blessing-skin-server/app/Http/Controllers/UsersManagementController.php
2020-05-19 19:02:09 +08:00

175 lines
5.0 KiB
PHP

<?php
namespace App\Http\Controllers;
use App\Models\User;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
class UsersManagementController extends Controller
{
public function __construct()
{
$this->middleware(function (Request $request, $next) {
/** @var User */
$targetUser = $request->route('user');
/** @var User */
$authUser = $request->user();
if (
$targetUser->isNot($authUser) &&
$targetUser->permission >= $authUser->permission
) {
return json(trans('admin.users.operations.no-permission'), 1)
->setStatusCode(403);
}
return $next($request);
})->except(['list']);
}
public function list(Request $request)
{
$q = $request->input('q');
return User::usingSearchString($q)->paginate(10);
}
public function email(User $user, Request $request, Dispatcher $dispatcher)
{
$data = $request->validate([
'email' => [
'required', 'email', Rule::unique('users')->ignore($user),
],
]);
$email = $data['email'];
$dispatcher->dispatch('user.email.updating', [$user, $email]);
$old = $user->replicate();
$user->email = $email;
$user->save();
$dispatcher->dispatch('user.email.updated', [$user, $old]);
return json(trans('admin.users.operations.email.success'), 0);
}
public function verification(User $user, Dispatcher $dispatcher)
{
$dispatcher->dispatch('user.verification.updating', [$user]);
$user->verified = !$user->verified;
$user->save();
$dispatcher->dispatch('user.verification.updated', [$user]);
return json(trans('admin.users.operations.verification.success'), 0);
}
public function nickname(User $user, Request $request, Dispatcher $dispatcher)
{
$data = $request->validate([
'nickname' => 'required|string',
]);
$nickname = $data['nickname'];
$dispatcher->dispatch('user.nickname.updating', [$user, $nickname]);
$old = $user->replicate();
$user->nickname = $nickname;
$user->save();
$dispatcher->dispatch('user.nickname.updated', [$user, $old]);
return json(trans('admin.users.operations.nickname.success', [
'new' => $request->input('nickname'),
]), 0);
}
public function password(User $user, Request $request, Dispatcher $dispatcher)
{
$data = $request->validate([
'password' => 'required|string|min:8|max:16',
]);
$password = $data['password'];
$dispatcher->dispatch('user.password.updating', [$user, $password]);
$user->changePassword($password);
$user->save();
$dispatcher->dispatch('user.password.updated', [$user]);
return json(trans('admin.users.operations.password.success'), 0);
}
public function score(User $user, Request $request, Dispatcher $dispatcher)
{
$data = $request->validate([
'score' => 'required|integer',
]);
$score = (int) $data['score'];
$dispatcher->dispatch('user.score.updating', [$user, $score]);
$old = $user->replicate();
$user->score = $score;
$user->save();
$dispatcher->dispatch('user.score.updated', [$user, $old]);
return json(trans('admin.users.operations.score.success'), 0);
}
public function permission(User $user, Request $request, Dispatcher $dispatcher)
{
$data = $request->validate([
'permission' => [
'required',
Rule::in([User::BANNED, User::NORMAL, User::ADMIN]),
],
]);
$permission = (int) $data['permission'];
if (
$permission === User::ADMIN &&
$request->user()->permission < User::SUPER_ADMIN
) {
return json(trans('admin.users.operations.no-permission'), 1)
->setStatusCode(403);
}
if ($user->is($request->user())) {
return json(trans('admin.users.operations.no-permission'), 1)
->setStatusCode(403);
}
$dispatcher->dispatch('user.permission.updating', [$user, $permission]);
$old = $user->replicate();
$user->permission = $permission;
$user->save();
if ($permission === User::BANNED) {
$dispatcher->dispatch('user.banned', [$user]);
}
$dispatcher->dispatch('user.permission.updated', [$user, $old]);
return json(trans('admin.users.operations.permission'), 0);
}
public function delete(User $user, Dispatcher $dispatcher)
{
$dispatcher->dispatch('user.deleting', [$user]);
$user->delete();
$dispatcher->dispatch('user.deleted', [$user]);
return json(trans('admin.users.operations.delete.success'), 0);
}
}