UserController.php 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329
  1. <?php
  2. namespace App\Http\Controllers\API;
  3. use App\Http\Controllers\Controller;
  4. use App\Http\Requests\API\User\AdminUpdateRequest;
  5. use App\Http\Requests\API\User\BatchCreateRequest;
  6. use App\Http\Requests\API\User\CreateCompanyUserRequest;
  7. use App\Http\Requests\API\User\CreateRequest;
  8. use App\Http\Requests\API\User\UpdateRequest;
  9. use App\Http\Resources\API\UserInfoResource;
  10. use App\Http\Resources\API\UserSimpleResource;
  11. use App\Models\Company;
  12. use App\Models\Department;
  13. use App\Models\Enums\RequirementStatus;
  14. use App\Models\GlobalUser;
  15. use App\Models\Menu;
  16. use App\Models\Permission;
  17. use App\Models\Role;
  18. use App\Models\Scopes\CompanyScope;
  19. use App\Models\User;
  20. use GuzzleHttp\Client;
  21. use hisorange\BrowserDetect\Exceptions\Exception;
  22. use Illuminate\Contracts\Encryption\DecryptException;
  23. use Illuminate\Database\Query\Builder;
  24. use Illuminate\Http\Request;
  25. use Illuminate\Support\Facades\Auth;
  26. use Illuminate\Support\Facades\Cache;
  27. use Illuminate\Support\Facades\Crypt;
  28. use Illuminate\Support\Facades\DB;
  29. use Illuminate\Support\Facades\Hash;
  30. use function Laravel\Prompts\password;
  31. use function Nette\Utils\isEmpty;
  32. class UserController extends Controller
  33. {
  34. public function details()
  35. {
  36. $user = Auth::user();
  37. $menus = Menu::query()->where("group", \request("group", "web"))
  38. ->get();
  39. // ->filter(fn(Menu $menu) => Auth::user()->can($menu->permission));
  40. $userPerminssion=$user->role->permissions->pluck('name')->toArray();
  41. $flattenedPaths = [];
  42. foreach ($menus as $index=> $menu) {
  43. if(in_array($menu->permission,$userPerminssion)){
  44. $individualPaths = explode(',', $menu->path);
  45. $flattenedPaths = array_merge($flattenedPaths, $individualPaths);
  46. }
  47. }
  48. $userHasMenu=Menu::query()->whereIn('id',$flattenedPaths)->pluck('name')->toArray();
  49. $user->menus = $userHasMenu;
  50. return new UserInfoResource($user);
  51. }
  52. public function assignRole(Request $request, string $id)
  53. {
  54. $user = User::query()->findOrFail($id);
  55. $roleName = $request->get('role_name');
  56. if ($roleName) {
  57. $role = Role::query()->where("guard_name", "api")->where('name', $roleName)->firstOrFail();
  58. $user->role_id = $role->id;
  59. $user->save();
  60. }
  61. $roles = $roleName ? [$roleName] : [];
  62. $user->syncRoles($roles);
  63. return $this->noContent();
  64. }
  65. public function index(Request $request){
  66. $pageSize=$request->get('page_size') ?? 10;
  67. $sort=$request->input('sort','desc');
  68. $users = User::query()->allowed()->with(['department'])->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize);
  69. if(Auth::user()->super_admin){
  70. $users->transform(function (User $user) {
  71. $user->display_id = $user->id;
  72. return $user;
  73. });
  74. return UserSimpleResource::collection($users);
  75. }
  76. return UserSimpleResource::collection($users);
  77. }
  78. public function publicSearch(Request $request){
  79. $pageSize=$request->get('page_size') ?? 10;
  80. $sort=$request->input('sort','desc');
  81. //这里公共查询如超级管理员在邮件抄送时会看到其他公司用户不合适
  82. $company_id = $request->input('company_id',Auth::user()->company_id);
  83. $user=User::query()
  84. ->where('company_id',$company_id)
  85. ->filter($request->all())->orderBy('created_at',$sort)->paginate($pageSize);
  86. return UserSimpleResource::collection($user);
  87. }
  88. /**
  89. * add a new User
  90. * @return \Illuminate\Http\Response
  91. */
  92. public function store(CreateRequest $request){
  93. $isExists = GlobalUser::query()->where('username', $request->username)->exists();
  94. if ($isExists) {
  95. return $this->badRequest('用户名已存在');
  96. }
  97. $password = Hash::make($request->password);
  98. $userRequest=$request->all();
  99. $userRequest['password']=$password;
  100. $user=User::create([
  101. ...$userRequest,
  102. 'created_by' => Auth::id(),
  103. ]);
  104. // TODO:发送邮箱给目标用户
  105. $roleId = $request->get('role_id');
  106. $role = Role::query()->findOrFail($roleId);
  107. $user->syncRoles($role);
  108. return $this->created();
  109. }
  110. /**
  111. * batchCreate User,为ditto时参考上一条
  112. * @return \Illuminate\Http\Response
  113. */
  114. public function batchStore(BatchCreateRequest $request){
  115. $userData = $request->users;
  116. DB::transaction(function () use ($userData) {
  117. foreach ($userData as $k => $data) {
  118. $user = new User();
  119. if ($k != 0) {
  120. // $userData[$k]["department_id"] = $userData[$k]["department_id"] == 'ditto' ? $userData[$k - 1]["department_id"] : $userData[$k]["department_id"];
  121. $userData[$k]["role_id"] = $userData[$k]["role_id"] == 'ditto' ? $userData[$k - 1]["role_id"] : $userData[$k]["role_id"];
  122. }
  123. $userData[$k]['password'] = Hash::make($userData[$k]['password']);
  124. $role = Role::query()->findOrFail($userData[$k]["role_id"]);
  125. $user->syncRoles($role);
  126. $user->fill([
  127. ...$userData[$k],
  128. 'created_by' => Auth::id(),
  129. ]);
  130. // TODO:发送邮箱给目标用户
  131. $user->save();
  132. }
  133. });
  134. // TODO:发送邮箱给目标用户
  135. return $this->created();
  136. }
  137. /**
  138. * enable or ban users 启用或禁用用户
  139. * @param Request $request
  140. * @return \Illuminate\Http\Response
  141. */
  142. public function status(Request $request,string $status){
  143. User::query()->allowed()->whereIn('id', $request->user_id)->update(['status' => $status]);
  144. return $this->created();
  145. }
  146. public function destroy(string $id)
  147. {
  148. $user = User::query()->allowed()->findOrFail($id);
  149. $user->delete();
  150. return $this->noContent();
  151. }
  152. public function show(string $id)
  153. {
  154. $company = Company::query()->where("id", Auth::user()->company_id)->orWhere('parent_id', Auth::user()->company_id)->pluck("id");
  155. $user = User::query()
  156. ->when(!Auth::user()->super_admin, fn($query) => $query->whereIn('company_id',$company->toArray()))
  157. ->findOrFail($id);
  158. return new UserInfoResource($user);
  159. }
  160. public function update(UpdateRequest $request,string $id)
  161. {
  162. $user = User::allowed()->findOrFail($id);
  163. $newPassword=null;
  164. // 如果用户是超级管理员或具有相应权限
  165. if (Auth::user()->super_admin || Auth::user()->can('user.assign-role')) {
  166. $user->fill([
  167. ...$request->except(['username']),
  168. 'password' => $request->password ? Hash::make($request->password) : $user->password,
  169. ]);
  170. $roleId = $request->get('role_id');
  171. if ($roleId) {
  172. $role = Role::findOrFail($roleId);
  173. $user->syncRoles([$role]);
  174. }
  175. } else {
  176. // 如果用户不是超级管理员且没有编辑角色的权限
  177. $user->fill([
  178. ...$request->except(['role_id', 'department_id', 'company_id']),
  179. 'password' => $request->password ? Hash::make($request->password) : $user->password,
  180. ]);
  181. }
  182. $user->save();
  183. return $this->noContent();
  184. }
  185. /**
  186. * 获取4s系统的访问令牌
  187. *
  188. * @return \Illuminate\Http\JsonResponse
  189. * @throws Exception
  190. */
  191. public function get4sAccessToken()
  192. {
  193. $user = Auth::user();
  194. if (!$user->fs_password) {
  195. return $this->badRequest('The user has not set a 4s password');
  196. }
  197. try {
  198. $client = new Client();
  199. $url = env("4sLoginUrl", "https://4s.autosmartcity.com:18443/login/pc");
  200. $cacheKey = '4s_token_' . $user->username;
  201. // 尝试从缓存中获取 token
  202. $token = Cache::get($cacheKey);
  203. if ($token) {
  204. return $this->success([
  205. 'token' => $token,
  206. 'target_url' => env("4sUrl", "https://4s.autosmartcity.com:8080")."?token=".$token
  207. ]);
  208. }
  209. $response = $client->post($url, [
  210. 'form_params' => [
  211. 'username' => $user->username,
  212. 'password' => $user->fs_password
  213. ]
  214. ]);
  215. $targetUrl = env("4sUrl", "https://4s.autosmartcity.com:8080");
  216. $result = json_decode($response->getBody()->getContents(), true);
  217. if ($result['code'] == 200 && $result['data']['token']) {
  218. Cache::put($cacheKey, $result['data']['token'], 60 * 60 * 23);
  219. return $this->success([
  220. 'token' => $result['data']['token'],
  221. 'target_url' => $targetUrl."?token=".$result['data']['token']
  222. ]);
  223. } else {
  224. return $this->badRequest('get 4s token error: '. $result['message']);
  225. }
  226. } catch (\Exception $e) {
  227. return $this->badRequest('get 4s token error: ' . $e->getMessage());
  228. }
  229. }
  230. // public function byDepartment(Request $request){
  231. // $departmentIds = $request->get("department", []);
  232. //
  233. // $emptyResponse = $this->success([
  234. // 'data' => [],
  235. // ]);
  236. //
  237. // if (! $departmentIds) {
  238. // return $emptyResponse;
  239. // }
  240. //
  241. // $users = User::query()->filter($request->all())->where('company_id',Auth::user()->company_id)->whereIn("department_id",$departmentIds)->get();
  242. //
  243. // return UserSimpleResource::collection($users);
  244. //
  245. // }
  246. // /**
  247. // * @param CreateRequest $request
  248. // * @return \Illuminate\Http\Response
  249. // * 修改个人信息
  250. // */
  251. // public function updateInfo(UpdateRequest $request)
  252. // {
  253. // $user = User::findOrFail(Auth::user()->id);
  254. // $user->fill([
  255. // ...$request->except(['username','role_id','department_id','company_id'])
  256. // ]);
  257. // $user->save();
  258. // return $this->noContent();
  259. // }
  260. //
  261. // /**
  262. // * @param AdminUpdateRequest $request 修改主体
  263. // * @param string $id 用户id
  264. // * @return \Illuminate\Http\Response
  265. // * 超管修改用户的信息
  266. // */
  267. // public function updateUserInfo(AdminUpdateRequest $request, string $id)
  268. // {
  269. // $user = User::findOrFail($id);
  270. // $user->fill([
  271. // ...$request->all()
  272. // ]);
  273. // $user->save();
  274. // return $this->noContent();
  275. //
  276. // }
  277. // /**
  278. // * 注册用户
  279. // * @return \Illuminate\Http\Response
  280. // */
  281. // public function registerCompanyUser(CreateCompanyUserRequest $request){
  282. // $password = Hash::make($request->password);
  283. // $userRequest=$request->all();
  284. // $userRequest['password']=$password;
  285. // User::create([
  286. // ...$userRequest,
  287. // 'created_by' => Auth::id(),
  288. // ]);
  289. // return $this->created();
  290. // }
  291. }