| 
									
										
										
										
											2018-09-25 19:30:50 +08:00
										 |  |  | <?php namespace BookStack\Auth; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-09-25 19:30:50 +08:00
										 |  |  | use BookStack\Model; | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  | use BookStack\Notifications\ResetPassword; | 
					
						
							| 
									
										
										
										
											2018-09-25 23:58:03 +08:00
										 |  |  | use BookStack\Uploads\Image; | 
					
						
							| 
									
										
										
										
											2019-08-17 22:52:33 +08:00
										 |  |  | use Carbon\Carbon; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | use Illuminate\Auth\Authenticatable; | 
					
						
							|  |  |  | use Illuminate\Auth\Passwords\CanResetPassword; | 
					
						
							|  |  |  | use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract; | 
					
						
							|  |  |  | use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract; | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  | use Illuminate\Database\Eloquent\Relations\BelongsToMany; | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  | use Illuminate\Notifications\Notifiable; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-17 22:52:33 +08:00
										 |  |  | /** | 
					
						
							|  |  |  |  * Class User | 
					
						
							|  |  |  |  * @package BookStack\Auth | 
					
						
							|  |  |  |  * @property string $id | 
					
						
							|  |  |  |  * @property string $name | 
					
						
							|  |  |  |  * @property string $email | 
					
						
							|  |  |  |  * @property string $password | 
					
						
							|  |  |  |  * @property Carbon $created_at | 
					
						
							|  |  |  |  * @property Carbon $updated_at | 
					
						
							|  |  |  |  * @property bool $email_confirmed | 
					
						
							|  |  |  |  * @property int $image_id | 
					
						
							|  |  |  |  * @property string $external_auth_id | 
					
						
							|  |  |  |  * @property string $system_name | 
					
						
							|  |  |  |  */ | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | class User extends Model implements AuthenticatableContract, CanResetPasswordContract | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  |     use Authenticatable, CanResetPassword, Notifiable; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * The database table used by the model. | 
					
						
							|  |  |  |      * @var string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected $table = 'users'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * The attributes that are mass assignable. | 
					
						
							|  |  |  |      * @var array | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2019-05-04 22:48:15 +08:00
										 |  |  |     protected $fillable = ['name', 'email']; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * The attributes excluded from the model's JSON form. | 
					
						
							|  |  |  |      * @var array | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected $hidden = ['password', 'remember_token']; | 
					
						
							| 
									
										
										
										
											2015-08-23 20:41:35 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * This holds the user's permissions when loaded. | 
					
						
							|  |  |  |      * @var array | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected $permissions; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-08-25 04:10:04 +08:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  |      * Returns the default public user. | 
					
						
							|  |  |  |      * @return User | 
					
						
							| 
									
										
										
										
											2015-08-25 04:10:04 +08:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public static function getDefault() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  |         return static::where('system_name', '=', 'public')->first(); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user is the default public user. | 
					
						
							|  |  |  |      * @return bool | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function isDefault() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return $this->system_name === 'public'; | 
					
						
							| 
									
										
										
										
											2015-08-25 04:10:04 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * The roles that belong to the user. | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  |      * @return BelongsToMany | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function roles() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if ($this->id === 0) { | 
					
						
							|  |  |  |             return ; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-05-02 04:20:50 +08:00
										 |  |  |         return $this->belongsToMany(Role::class); | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a role. | 
					
						
							|  |  |  |      * @param $role | 
					
						
							|  |  |  |      * @return mixed | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function hasRole($role) | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |         return $this->roles->pluck('name')->contains($role); | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-01-02 05:21:11 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a role. | 
					
						
							|  |  |  |      * @param $role | 
					
						
							|  |  |  |      * @return mixed | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function hasSystemRole($role) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2017-12-26 04:52:41 +08:00
										 |  |  |         return $this->roles->pluck('system_name')->contains($role); | 
					
						
							| 
									
										
										
										
											2017-01-02 05:21:11 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |      * Get all permissions belonging to a the current user. | 
					
						
							| 
									
										
										
										
											2016-03-05 20:09:09 +08:00
										 |  |  |      * @param bool $cache | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |      * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2016-03-05 20:09:09 +08:00
										 |  |  |     public function permissions($cache = true) | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if (isset($this->permissions) && $cache) { | 
					
						
							|  |  |  |             return $this->permissions; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |         $this->load('roles.permissions'); | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         $permissions = $this->roles->map(function ($role) { | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |             return $role->permissions; | 
					
						
							|  |  |  |         })->flatten()->unique(); | 
					
						
							|  |  |  |         $this->permissions = $permissions; | 
					
						
							|  |  |  |         return $permissions; | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a particular permission. | 
					
						
							|  |  |  |      * @param $permissionName | 
					
						
							|  |  |  |      * @return bool | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function can($permissionName) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if ($this->email === 'guest') { | 
					
						
							|  |  |  |             return false; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |         return $this->permissions()->pluck('name')->contains($permissionName); | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Attach a role to this user. | 
					
						
							|  |  |  |      * @param Role $role | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function attachRole(Role $role) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $this->attachRoleId($role->id); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Attach a role id to this user. | 
					
						
							|  |  |  |      * @param $id | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function attachRoleId($id) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-03-05 20:09:09 +08:00
										 |  |  |         $this->roles()->attach($id); | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get the social account associated with this user. | 
					
						
							|  |  |  |      * @return \Illuminate\Database\Eloquent\Relations\HasMany | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function socialAccounts() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-05-02 04:20:50 +08:00
										 |  |  |         return $this->hasMany(SocialAccount::class); | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a social account, | 
					
						
							|  |  |  |      * If a driver is passed it checks for that single account type. | 
					
						
							|  |  |  |      * @param bool|string $socialDriver | 
					
						
							|  |  |  |      * @return bool | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function hasSocialAccount($socialDriver = false) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |         if ($socialDriver === false) { | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |             return $this->socialAccounts()->count() > 0; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return $this->socialAccounts()->where('driver', '=', $socialDriver)->exists(); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-08-23 20:41:35 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Returns the user's avatar, | 
					
						
							|  |  |  |      * @param int $size | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getAvatar($size = 50) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-04 21:26:39 +08:00
										 |  |  |         $default = url('/user_avatar.png'); | 
					
						
							| 
									
										
										
										
											2017-01-22 20:19:50 +08:00
										 |  |  |         $imageId = $this->image_id; | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if ($imageId === 0 || $imageId === '0' || $imageId === null) { | 
					
						
							|  |  |  |             return $default; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2017-01-22 20:19:50 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |         try { | 
					
						
							| 
									
										
										
										
											2019-08-04 21:26:39 +08:00
										 |  |  |             $avatar = $this->avatar ? url($this->avatar->getThumb($size, $size, false)) : $default; | 
					
						
							| 
									
										
										
										
											2017-01-22 20:19:50 +08:00
										 |  |  |         } catch (\Exception $err) { | 
					
						
							|  |  |  |             $avatar = $default; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         return $avatar; | 
					
						
							| 
									
										
										
										
											2015-12-10 06:30:55 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the avatar for the user. | 
					
						
							|  |  |  |      * @return \Illuminate\Database\Eloquent\Relations\BelongsTo | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function avatar() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-05-02 04:20:50 +08:00
										 |  |  |         return $this->belongsTo(Image::class, 'image_id'); | 
					
						
							| 
									
										
										
										
											2015-08-23 20:41:35 +08:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-09-22 03:54:11 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get the url for editing this user. | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     public function getEditUrl() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-04 21:26:39 +08:00
										 |  |  |         return url('/settings/users/' . $this->id); | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-08-14 19:29:35 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get the url that links to this user's profile. | 
					
						
							|  |  |  |      * @return mixed | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getProfileUrl() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-04 21:26:39 +08:00
										 |  |  |         return url('/user/' . $this->id); | 
					
						
							| 
									
										
										
										
											2016-08-14 19:29:35 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get a shortened version of the user's name. | 
					
						
							|  |  |  |      * @param int $chars | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getShortName($chars = 8) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-05-25 23:14:57 +08:00
										 |  |  |         if (mb_strlen($this->name) <= $chars) { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |             return $this->name; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |         $splitName = explode(' ', $this->name); | 
					
						
							| 
									
										
										
										
											2019-05-25 23:14:57 +08:00
										 |  |  |         if (mb_strlen($splitName[0]) <= $chars) { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |             return $splitName[0]; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return ''; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Send the password reset notification. | 
					
						
							|  |  |  |      * @param  string  $token | 
					
						
							|  |  |  |      * @return void | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function sendPasswordResetNotification($token) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $this->notify(new ResetPassword($token)); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | } |