- satisfying styleci

- cleared the merge conflict in the phpdoc
- changed some string class names to use ::class

src/User/AvatarUploader.php

@@ -0,0 +1,59 @@
+<?php
+
+/*
+ * This file is part of Flarum.
+ *
+ * (c) Toby Zerner <toby.zerner@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Flarum\User;
+
+use Illuminate\Support\Str;
+use Intervention\Image\Image;
+use League\Flysystem\FilesystemInterface;
+
+class AvatarUploader
+{
+    protected $uploadDir;
+
+    public function __construct(FilesystemInterface $uploadDir)
+    {
+        $this->uploadDir = $uploadDir;
+    }
+
+    /**
+     * @param User $user
+     * @param Image $image
+     */
+    public function upload(User $user, Image $image)
+    {
+        if (extension_loaded('exif')) {
+            $image->orientate();
+        }
+
+        $encodedImage = $image->fit(100, 100)->encode('png');
+
+        $avatarPath = Str::random().'.png';
+
+        $this->remove($user);
+        $user->changeAvatarPath($avatarPath);
+
+        $this->uploadDir->put($avatarPath, $encodedImage);
+    }
+
+    public function remove(User $user)
+    {
+        $avatarPath = $user->avatar_path;
+
+        $user->afterSave(function () use ($avatarPath) {
+            if ($this->uploadDir->has($avatarPath)) {
+                $this->uploadDir->delete($avatarPath);
+            }
+        });
+
+        $user->changeAvatarPath(null);
+    }
+}

src/User/Command/DeleteAvatarHandler.php

@@ -13,9 +13,9 @@ namespace Flarum\User\Command;
 
 use Flarum\Foundation\DispatchEventsTrait;
 use Flarum\User\AssertPermissionTrait;
+use Flarum\User\AvatarUploader;
 use Flarum\User\Event\AvatarDeleting;
 use Flarum\User\UserRepository;
-use Flarum\Core\AvatarUploader;
 use Flarum\Event\AvatarWillBeDeleted;
 use Illuminate\Contracts\Events\Dispatcher;
 

src/User/Command/EditUserHandler.php

@@ -12,7 +12,7 @@
 namespace Flarum\User\Command;
 
 use Exception;
-use Flarum\Core\AvatarUploader;
+use Flarum\User\AvatarUploader;
 use Flarum\Foundation\DispatchEventsTrait;
 use Flarum\User\AssertPermissionTrait;
 use Flarum\User\Event\GroupsChanged;

src/User/Command/RegisterUserHandler.php

@@ -12,7 +12,7 @@
 namespace Flarum\User\Command;
 
 use Exception;
-use Flarum\Core\AvatarUploader;
+use Flarum\User\AvatarUploader;
 use Flarum\Foundation\DispatchEventsTrait;
 use Flarum\Settings\SettingsRepositoryInterface;
 use Flarum\User\AssertPermissionTrait;

src/User/Command/UploadAvatarHandler.php

@@ -11,11 +11,10 @@
 
 namespace Flarum\User\Command;
 
-use Exception;
-use Flarum\Core\AvatarUploader;
 use Flarum\Foundation\Application;
 use Flarum\Foundation\DispatchEventsTrait;
 use Flarum\User\AssertPermissionTrait;
+use Flarum\User\AvatarUploader;
 use Flarum\User\AvatarValidator;
 use Flarum\User\Event\AvatarSaving;
 use Flarum\User\UserRepository;

src/User/Listener/SelfDemotionGuard.php

@@ -0,0 +1,67 @@
+<?php
+
+/*
+ * This file is part of Flarum.
+ *
+ * (c) Toby Zerner <toby.zerner@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Flarum\User\Listener;
+
+use Flarum\User\Exception\PermissionDeniedException;
+use Flarum\Group\Group;
+use Flarum\User\Event\Saving;
+use Illuminate\Contracts\Events\Dispatcher;
+
+class SelfDemotionGuard
+{
+    /**
+     * @param Dispatcher $events
+     */
+    public function subscribe(Dispatcher $events)
+    {
+        $events->listen(Saving::class, [$this, 'whenUserWillBeSaved']);
+    }
+
+    /**
+     * Prevent an admin from removing their admin permission via the API.
+     * @param Saving $event
+     * @throws PermissionDeniedException
+     */
+    public function whenUserWillBeSaved(Saving $event)
+    {
+        // Non-admin users pose no problem
+        if (! $event->actor->isAdmin()) {
+            return;
+        }
+
+        // Only admins can demote users, which means demoting other users is
+        // fine, because we still have at least one admin (the actor) left
+        if ($event->actor->id !== $event->user->id) {
+            return;
+        }
+
+        $groups = array_get($event->data, 'relationships.groups.data');
+
+        // If there is no group data (not even an empty array), this means
+        // groups were not changed (and thus not removed) - we're fine!
+        if (! isset($groups)) {
+            return;
+        }
+
+        $adminGroups = array_filter($groups, function ($group) {
+            return $group['id'] == Group::ADMINISTRATOR_ID;
+        });
+
+        // As long as the user is still part of the admin group, all is good
+        if ($adminGroups) {
+            return;
+        }
+
+        // If we get to this point, we have to prohibit the edit
+        throw new PermissionDeniedException;
+    }
+}

src/User/User.php

@@ -18,14 +18,6 @@ use Flarum\Event\ConfigureUserPreferences;
 use Flarum\Event\GetDisplayName;
 use Flarum\Event\PostWasDeleted;
 use Flarum\Event\PrepareUserGroups;
-use Flarum\Event\UserAvatarWasChanged;
-use Flarum\Event\UserEmailChangeWasRequested;
-use Flarum\Event\UserEmailWasChanged;
-use Flarum\Event\UserPasswordWasChanged;
-use Flarum\Event\UserWasActivated;
-use Flarum\Event\UserWasDeleted;
-use Flarum\Event\UserWasRegistered;
-use Flarum\Event\UserWasRenamed;
 use Flarum\Foundation\Application;
 use Flarum\Foundation\EventGeneratorTrait;
 use Flarum\Group\Group;

src/User/UserServiceProvider.php

@@ -30,7 +30,7 @@ class UserServiceProvider extends AbstractServiceProvider
         });
 
         $this->app->alias('flarum.gate', 'Illuminate\Contracts\Auth\Access\Gate');
-        $this->app->alias('flarum.gate', 'Flarum\User\Gate');
+        $this->app->alias('flarum.gate', Gate::class);
 
         $this->registerAvatarsFilesystem();
     }
@@ -45,11 +45,11 @@ class UserServiceProvider extends AbstractServiceProvider
             ->needs('League\Flysystem\FilesystemInterface')
             ->give($avatarsFilesystem);
 
-        $this->app->when('Flarum\User\Command\DeleteAvatarHandler')
+        $this->app->when(Command\DeleteAvatarHandler::class)
             ->needs('League\Flysystem\FilesystemInterface')
             ->give($avatarsFilesystem);
 
-        $this->app->when('Flarum\User\Command\RegisterUserHandler')
+        $this->app->when(Command\RegisterUserHandler::class)
             ->needs('League\Flysystem\FilesystemInterface')
             ->give($avatarsFilesystem);
     }
@@ -86,10 +86,10 @@ class UserServiceProvider extends AbstractServiceProvider
 
         $events = $this->app->make('events');
 
-        $events->subscribe('Flarum\Core\Listener\SelfDemotionGuard');
-        $events->subscribe('Flarum\User\EmailConfirmationMailer');
-        $events->subscribe('Flarum\User\UserMetadataUpdater');
-        $events->subscribe('Flarum\User\UserPolicy');
+        $events->subscribe(Listener\SelfDemotionGuard::class);
+        $events->subscribe(EmailConfirmationMailer::class);
+        $events->subscribe(UserMetadataUpdater::class);
+        $events->subscribe(UserPolicy::class);
 
         $events->listen(ConfigureUserPreferences::class, [$this, 'configureUserPreferences']);
     }