ActivityParticipation();
$participation->fill($data);
$participation->save();
return Redirect::back();
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
$user = User::findOrFail($id);
$user->photo()->dissociate();
$user->save();
Session::flash("flash_message", "Your profile picture has been cleared!");
return Redirect::back();
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy(Request $request, $id)
{
$user = User::findOrFail($id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
$user->utwente_username = null;
$user->save();
$request->session()->flash('flash_message', 'The link with your University of Twente account has been deleted.');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
public function revoke(Request $request, $id, $user)
{
if ($id == config('proto.rootrole')) {
$request->session()->flash('flash_message', 'This role can only be manually removed in the database.');
return Redirect::back();
}
$role = Role::findOrFail($id);
$user = User::findOrFail($user);
$user->roles()->detach($role->id);
$request->session()->flash('flash_message', '<strong>' . $role->name . '</strong> has been revoked from ' . $user->name . '.');
return Redirect::back();
}
public function yubikeyDelete($user_id, Request $request)
{
$user = User::findOrFail($user_id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
if ($user->tfa_yubikey_identity !== null) {
$user->tfa_yubikey_identity = null;
$user->save();
}
$request->session()->flash('flash_message', 'YubiKey 2 Factor Authentication disabled!');
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
/**
* Bulk store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function bulkStore(Request $request)
{
for ($i = 0; $i < count($request->input('user')); $i++) {
//dd($request);
$user = User::findOrFail($request->input('user')[$i]);
$product = Product::findOrFail($request->input('product')[$i]);
$price = $request->input('price')[$i] != "" ? $request->input('price')[$i] : $product->price;
$units = $request->input('units')[$i];
$order = OrderLine::create(['user_id' => $user->id, 'product_id' => $product->id, 'original_unit_price' => $product->price, 'units' => $units, 'total_price' => $price * $units]);
$order->save();
$product->stock -= $units;
$product->save();
}
$request->session()->flash('flash_message', 'Your manual orders have been added.');
return Redirect::back();
}
public function download(Request $request, $id)
{
if ((!Auth::check() || !Auth::user()->can('board')) && $request->ip() != env('PRINTER_HOST')) {
abort(403);
}
$user = User::findOrFail($id);
if (!$user->member) {
abort(500, "Only members can have a member card printed.");
}
$card = PDF::loadView('users.membercard.membercard', ['user' => $user, 'overlayonly' => $request->has('overlayonly')]);
$card = $card->setOption('page-width', 86)->setOption('page-height', 54)->setOption('margin-bottom', 0)->setOption('margin-left', 0)->setOption('margin-right', 0)->setOption('margin-top', 0);
if ($request->ip() != env('PRINTER_HOST')) {
return $card->stream();
} else {
return $card->download();
}
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
if ($request->input('destination') != '') {
$alias = Alias::create(['alias' => $request->input('alias'), 'destination' => $request->input('destination')]);
$alias->save();
$request->session()->flash('flash_message', 'Destination added to alias.');
return Redirect::route('alias::index');
} elseif ($request->input('user') != 'off') {
$user = User::findOrFail($request->input('user'));
$alias = Alias::create(['alias' => $request->input('alias'), 'user_id' => $user->id]);
$alias->save();
$request->session()->flash('flash_message', 'User added to alias.');
return Redirect::route('alias::index');
} else {
$request->session()->flash('flash_message', 'No action performed.');
return Redirect::route('alias::index');
}
}
public function edit($id, Request $request)
{
$user = User::findOrFail($id);
if ($user->id != Auth::id()) {
abort(403);
}
if ($user->bank == null) {
Session::flash("flash_message", "You don't have a bank authorization to update.");
return Redirect::route('user::dashboard', ['id' => $id]);
}
$bankdata = BankController::validateBankInput($request->all(), $user);
if ($bankdata == false) {
Session::flash("flash_message", "Your IBAN and/or BIC are invalid. Please check again.");
return Redirect::back();
}
$bank = Bank::create($bankdata);
$user->bank()->delete();
$bank->user()->associate($user);
$bank->save();
Session::flash("flash_message", "New withdrawal authorization added.");
return Redirect::route('user::dashboard', ['id' => $id]);
}
public function search(Request $request)
{
$term = $request->input('query');
$data = SearchController::doSearch($term);
$aggregate = [];
foreach ($data['users'] as $id => $count) {
$aggregate[] = ['score' => $count, 'object' => User::findOrFail($id), 'href' => route('user::profile', ['id' => $id])];
}
foreach ($data['pages'] as $id => $count) {
$page = Page::findOrFail($id);
$aggregate[] = ['score' => $count, 'object' => $page, 'href' => route('page::show', ['slug' => $page->slug])];
}
foreach ($data['committees'] as $id => $count) {
$aggregate[] = ['score' => $count, 'object' => Committee::findOrFail($id), 'href' => route('committee::show', ['id' => $id])];
}
foreach ($data['events'] as $id => $count) {
$aggregate[] = ['score' => $count, 'object' => Event::findOrFail($id), 'href' => route('event::show', ['id' => $id])];
}
usort($aggregate, function ($a, $b) {
return $b['score'] - $a['score'];
});
return view('website.search', ['term' => $term, 'data' => $aggregate]);
}
public function endTempAdmin($id)
{
$user = User::findOrFail($id);
foreach ($user->tempadmin as $tempadmin) {
if (Carbon::now()->between(Carbon::parse($tempadmin->start_at), Carbon::parse($tempadmin->end_at))) {
$tempadmin->end_at = Carbon::now();
$tempadmin->save();
}
}
// Call Herbert webhook to run check through all connected admins. Will result in kick for users whose
// temporary adminpowers were removed.
file_get_contents(env('HERBERT_SERVER') . "/adminCheck");
return redirect()->route('user::member::list');
}
public function unsubscribeLink(Request $request, $hash)
{
$data = EmailList::parseUnsubscribeHash($hash);
$user = User::findOrFail($data->user);
$list = EmailList::findOrFail($data->list);
$sub = EmailListSubscription::where('user_id', $user->id)->where('list_id', $list->id)->first();
if ($sub != null) {
$request->session()->flash('flash_message', $user->name . ' has been unsubscribed from ' . $list->name);
$sub->delete();
} else {
$request->session()->flash('flash_message', $user->name . ' was already unsubscribed from ' . $list->name);
}
return Redirect::route('homepage');
}
/**
* Delete a user from the specified withdrawal.
*
* @param $id Withdrawal id.
* @param $user_id User id.
* @return \Illuminate\Http\RedirectResponse
*/
public static function deleteFrom(Request $request, $id, $user_id)
{
$withdrawal = Withdrawal::findOrFail($id);
if ($withdrawal->closed) {
$request->session()->flash('flash_message', 'This withdrawal is already closed and cannot be edited.');
return Redirect::back();
}
$user = User::findOrFail($user_id);
foreach ($withdrawal->orderlinesForUseR($user) as $orderline) {
$orderline->withdrawal()->dissociate();
$orderline->save();
}
$request->session()->flash('flash_message', 'Orderlines for ' . $user->name . ' removed from this withdrawal.');
return Redirect::back();
}
public function link($user_id, Request $request)
{
$user = User::findOrFail($user_id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
$study = Study::findOrFail($request->study);
$link = new StudyEntry();
if (($link->created_at = date('Y-m-d H:i:s', strtotime($request->start))) === false || $request->start == "") {
Session::flash("flash_message", "Ill-formatted start date.");
return Redirect::back();
}
$link->deleted_at = null;
if ($request->end != "" && ($link->deleted_at = date('Y-m-d H:i:s', strtotime($request->end))) === false) {
Session::flash("flash_message", "Ill-formatted end date.");
return Redirect::back();
}
$link->user()->associate($user);
$link->study()->associate($study);
$link->save();
Session::flash("flash_message", "Your study has been saved.");
return Redirect::route('user::dashboard', ['id' => $user->id]);
}
public function editForm($id)
{
$user = User::findOrFail($id);
$address = $user->address;
if ($address == null) {
Session::flash("flash_message", "We don't have an address for you?");
return Redirect::back();
}
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
return view('users.addresses.edit', ['user' => $user, 'address' => $address]);
}
public function deleteUser(Request $request, $id)
{
$user = User::findOrFail($id);
if ($user->id != Auth::id() && !Auth::user()->can('board')) {
abort(403);
}
if ($user->member) {
$request->session()->flash('flash_message', 'You cannot delete your account while you are a member.');
return Redirect::back();
}
Address::where('user_id', $user->id)->delete();
Bank::where('user_id', $user->id)->delete();
EmailListSubscription::where('user_id', $user->id)->delete();
AchievementOwnership::where('user_id', $user->id)->delete();
Alias::where('user_id', $user->id)->delete();
RfidCard::where('user_id', $user->id)->delete();
WelcomeMessage::where('user_id', $user->id)->delete();
if ($user->photo) {
$user->photo->delete();
}
$user->password = null;
$user->remember_token = null;
$user->birthdate = null;
$user->gender = null;
$user->nationality = null;
$user->phone = null;
$user->website = null;
$user->utwente_username = null;
$user->tfa_totp_key = null;
$user->tfa_yubikey_identity = null;
$user->phone_visible = 0;
$user->address_visible = 0;
$user->receive_sms = 0;
$user->save();
$user->delete();
$request->session()->flash('flash_message', 'Your account has been deleted.');
return Redirect::route('homepage');
}