gilour

Back Back Up Normal Editor

<?php namespace Common\Auth\Controllers; use App\Models\User; use Auth; use Common\Auth\Actions\CreateUser; use Common\Auth\Actions\DeleteUsers; use Common\Auth\Actions\PaginateUsers; use Common\Auth\Actions\UpdateUser; use Common\Auth\Requests\CrupdateUserRequest; use Common\Core\BaseController; class UserController extends BaseController { public function __construct() { $this->middleware('auth', ['except' => ['show']]); } public function index() { $this->authorize('index', User::class); $pagination = (new PaginateUsers())->execute(request()->all()); return $this->success(['pagination' => $pagination]); } public function show(User $user) { $relations = array_filter(explode(',', request('with', ''))); $relations = array_merge(['roles', 'social_profiles'], $relations); if (settings('envato.enable')) { $relations[] = 'purchase_codes'; } if (Auth::id() === $user->id) { $relations[] = 'tokens'; $user->makeVisible([ 'two_factor_confirmed_at', 'two_factor_recovery_codes', ]); if ($user->two_factor_confirmed_at) { $user->two_factor_recovery_codes = $user->recoveryCodes(); $user->syncOriginal(); } } $user->load($relations); $this->authorize('show', $user); return $this->success(['user' => $user]); } public function store(CrupdateUserRequest $request) { $this->authorize('store', User::class); $user = (new CreateUser())->execute($request->validated()); return $this->success(['user' => $user], 201); } public function update(User $user, CrupdateUserRequest $request) { $this->authorize('update', $user); $user = (new UpdateUser())->execute($user, $request->validated()); return $this->success(['user' => $user]); } public function destroy(string $ids) { $userIds = explode(',', $ids); $shouldDeleteCurrentUser = request('deleteCurrentUser'); $this->authorize('destroy', [User::class, $userIds]); $users = User::whereIn('id', $userIds)->get(); foreach ($users as $user) { // guard against current user deletion if (!$shouldDeleteCurrentUser && $user->id === Auth::id()) { return $this->error( __('Could not delete currently logged in user: :email', [ 'email' => $user->email, ]), ); } // guard against admin deletion if ($user->hasPermission('admin')) { return $this->error( __('Could not delete admin user: :email', [ 'email' => $user->email, ]), ); } // guard against subscribed user deletion if ($user->subscribed()) { return $this->error( __('Could not delete subscribed user: :email', [ 'email' => $user->email, ]), ); } } (new DeleteUsers())->execute($users->pluck('id')->toArray()); return $this->success(); } }