1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
|
<?php
/**
* UserFrosting (http://www.userfrosting.com)
*
* @link https://github.com/userfrosting/UserFrosting
* @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License)
*/
namespace UserFrosting\Sprinkle\Account\Database\Models;
use Carbon\Carbon;
use Illuminate\Database\Capsule\Manager as Capsule;
use Illuminate\Database\Eloquent\SoftDeletes;
use UserFrosting\Sprinkle\Account\Facades\Password;
use UserFrosting\Sprinkle\Core\Database\Models\Model;
use UserFrosting\Sprinkle\Core\Facades\Debug;
/**
* User Class
*
* Represents a User object as stored in the database.
*
* @author Alex Weissman (https://alexanderweissman.com)
* @property int id
* @property string user_name
* @property string first_name
* @property string last_name
* @property string email
* @property string locale
* @property string theme
* @property int group_id
* @property bool flag_verified
* @property bool flag_enabled
* @property int last_activity_id
* @property timestamp created_at
* @property timestamp updated_at
* @property string password
* @property timestamp deleted_at
*/
class User extends Model
{
use SoftDeletes;
/**
* The name of the table for the current model.
*
* @var string
*/
protected $table = 'users';
/**
* Fields that should be mass-assignable when creating a new User.
*
* @var string[]
*/
protected $fillable = [
'user_name',
'first_name',
'last_name',
'email',
'locale',
'theme',
'group_id',
'flag_verified',
'flag_enabled',
'last_activity_id',
'password',
'deleted_at'
];
/**
* A list of attributes to hide by default when using toArray() and toJson().
*
* @link https://laravel.com/docs/5.4/eloquent-serialization#hiding-attributes-from-json
* @var string[]
*/
protected $hidden = [
'password'
];
/**
* The attributes that should be mutated to dates.
*
* @var string[]
*/
protected $dates = [
'deleted_at'
];
protected $appends = [
'full_name'
];
/**
* Cached dictionary of permissions for the user.
*
* @var array
*/
protected $cachedPermissions;
/**
* Enable timestamps for Users.
*
* @var bool
*/
public $timestamps = TRUE;
/**
* Determine if the property for this object exists.
*
* We add relations here so that Twig will be able to find them.
* See http://stackoverflow.com/questions/29514081/cannot-access-eloquent-attributes-on-twig/35908957#35908957
* Every property in __get must also be implemented here for Twig to recognize it.
* @param string $name the name of the property to check.
* @return bool true if the property is defined, false otherwise.
*/
public function __isset($name) {
if (in_array($name, [
'group',
'last_sign_in_time',
'avatar'
])) {
return TRUE;
} else {
return parent::__isset($name);
}
}
/**
* Get a property for this object.
*
* @param string $name the name of the property to retrieve.
* @throws Exception the property does not exist for this object.
* @return string the associated property.
*/
public function __get($name) {
if ($name == 'last_sign_in_time') {
return $this->lastActivityTime('sign_in');
} else if ($name == 'avatar') {
// Use Gravatar as the user avatar
$hash = md5(strtolower(trim($this->email)));
return 'https://www.gravatar.com/avatar/' . $hash . '?d=mm';
} else {
return parent::__get($name);
}
}
/**
* Get all activities for this user.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function activities() {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
return $this->hasMany($classMapper->getClassMapping('activity'), 'user_id');
}
/**
* Delete this user from the database, along with any linked roles and activities.
*
* @param bool $hardDelete Set to true to completely remove the user and all associated objects.
* @return bool true if the deletion was successful, false otherwise.
*/
public function delete($hardDelete = FALSE) {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
if ($hardDelete) {
// Remove all role associations
$this->roles()->detach();
// Remove all user activities
$classMapper->staticMethod('activity', 'where', 'user_id', $this->id)->delete();
// Remove all user tokens
$classMapper->staticMethod('password_reset', 'where', 'user_id', $this->id)->delete();
$classMapper->staticMethod('verification', 'where', 'user_id', $this->id)->delete();
// Delete the user
$result = parent::forceDelete();
} else {
// Soft delete the user, leaving all associated records alone
$result = parent::delete();
}
return $result;
}
/**
* Determines whether a user exists, including checking soft-deleted records
*
* @deprecated since 4.1.7 This method conflicts with and overrides the Builder::exists() method. Use Model::findUnique instead.
* @param mixed $value
* @param string $identifier
* @param bool $checkDeleted set to true to include soft-deleted records
* @return User|null
*/
public static function exists($value, $identifier = 'user_name', $checkDeleted = TRUE) {
return static::findUnique($value, $identifier, $checkDeleted);
}
/**
* Return a cache instance specific to that user
*
* @return \Illuminate\Contracts\Cache\Store
*/
public function getCache() {
return static::$ci->cache->tags('_u' . $this->id);
}
/**
* Allows you to get the full name of the user using `$user->full_name`
*
* @return string
*/
public function getFullNameAttribute() {
return $this->first_name . ' ' . $this->last_name;
}
/**
* Retrieve the cached permissions dictionary for this user.
*
* @return array
*/
public function getCachedPermissions() {
if (!isset($this->cachedPermissions)) {
$this->reloadCachedPermissions();
}
return $this->cachedPermissions;
}
/**
* Retrieve the cached permissions dictionary for this user.
*
* @return User
*/
public function reloadCachedPermissions() {
$this->cachedPermissions = $this->buildPermissionsDictionary();
return $this;
}
/**
* Get the amount of time, in seconds, that has elapsed since the last activity of a certain time for this user.
*
* @param string $type The type of activity to search for.
* @return int
*/
public function getSecondsSinceLastActivity($type) {
$time = $this->lastActivityTime($type);
$time = $time ? $time : '0000-00-00 00:00:00';
$time = new Carbon($time);
return $time->diffInSeconds();
}
/**
* Return this user's group.
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
*/
public function group() {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
return $this->belongsTo($classMapper->getClassMapping('group'), 'group_id');
}
/**
* Returns whether or not this user is the master user.
*
* @return bool
*/
public function isMaster() {
$masterId = static::$ci->config['reserved_user_ids.master'];
// Need to use loose comparison for now, because some DBs return `id` as a string
return ($this->id == $masterId);
}
/**
* Get the most recent activity for this user, based on the user's last_activity_id.
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
*/
public function lastActivity() {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
return $this->belongsTo($classMapper->getClassMapping('activity'), 'last_activity_id');
}
/**
* Find the most recent activity for this user of a particular type.
*
* @param string $type
* @return \Illuminate\Database\Eloquent\Builder
*/
public function lastActivityOfType($type = NULL) {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
$query = $this->hasOne($classMapper->getClassMapping('activity'), 'user_id');
if ($type) {
$query = $query->where('type', $type);
}
return $query->latest('occurred_at');
}
/**
* Get the most recent time for a specified activity type for this user.
*
* @param string $type
* @return string|null The last activity time, as a SQL formatted time (YYYY-MM-DD HH:MM:SS), or null if an activity of this type doesn't exist.
*/
public function lastActivityTime($type) {
$result = $this->activities()
->where('type', $type)
->max('occurred_at');
return $result ? $result : NULL;
}
/**
* Performs tasks to be done after this user has been successfully authenticated.
*
* By default, adds a new sign-in activity and updates any legacy hash.
* @param mixed[] $params Optional array of parameters used for this event handler.
* @odo Transition to Laravel Event dispatcher to handle this
*/
public function onLogin($params = []) {
// Add a sign in activity (time is automatically set by database)
static::$ci->userActivityLogger->info("User {$this->user_name} signed in.", [
'type' => 'sign_in'
]);
// Update password if we had encountered an outdated hash
$passwordType = Password::getHashType($this->password);
if ($passwordType != 'modern') {
if (!isset($params['password'])) {
Debug::debug('Notice: Unhashed password must be supplied to update to modern password hashing.');
} else {
// Hash the user's password and update
$passwordHash = Password::hash($params['password']);
if ($passwordHash === NULL) {
Debug::debug('Notice: outdated password hash could not be updated because the new hashing algorithm is not supported. Are you running PHP >= 5.3.7?');
} else {
$this->password = $passwordHash;
Debug::debug('Notice: outdated password hash has been automatically updated to modern hashing.');
}
}
}
// Save changes
$this->save();
return $this;
}
/**
* Performs tasks to be done after this user has been logged out.
*
* By default, adds a new sign-out activity.
* @param mixed[] $params Optional array of parameters used for this event handler.
* @do Transition to Laravel Event dispatcher to handle this
*/
public function onLogout($params = []) {
static::$ci->userActivityLogger->info("User {$this->user_name} signed out.", [
'type' => 'sign_out'
]);
return $this;
}
/**
* Get all password reset requests for this user.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function passwordResets() {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
return $this->hasMany($classMapper->getClassMapping('password_reset'), 'user_id');
}
/**
* Get all of the permissions this user has, via its roles.
*
* @return \UserFrosting\Sprinkle\Core\Database\Relations\BelongsToManyThrough
*/
public function permissions() {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
return $this->belongsToManyThrough(
$classMapper->getClassMapping('permission'),
$classMapper->getClassMapping('role'),
'role_users',
'user_id',
'role_id',
'permission_roles',
'role_id',
'permission_id'
);
}
/**
* Get all roles to which this user belongs.
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
*/
public function roles() {
/** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = static::$ci->classMapper;
return $this->belongsToMany($classMapper->getClassMapping('role'), 'role_users', 'user_id', 'role_id')->withTimestamps();
}
/**
* Query scope to get all users who have a specific role.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param int $roleId
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeForRole($query, $roleId) {
return $query->join('role_users', function ($join) use ($roleId) {
$join->on('role_users.user_id', 'users.id')
->where('role_id', $roleId);
});
}
/**
* Joins the user's most recent activity directly, so we can do things like sort, search, paginate, etc.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeJoinLastActivity($query) {
$query = $query->select('users.*');
$query = $query->leftJoin('activities', 'activities.id', '=', 'users.last_activity_id');
return $query;
}
/**
* Loads permissions for this user into a cached dictionary of slugs -> arrays of permissions,
* so we don't need to keep requerying the DB for every call of checkAccess.
*
* @return array
*/
protected function buildPermissionsDictionary() {
$permissions = $this->permissions()->get();
$cachedPermissions = [];
foreach ($permissions as $permission) {
$cachedPermissions[$permission->slug][] = $permission;
}
return $cachedPermissions;
}
}
|
