488 lines
18 KiB
PHP
488 lines
18 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\BusinessLocation;
|
|
use App\Services\Holding\HoldingHrmSyncService;
|
|
use App\Services\User\UserProfileDataService;
|
|
use App\User;
|
|
use App\Utils\ModuleUtil;
|
|
use DB;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Spatie\Activitylog\Models\Activity;
|
|
use Spatie\Permission\Models\Role;
|
|
use Yajra\DataTables\Facades\DataTables;
|
|
use App\Events\UserCreatedOrModified;
|
|
|
|
class ManageUserController extends Controller
|
|
{
|
|
/**
|
|
* Constructor
|
|
*
|
|
* @param Util $commonUtil
|
|
* @return void
|
|
*/
|
|
public function __construct(ModuleUtil $moduleUtil)
|
|
{
|
|
$this->moduleUtil = $moduleUtil;
|
|
}
|
|
|
|
/**
|
|
* Display a listing of the resource.
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function index()
|
|
{
|
|
if (! auth()->user()->can('user.view') && ! auth()->user()->can('user.create')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
if (request()->ajax()) {
|
|
$business_id = request()->session()->get('user.business_id');
|
|
$user_id = request()->session()->get('user.id');
|
|
|
|
$users = User::where('business_id', $business_id)
|
|
->user()
|
|
->where('is_cmmsn_agnt', 0)
|
|
->select(['id', 'username',
|
|
DB::raw("CONCAT(COALESCE(surname, ''), ' ', COALESCE(first_name, ''), ' ', COALESCE(last_name, '')) as full_name"), 'email', 'allow_login', ]);
|
|
|
|
return Datatables::of($users)
|
|
->editColumn('username', '{{$username}} @if(empty($allow_login)) <span class="label bg-gray">@lang("lang_v1.login_not_allowed")</span>@endif')
|
|
->addColumn(
|
|
'role',
|
|
function ($row) {
|
|
$role_name = $this->moduleUtil->getUserRoleName($row->id);
|
|
|
|
return $role_name;
|
|
}
|
|
)
|
|
->addColumn(
|
|
'action',
|
|
'@can("user.update")
|
|
<a href="{{action(\'App\Http\Controllers\ManageUserController@edit\', [$id])}}" class="tw-dw-btn tw-dw-btn-xs tw-dw-btn-outline tw-dw-btn-primary"><i class="glyphicon glyphicon-edit"></i> @lang("messages.edit")</a>
|
|
|
|
@endcan
|
|
@can("user.view")
|
|
<a href="{{action(\'App\Http\Controllers\ManageUserController@show\', [$id])}}" class="tw-dw-btn tw-dw-btn-xs tw-dw-btn-outline tw-dw-btn-info"><i class="fa fa-eye"></i> @lang("messages.view")</a>
|
|
|
|
@endcan
|
|
@can("user.delete")
|
|
<button data-href="{{action(\'App\Http\Controllers\ManageUserController@destroy\', [$id])}}" class="tw-dw-btn tw-dw-btn-outline tw-dw-btn-xs tw-dw-btn-error delete_user_button"><i class="glyphicon glyphicon-trash"></i> @lang("messages.delete")</button>
|
|
@endcan'
|
|
)
|
|
->filterColumn('full_name', function ($query, $keyword) {
|
|
$query->whereRaw("CONCAT(COALESCE(surname, ''), ' ', COALESCE(first_name, ''), ' ', COALESCE(last_name, '')) like ?", ["%{$keyword}%"]);
|
|
})
|
|
->removeColumn('id')
|
|
->rawColumns(['action', 'username'])
|
|
->make(true);
|
|
}
|
|
|
|
return view('manage_user.index');
|
|
}
|
|
|
|
/**
|
|
* Show the form for creating a new resource.
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function create()
|
|
{
|
|
if (! auth()->user()->can('user.create')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
$business_id = request()->session()->get('user.business_id');
|
|
|
|
//Check if subscribed or not, then check for users quota
|
|
if (! $this->moduleUtil->isSubscribed($business_id)) {
|
|
return $this->moduleUtil->expiredResponse();
|
|
} elseif (! $this->moduleUtil->isQuotaAvailable('users', $business_id)) {
|
|
return $this->moduleUtil->quotaExpiredResponse('users', $business_id, action([\App\Http\Controllers\ManageUserController::class, 'index']));
|
|
}
|
|
|
|
$roles = $this->getRolesArray($business_id);
|
|
$username_ext = $this->moduleUtil->getUsernameExtension();
|
|
$locations = BusinessLocation::where('business_id', $business_id)
|
|
->Active()
|
|
->get();
|
|
|
|
//Get user form part from modules
|
|
$form_partials = $this->moduleUtil->getModuleData('moduleViewPartials', ['view' => 'manage_user.create']);
|
|
$holdingFormContext = app(HoldingHrmSyncService::class)->getUserFormContext($business_id);
|
|
|
|
return view('manage_user.create')
|
|
->with(compact('roles', 'username_ext', 'locations', 'form_partials', 'holdingFormContext'));
|
|
}
|
|
|
|
/**
|
|
* Store a newly created resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function store(Request $request)
|
|
{
|
|
if (! auth()->user()->can('user.create')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
try {
|
|
if (! empty($request->input('dob'))) {
|
|
$request['dob'] = $this->moduleUtil->uf_date($request->input('dob'));
|
|
}
|
|
|
|
$request['cmmsn_percent'] = ! empty($request->input('cmmsn_percent')) ? $this->moduleUtil->num_uf($request->input('cmmsn_percent')) : 0;
|
|
|
|
$request['max_sales_discount_percent'] = ! is_null($request->input('max_sales_discount_percent')) ? $this->moduleUtil->num_uf($request->input('max_sales_discount_percent')) : null;
|
|
|
|
$user = $this->moduleUtil->createUser($request);
|
|
|
|
event(new UserCreatedOrModified($user, 'added'));
|
|
|
|
$output = ['success' => 1,
|
|
'msg' => __('user.user_added'),
|
|
];
|
|
} catch (\Exception $e) {
|
|
\Log::emergency('File:'.$e->getFile().'Line:'.$e->getLine().'Message:'.$e->getMessage());
|
|
|
|
$output = ['success' => 0,
|
|
'msg' => __('messages.something_went_wrong'),
|
|
];
|
|
}
|
|
|
|
return redirect('users')->with('status', $output);
|
|
}
|
|
|
|
/**
|
|
* Display the specified resource.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function show($id)
|
|
{
|
|
if (! auth()->user()->can('user.view')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
$business_id = request()->session()->get('user.business_id');
|
|
|
|
$user = User::where('business_id', $business_id)
|
|
->with(['contactAccess', 'media', 'assignments.entity', 'assignments.orgUnit', 'roles'])
|
|
->findOrFail($id);
|
|
|
|
$users = User::forDropdown($business_id, false);
|
|
|
|
$activities = Activity::forSubject($user)
|
|
->with(['causer', 'subject'])
|
|
->latest()
|
|
->get();
|
|
|
|
$profile = app(UserProfileDataService::class)->build($user, [
|
|
'viewer' => auth()->user(),
|
|
]);
|
|
|
|
return view('manage_user.show')->with(compact('user', 'users', 'activities', 'profile'));
|
|
}
|
|
|
|
/**
|
|
* Show the form for editing the specified resource.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function edit($id)
|
|
{
|
|
if (! auth()->user()->can('user.update')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
$business_id = request()->session()->get('user.business_id');
|
|
$user = User::where('business_id', $business_id)
|
|
->with(['contactAccess'])
|
|
->findOrFail($id);
|
|
|
|
$roles = $this->getRolesArray($business_id);
|
|
|
|
$contact_access = $user->contactAccess->pluck('name', 'id')->toArray();
|
|
|
|
if ($user->status == 'active') {
|
|
$is_checked_checkbox = true;
|
|
} else {
|
|
$is_checked_checkbox = false;
|
|
}
|
|
|
|
$locations = BusinessLocation::where('business_id', $business_id)
|
|
->get();
|
|
|
|
$permitted_locations = $user->permitted_locations();
|
|
$username_ext = $this->moduleUtil->getUsernameExtension();
|
|
|
|
//Get user form part from modules
|
|
$form_partials = $this->moduleUtil->getModuleData('moduleViewPartials', ['view' => 'manage_user.edit', 'user' => $user]);
|
|
$holdingFormContext = app(HoldingHrmSyncService::class)->getUserFormContext($business_id, $user);
|
|
|
|
return view('manage_user.edit')
|
|
->with(compact('roles', 'user', 'contact_access', 'is_checked_checkbox', 'locations', 'permitted_locations', 'form_partials', 'username_ext', 'holdingFormContext'));
|
|
}
|
|
|
|
/**
|
|
* Update the specified resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function update(Request $request, $id)
|
|
{
|
|
//Disable in demo
|
|
$notAllowed = $this->moduleUtil->notAllowedInDemo();
|
|
if (! empty($notAllowed)) {
|
|
return $notAllowed;
|
|
}
|
|
|
|
if (! auth()->user()->can('user.update')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
$business_id = request()->session()->get('user.business_id');
|
|
|
|
//Check if subscribed
|
|
if (! $this->moduleUtil->isSubscribed($business_id)) {
|
|
return $this->moduleUtil->expiredResponse();
|
|
}
|
|
|
|
//Check for users quota if allow_login is true
|
|
if (!empty($request->input('allow_login'))) {
|
|
if (! $this->moduleUtil->isQuotaAvailable('users', $business_id)) {
|
|
return $this->moduleUtil->quotaExpiredResponse('users', $business_id, action([\App\Http\Controllers\ManageUserController::class, 'index']));
|
|
}
|
|
}
|
|
|
|
try {
|
|
$user_data = $request->only(['surname', 'first_name', 'last_name', 'email', 'selected_contacts', 'marital_status',
|
|
'blood_group', 'contact_number', 'fb_link', 'twitter_link', 'social_media_1',
|
|
'social_media_2', 'permanent_address', 'current_address',
|
|
'guardian_name', 'custom_field_1', 'custom_field_2',
|
|
'custom_field_3', 'custom_field_4', 'id_proof_name', 'id_proof_number', 'cmmsn_percent', 'gender', 'max_sales_discount_percent', 'family_number', 'alt_number', 'is_enable_service_staff_pin']);
|
|
|
|
$user_data['status'] = ! empty($request->input('is_active')) ? 'active' : 'inactive';
|
|
|
|
$user_data['is_enable_service_staff_pin'] = ! empty($request->input('is_enable_service_staff_pin')) ? true : false;
|
|
|
|
|
|
|
|
if (! isset($user_data['selected_contacts'])) {
|
|
$user_data['selected_contacts'] = 0;
|
|
}
|
|
|
|
if (empty($request->input('allow_login'))) {
|
|
$user_data['username'] = null;
|
|
$user_data['password'] = null;
|
|
$user_data['allow_login'] = 0;
|
|
} else {
|
|
$user_data['allow_login'] = 1;
|
|
}
|
|
|
|
if (! empty($request->input('password'))) {
|
|
$user_data['password'] = $user_data['allow_login'] == 1 ? Hash::make($request->input('password')) : null;
|
|
}
|
|
|
|
|
|
if (! empty($request->input('service_staff_pin'))) {
|
|
$user_data['service_staff_pin'] = $request->input('service_staff_pin');
|
|
}
|
|
|
|
|
|
//Sales commission percentage
|
|
$user_data['cmmsn_percent'] = ! empty($user_data['cmmsn_percent']) ? $this->moduleUtil->num_uf($user_data['cmmsn_percent']) : 0;
|
|
|
|
$user_data['max_sales_discount_percent'] = ! is_null($user_data['max_sales_discount_percent']) ? $this->moduleUtil->num_uf($user_data['max_sales_discount_percent']) : null;
|
|
|
|
if (! empty($request->input('dob'))) {
|
|
$user_data['dob'] = $this->moduleUtil->uf_date($request->input('dob'));
|
|
}
|
|
|
|
if (! empty($request->input('bank_details'))) {
|
|
$user_data['bank_details'] = json_encode($request->input('bank_details'));
|
|
}
|
|
|
|
DB::beginTransaction();
|
|
|
|
if ($user_data['allow_login'] && $request->has('username')) {
|
|
$user_data['username'] = $request->input('username');
|
|
$ref_count = $this->moduleUtil->setAndGetReferenceCount('username');
|
|
if (blank($user_data['username'])) {
|
|
$user_data['username'] = $this->moduleUtil->generateReferenceNumber('username', $ref_count);
|
|
}
|
|
|
|
$username_ext = $this->moduleUtil->getUsernameExtension();
|
|
if (! empty($username_ext)) {
|
|
$user_data['username'] .= $username_ext;
|
|
}
|
|
}
|
|
|
|
$user = User::where('business_id', $business_id)
|
|
->findOrFail($id);
|
|
|
|
$user->update($user_data);
|
|
$role_id = $request->input('role');
|
|
$user_role = $user->roles->first();
|
|
$previous_role = ! empty($user_role->id) ? $user_role->id : 0;
|
|
if ($previous_role != $role_id) {
|
|
$is_admin = $this->moduleUtil->is_admin($user);
|
|
$all_admins = $this->getAdmins();
|
|
//If only one admin then can not change role
|
|
if ($is_admin && count($all_admins) <= 1) {
|
|
throw new \Exception(__('lang_v1.cannot_change_role'));
|
|
}
|
|
if (! empty($previous_role)) {
|
|
$user->removeRole($user_role->name);
|
|
}
|
|
|
|
$role = Role::findOrFail($role_id);
|
|
$user->assignRole($role->name);
|
|
}
|
|
|
|
//Grant Location permissions
|
|
$this->moduleUtil->giveLocationPermissions($user, $request);
|
|
|
|
//Assign selected contacts
|
|
if ($user_data['selected_contacts'] == 1) {
|
|
$contact_ids = $request->get('selected_contact_ids');
|
|
} else {
|
|
$contact_ids = [];
|
|
}
|
|
$user->contactAccess()->sync($contact_ids);
|
|
|
|
//Update module fields for user
|
|
$this->moduleUtil->getModuleData('afterModelSaved', ['event' => 'user_saved', 'model_instance' => $user]);
|
|
|
|
$this->moduleUtil->activityLog($user, 'edited', null, ['name' => $user->user_full_name]);
|
|
|
|
event(new UserCreatedOrModified($user, 'updated'));
|
|
|
|
$output = ['success' => 1,
|
|
'msg' => __('user.user_update_success'),
|
|
];
|
|
|
|
DB::commit();
|
|
} catch (\Exception $e) {
|
|
DB::rollBack();
|
|
|
|
\Log::emergency('File:'.$e->getFile().'Line:'.$e->getLine().'Message:'.$e->getMessage());
|
|
|
|
$output = ['success' => 0,
|
|
'msg' => $e->getMessage(),
|
|
];
|
|
}
|
|
|
|
return redirect('users')->with('status', $output);
|
|
}
|
|
|
|
private function getAdmins()
|
|
{
|
|
$business_id = request()->session()->get('user.business_id');
|
|
$admins = User::role('Admin#'.$business_id)->get();
|
|
|
|
return $admins;
|
|
}
|
|
|
|
/**
|
|
* Remove the specified resource from storage.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function destroy($id)
|
|
{
|
|
//Disable in demo
|
|
$notAllowed = $this->moduleUtil->notAllowedInDemo();
|
|
if (! empty($notAllowed)) {
|
|
return $notAllowed;
|
|
}
|
|
|
|
if (! auth()->user()->can('user.delete')) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
if (request()->ajax()) {
|
|
try {
|
|
$business_id = request()->session()->get('user.business_id');
|
|
|
|
$user = User::where('business_id', $business_id)
|
|
->findOrFail($id);
|
|
|
|
$this->moduleUtil->activityLog($user, 'deleted', null, ['name' => $user->user_full_name, 'id' => $user->id]);
|
|
|
|
$user->delete();
|
|
event(new UserCreatedOrModified($user, 'deleted'));
|
|
|
|
$output = ['success' => true,
|
|
'msg' => __('user.user_delete_success'),
|
|
];
|
|
} catch (\Exception $e) {
|
|
\Log::emergency('File:'.$e->getFile().'Line:'.$e->getLine().'Message:'.$e->getMessage());
|
|
|
|
$output = ['success' => false,
|
|
'msg' => __('messages.something_went_wrong'),
|
|
];
|
|
}
|
|
|
|
return $output;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Retrives roles array (Hides admin role from non admin users)
|
|
*
|
|
* @param int $business_id
|
|
* @return array $roles
|
|
*/
|
|
private function getRolesArray($business_id)
|
|
{
|
|
$roles_array = Role::where('business_id', $business_id)->get()->pluck('name', 'id');
|
|
$roles = [];
|
|
|
|
$is_admin = $this->moduleUtil->is_admin(auth()->user(), $business_id);
|
|
|
|
foreach ($roles_array as $key => $value) {
|
|
if (! $is_admin && $value == 'Admin#'.$business_id) {
|
|
continue;
|
|
}
|
|
$roles[$key] = str_replace('#'.$business_id, '', $value);
|
|
}
|
|
|
|
return $roles;
|
|
}
|
|
|
|
/**
|
|
* Signes in from user id
|
|
*
|
|
* @param int $id
|
|
*/
|
|
public function signInAsUser($id)
|
|
{
|
|
if (! auth()->user()->can('superadmin') && empty(session('previous_user_id'))) {
|
|
abort(403, 'Unauthorized action.');
|
|
}
|
|
|
|
$user_id = auth()->user()->id;
|
|
$username = auth()->user()->username;
|
|
session()->flush();
|
|
|
|
if (request()->has('save_current')) {
|
|
session(['previous_user_id' => $user_id, 'previous_username' => $username]);
|
|
}
|
|
|
|
Auth::loginUsingId($id);
|
|
|
|
return redirect()->route('home');
|
|
}
|
|
}
|