BookStack Code Mirror - bookstack/blob

1 <?php

3 namespace BookStack\Auth;

5 use BookStack\Actions\Favourite;

6 use BookStack\Api\ApiToken;

7 use BookStack\Auth\Access\Mfa\MfaValue;

8 use BookStack\Entities\Tools\SlugGenerator;

9 use BookStack\Interfaces\Loggable;

10 use BookStack\Interfaces\Sluggable;

11 use BookStack\Model;

12 use BookStack\Notifications\ResetPassword;

13 use BookStack\Uploads\Image;

14 use Carbon\Carbon;

15 use Exception;

16 use Illuminate\Auth\Authenticatable;

17 use Illuminate\Auth\Passwords\CanResetPassword;

18 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;

19 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;

20 use Illuminate\Database\Eloquent\Builder;

21 use Illuminate\Database\Eloquent\Factories\HasFactory;

22 use Illuminate\Database\Eloquent\Relations\BelongsTo;

23 use Illuminate\Database\Eloquent\Relations\BelongsToMany;

24 use Illuminate\Database\Eloquent\Relations\HasMany;

25 use Illuminate\Notifications\Notifiable;

26 use Illuminate\Support\Collection;

28 /**

29 * Class User.

30 *

31 * @property int $id

32 * @property string $name

33 * @property string $slug

34 * @property string $email

35 * @property string $password

36 * @property Carbon $created_at

37 * @property Carbon $updated_at

38 * @property bool $email_confirmed

39 * @property int $image_id

40 * @property string $external_auth_id

41 * @property string $system_name

42 * @property Collection $roles

43 * @property Collection $mfaValues

44 */

45 class User extends Model implements AuthenticatableContract, CanResetPasswordContract, Loggable, Sluggable

46 {

47 use HasFactory;

48 use Authenticatable;

49 use CanResetPassword;

50 use Notifiable;

52 /**

53 * The database table used by the model.

54 *

55 * @var string

56 */

57 protected $table = 'users';

59 /**

60 * The attributes that are mass assignable.

61 *

62 * @var array

63 */

64 protected $fillable = ['name', 'email'];

66 protected $casts = ['last_activity_at' => 'datetime'];

68 /**

69 * The attributes excluded from the model's JSON form.

70 *

71 * @var array

72 */

73 protected $hidden = [

74 'password', 'remember_token', 'system_name', 'email_confirmed', 'external_auth_id', 'email',

75 'created_at', 'updated_at', 'image_id', 'roles', 'avatar', 'user_id',

76 ];

78 /**

79 * This holds the user's permissions when loaded.

80 *

81 * @var ?Collection

82 */

83 protected $permissions;

85 /**

86 * This holds the default user when loaded.

87 *

88 * @var null|User

89 */

90 protected static $defaultUser = null;

92 /**

93 * Returns the default public user.

94 */

95 public static function getDefault(): self

96 {

97 if (!is_null(static::$defaultUser)) {

98 return static::$defaultUser;

99 }

100

101 static::$defaultUser = static::query()->where('system_name', '=', 'public')->first();

102

103 return static::$defaultUser;

104 }

105

106 /**

107 * Check if the user is the default public user.

108 */

109 public function isDefault(): bool

110 {

111 return $this->system_name === 'public';

112 }

113

114 /**

115 * The roles that belong to the user.

116 *

117 * @return BelongsToMany

118 */

119 public function roles()

120 {

121 if ($this->id === 0) {

122 return;

123 }

124

125 return $this->belongsToMany(Role::class);

126 }

127

128 /**

129 * Check if the user has a role.

130 */

131 public function hasRole($roleId): bool

132 {

133 return $this->roles->pluck('id')->contains($roleId);

134 }

135

136 /**

137 * Check if the user has a role.

138 */

139 public function hasSystemRole(string $roleSystemName): bool

140 {

141 return $this->roles->pluck('system_name')->contains($roleSystemName);

142 }

143

144 /**

145 * Attach the default system role to this user.

146 */

147 public function attachDefaultRole(): void

148 {

149 $roleId = intval(setting('registration-role'));

150 if ($roleId && $this->roles()->where('id', '=', $roleId)->count() === 0) {

151 $this->roles()->attach($roleId);

152 }

153 }

154

155 /**

156 * Check if the user has a particular permission.

157 */

158 public function can(string $permissionName): bool

159 {

160 if ($this->email === 'guest') {

161 return false;

162 }

163

164 return $this->permissions()->contains($permissionName);

165 }

166

167 /**

168 * Get all permissions belonging to a the current user.

169 */

170 protected function permissions(): Collection

171 {

172 if (isset($this->permissions)) {

173 return $this->permissions;

174 }

175

176 $this->permissions = $this->newQuery()->getConnection()->table('role_user', 'ru')

177 ->select('role_permissions.name as name')->distinct()

178 ->leftJoin('permission_role', 'ru.role_id', '=', 'permission_role.role_id')

179 ->leftJoin('role_permissions', 'permission_role.permission_id', '=', 'role_permissions.id')

180 ->where('ru.user_id', '=', $this->id)

181 ->pluck('name');

182

183 return $this->permissions;

184 }

185

186 /**

187 * Clear any cached permissions on this instance.

188 */

189 public function clearPermissionCache()

190 {

191 $this->permissions = null;

192 }

193

194 /**

195 * Attach a role to this user.

196 */

197 public function attachRole(Role $role)

198 {

199 $this->roles()->attach($role->id);

200 }

201

202 /**

203 * Get the social account associated with this user.

204 */

205 public function socialAccounts(): HasMany

206 {

207 return $this->hasMany(SocialAccount::class);

208 }

209

210 /**

211 * Check if the user has a social account,

212 * If a driver is passed it checks for that single account type.

213 *

214 * @param bool|string $socialDriver

215 *

216 * @return bool

217 */

218 public function hasSocialAccount($socialDriver = false)

219 {

220 if ($socialDriver === false) {

221 return $this->socialAccounts()->count() > 0;

222 }

223

224 return $this->socialAccounts()->where('driver', '=', $socialDriver)->exists();

225 }

226

227 /**

228 * Returns a URL to the user's avatar.

229 */

230 public function getAvatar(int $size = 50): string

231 {

232 $default = url('/user_avatar.png');

233 $imageId = $this->image_id;

234 if ($imageId === 0 || $imageId === '0' || $imageId === null) {

235 return $default;

236 }

237

238 try {

239 $avatar = $this->avatar ? url($this->avatar->getThumb($size, $size, false)) : $default;

240 } catch (Exception $err) {

241 $avatar = $default;

242 }

243

244 return $avatar;

245 }

246

247 /**

248 * Get the avatar for the user.

249 */

250 public function avatar(): BelongsTo

251 {

252 return $this->belongsTo(Image::class, 'image_id');

253 }

254

255 /**

256 * Get the API tokens assigned to this user.

257 */

258 public function apiTokens(): HasMany

259 {

260 return $this->hasMany(ApiToken::class);

261 }

262

263 /**

264 * Get the favourite instances for this user.

265 */

266 public function favourites(): HasMany

267 {

268 return $this->hasMany(Favourite::class);

269 }

270

271 /**

272 * Get the MFA values belonging to this use.

273 */

274 public function mfaValues(): HasMany

275 {

276 return $this->hasMany(MfaValue::class);

277 }

278

279 /**

280 * Get the last activity time for this user.

281 */

282 public function scopeWithLastActivityAt(Builder $query)

283 {

284 $query->addSelect(['activities.created_at as last_activity_at'])

285 ->leftJoinSub(function (\Illuminate\Database\Query\Builder $query) {

286 $query->from('activities')->select('user_id')

287 ->selectRaw('max(created_at) as created_at')

288 ->groupBy('user_id');

289 }, 'activities', 'users.id', '=', 'activities.user_id');

290 }

291

292 /**

293 * Get the url for editing this user.

294 */

295 public function getEditUrl(string $path = ''): string

296 {

297 $uri = '/settings/users/' . $this->id . '/' . trim($path, '/');

298

299 return url(rtrim($uri, '/'));

300 }

301

302 /**

303 * Get the url that links to this user's profile.

304 */

305 public function getProfileUrl(): string

306 {

307 return url('/user/' . $this->slug);

308 }

309

310 /**

311 * Get a shortened version of the user's name.

312 */

313 public function getShortName(int $chars = 8): string

314 {

315 if (mb_strlen($this->name) <= $chars) {

316 return $this->name;

317 }

318

319 $splitName = explode(' ', $this->name);

320 if (mb_strlen($splitName[0]) <= $chars) {

321 return $splitName[0];

322 }

323

324 return '';

325 }

326

327 /**

328 * Send the password reset notification.

329 *

330 * @param string $token

331 *

332 * @return void

333 */

334 public function sendPasswordResetNotification($token)

335 {

336 $this->notify(new ResetPassword($token));

337 }

338

339 /**

340 * {@inheritdoc}

341 */

342 public function logDescriptor(): string

343 {

344 return "({$this->id}) {$this->name}";

345 }

346

347 /**

348 * {@inheritdoc}

349 */

350 public function refreshSlug(): string

351 {

352 $this->slug = app(SlugGenerator::class)->generate($this);

353

354 return $this->slug;

355 }

356 }