UnknownSec Bypass
403
:
/
mnt
/
lmsestudio-instance-vol002
/
eagleead
/
app
/
Http
/
Controllers
/
Admin
/
Users
/ [
drwxr-xr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
AdminUsersController.php
<?php namespace EstudioLMS\Http\Controllers\Admin\Users; use EstudioLMS\Base\ResponseBuilder; use EstudioLMS\Events\CreatedUserByAdmin; use EstudioLMS\Exceptions\Handler; use EstudioLMS\Helpers\Helpers; use EstudioLMS\Http\Controllers\Controller; use EstudioLMS\Http\Requests\UserRequest; use EstudioLMS\Models\Auth\Role; use EstudioLMS\Repositories\Auth\UserRepository; use EstudioLMS\Repositories\Environment\HiredCourseRepository; use EstudioLMS\Repositories\Profile\ProfileAddressRepository; use EstudioLMS\Repositories\Student\CourseHistoryInterface; use EstudioLMS\Services\Environment\CourseService; use EstudioLMS\Services\Saas\SaasUtilService; use File; use Illuminate\Contracts\Auth\Guard; use Illuminate\Http\Request; use Illuminate\Support\Collection; use Illuminate\Translation\Translator; use mjanssen\BreadcrumbsBundle\Breadcrumbs; use Storage; /** * Class AdminUsersController * @package EstudioLMS\Http\Controllers\Admin\Users */ class AdminUsersController extends Controller { /** * @var Guard */ private $auth; /** * @var Translator */ private $translator; /** * @var Breadcrumbs */ private $breadCrumb; /** * @var ResponseBuilder */ private $responseBuilder; /** * @var UserRepository */ private $userRepo; /** * @var Helpers */ private $helper; /** * @var ProfileAddressRepository */ private $profileAddressRepository; /** * @var Role */ private $role; /** * @var SaasUtilService */ private $saasUtilService; /** * @var CourseHistoryInterface */ private $courseHistory; /** * @var CourseService */ private $courseService; /** * @var HiredCourseRepository */ private $hiredCourseRepository; /** * @param Translator $translator * @param Breadcrumbs $breadCrumb * @param Helpers $helper * @param ResponseBuilder $responseBuilder * @param UserRepository $userRepo * @param Guard $auth * @param ProfileAddressRepository $profileAddressRepository * @param Role $role * @param SaasUtilService $saasUtilService * @param CourseHistoryInterface $courseHistory * @param CourseService $courseService * @param HiredCourseRepository $hiredCourseRepository */ public function __construct( Translator $translator, Breadcrumbs $breadCrumb, Helpers $helper, ResponseBuilder $responseBuilder, UserRepository $userRepo, Guard $auth, ProfileAddressRepository $profileAddressRepository, Role $role, SaasUtilService $saasUtilService, CourseHistoryInterface $courseHistory, CourseService $courseService, HiredCourseRepository $hiredCourseRepository ) { $this->middleware('admins'); $this->auth = $auth; $this->translator = $translator; $this->breadCrumb = $breadCrumb; $this->responseBuilder = $responseBuilder; $this->userRepo = $userRepo; $this->helper = $helper; $this->profileAddressRepository = $profileAddressRepository; $this->role = $role; $this->saasUtilService = $saasUtilService; $this->courseHistory = $courseHistory; $this->courseService = $courseService; $this->hiredCourseRepository = $hiredCourseRepository; } /** * Display a listing of the resource. * * @return mixed */ public function index() { $this->breadCrumb->addBreadcrumb(trans('admin_user.breaddash'), route('admin.index')); $this->breadCrumb->addBreadcrumb(trans('admin_user.breadusers'), route('admin.users.index')); $bread = $this->breadCrumb->generate(); $env = 'usersmanager'; $title = trans('admin_user.titlePage'); return view('admin.users.listusers', compact('bread', 'env', 'title')); } /** * @return mixed */ public function apiList() { $result = $this->userRepo->listAllUsers(); return $result; } /** * Show the form for creating a new resource. * * @param $type * @return Mixed */ public function createUser($type) { $this->breadCrumb->addBreadcrumb(trans('admin_user.breaddash'), route('admin.index')); $this->breadCrumb->addBreadcrumb(trans('admin_user.breadusers'), route('admin.users.index')); $this->breadCrumb->addBreadcrumb(trans('admin_user.newuser'), route('admin.users.create.user', $type)); $bread = $this->breadCrumb->generate(); $env = 'usersmanager'; $view = ''; $title = trans('admin_user.titlePageNewUser'); $userTypes = Helpers::userTypes(); if ($type === 'A') : $roleId = $this->role->where('name', '=', 'admin')->first()->id; $view = 'admin.profile.admin_profile'; $customMessage = trans('admin_user.msgTypeA'); elseif ($type === 'S') : $roleId = $this->role->where('name', '=', 'student')->first()->id; $view = 'admin.users.student_profile'; $customMessage = trans('admin_user.msgTypeS'); elseif ($type === 'T') : $roleId = $this->role->where('name', '=', 'teacher')->first()->id; $view = 'admin.users.teacher_profile'; $customMessage = trans('admin_user.msgTypeT'); else : abort(404); endif; $ufArr = Helpers::UFlist(); return view($view, compact('data'), compact('bread', 'env', 'type', 'roleId', 'customMessage', 'title', 'ufArr', 'userTypes')); } /** * Store a newly created resource in storage. * * @param UserRequest $request * @return mixed */ public function store(UserRequest $request) { $env = 'usersmanager'; $data = $request->all(); $readablePwd = ''; if (!empty($data['password'])) { $readablePwd = $data['password']; $data['password'] = bcrypt($data['password']); } $downloadPicture = false; $fileName = ''; if ($request->hasFile('picture')) { if ($request->file('picture')->isValid()) { $destinationPath = public_path() . '/profiles/pictures/'; $fileName = uniqid(str_random(20)); $fileName = $fileName . '.' . $request->file('picture')->getClientOriginalExtension(); $request->file('picture')->move($destinationPath, $fileName); $downloadPicture = true; } } if ($downloadPicture) { $data['picture'] = $fileName; } $downloadSignature = false; $fileNameSig = ''; if ($request->hasFile('signature')) { if ($request->file('signature')->isValid()) { $destinationPath = public_path() . '/profiles/pictures/'; $fileNameSig = uniqid(str_random(20)); $fileNameSig = $fileNameSig . '.' . $request->file('signature')->getClientOriginalExtension(); $request->file('signature')->move($destinationPath, $fileNameSig); $downloadSignature = true; } } if ($downloadSignature) { $data['signature'] = $fileNameSig; } $checkSoftDelete = $this->userRepo->withTrashed()->findWhere([['email', '=', $data['email']]])->first(); if ($checkSoftDelete) { $user = $this->userRepo->restore($checkSoftDelete['id']); $success = trans('admin_user.msgUserRe'); $message = trans('admin_user.msgUserReMe'); } else { try { $created = $this->userRepo->create($data); $created->attachRole($data['role']); if ($role = '3' || $role = '2') { $data['address']['user_id'] = $created['id']; $data['address']['type'] = 1; $this->profileAddressRepository->updateOrCreate(['user_id' => $created['id']], $data['address']); } $success = trans('admin_user.msgSuccess'); $message = trans('admin_user.msgSuccessMsg'); $sent = \Event::fire(new CreatedUserByAdmin($created, $readablePwd)); } catch (\Exception $e) { app(Handler::class)->report($e); $fail = trans('admin_user.msgFail'); $message = trans('admin_user.msgErro') . $e->getMessage() . trans('admin_user.msgErro2'); } } return redirect(route('admin.users.index')) ->with(compact('env', 'fail', 'success', 'message')); } /** * Display the specified resource. * * @param int $id * @return mixed */ public function show($id) { $data = $this->userRepo ->with(['address', 'groupParticipant', 'groupAdmin']) ->find($id); $this->breadCrumb->addBreadcrumb(trans('admin_user.breaddash'), route('admin.index')); $this->breadCrumb->addBreadcrumb(trans('admin_user.breadusers'), route('admin.users.index')); $env = 'usersmanager'; $userACL = $data->roles[0]->name; $roleId = $data->roles[0]->id; $title = trans('admin_user.titlePageEditUser'); $userTypes = Helpers::userTypes(); if ($userACL === 'student') { $type = 'S'; $view = 'admin.users.student_profile'; $this->breadCrumb->addBreadcrumb(trans('admin_user.aclUserS'), route('admin.users.show', $data['id'])); } elseif ($userACL === 'teacher') { $type = 'T'; $view = 'admin.users.teacher_profile'; $this->breadCrumb->addBreadcrumb(trans('admin_user.aclUserT'), route('admin.users.show', $data['id'])); } elseif ($userACL === 'admin' || $userACL === 'owner' || $userACL === 'superadmin') { $userTypes = Helpers::userTypes(true); $type = 'A'; $view = 'admin.users.admin_profile'; $this->breadCrumb->addBreadcrumb(trans('admin_user.aclUserA'), route('admin.users.show', $data['id'])); } else { $type = null; $view = null; abort(404); } $bread = $this->breadCrumb->generate(); $customMessage = trans('admin_user.customMsg'); $ufArr = Helpers::UFlist(); return $this->responseBuilder->render($view, compact('data'), compact('bread', 'env', 'type', 'roleId', 'customMessage', 'title', 'ufArr', 'userTypes')); } /** * Update the specified resource in storage. * * @param int $id * @param UserRequest $request * @return mixed */ public function update($id, UserRequest $request) { $data = $request->all(); if (!empty($data['password'])) { $data['password'] = bcrypt($data['password']); } else { unset($data['password']); } if ($request->hasFile('picture')) { $data['picture'] = uniqid(str_random(20)) . '.' . $request->file('picture')->getClientOriginalExtension(); } else { unset($data['picture']); } if ($request->hasFile('signature')) { $data['signature'] = uniqid(str_random(20)) . '.' . $request->file('signature')->getClientOriginalExtension(); } else { unset($data['signature']); } try { $profile = $this->userRepo->find($id); $profile->fill($data); $data['address']['user_id'] = $profile['id']; $data['address']['type'] = 1; $profile_addr = $this->profileAddressRepository->findWhere([ [ 'user_id', '=', $profile['id'] ], [ 'type', '=', 1 ] ])->first(); if (!$profile_addr) { $data['address']['user_id'] = $profile['id']; $data['address']['type'] = 1; $this->profileAddressRepository->updateOrCreate(['user_id' => $profile['id']], $data['address']); $logAddr = null; } else { $profile_addr->fill($data['address']); $profile_addr->save(); } $profile->save(); $profile->roles()->sync([$data['role']]); $success = trans('admin_user.msgSuccess'); $message = trans('admin_user.msgSuccessMsg'); if ($request->hasFile('picture')) { if ($request->file('picture')->isValid()) { Storage::disk('profile')->put($data['picture'], File::get($request->file('picture'))); } } if ($request->hasFile('signature')) { if ($request->file('signature')->isValid()) { Storage::disk('profile')->put($data['signature'], File::get($request->file('signature'))); } } } catch (\Exception $e) { app(Handler::class)->report($e); $fail = trans('admin_user.msgFail'); $message = trans('admin_user.msgErro') . $e->getMessage() . trans('admin_user.msgErro2'); } $env = 'usersmanager'; return redirect(route('admin.users.index'))->with(compact('env', 'fail', 'success', 'message')); } /** * @param Request $request * @return array */ public function updateStatus(Request $request) { $data = $request->all(); $status = $data['status'] == 0 ? 1 : 0; $user = $this->userRepo->find($data['id']); $user['status'] = $status; $user->save(); $success = trans('admin_user.msgSuccess'); $message = trans('admin_user.msgSuccessStatusMsg'); $ret = ['success' => $success, 'message' => $message, 'status' => $status]; return $ret; } /** * @param Request $request * @return array */ public function destroyUser(Request $request) { $data = $request->all(); $myCourses = $this->hiredCourseRepository->hiredCourses($data['id']); if (count($myCourses) <= 0) { $delUser = $this->userRepo->find($data['id']); $delUser->delete(); $success = trans('admin_user.msgSuccess'); $message = trans('admin_user.msgDestroySuccess'); $ret = ['success' => $success, 'message' => $message]; } else { $success = false; $message = trans('admin_user.msgDestroySuccessElse'); $message .= '<br><ul>'; foreach ($myCourses as $myCourse) { $message .= '<li>' . mb_strimwidth($myCourse->course->name, 0, 50, "..."); $message .= trans('admin_user.msgDestroySuccessForeach') . $myCourse->end . '</li>'; } $message .= '</ul>'; $ret = ['success' => $success, 'message' => $message]; } return $ret; } /** * @param $id * @param UserRequest $request * @return \Illuminate\Http\RedirectResponse */ public function updateAdmin($id, UserRequest $request) { $data = $request->all(); $newPwd = ''; $notPermited = false; if (!empty($data['password'])) { /* * Caso o usuário sendo alterado seja o super-admin ou um admin, sómente o proprio pode mudar sua senha. */ if($data['role'] == 5 || $data['role'] == 1) { if($data['id'] == $this->auth->user()->id) { $newPwd = $data['password']; $data['password'] = bcrypt($data['password']); } else { $notPermited = true; unset($data['password']); } } else { $newPwd = $data['password']; $data['password'] = bcrypt($data['password']); } } else { unset($data['password']); } if ($request->hasFile('picture')) { $data['picture'] = uniqid(str_random(20)) . '.' . $request->file('picture')->getClientOriginalExtension(); } else { unset($data['picture']); } if ($request->hasFile('signature')) { $data['signature'] = uniqid(str_random(20)) . '.' . $request->file('signature')->getClientOriginalExtension(); } else { unset($data['signature']); } try { $profile = $this->userRepo->find($id); /* * Se o usuário sendo alterado for o super-admin, qualquer alteração de e-mail e/ou nível de permissão * são removidos da alteração. */ if ($data['role'] == 5) { if($data['email'] !== $profile->email || $data['role'] !== $profile->roles[0]['id']) { $notPermited = true; } $data['email'] = $profile->email; $data['role'] = 5; } $profile->fill($data); $profile->save(); $message = trans('admin_user.msgSuccessMsg'); if($notPermited) { $message .= '- O e-mail do super-admin não pode ser alterado.'; $message .= '- Somente o prórpio super-admin ou admins podem mudar suas senhas.'; } $success = trans('admin_user.msgSuccess'); if (!empty($newPwd) && $data['role'] == 5) { $data['password'] = $newPwd; $this->saasUtilService->changeCPanelPWD($data); $this->saasUtilService->changePanelCustomerPWD($data); } if ($request->hasFile('picture')) { if ($request->file('picture')->isValid()) { Storage::disk('profile')->put($data['picture'], File::get($request->file('picture'))); } } if ($request->hasFile('signature')) { if ($request->file('signature')->isValid()) { Storage::disk('profile')->put($data['signature'], File::get($request->file('signature'))); } } $profile->save(); $profile->roles()->sync([$data['role']]); } catch (\Exception $e) { app(Handler::class)->report($e); $fail = trans('admin_user.msgFail'); $message = trans('admin_user.msgErro') . $e->getMessage() . trans('admin_user.msgErro2'); } $env = 'environment'; return redirect()->route('admin.users.index', $this->auth->user()['id']) ->with(compact('env', 'fail', 'success', 'message')); } /** * @param Request $request * @return array */ public function restoreUser(Request $request) { $data = $request->all(); $user = $this->userRepo->withTrashed()->find($data['id']); $user->deleted_at = null; $user->save(); $success = trans('admin_user.msgSuccess'); $message = trans('admin_user.msgSuccessMsg'); $ret = ['success' => $success, 'message' => $message]; return $ret; } /** * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector * @throws \League\Csv\CannotInsertRecord */ public function exportCSV() { $data = $this->userRepo->with(['address'])->all(); $data = $data->toArray(); if (File::exists('users.csv')) { File::delete('users.csv'); } $csv = \League\Csv\Writer::createFromFileObject(new \SplFileObject('users.csv', 'w')); $headers = ['cadastro', 'nome', 'e-mail', 'telefone']; $csv->insertOne($headers); foreach ($data as $line) { $csv->insertOne([ date('d/m/Y', strtotime($line['created_at'])), $line['name'], $line['email'], isset($line['address']['phone']) ? $line['address']['phone'] : null ]); } $file = 'users.csv'; return response()->download($file, 'users.csv'); } /** * @return mixed */ public function allStudentsWithAvailableCertificate() { $this->breadCrumb->addBreadcrumb(trans('admin_user.breaddash'), route('admin.index')); $this->breadCrumb->addBreadcrumb(trans('admin_user.breadUserCertificate'), route('admin.users.index')); $bread = $this->breadCrumb->generate(); $users = $this->courseHistory->allUsersWithAvailableCertificates(); $certificates = new Collection(); foreach ($users as $user) { $temp = [ 'user_id' => $user->user_id, 'user_name' => $user->customer['name'], 'user_email' => $user->customer['email'] ]; $certs = $this->courseHistory->availableCertificates($user->user_id); $availableCerts = new Collection(); foreach ($certs as $cert) { $wasApproved = $this->courseService->wasApprovedInTheCourse($user->user_id, $cert->course->id); if ($wasApproved['approved'] == 1 || $wasApproved['approved'] == 0) { $availableCerts->push([ 'course_name' => $cert->course->name, 'link' => route('issue.certificate', [$user->user_id, $cert->course->id]), 'main_image' => $cert->course->main_image ]); } } $temp['certificates'] = $availableCerts; $certificates->push($temp); } $certificates = Helpers::paginate($certificates, 3, request('page')); $env = 'reports'; $title = trans('admin_user.titleStudentCertificate'); return view('admin.users.list_certificates', compact('certificates', 'bread', 'env', 'title')); } }
Copyright © 2026 - UnknownSec