Server : LiteSpeed System : Linux barito.iixcp.rumahweb.net 5.14.0-611.49.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Apr 21 16:39:08 EDT 2026 x86_64 User : elvh3918 ( 1528) PHP Version : 8.2.31 Disable Function : mail Directory : /home/elvh3918/public_html/pmm/app/Http/Controllers/Master/Setting/ |
<?php
namespace App\Http\Controllers\Master\Setting;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Request;
use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rule;
use Illuminate\Validation\Rules;
use Illuminate\Support\Facades\DB;
use App\Models\Model_Has_Role;
use App\Models\Model_Has_Permission;
use App\Models\VW_Permission_View;
use App\Models\User;
use Spatie\Permission\Models\Role as SpatieRole;
use App\Models\Bussiness;
use App\Models\Master\Tenant;
use Carbon\Carbon;
use Illuminate\Support\Facades\Auth;
class UserController extends Controller
{
/**
* Display a listing of the resource.
*/
public function index()
{
$breadcrumbs = [
['link' => "dashboard", 'name' => "Dashboard"], ['link' => "master.setting.users.index", 'name' => "Users"]
];
$data_input = [
'tenant_id' => Request::input('tenant_id'),
];
$auth = Auth::user()->load('model');
$query = User::with('roles', 'model')->whereRelation('roles', 'name', '<>', 'admin')->where('model_type', '=', 'App\Models\Master\Tenant');
$tenant = Tenant::orderBy('name', 'asc');
if ($auth->model_type == 'App\Models\Master\Tenant') {
$tenant = $tenant->where('id', '=', $auth->model_id);
$query = $query->whereRelation('model', 'id', '=', $auth->model_id)->where('model_type', '=', 'App\Models\Master\Tenant');
} else if ($auth->model_type == 'App\Models\Bussiness') {
if ($data_input['tenant_id'] != 0) {
$query = $query->whereRelation('model', 'id', '=', $data_input['tenant_id']);
}
}
$query = $query->get();
$tenant = $tenant->get();
return view('content.master.setting.users.index', compact('query', 'tenant', 'data_input'), ['breadcrumbs' => $breadcrumbs]);
}
/**
* Show the form for creating a new resource.
*/
public function create()
{
$breadcrumbs = [
['link' => "dashboard", 'name' => "Dashboard"], ['link' => "master.setting.users.index", 'name' => "Users"], ['link' => "master.setting.users.create", 'name' => "Create User"]
];
$auth = Auth::user()->load('model');
$tenant = Tenant::select(['id', 'name', DB::raw("'App\\\Models\\\Master\\\Tenant' AS model")])->where('is_active', '=', 1);
$users = User::with('roles', 'user_has_permissions.permissions')->whereRelation('roles', 'name', '<>', 'admin');
$roles = SpatieRole::where('is_active', '=', 1)->where('name', '<>', 'admin')->orderBy('name')->get();
$permissions = VW_Permission_View::whereIn('project', [config('app.project_app')])->where('module', '<>', 'admin')->get();
if ($auth->model_type == 'App\Models\Master\Tenant') {
$tenant = $tenant->where('id', '=', $auth->model_id);
$users = $users->whereRelation('model', 'id', '=', $auth->model_id)->where('model_type', '=', 'App\Models\Master\Tenant');
}
$tenant = $tenant->get();
$users = $users->get();
return view('content.master.setting.users.create', compact('roles', 'permissions', 'users', 'tenant'), ['breadcrumbs' => $breadcrumbs]);
}
/**
* Store a newly created resource in storage.
*/
public function store(Request $request)
{
$myString = explode(',', Request::get('tenant'));
$model_type = $myString[1];
$model_id = $myString[0];
$user = Auth::user()->load('model');
if ($user->model_type == 'App\Models\Master\Tenant' && $user->model->id != $model_id) {
return redirect()->route('master.setting.users.create')->withInput()->with('message', 'system blocked, wrong id');
}
if (!Request::get('roles')) {
return redirect()->route('master.setting.users.create')->withInput()->with('message', 'roles need value');
}
$validator = Validator::make(Request::all(), [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'lowercase', 'email', 'max:255', 'unique:'.User::class],
'password' => ['required', Rules\Password::defaults()],
]);
if ($validator->fails()) {
return redirect()->route('master.setting.users.create')->withErrors($validator)->withInput()->with('message', 'input failed');
}
DB::beginTransaction();
try {
$user = User::create([
'name' => Request::get('name'),
'email' => Request::get('email'),
'password' => Request::get('password'),
'email_verified_at' => Carbon::now(),
'model_type' => $model_type,
'model_id' => $model_id,
'is_active' => Request::get('is_active') != null ? 1: 0,
]);
// set role
if (Request::get('roles')) {
foreach (Request::get('roles') as $key => $value) {
Model_Has_Role::create([
'role_id' => $value,
'model_type' => 'App\Models\User',
'model_id' => $user->id,
]);
}
}
// set permissions
foreach (Request::get('temps') as $key => $value) {
foreach ($value as $key2 => $value2) {
Model_Has_Permission::create([
'permission_id' => $key2,
'model_type' => 'App\Models\User',
'model_id' => $user->id,
]);
}
}
DB::commit();
return redirect()->route('master.setting.users.index')->with('message', 'store success');
} catch (\Exception $e) {
DB::rollBack();
return redirect()->route('master.setting.users.create')->withErrors($validator)->withInput()->with('message', 'store error');
}
}
/**
* Display the specified resource.
*/
public function show(string $id)
{
//
}
/**
* Show the form for editing the specified resource.
*/
public function edit(User $user)
{
$auth = Auth::user()->load('model');
if ($auth->model_type == 'App\Models\Master\Tenant' && $auth->model->id != $user->model_id) {
return redirect()->route('master.setting.users.index')->withInput()->with('message', 'system blocked, wrong id');
}
$breadcrumbs = [
['link' => "dashboard", 'name' => "Dashboard"], ['link' => "master.setting.users.index", 'name' => "Users"], ['link' => "admin/users/edit/$user->id", 'name' => "Edit User"]
];
$query = [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'tenant' => $user->model_id . ',' . $user->model_type,
'is_active' => $user->is_active,
'roles' => $user->roles->pluck('id'),
'permissions' => $user->permissions->pluck('id'),
];
$auth = Auth::user()->load('model');
$tenant = Tenant::select(['id', 'name', DB::raw("'App\\\Models\\\Master\\\Tenant' AS model")])->where('is_active', '=', 1);
$users = User::with('roles', 'user_has_permissions.permissions')->whereRelation('roles', 'name', '<>', 'admin');
$roles = SpatieRole::where('is_active', '=', 1)->where('name', '<>', 'admin')->orderBy('name')->get();
$permissions = VW_Permission_View::whereIn('project', [config('app.project_app')])->where('module', '<>', 'admin')->get();
if ($auth->model_type == 'App\Models\Master\Tenant') {
$tenant = $tenant->where('id', '=', $auth->model_id);
$users = $users->whereRelation('model', 'id', '=', $auth->model_id)->where('model_type', '=', 'App\Models\Master\Tenant');
}
$tenant = $tenant->get();
$users = $users->get();
return view('content.master.setting.users.edit', compact('query', 'roles', 'permissions', 'users', 'tenant'), ['breadcrumbs' => $breadcrumbs]);
}
/**
* Update the specified resource in storage.
*/
public function update(Request $request, User $user)
{
$myString = explode(',', Request::get('tenant'));
$model_type = $myString[1];
$model_id = $myString[0];
$auth = Auth::user()->load('model');
if ($auth->model_type == 'App\Models\Master\Tenant' && $auth->model->id != $model_id) {
return redirect()->route('master.setting.users.edit', $user->id)->withInput()->with('message', 'system blocked, wrong id');
}
if (!Request::get('roles')) {
return redirect()->route('master.setting.users.edit', $user->id)->withInput()->with('message', 'roles need value');
}
// check if user admin
$admin = $user->load('roles');
if ($admin->roles->contains('name', 'admin')) {
return redirect()->route('master.setting.users.index')->with('message', 'this user admin, cannot update!');
}
if (Request::get('is_update_password') == null) {
$validator = Validator::make(Request::all(), [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'lowercase', 'email', 'max:255', Rule::unique(User::class)->ignore($user->id)],
]);
} else {
$validator = Validator::make(Request::all(), [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'lowercase', 'email', 'max:255', Rule::unique(User::class)->ignore($user->id)],
'password' => ['required', Rules\Password::defaults()],
]);
}
if ($validator->fails()) {
return redirect()->route('master.setting.users.edit', $user->id)->withErrors($validator)->withInput()->with('message', 'input failed');
}
DB::beginTransaction();
try {
$user->update([
'name' => Request::get('name'),
'email' => Request::get('email'),
'model_type' => $model_type,
'model_id' => $model_id,
'is_active' => Request::get('is_active') != null ? 1: 0,
]);
if (Request::get('is_update_password') != null) {
$user->update([
'password' => Request::get('password'),
]);
}
// reset
Model_Has_Role::where('model_id', '=', $user->id)->delete();
if (Request::get('roles')) {
// re - insert
foreach (Request::get('roles') as $key => $value) {
Model_Has_Role::create([
'role_id' => $value,
'model_type' => 'App\Models\User',
'model_id' => $user->id,
]);
}
}
// reset
Model_Has_Permission::where('model_id', '=', $user->id)->delete();
// re - insert
if (Request::get('temps')) {
foreach (Request::get('temps') as $key => $value) {
foreach ($value as $key2 => $value2) {
Model_Has_Permission::create([
'permission_id' => $key2,
'model_type' => 'App\Models\User',
'model_id' => $user->id,
]);
}
}
}
DB::commit();
return redirect()->route('master.setting.users.index')->with('message', 'update success');
} catch (\Exception $e) {
DB::rollBack();
return redirect()->route('master.setting.users.edit', $user->id)->withErrors($validator)->withInput()->with('message', 'update error');
}
}
/**
* Remove the specified resource from storage.
*/
public function destroy(User $user)
{
$auth = Auth::user()->load('model');
if ($auth->model_type == 'App\Models\Master\Tenant' && $auth->model->id != $user->model_id) {
return redirect()->route('master.setting.users.index')->withInput()->with('message', 'system blocked, wrong id');
}
// check if user admin
$admin = $user->load('roles');
if ($admin->roles->contains('name', 'admin')) {
return redirect()->route('master.setting.users.index')->with('message', 'this user admin, cannot update!');
}
DB::beginTransaction();
try {
$user->delete();
DB::commit();
return redirect()->route('master.setting.users.index')->with('message', 'delete success');
} catch (\Exception $e) {
DB::rollBack();
return redirect()->route('master.setting.users.index')->with('message', 'delete error');
}
}
}