solocla/trf_certest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TRF Certest first commit

Browse Source
This commit is contained in:
Claudio
2025-02-26 08:57:46 +01:00
commit 3ce064a108
2524 changed files with 475404 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/Api/Users/AvatarController.php
+60
View File
@@ -0,0 +1,60 @@
<?php
namespace Vanguard\Http\Controllers\Api\Users;
use Illuminate\Http\Request;
use Vanguard\Events\User\UpdatedByAdmin;
use Vanguard\Http\Controllers\Api\ApiController;
use Vanguard\Http\Requests\User\UploadAvatarRawRequest;
use Vanguard\Http\Resources\UserResource;
use Vanguard\Repositories\User\UserRepository;
use Vanguard\Services\Upload\UserAvatarManager;
use Vanguard\User;
class AvatarController extends ApiController
{
public function __construct(
private readonly UserRepository $users,
private readonly UserAvatarManager $avatarManager
) {
$this->middleware('permission:users.manage');
}
public function update(User $user, UploadAvatarRawRequest $request): UserResource
{
$name = $this->avatarManager->uploadAndCropAvatar($request->file('file'));
$user = $this->users->update($user->id, ['avatar' => $name]);
event(new UpdatedByAdmin($user));
return new UserResource($user);
}
public function updateExternal(User $user, Request $request): UserResource
{
$this->validate($request, ['url' => 'required|url']);
$this->avatarManager->deleteAvatarIfUploaded($user);
$user = $this->users->update($user->id, ['avatar' => $request->url]);
event(new UpdatedByAdmin($user));
return new UserResource($user);
}
/**
* Remove user's avatar and set it to null.
*/
public function destroy(User $user): UserResource
{
$this->avatarManager->deleteAvatarIfUploaded($user);
$user = $this->users->update($user->id, ['avatar' => null]);
event(new UpdatedByAdmin($user));
return new UserResource($user);
}
}
app/Http/Controllers/Api/Users/SessionsController.php
+25
View File
@@ -0,0 +1,25 @@
<?php
namespace Vanguard\Http\Controllers\Api\Users;
use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
use Vanguard\Http\Controllers\Api\ApiController;
use Vanguard\Http\Resources\SessionResource;
use Vanguard\Repositories\Session\SessionRepository;
use Vanguard\User;
class SessionsController extends ApiController
{
public function __construct()
{
$this->middleware('permission:users.manage');
$this->middleware('session.database');
}
public function index(User $user, SessionRepository $sessions): AnonymousResourceCollection
{
return SessionResource::collection(
$sessions->getUserSessions($user->id)
);
}
}
app/Http/Controllers/Api/Users/TwoFactorController.php
+78
View File
@@ -0,0 +1,78 @@
<?php
namespace Vanguard\Http\Controllers\Api\Users;
use Illuminate\Http\JsonResponse;
use Illuminate\Validation\ValidationException;
use Laravel\Fortify\Actions\ConfirmTwoFactorAuthentication;
use Laravel\Fortify\Actions\EnableTwoFactorAuthentication;
use Vanguard\Events\User\TwoFactorDisabledByAdmin;
use Vanguard\Events\User\TwoFactorEnabledByAdmin;
use Vanguard\Http\Controllers\Api\ApiController;
use Vanguard\Http\Requests\TwoFactor\VerifyTwoFactorTokenRequest;
use Vanguard\Http\Resources\UserResource;
use Vanguard\User;
class TwoFactorController extends ApiController
{
public function __construct()
{
$this->middleware('permission:users.manage');
}
/**
* Enable 2FA for the specified user.
*/
public function update(User $user, EnableTwoFactorAuthentication $enable): JsonResponse
{
if ($user->twoFactorEnabled()) {
return $this->setStatusCode(422)
->respondWithError(trans('auth.2fa.already_enabled'));
}
$enable($user, false);
return $this->respondWithArray([
'message' => trans('auth.2fa.token_sent'),
'qrcode' => $user->twoFactorQrCodeSvg(),
]);
}
/**
* Verify provided 2FA token.
*/
public function verify(VerifyTwoFactorTokenRequest $request, User $user, ConfirmTwoFactorAuthentication $confirm): UserResource|JsonResponse
{
try {
$confirm($user, $request->input('code'));
} catch (ValidationException $e) {
return $this->setStatusCode(422)
->respondWithError(trans('auth.2fa.invalid_token'));
}
event(new TwoFactorEnabledByAdmin($user));
return new UserResource($user);
}
/**
* Disable 2FA for specified user.
*/
public function destroy(User $user): UserResource|JsonResponse
{
if (!$user->twoFactorEnabled()) {
return $this->setStatusCode(422)
->respondWithError(trans('auth.2fa.not_enabled'));
}
$user->forceFill([
'two_factor_secret' => null,
'two_factor_recovery_codes' => null,
'two_factor_confirmed_at' => null,
])->save();
event(new TwoFactorDisabledByAdmin($user));
return new UserResource($user);
}
}
app/Http/Controllers/Api/Users/UsersController.php
+111
View File
@@ -0,0 +1,111 @@
<?php
namespace Vanguard\Http\Controllers\Api\Users;
use Illuminate\Http\Request;
use Spatie\QueryBuilder\AllowedFilter;
use Spatie\QueryBuilder\QueryBuilder;
use Vanguard\Events\User\Banned;
use Vanguard\Events\User\Deleted;
use Vanguard\Events\User\UpdatedByAdmin;
use Vanguard\Http\Controllers\Api\ApiController;
use Vanguard\Http\Filters\UserKeywordSearch;
use Vanguard\Http\Requests\User\CreateUserRequest;
use Vanguard\Http\Requests\User\UpdateUserRequest;
use Vanguard\Http\Resources\UserResource;
use Vanguard\Repositories\User\UserRepository;
use Vanguard\Support\Enum\UserStatus;
use Vanguard\User;
class UsersController extends ApiController
{
public function __construct(private UserRepository $users)
{
$this->middleware('permission:users.manage');
}
/**
* Paginate all users.
*/
public function index(Request $request): \Illuminate\Http\Resources\Json\AnonymousResourceCollection
{
$users = QueryBuilder::for(User::class)
->allowedIncludes(UserResource::allowedIncludes())
->allowedFilters([
AllowedFilter::custom('search', new UserKeywordSearch),
AllowedFilter::exact('status'),
])
->allowedSorts(['id', 'first_name', 'last_name', 'email', 'created_at', 'updated_at'])
->defaultSort('id')
->paginate($request->per_page ?: 20);
return UserResource::collection($users);
}
public function store(CreateUserRequest $request): UserResource
{
$data = $request->only([
'email', 'password', 'username', 'first_name', 'last_name',
'phone', 'address', 'country_id', 'birthday', 'role_id',
]);
$data += [
'status' => UserStatus::ACTIVE,
'email_verified_at' => $request->verified ? now() : null,
];
$user = $this->users->create($data);
return new UserResource($user);
}
public function show($id): UserResource
{
$user = QueryBuilder::for(User::where('id', $id))
->allowedIncludes(UserResource::allowedIncludes())
->firstOrFail();
return new UserResource($user);
}
public function update(User $user, UpdateUserRequest $request): UserResource
{
$data = $request->only([
'email', 'password', 'username', 'first_name', 'last_name',
'phone', 'address', 'country_id', 'birthday', 'status', 'role_id',
]);
$user = $this->users->update($user->id, $data);
event(new UpdatedByAdmin($user));
// If user status was updated to "Banned",
// fire the appropriate event.
if ($this->userIsBanned($user, $request)) {
event(new Banned($user));
}
return new UserResource($user);
}
/**
* Check if user is banned during last update.
*/
private function userIsBanned(User $user, Request $request): bool
{
return $user->status != $request->status && $request->status == UserStatus::BANNED;
}
public function destroy(User $user): \Illuminate\Http\JsonResponse
{
if ($user->id == auth()->id()) {
return $this->errorForbidden(__('You cannot delete yourself.'));
}
event(new Deleted($user));
$this->users->delete($user->id);
return $this->respondWithSuccess();
}
}