mirror of
https://github.com/flarum/core.git
synced 2025-10-15 17:04:26 +02:00
Implement edit user modal
EditUserHandler is a bit rough
This commit is contained in:
Toby Zerner
@@ -3,7 +3,9 @@
|
||||
use Flarum\Core\Users\User;
|
||||
use Flarum\Core\Users\UserRepository;
|
||||
use Flarum\Events\UserWillBeSaved;
|
||||
use Flarum\Events\UserGroupsWereChanged;
|
||||
use Flarum\Core\Support\DispatchesEvents;
|
||||
use Flarum\Core\Exceptions\PermissionDeniedException;
|
||||
|
||||
class EditUserHandler
|
||||
{
|
||||
@@ -33,38 +35,68 @@ class EditUserHandler
|
||||
$data = $command->data;
|
||||
|
||||
$user = $this->users->findOrFail($command->userId, $actor);
|
||||
|
||||
$user->assertCan($actor, 'edit');
|
||||
$isSelf = $actor->id === $user->id;
|
||||
|
||||
$attributes = array_get($data, 'attributes', []);
|
||||
$relationships = array_get($data, 'relationships', []);
|
||||
|
||||
if (isset($attributes['username'])) {
|
||||
$user->assertCan($actor, 'rename');
|
||||
$user->assertCan($actor, 'edit');
|
||||
$user->rename($attributes['username']);
|
||||
}
|
||||
|
||||
if (isset($attributes['email'])) {
|
||||
$user->requestEmailChange($attributes['email']);
|
||||
if ($isSelf) {
|
||||
$user->requestEmailChange($attributes['email']);
|
||||
} else {
|
||||
$user->assertCan($actor, 'edit');
|
||||
$user->changeEmail($attributes['email']);
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($attributes['password'])) {
|
||||
$user->assertCan($actor, 'edit');
|
||||
$user->changePassword($attributes['password']);
|
||||
}
|
||||
|
||||
if (isset($attributes['bio'])) {
|
||||
if (! $isSelf) {
|
||||
$user->assertCan($actor, 'edit');
|
||||
}
|
||||
|
||||
$user->changeBio($attributes['bio']);
|
||||
}
|
||||
|
||||
if (! empty($attributes['readTime'])) {
|
||||
$this->assert($isSelf);
|
||||
$user->markAllAsRead();
|
||||
}
|
||||
|
||||
if (! empty($attributes['preferences'])) {
|
||||
$this->assert($isSelf);
|
||||
|
||||
foreach ($attributes['preferences'] as $k => $v) {
|
||||
$user->setPreference($k, $v);
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($relationships['groups']['data']) && is_array($relationships['groups']['data'])) {
|
||||
$user->assertCan($actor, 'edit');
|
||||
|
||||
$newGroupIds = [];
|
||||
foreach ($relationships['groups']['data'] as $group) {
|
||||
if ($id = array_get($group, 'id')) {
|
||||
$newGroupIds[] = $id;
|
||||
}
|
||||
}
|
||||
|
||||
$user->raise(new UserGroupsWereChanged($user, $user->groups()->get()->all()));
|
||||
|
||||
User::saved(function ($user) use ($newGroupIds) {
|
||||
$user->groups()->sync($newGroupIds);
|
||||
});
|
||||
}
|
||||
|
||||
event(new UserWillBeSaved($user, $actor, $data));
|
||||
|
||||
$user->save();
|
||||
@@ -72,4 +104,11 @@ class EditUserHandler
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
protected function assert($true)
|
||||
{
|
||||
if (! $true) {
|
||||
throw new PermissionDeniedException;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -29,11 +29,6 @@ class UsersServiceProvider extends ServiceProvider
|
||||
|
||||
$events->listen(ModelAllow::class, function (ModelAllow $event) {
|
||||
if ($event->model instanceof User) {
|
||||
if ($event->action === 'edit' &&
|
||||
$event->model->id == $event->actor->id) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ($event->actor->hasPermission('user.'.$event->action)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user