OwlCyberSecurity - MANAGER

Edit File: UserController.php

<?php

namespace App\Http\Controllers;

use App\Http\Requests\AddUserRequest;
use App\Http\Requests\UpdateUserRequest;
use App\Models\User;
use App\Models\Role;
use App\Models\RolePermission;
use DateTime;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Throwable;

class UserController extends Controller
{
    // Returns index view
    public function index(){
        return view('users.index' , ['title' => 'Users Listing']);
    }

// Returns users listing
    public function users_listing(Request $request){
        // Get required data
        $draw = $request->get('draw');
        $start = $request->get('start');
        $length = $request->get('length');
        $orderArray = $request->get('order');
        $orderBy = $orderArray[0]['column'];
        $orderDir = $orderArray[0]['dir'];
        $searchArray = $request->get('search');
        $searchValue = $searchArray['value'];

// preparing select query
        $q = User::selectRaw('
            users.id,
            users.name,
            users.last_name,
            users.email,
            users.status,
            users.role_id,
            IF(roles.name IS NULL , "N/A" , roles.name) as role_name,
            users.created_at,
            CONCAT_WS(" " , users.name , users.last_name) as name_formated,
            IF(users.status = 0 , "Active" , "Inactive") as status_formated,
            DATE_FORMAT(users.created_at , "%d/%m/%Y") as created_at_formated
        ')->leftjoin('roles' , 'roles.id' , 'users.role_id');
        $totalUser = $q->count();

// search functionality
        if(isset($searchValue) && !empty($searchValue)){
            $formated_search = preg_replace('/[^\sA-Za-z0-9@.\/\-]/', '', strtolower($searchValue));
            $q->whereRaw('(
                users.email LIKE "%'.$formated_search.'%"
                OR users.name LIKE "%'.$formated_search.'%"
                OR users.last_name LIKE "%'.$formated_search.'%"
                OR IF(users.status = 0 , "Active" , "Inactive") LIKE "%'.$formated_search.'%"
                OR CONCAT_WS(" " , users.name , users.last_name) LIKE "%'.$formated_search.'%"
                OR DATE_FORMAT(users.created_at , "%d/%m/%Y") LIKE "%'.$formated_search.'%"
                OR roles.name LIKE "%'.$formated_search.'%"
                OR IF(roles.name IS NULL , "N/A" , roles.name) LIKE "%'.$formated_search.'%"
            )');
        }

// column ordering
        if(isset($orderBy) && isset($orderDir)){
            $columns = [
                1 => 'name_formated',
                2 => 'users.email',
                3 => 'role_name',
                4 => 'status_formated',
                5 => 'created_at_formated',
            ];
            if(array_key_exists($orderBy , $columns)){
                $q->orderBy($columns[$orderBy] , $orderDir);
            }
        }

// filtered cound
        $filteredUsers = $q->count();
        // requested data size
        $records = $q->skip($start)->take($length)->get();

// formating data
        $usersData = [];
        foreach($records as $r){
            $usersData[] = [
                'checkbox' => '<input type="checkbox" name="userCheckbox'.$r->id.'" id="userCheckbox'.$r->id.'" class="usersCheckboxes" value="'.$r->id.'">',
                'name' => $r->name_formated,
                'email' => $r->email,
                'role' => $r->role_name,
                'status' => $r->status_formated,
                'created_at' => $r->created_at_formated,
                'action' => '<a href="'.route('get_users_edit.edit_users' , ['id' => $r->id]).'"><button class="custom-blue-btn w-100">Edit</button></a>',
            ];
        }

// returning response
        return response()->json([
            "draw" => intval($draw),
            "iTotalRecords" => $totalUser,
            "iTotalDisplayRecords" => $filteredUsers,
            "aaData" => $usersData
        ] ,200);
        
    }

// Returns add view
    public function add(){
        // all roles
        $role = Role::all();
        return view('users.add' , ['title' => 'Add User' , 'role' => $role]);
    }

// add new user
    public function store(AddUserRequest $request){
        try{
            // creating user object
            $user = new User();
            $user->name = $request->get('firstName');
            $user->last_name = $request->get('lastName');
            $user->email = $request->get('email');
            $user->password = $request->get('password');
            // assigning role
            $dbRole = Role::where('id' , $request->get('role'))->first();
            if(isset($dbRole) && !empty($dbRole)){
                $user->assignRole($dbRole->name);
                $user->role_id = $dbRole->id;
            }
            $user->status = $request->get('status');
            $user->created_at = new \DateTime();
            $user->updated_at = null;
            $user->save();
            // user created
            return redirect('admin/users')->with('success' , 'User created.');
        } catch (Throwable $th){
            return redirect('admin/users')->with('message' , $th->getMessage());
        }
    }
    
    // Returns edit view
    public function edit($id){
        // requested user data with all roles
        if($id > 0){
            $user = User::where('id' , $id)->first();
            if(!empty($user)){
                $roles = Role::all();
                $permissions = RolePermission::all();
                return view('users.edit' , ['user' => $user , 'role' => $roles , 'permissions' => $permissions , 'title' => 'Edit User']);
            }
        }
        return redirect('login');
    }

// Update user
    public function update(UpdateUserRequest $request , $id){
        try {
            if($id > 0){
                // getting user
                $user = User::where('id' , $id)->first();
                if(!empty($user)){
                    // assigning changes
                    $user->name = $request->get('firstName');
                    $user->last_name = $request->get('lastName');
                    $user->email = $request->get('email');
                    if(!empty($request->get('password'))){
                        $user->password = $request->get('password');
                    }
                    // assigning or syncing role
                    $dbRole = Role::where('id' , $request->get('role'))->first();
                    if(isset($dbRole) && !empty($dbRole)){
                        if(empty($user->getRoleNames()->toArray())){
                            $user->assignRole($dbRole->name);
                            $user->role_id = $dbRole->id;
                        }
                        elseif(!$user->hasRole($dbRole->name)){
                            $user->syncRoles($dbRole->name);
                            $user->role_id = $dbRole->id;
                        }
                    }
                    $user->status = $request->get('status');
                    $user->updated_at = new \DateTime();
                    $user->update();
                    // user updated
                    return redirect()->back()->with('success' , 'User updated.');
                }
                return redirect()->back()->with('message' , 'User not found.');
            }
        } catch (Throwable $th) {
            return redirect()->back()->with('message' , $th->getMessage());
        }
    }

// Assign admin role to user
    // this is for test environment only do not use this in production
    public function rights($roleName , $id){
        if(isset($roleName) && isset($id)){
            // getting user and role
            $user = User::where('id' , $id)->first();
            $role = Role::where('name' , $roleName)->first();
            // assigning or syncing role
            if(isset($user) && !empty($user) && isset($role) && !empty($role)){
                if($user->hasRole($roleName)){
                    $user->role_id = $role->id;
                    $user->syncRoles($roleName);
                }
                else{
                    $user->role_id = $role->id;
                    $user->assignRole($roleName);
                }
                $user->update();
                // user updated
            }
            return redirect('login');
        }
        return redirect('login');
    }

// delete selected user ajax function
    public function delete(Request $request){
        DB::beginTransaction();
        try {
            $ids = is_array($request->get('ids')) ? $request->get('ids') : [];
            if(count($ids)){
                User::whereIn('id' , $ids)->delete();
                DB::commit();
                return response()->json(['success' => true , 'message' => 'User'.(count($ids) > 1 ? "s" : "").' deleted successfully.'] , 200);
            }
            return response()->json(['message' => 'No user selected'] , 422);
        } catch (Throwable $th){
            DB::rollBack();
            return response()->json(['message' => $th->getMessage()] , 422);
        }
    }
}