diff --git a/app/Http/Controllers/Admin/HomeController.php b/app/Http/Controllers/Admin/HomeController.php new file mode 100644 index 0000000000..81a75f086b --- /dev/null +++ b/app/Http/Controllers/Admin/HomeController.php @@ -0,0 +1,33 @@ +all(); + + // not deleted users: + $users = $all->filter( + function (User $user) { + if (!(intval($user->blocked) === 1 && is_null($user->blocked_code))) { + return $user; + } + } + ); + + // add meta stuff. + $users->each( + function (User $user) use ($confirmAccount) { + // user must be logged in, then continue: + $isConfirmed = Preferences::getForUser($user, 'user_confirmed', false)->data; + if ($isConfirmed === false && $confirmAccount === true) { + $user->activated = false; + } else { + $user->activated = true; + } + + + } + ); + + + return view('admin.users.index', compact('title', 'mainTitleIcon', 'subTitle', 'subTitleIcon', 'users')); + + } + +} \ No newline at end of file diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index b59b2b02de..064d21119f 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -7,6 +7,7 @@ use FireflyIII\Http\Middleware\Authenticate; use FireflyIII\Http\Middleware\AuthenticateTwoFactor; use FireflyIII\Http\Middleware\Binder; use FireflyIII\Http\Middleware\EncryptCookies; +use FireflyIII\Http\Middleware\IsAdmin; use FireflyIII\Http\Middleware\IsConfirmed; use FireflyIII\Http\Middleware\IsNotConfirmed; use FireflyIII\Http\Middleware\Range; @@ -121,6 +122,25 @@ class Kernel extends HttpKernel Range::class, Binder::class, ], + // MUST be logged in + // MUST have 2fa + // MUST be confirmed. + // MUST have owner role + // (this group includes the other Firefly middleware) + 'admin' => [ + EncryptCookies::class, + AddQueuedCookiesToResponse::class, + StartSession::class, + ShareErrorsFromSession::class, + VerifyCsrfToken::class, + Authenticate::class, + AuthenticateTwoFactor::class, + IsConfirmed::class, + IsAdmin::class, + Range::class, + Binder::class, + + ], 'api' => [ 'throttle:60,1', diff --git a/app/Http/Middleware/IsAdmin.php b/app/Http/Middleware/IsAdmin.php new file mode 100644 index 0000000000..ae00107e85 --- /dev/null +++ b/app/Http/Middleware/IsAdmin.php @@ -0,0 +1,63 @@ +guest()) { + if ($request->ajax()) { + return response('Unauthorized.', 401); + } else { + return redirect()->guest('login'); + } + } else { + /** @var User $user */ + $user = Auth::user(); + if (!$user->hasRole('owner')) { + return redirect(route('home')); + } + } + + return $next($request); + } +} diff --git a/app/Http/routes.php b/app/Http/routes.php index 043f945ef5..394eec0429 100644 --- a/app/Http/routes.php +++ b/app/Http/routes.php @@ -28,9 +28,8 @@ Route::group( ); /** - * For other routes, it is only relevant that the user is authenticated. + * For some other routes, it is only relevant that the user is authenticated. */ - Route::group( ['middleware' => 'user-simple-auth'], function () { Route::get('/error', 'HomeController@displayError'); @@ -389,3 +388,17 @@ Route::group( } ); +/** + * For the admin routes, the user must be logged in and have the role of 'owner' + */ +Route::group( + ['middleware' => 'admin'], function () { + + // admin home + Route::get('/admin', ['uses' => 'Admin\HomeController@index', 'as' => 'admin.index']); + + // user manager + Route::get('/admin/users', ['uses' => 'Admin\UserController@index', 'as' => 'admin.users']); + +} +); diff --git a/app/Repositories/User/UserRepository.php b/app/Repositories/User/UserRepository.php index b956763a40..3f4f0764cd 100644 --- a/app/Repositories/User/UserRepository.php +++ b/app/Repositories/User/UserRepository.php @@ -13,6 +13,7 @@ namespace FireflyIII\Repositories\User; use FireflyIII\Models\Role; use FireflyIII\User; +use Illuminate\Support\Collection; /** * Class UserRepository @@ -22,6 +23,14 @@ use FireflyIII\User; class UserRepository implements UserRepositoryInterface { + /** + * @return Collection + */ + public function all(): Collection + { + return User::orderBy('id', 'DESC')->get(['users.*']); + } + /** * @param User $user * @param string $role diff --git a/app/Repositories/User/UserRepositoryInterface.php b/app/Repositories/User/UserRepositoryInterface.php index 81c3a82b2f..e26a36360d 100644 --- a/app/Repositories/User/UserRepositoryInterface.php +++ b/app/Repositories/User/UserRepositoryInterface.php @@ -12,6 +12,7 @@ namespace FireflyIII\Repositories\User; use FireflyIII\User; +use Illuminate\Support\Collection; /** * Interface UserRepositoryInterface @@ -20,6 +21,11 @@ use FireflyIII\User; */ interface UserRepositoryInterface { + /** + * @return Collection + */ + public function all(): Collection; + /** * @param User $user * @param string $role diff --git a/app/Support/Preferences.php b/app/Support/Preferences.php index 6b110aa072..a5652749f2 100644 --- a/app/Support/Preferences.php +++ b/app/Support/Preferences.php @@ -34,20 +34,36 @@ class Preferences return true; } + /** + * @param $name + * @param null $default + * + * @return Preference|null + */ + public function get($name, $default = null) + { + $user = Auth::user(); + if (is_null($user)) { + return $default; + } + + return $this->getForUser(Auth::user(), $name, $default); + } + /** * @param string $name * @param string $default * * @return null|\FireflyIII\Models\Preference */ - public function get($name, $default = null) + public function getForUser(User $user, $name, $default = null) { - $fullName = 'preference' . Auth::user()->id . $name; + $fullName = 'preference' . $user->id . $name; if (Cache::has($fullName)) { return Cache::get($fullName); } - $preference = Preference::where('user_id', Auth::user()->id)->where('name', $name)->first(['id', 'name', 'data_encrypted']); + $preference = Preference::where('user_id', $user->id)->where('name', $name)->first(['id', 'name', 'data_encrypted']); if ($preference) { Cache::forever($fullName, $preference); @@ -60,7 +76,7 @@ class Preferences return null; } - return $this->set($name, $default); + return $this->setForUser($user, $name, $default); } diff --git a/resources/views/admin/index.twig b/resources/views/admin/index.twig new file mode 100644 index 0000000000..a26f4b31f6 --- /dev/null +++ b/resources/views/admin/index.twig @@ -0,0 +1,27 @@ +{% extends "./layout/default.twig" %} + +{% block breadcrumbs %} + {{ Breadcrumbs.renderIfExists }} +{% endblock %} +{% block content %} +
+
+
+
+

{{ 'user_administration'|_ }}

+
+
+ +
+
+
+
+ +{% endblock %} +{% block scripts %} +{% endblock %} +{% block styles %} +{% endblock %} diff --git a/resources/views/admin/users/index.twig b/resources/views/admin/users/index.twig new file mode 100644 index 0000000000..a107389052 --- /dev/null +++ b/resources/views/admin/users/index.twig @@ -0,0 +1,60 @@ +{% extends "./layout/default.twig" %} + +{% block breadcrumbs %} + {{ Breadcrumbs.renderIfExists }} +{% endblock %} +{% block content %} +
+
+
+
+

{{ 'all_users'|_ }}

+
+
+ + + + + + + + + + + {% for user in users %} + + + + {% if user.activated %} + + {% else %} + + {% endif %} + + {% if user.blocked == 1 %} + + {% else %} + + {% endif %} + + {% endfor %} + +
{{ trans('list.email') }}{{ trans('list.registered_at') }}{{ trans('list.is_activated') }}{{ trans('list.is_blocked') }}
{{ user.email }} + {{ user.created_at.formatLocalized(monthAndDayFormat) }} + {{ user.created_at.format('H:i') }} +   + {% if user.blocked_code == "" %} + no reason + {% else %} + {{ user.blocked_code }} + {% endif %} +  
+
+
+
+
+{% endblock %} +{% block scripts %} +{% endblock %} +{% block styles %} +{% endblock %}