| 
									
										
										
										
											2018-09-25 19:30:50 +08:00
										 |  |  | <?php namespace BookStack\Auth; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-29 21:02:26 +08:00
										 |  |  | use BookStack\Api\ApiToken; | 
					
						
							| 
									
										
										
										
											2018-09-25 19:30:50 +08:00
										 |  |  | use BookStack\Model; | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  | use BookStack\Notifications\ResetPassword; | 
					
						
							| 
									
										
										
										
											2018-09-25 23:58:03 +08:00
										 |  |  | use BookStack\Uploads\Image; | 
					
						
							| 
									
										
										
										
											2019-08-17 22:52:33 +08:00
										 |  |  | use Carbon\Carbon; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | use Illuminate\Auth\Authenticatable; | 
					
						
							|  |  |  | use Illuminate\Auth\Passwords\CanResetPassword; | 
					
						
							|  |  |  | use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract; | 
					
						
							|  |  |  | use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract; | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  | use Illuminate\Database\Eloquent\Relations\BelongsToMany; | 
					
						
							| 
									
										
										
										
											2019-12-29 21:02:26 +08:00
										 |  |  | use Illuminate\Database\Eloquent\Relations\HasMany; | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  | use Illuminate\Notifications\Notifiable; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-17 22:52:33 +08:00
										 |  |  | /** | 
					
						
							|  |  |  |  * Class User | 
					
						
							|  |  |  |  * @package BookStack\Auth | 
					
						
							|  |  |  |  * @property string $id | 
					
						
							|  |  |  |  * @property string $name | 
					
						
							|  |  |  |  * @property string $email | 
					
						
							|  |  |  |  * @property string $password | 
					
						
							|  |  |  |  * @property Carbon $created_at | 
					
						
							|  |  |  |  * @property Carbon $updated_at | 
					
						
							|  |  |  |  * @property bool $email_confirmed | 
					
						
							|  |  |  |  * @property int $image_id | 
					
						
							|  |  |  |  * @property string $external_auth_id | 
					
						
							|  |  |  |  * @property string $system_name | 
					
						
							|  |  |  |  */ | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | class User extends Model implements AuthenticatableContract, CanResetPasswordContract | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  |     use Authenticatable, CanResetPassword, Notifiable; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * The database table used by the model. | 
					
						
							|  |  |  |      * @var string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected $table = 'users'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * The attributes that are mass assignable. | 
					
						
							|  |  |  |      * @var array | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2019-05-04 22:48:15 +08:00
										 |  |  |     protected $fillable = ['name', 'email']; | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * The attributes excluded from the model's JSON form. | 
					
						
							|  |  |  |      * @var array | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2020-04-10 22:19:18 +08:00
										 |  |  |     protected $hidden = [ | 
					
						
							|  |  |  |         'password', 'remember_token', 'system_name', 'email_confirmed', 'external_auth_id', 'email', | 
					
						
							| 
									
										
										
										
											2020-05-23 07:28:41 +08:00
										 |  |  |         'created_at', 'updated_at', 'image_id', | 
					
						
							| 
									
										
										
										
											2020-04-10 22:19:18 +08:00
										 |  |  |     ]; | 
					
						
							| 
									
										
										
										
											2015-08-23 20:41:35 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * This holds the user's permissions when loaded. | 
					
						
							|  |  |  |      * @var array | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected $permissions; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-10-05 19:55:01 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * This holds the default user when loaded. | 
					
						
							|  |  |  |      * @var null|User | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     protected static $defaultUser = null; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-08-25 04:10:04 +08:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  |      * Returns the default public user. | 
					
						
							|  |  |  |      * @return User | 
					
						
							| 
									
										
										
										
											2015-08-25 04:10:04 +08:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public static function getDefault() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-10-05 19:55:01 +08:00
										 |  |  |         if (!is_null(static::$defaultUser)) { | 
					
						
							|  |  |  |             return static::$defaultUser; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |          | 
					
						
							|  |  |  |         static::$defaultUser = static::where('system_name', '=', 'public')->first(); | 
					
						
							|  |  |  |         return static::$defaultUser; | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user is the default public user. | 
					
						
							|  |  |  |      * @return bool | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function isDefault() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return $this->system_name === 'public'; | 
					
						
							| 
									
										
										
										
											2015-08-25 04:10:04 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * The roles that belong to the user. | 
					
						
							| 
									
										
										
										
											2016-09-29 19:43:46 +08:00
										 |  |  |      * @return BelongsToMany | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |      */ | 
					
						
							|  |  |  |     public function roles() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if ($this->id === 0) { | 
					
						
							|  |  |  |             return ; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-05-02 04:20:50 +08:00
										 |  |  |         return $this->belongsToMany(Role::class); | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a role. | 
					
						
							|  |  |  |      * @param $role | 
					
						
							|  |  |  |      * @return mixed | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function hasRole($role) | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |         return $this->roles->pluck('name')->contains($role); | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-01-02 05:21:11 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a role. | 
					
						
							|  |  |  |      * @param $role | 
					
						
							|  |  |  |      * @return mixed | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function hasSystemRole($role) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2017-12-26 04:52:41 +08:00
										 |  |  |         return $this->roles->pluck('system_name')->contains($role); | 
					
						
							| 
									
										
										
										
											2017-01-02 05:21:11 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-02-03 01:31:00 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Attach the default system role to this user. | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function attachDefaultRole(): void | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $roleId = setting('registration-role'); | 
					
						
							|  |  |  |         if ($roleId && $this->roles()->where('id', '=', $roleId)->count() === 0) { | 
					
						
							|  |  |  |             $this->roles()->attach($roleId); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     /** | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |      * Get all permissions belonging to a the current user. | 
					
						
							| 
									
										
										
										
											2016-03-05 20:09:09 +08:00
										 |  |  |      * @param bool $cache | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |      * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2016-03-05 20:09:09 +08:00
										 |  |  |     public function permissions($cache = true) | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if (isset($this->permissions) && $cache) { | 
					
						
							|  |  |  |             return $this->permissions; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |         $this->load('roles.permissions'); | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         $permissions = $this->roles->map(function ($role) { | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |             return $role->permissions; | 
					
						
							|  |  |  |         })->flatten()->unique(); | 
					
						
							|  |  |  |         $this->permissions = $permissions; | 
					
						
							|  |  |  |         return $permissions; | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a particular permission. | 
					
						
							|  |  |  |      * @param $permissionName | 
					
						
							|  |  |  |      * @return bool | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function can($permissionName) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if ($this->email === 'guest') { | 
					
						
							|  |  |  |             return false; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-02-28 03:24:42 +08:00
										 |  |  |         return $this->permissions()->pluck('name')->contains($permissionName); | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Attach a role to this user. | 
					
						
							|  |  |  |      * @param Role $role | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function attachRole(Role $role) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2020-02-03 01:31:00 +08:00
										 |  |  |         $this->roles()->attach($role->id); | 
					
						
							| 
									
										
										
										
											2015-08-29 22:03:42 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get the social account associated with this user. | 
					
						
							|  |  |  |      * @return \Illuminate\Database\Eloquent\Relations\HasMany | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function socialAccounts() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-05-02 04:20:50 +08:00
										 |  |  |         return $this->hasMany(SocialAccount::class); | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Check if the user has a social account, | 
					
						
							|  |  |  |      * If a driver is passed it checks for that single account type. | 
					
						
							|  |  |  |      * @param bool|string $socialDriver | 
					
						
							|  |  |  |      * @return bool | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function hasSocialAccount($socialDriver = false) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2015-11-27 07:45:04 +08:00
										 |  |  |         if ($socialDriver === false) { | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |             return $this->socialAccounts()->count() > 0; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return $this->socialAccounts()->where('driver', '=', $socialDriver)->exists(); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-08-23 20:41:35 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Returns the user's avatar, | 
					
						
							|  |  |  |      * @param int $size | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getAvatar($size = 50) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-04 21:26:39 +08:00
										 |  |  |         $default = url('/user_avatar.png'); | 
					
						
							| 
									
										
										
										
											2017-01-22 20:19:50 +08:00
										 |  |  |         $imageId = $this->image_id; | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |         if ($imageId === 0 || $imageId === '0' || $imageId === null) { | 
					
						
							|  |  |  |             return $default; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2017-01-22 20:19:50 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |         try { | 
					
						
							| 
									
										
										
										
											2019-08-04 21:26:39 +08:00
										 |  |  |             $avatar = $this->avatar ? url($this->avatar->getThumb($size, $size, false)) : $default; | 
					
						
							| 
									
										
										
										
											2017-01-22 20:19:50 +08:00
										 |  |  |         } catch (\Exception $err) { | 
					
						
							|  |  |  |             $avatar = $default; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         return $avatar; | 
					
						
							| 
									
										
										
										
											2015-12-10 06:30:55 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the avatar for the user. | 
					
						
							|  |  |  |      * @return \Illuminate\Database\Eloquent\Relations\BelongsTo | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function avatar() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2016-05-02 04:20:50 +08:00
										 |  |  |         return $this->belongsTo(Image::class, 'image_id'); | 
					
						
							| 
									
										
										
										
											2015-08-23 20:41:35 +08:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-29 21:02:26 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get the API tokens assigned to this user. | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function apiTokens(): HasMany | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return $this->hasMany(ApiToken::class); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-09-22 03:54:11 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get the url for editing this user. | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2019-12-29 21:02:26 +08:00
										 |  |  |     public function getEditUrl(string $path = ''): string | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-12-29 21:02:26 +08:00
										 |  |  |         $uri = '/settings/users/' . $this->id . '/' . trim($path, '/'); | 
					
						
							|  |  |  |         return url(rtrim($uri, '/')); | 
					
						
							| 
									
										
										
										
											2015-09-05 03:40:36 +08:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-08-14 19:29:35 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get the url that links to this user's profile. | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2019-12-29 21:02:26 +08:00
										 |  |  |     public function getProfileUrl(): string | 
					
						
							| 
									
										
										
										
											2016-08-14 19:29:35 +08:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-08-04 21:26:39 +08:00
										 |  |  |         return url('/user/' . $this->id); | 
					
						
							| 
									
										
										
										
											2016-08-14 19:29:35 +08:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Get a shortened version of the user's name. | 
					
						
							|  |  |  |      * @param int $chars | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getShortName($chars = 8) | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2019-05-25 23:14:57 +08:00
										 |  |  |         if (mb_strlen($this->name) <= $chars) { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |             return $this->name; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |         $splitName = explode(' ', $this->name); | 
					
						
							| 
									
										
										
										
											2019-05-25 23:14:57 +08:00
										 |  |  |         if (mb_strlen($splitName[0]) <= $chars) { | 
					
						
							| 
									
										
										
										
											2018-01-29 00:58:52 +08:00
										 |  |  |             return $splitName[0]; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2016-03-31 04:28:38 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |         return ''; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2016-09-18 01:22:04 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Send the password reset notification. | 
					
						
							|  |  |  |      * @param  string  $token | 
					
						
							|  |  |  |      * @return void | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function sendPasswordResetNotification($token) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $this->notify(new ResetPassword($token)); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2015-07-13 03:01:42 +08:00
										 |  |  | } |