where("group", \request("group", "web")) ->get(); // ->filter(fn(Menu $menu) => Auth::user()->can($menu->permission)); $userPerminssion=$user->role->permissions->pluck('name')->toArray(); $flattenedPaths = []; foreach ($menus as $index=> $menu) { if(in_array($menu->permission,$userPerminssion)){ $individualPaths = explode(',', $menu->path); $flattenedPaths = array_merge($flattenedPaths, $individualPaths); } } $userHasMenu=Menu::query()->whereIn('id',$flattenedPaths)->pluck('name')->toArray(); $user->menus = $userHasMenu; return new UserInfoResource($user); } public function assignRole(Request $request, string $id) { $user = User::query()->findOrFail($id); $roleName = $request->get('role_name'); if ($roleName) { $role = Role::query()->where("guard_name", "api")->where('name', $roleName)->firstOrFail(); $user->role_id = $role->id; $user->save(); } $roles = $roleName ? [$roleName] : []; $user->syncRoles($roles); return $this->noContent(); } public function index(Request $request){ $pageSize=$request->get('page_size') ?? 10; $sort=$request->input('sort','desc'); $users = User::query()->allowed()->with(['department'])->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize); if(Auth::user()->super_admin){ $users->transform(function (User $user) { $user->display_id = $user->id; return $user; }); return UserSimpleResource::collection($users); } return UserSimpleResource::collection($users); } public function publicSearch(Request $request){ $pageSize=$request->get('page_size') ?? 10; $sort=$request->input('sort','desc'); //这里公共查询如超级管理员在邮件抄送时会看到其他公司用户不合适 $company_id = $request->input('company_id',Auth::user()->company_id); $user=User::query() ->where('company_id',$company_id) ->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize); return UserSimpleResource::collection($user); } /** * add a new User * @return \Illuminate\Http\Response */ public function store(CreateRequest $request){ $password = Hash::make($request->password); $userRequest=$request->all(); $userRequest['password']=$password; $user=User::create([ ...$userRequest, 'created_by' => Auth::id(), ]); // TODO:发送邮箱给目标用户 $roleId = $request->get('role_id'); $role = Role::query()->findOrFail($roleId); $user->syncRoles($role); return $this->created(); } /** * batchCreate User,为ditto时参考上一条 * @return \Illuminate\Http\Response */ public function batchStore(BatchCreateRequest $request){ $userData = $request->users; DB::transaction(function () use ($userData) { foreach ($userData as $k => $data) { $user = new User(); if ($k != 0) { // $userData[$k]["department_id"] = $userData[$k]["department_id"] == 'ditto' ? $userData[$k - 1]["department_id"] : $userData[$k]["department_id"]; $userData[$k]["role_id"] = $userData[$k]["role_id"] == 'ditto' ? $userData[$k - 1]["role_id"] : $userData[$k]["role_id"]; } $userData[$k]['password'] = Hash::make($userData[$k]['password']); $role = Role::query()->findOrFail($userData[$k]["role_id"]); $user->syncRoles($role); $user->fill([ ...$userData[$k], 'created_by' => Auth::id(), ]); // TODO:发送邮箱给目标用户 $user->save(); } }); // TODO:发送邮箱给目标用户 return $this->created(); } /** * enable or ban users 启用或禁用用户 * @param Request $request * @return \Illuminate\Http\Response */ public function status(Request $request,string $status){ User::query()->allowed()->whereIn('id', $request->user_id)->update(['status' => $status]); return $this->created(); } public function destroy(string $id) { $user = User::query()->allowed()->findOrFail($id); $user->delete(); return $this->noContent(); } public function show(string $id) { $company = Company::query()->where("id", Auth::user()->company_id)->orWhere('parent_id', Auth::user()->company_id)->pluck("id"); $user = User::query() ->when(!Auth::user()->super_admin, fn($query) => $query->whereIn('company_id',$company->toArray())) ->findOrFail($id); return new UserInfoResource($user); } public function update(UpdateRequest $request,string $id) { $user = User::allowed()->findOrFail($id); $newPassword=null; // 如果用户是超级管理员或具有相应权限 if (Auth::user()->super_admin || Auth::user()->can('user.assign-role')) { $user->fill([ ...$request->except(['username']), 'password' => $request->password ? Hash::make($request->password) : $user->password, ]); $roleId = $request->get('role_id'); if ($roleId) { $role = Role::findOrFail($roleId); $user->syncRoles([$role]); } } else { // 如果用户不是超级管理员且没有编辑角色的权限 $user->fill([ ...$request->except(['role_id', 'department_id', 'company_id']), 'password' => $request->password ? Hash::make($request->password) : $user->password, ]); } $user->save(); return $this->noContent(); } /** * 获取4s系统的访问令牌 * * @return \Illuminate\Http\JsonResponse * @throws Exception */ public function get4sAccessToken() { $user = Auth::user(); if (!$user->fs_password) { return $this->badRequest('The user has not set a 4s password'); } try { $client = new Client(); $url = env("4sLoginUrl", "https://4s.autosmartcity.com:18443/login/pc"); $cacheKey = '4s_token_' . $user->username; // 尝试从缓存中获取 token $token = Cache::get($cacheKey); if ($token) { return $this->success([ 'token' => $token, 'target_url' => env("4sUrl", "https://4s.autosmartcity.com:8080")."?token=".$token ]); } $response = $client->post($url, [ 'form_params' => [ 'username' => $user->username, 'password' => $user->fs_password ] ]); $targetUrl = env("4sUrl", "https://4s.autosmartcity.com:8080"); $result = json_decode($response->getBody()->getContents(), true); if ($result['code'] == 200 && $result['data']['token']) { Cache::put($cacheKey, $result['data']['token'], 60 * 60 * 23); return $this->success([ 'token' => $result['data']['token'], 'target_url' => $targetUrl."?token=".$result['data']['token'] ]); } else { return $this->badRequest('get 4s token error: '. $result['message']); } } catch (\Exception $e) { return $this->badRequest('get 4s token error: ' . $e->getMessage()); } } // public function byDepartment(Request $request){ // $departmentIds = $request->get("department", []); // // $emptyResponse = $this->success([ // 'data' => [], // ]); // // if (! $departmentIds) { // return $emptyResponse; // } // // $users = User::query()->filter($request->all())->where('company_id',Auth::user()->company_id)->whereIn("department_id",$departmentIds)->get(); // // return UserSimpleResource::collection($users); // // } // /** // * @param CreateRequest $request // * @return \Illuminate\Http\Response // * 修改个人信息 // */ // public function updateInfo(UpdateRequest $request) // { // $user = User::findOrFail(Auth::user()->id); // $user->fill([ // ...$request->except(['username','role_id','department_id','company_id']) // ]); // $user->save(); // return $this->noContent(); // } // // /** // * @param AdminUpdateRequest $request 修改主体 // * @param string $id 用户id // * @return \Illuminate\Http\Response // * 超管修改用户的信息 // */ // public function updateUserInfo(AdminUpdateRequest $request, string $id) // { // $user = User::findOrFail($id); // $user->fill([ // ...$request->all() // ]); // $user->save(); // return $this->noContent(); // // } // /** // * 注册用户 // * @return \Illuminate\Http\Response // */ // public function registerCompanyUser(CreateCompanyUserRequest $request){ // $password = Hash::make($request->password); // $userRequest=$request->all(); // $userRequest['password']=$password; // User::create([ // ...$userRequest, // 'created_by' => Auth::id(), // ]); // return $this->created(); // } }