/
UsersController.php
93 lines (77 loc) · 2.95 KB
/
UsersController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php namespace App\Http\Controllers;
use App\Models\User;
use App\Models\Person;
use App\Http\Requests\CreateUserRequest;
use App\Http\Requests\UpdateUserRequest;
use Session;
use Request;
use Form;
use Auth;
use Input;
use Hash;
class UsersController extends BaseController {
public function index() {
if (Auth::user()->can('read-all-user')) {
$data['users'] = self::API()->all(Request::input());
$data['menu_actions'] = [Form::addItem(route('users.create'), 'Create user',Auth::user()->can('create-user'))];
$data['active_search'] = implode(",",['users.username','people.first_name','people.last_name']);
$data['title'] = "Users";
return Request::ajax() ? view('users/users',$data) : view('users/index',$data);
}
else return redirect()->back()->withErrors(['Access denied to users index page']);
}
public function create($id=null) {
if (Auth::user()->can('create-user')) {
$data['title'] = "Create User";
$data['user'] = new User();
$data['user']->person_id = $id;
$people = Person::select("people.*");
$people->leftJoin('users','users.person_id','=','people.id');
$people->whereNull('users.id');
$people->orderBy('people.last_name');
$data['people'] = $people->get();
return view('users/create', $data);
}
else return redirect()->back()->withErrors(['Access denied to users create page']);
}
public function store(CreateUserRequest $request) {
$user = new User;
$user->person_id = Input::get('person_id');
$user->username = Input::get('username');
$user->password = Hash::make(Input::get('password'));
$user->save();
return redirect()->route('users.index')->with('successes',['User created successfully']);
}
public function edit($id) {
$data['user'] = User::find($id);
if (Auth::user()->can('update-user') ||
(Auth::user()->active_contact->person->user->id == $id && Auth::user()->can('update-own-user')) ||
(!$data['user']->owner->isE80() && Auth::user()->can('update-customer-user'))) {
$data['title'] = "Edit User of ".$data['user']->owner->name();
$data['user'] = User::find($id);
return view('users/edit', $data);
}
else return redirect()->back()->withErrors(['Access denied to users edit page']);
}
public function update($id, UpdateUserRequest $request) {
$user = User::find($id);
$user->password = Hash::make(Input::get('password'));
$user->save();
return redirect()->route('people.show',$user->owner->id)->with('successes',['User updated successfully']);
}
public function switchCompanyPerson() {
$valid_company_person = false;
$company_person_id = Input::get('switch_company_person_id');
$user = Auth::user();
foreach ($user->owner->company_person as $company_person) {
if ($company_person_id == $company_person->id) {
$valid_company_person = true;
}
}
if ($valid_company_person || Session::get('debug') == true) {
$user->active_contact_id = $company_person_id;
$user->save();
}
return redirect()->route('root');
}
}