Exemplo n.º 1
0
 /**
  * Remove the specified resource from storage.
  *
  * @param  int $id
  * @return \Illuminate\Http\Response
  */
 public function destroy(Request $request, $id)
 {
     $rfid = RfidCard::findOrFail($id);
     if ($rfid->user->id != Auth::id() && !Auth::user()->can('board')) {
         abort(403);
     }
     $rfid->delete();
     $request->session()->flash('flash_message', 'Your RFID card has been deleted.');
     return Redirect::back();
 }
Exemplo n.º 2
0
 public function buy(Request $request, $store)
 {
     $stores = config('omnomcom.stores');
     if (array_key_exists($store, $stores)) {
         $storedata = $stores[$store];
         if (!in_array($request->ip(), $storedata->addresses) && !Auth::user()->can($storedata->roles)) {
             return "<span style='color: red;'>You are not authorized to do this.</span>";
         }
     } else {
         return "<span style='color: red;'>This store doesn't exist.</span>";
     }
     switch ($request->input('credentialtype')) {
         case 'account':
             $credentials = $request->input('credentials');
             $user = AuthController::verifyCredentials($credentials['username'], $credentials['password']);
             if (!$user) {
                 return "<span style='color: red;'>Invalid credentials.</span>";
             }
             break;
         case 'card':
             $card = RfidCard::where('card_id', $request->input('credentials'))->first();
             if (!$card) {
                 return "<span style='color: red;'>Unknown card.</span>";
             }
             $card->touch();
             $user = $card->user;
             if (!$user) {
                 return "<span style='color: red;'>Unknown user.</span>";
             }
             break;
         default:
             return "<span style='color: red;'>Invalid credential type.</span>";
             break;
     }
     if (!$user->member) {
         return "<span style='color: red;'>Only members can use the OmNomCom.</span>";
     }
     $withCash = $request->input('cash');
     if ($withCash == "true" && !$storedata->cash_allowed) {
         return "<span style='color: red;'>You cannot use cash in this store.</span>";
     }
     $cart = $request->input('cart');
     foreach ($cart as $id => $amount) {
         if ($amount > 0) {
             $product = Product::find($id);
             if (!$product) {
                 return "<span style='color: red;'>You tried to buy a product that didn't exist!</span>";
             }
             if (!$product->isVisible()) {
                 return "<span style='color: red;'>You tried to buy a product that is not available!</span>";
             }
             if ($product->stock < $amount) {
                 return "<span style='color: red;'>You tried to buy more of a product than was in stock!</span>";
             }
             if ($product->is_alcoholic && $user->age() < 18) {
                 return "<span style='color: red;'>You tried to buy alcohol, youngster!</span>";
             }
         }
     }
     foreach ($cart as $id => $amount) {
         if ($amount > 0) {
             $product = Product::find($id);
             $orderline = OrderLine::create(['user_id' => $withCash == "true" ? null : $user->id, 'cashier_id' => $withCash == "true" ? $user->id : null, 'product_id' => $product->id, 'original_unit_price' => $product->price, 'units' => $amount, 'total_price' => $amount * $product->price, 'payed_with_cash' => $withCash == "true" ? date('Y-m-d H:i:s') : null]);
             $orderline->save();
             $product->stock -= $amount;
             $product->save();
         }
     }
     return "OK";
 }
Exemplo n.º 3
0
 public function deleteUser(Request $request, $id)
 {
     $user = User::findOrFail($id);
     if ($user->id != Auth::id() && !Auth::user()->can('board')) {
         abort(403);
     }
     if ($user->member) {
         $request->session()->flash('flash_message', 'You cannot delete your account while you are a member.');
         return Redirect::back();
     }
     Address::where('user_id', $user->id)->delete();
     Bank::where('user_id', $user->id)->delete();
     EmailListSubscription::where('user_id', $user->id)->delete();
     AchievementOwnership::where('user_id', $user->id)->delete();
     Alias::where('user_id', $user->id)->delete();
     RfidCard::where('user_id', $user->id)->delete();
     WelcomeMessage::where('user_id', $user->id)->delete();
     if ($user->photo) {
         $user->photo->delete();
     }
     $user->password = null;
     $user->remember_token = null;
     $user->birthdate = null;
     $user->gender = null;
     $user->nationality = null;
     $user->phone = null;
     $user->website = null;
     $user->utwente_username = null;
     $user->tfa_totp_key = null;
     $user->tfa_yubikey_identity = null;
     $user->phone_visible = 0;
     $user->address_visible = 0;
     $user->receive_sms = 0;
     $user->save();
     $user->delete();
     $request->session()->flash('flash_message', 'Your account has been deleted.');
     return Redirect::route('homepage');
 }