hasAnyRole(['Super Admin', 'Admin'])) { User::where('organization_id', Auth::user()->organization_id); } if($request->get('email')) { $result = User::where('email', $request->get('email'))->addSelect(['organization_name' => Organization::select('name')->whereColumn('organization_id', 'organizations.id')])->paginate(); } else { $result = User::addSelect(['organization_name' => Organization::select('name')->whereColumn('organization_id', 'organizations.id')])->latest()->paginate(); } return view('user.index', compact('result')); } /** * Show the form for creating a new resource. * * @return \Illuminate\Http\Response */ public function create() { $roles = Role::whereNot('name', 'Super Admin')->pluck('name', 'id'); if(Auth::user()->hasAnyRole(['Super Admin', 'Admin'])) { $organizations = Organization::latest()->pluck('name', 'id'); } else { $organizations = Organization::where('id', Auth::user()->organization_id)->pluck('name', 'id'); } return view('user.new', compact('roles', 'organizations')); } /** * Store a newly created resource in storage. * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\Response */ public function store(Request $request) { $this->validate($request, [ 'name' => 'bail|required|min:2', 'email' => 'required|email|unique:users', 'password' => 'required|min:6', 'roles' => 'required|min:1', 'organization_id' => 'required', ]); if(!Auth::user()->hasAnyRole(['Super Admin', 'Admin'])) { $request->merge(['organization_id' => Auth::user()->organization_id]); } // hash password $request->merge(['password' => bcrypt($request->get('password'))]); // Create the user if ( $user = User::create($request->except('roles', 'permissions')) ) { $this->syncPermissions($request, $user); flash('User has been created.'); } else { flash()->error('Unable to create user.'); } return redirect()->route('users.index'); } /** * Display the specified resource. * * @param int $id * @return \Illuminate\Http\Response */ public function show($id) { // } /** * Show the form for editing the specified resource. * * @param int $id * @return \Illuminate\Http\Response */ public function edit($id) { $user = User::find($id); $roles = Role::whereNot('name', 'Super Admin')->pluck('name', 'id'); // $permissions = Permission::all('name', 'id'); $permissions = Permission::all(); if(Auth::user()->hasAnyRole(['Super Admin', 'Admin'])) { $organizations = Organization::latest()->pluck('name', 'id'); } else { $organizations = Organization::where('id', Auth::user()->organization_id)->pluck('name', 'id'); } return view('user.edit', compact('user', 'roles', 'permissions', 'organizations')); } /** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @param int $id * @return \Illuminate\Http\Response */ public function update(Request $request, $id) { $this->validate($request, [ 'name' => 'bail|required|min:2', 'email' => 'required|email|unique:users,email,' . $id, 'roles' => 'required|min:1', 'organization_id' => 'required', ]); // Get the user $user = User::findOrFail($id); if(!Auth::user()->hasAnyRole(['Super Admin', 'Admin']) && Auth::user()->organization_id != $user->organization_id) { flash()->warning('Update of other organization is not allowed :(')->important(); return redirect()->back(); } // Update user $user->fill($request->except('roles', 'permissions', 'password')); // check for password change if($request->get('password')) { $user->password = bcrypt($request->get('password')); } $user->organization_id = $request->organization_id; // Handle the user roles $this->syncPermissions($request, $user); $user->save(); flash()->success('User has been updated.'); return redirect()->route('users.index'); } /** * Remove the specified resource from storage. * * @param int $id * @return \Illuminate\Http\Response * @internal param Request $request */ public function destroy($id) { $user = User::findOrFail($id); if(!Auth::user()->hasAnyRole(['Super Admin', 'Admin']) && Auth::user()->organization_id != $user->organization_id) { flash()->warning('Deletion of other organization is not allowed :(')->important(); return redirect()->back(); } if ( Auth::user()->id == $id ) { flash()->warning('Deletion of currently logged in user is not allowed :(')->important(); return redirect()->back(); } if( $user->delete() ) { flash()->success('User has been deleted'); } else { flash()->success('User not deleted'); } return redirect()->back(); } /** * Sync roles and permissions * * @param Request $request * @param $user * @return string */ private function syncPermissions(Request $request, $user) { // Get the submitted roles $roles = $request->get('roles', []); $permissions = $request->get('permissions', []); // Get the roles $roles = Role::find($roles); // check for current role changes // if( ! $user->hasAllRoles( $roles ) ) { // // reset all direct permissions for user // $user->permissions()->sync([]); // } else { // // handle permissions // $user->syncPermissions($permissions); // } $user->syncRoles($roles); return $user; } }