firefly-iii/app/Http/Controllers/ProfileController.php

<?php
/**
 * ProfileController.php
 * Copyright (C) 2016 thegrumpydictator@gmail.com
 *
 * This software may be modified and distributed under the terms of the
 * Creative Commons Attribution-ShareAlike 4.0 International License.
 *
 * See the LICENSE file for details.
 */

declare(strict_types = 1);

namespace FireflyIII\Http\Controllers;

use FireflyIII\Exceptions\ValidationException;
use FireflyIII\Http\Requests\DeleteAccountFormRequest;
use FireflyIII\Http\Requests\ProfileFormRequest;
use FireflyIII\Repositories\User\UserRepositoryInterface;
use Hash;
use Log;
use Session;
use View;

/**
 * Class ProfileController
 *
 * @package FireflyIII\Http\Controllers
 */
class ProfileController extends Controller
{
    /**
     * ProfileController constructor.
     */
    public function __construct()
    {
        parent::__construct();


        $this->middleware(
            function ($request, $next) {
                View::share('title', trans('firefly.profile'));
                View::share('mainTitleIcon', 'fa-user');

                return $next($request);
            }
        );
    }

    /**
     * @return View
     */
    public function changePassword()
    {
        if (intval(getenv('SANDSTORM')) === 1) {
            return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));
        }

        if (auth()->user()->hasRole('demo')) {
            Session::flash('info', strval(trans('firefly.cannot_change_demo')));

            return redirect(route('profile.index'));
        }

        $title        = auth()->user()->email;
        $subTitle     = strval(trans('firefly.change_your_password'));
        $subTitleIcon = 'fa-key';

        return view('profile.change-password', compact('title', 'subTitle', 'subTitleIcon'));
    }

    /**
     * @return View
     */
    public function deleteAccount()
    {
        if (intval(getenv('SANDSTORM')) === 1) {
            return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));
        }

        if (auth()->user()->hasRole('demo')) {
            Session::flash('info', strval(trans('firefly.cannot_delete_demo')));

            return redirect(route('profile.index'));
        }

        $title        = auth()->user()->email;
        $subTitle     = strval(trans('firefly.delete_account'));
        $subTitleIcon = 'fa-trash';

        return view('profile.delete-account', compact('title', 'subTitle', 'subTitleIcon'));
    }

    /**
     * @return View
     *
     */
    public function index()
    {
        $subTitle = auth()->user()->email;
        $userId   = auth()->user()->id;

        return view('profile.index', compact('subTitle', 'userId'));
    }

    /**
     * @param ProfileFormRequest      $request
     * @param UserRepositoryInterface $repository
     *
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
     */
    public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository)
    {
        if (intval(getenv('SANDSTORM')) === 1) {
            return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));
        }

        if (auth()->user()->hasRole('demo')) {
            Session::flash('info', strval(trans('firefly.cannot_change_demo')));

            return redirect(route('profile.index'));
        }

        // old, new1, new2
        if (!Hash::check($request->get('current_password'), auth()->user()->password)) {
            Session::flash('error', strval(trans('firefly.invalid_current_password')));

            return redirect(route('profile.change-password'));
        }

        try {
            $this->validatePassword($request->get('current_password'), $request->get('new_password'));
        } catch (ValidationException $e) {
            Session::flash('error', $e->getMessage());

            return redirect(route('profile.change-password'));
        }

        // update the user with the new password.
        $repository->changePassword(auth()->user(), $request->get('new_password'));
        Session::flash('success', strval(trans('firefly.password_changed')));

        return redirect(route('profile.index'));
    }

    /**
     * @param UserRepositoryInterface  $repository
     * @param DeleteAccountFormRequest $request
     *
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
     */
    public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request)
    {
        if (intval(getenv('SANDSTORM')) === 1) {
            return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));
        }

        if (auth()->user()->hasRole('demo')) {
            Session::flash('info', strval(trans('firefly.cannot_delete_demo')));

            return redirect(route('profile.index'));
        }

        // old, new1, new2
        if (!Hash::check($request->get('password'), auth()->user()->password)) {
            Session::flash('error', strval(trans('firefly.invalid_password')));

            return redirect(route('profile.delete-account'));
        }
        $user = auth()->user();
        Log::info(sprintf('User #%d has opted to delete their account', auth()->user()->id));
        // make repository delete user:
        auth()->logout();
        Session::flush();
        $repository->destroy($user);

        Session::flash('gaEventCategory', 'user');
        Session::flash('gaEventAction', 'delete-account');


        return redirect(route('index'));
    }

    /**
     * @param string $old
     * @param string $new
     *
     * @return bool
     * @throws ValidationException
     */
    protected function validatePassword(string $old, string $new): bool
    {
        if ($new === $old) {
            throw new ValidationException(strval(trans('firefly.should_change')));
        }

        return true;

    }


}
Declare strict types. 2016-05-20 08:57:45 +02:00			`<?php`
Copyright notices. [skip ci] Signed-off-by: James Cole <thegrumpydictator@gmail.com> 2016-05-20 12:27:31 +02:00			`/**`
			`* ProfileController.php`
			`* Copyright (C) 2016 thegrumpydictator@gmail.com`
			`*`
Some code cleanup and copyright cleanup. [skip ci] 2016-10-05 06:52:15 +02:00			`* This software may be modified and distributed under the terms of the`
			`* Creative Commons Attribution-ShareAlike 4.0 International License.`
			`*`
			`* See the LICENSE file for details.`
Copyright notices. [skip ci] Signed-off-by: James Cole <thegrumpydictator@gmail.com> 2016-05-20 12:27:31 +02:00			`*/`

Declare strict types. 2016-05-20 08:57:45 +02:00			`declare(strict_types = 1);`

			`namespace FireflyIII\Http\Controllers;`
More code. 2015-02-25 21:19:06 +01:00
Various small optimisations [skip ci] 2017-01-05 10:06:46 +01:00			`use FireflyIII\Exceptions\ValidationException;`
Built a routine that will allow you to completely delete an account. 2015-04-22 07:54:56 +02:00			`use FireflyIII\Http\Requests\DeleteAccountFormRequest;`
More code. 2015-02-25 21:19:06 +01:00			`use FireflyIII\Http\Requests\ProfileFormRequest;`
Code for #456 2016-12-12 15:24:47 +01:00			`use FireflyIII\Repositories\User\UserRepositoryInterface;`
More code. 2015-02-25 21:19:06 +01:00			`use Hash;`
Code for #456 2016-12-12 15:24:47 +01:00			`use Log;`
More code. 2015-02-25 21:19:06 +01:00			`use Session;`
Code cleanup. Signed-off-by: James Cole <thegrumpydictator@gmail.com> 2016-08-26 09:30:52 +02:00			`use View;`
More code. 2015-02-25 21:19:06 +01:00
			`/**`
			`* Class ProfileController`
			`*`
			`* @package FireflyIII\Http\Controllers`
			`*/`
			`class ProfileController extends Controller`
			`{`
Did some code cleanup. Comments and headers mostly. 2016-01-09 08:20:55 +01:00			`/**`
			`* ProfileController constructor.`
			`*/`
Move authentication around. 2016-01-08 18:29:47 +01:00			`public function __construct()`
			`{`
Also call parent constructor. 2016-01-08 20:40:48 +01:00			`parent::__construct();`
This code fixes #349 2016-10-20 19:10:43 +02:00
Updates for translations. 2016-10-29 07:44:46 +02:00
			`$this->middleware(`
			`function ($request, $next) {`
			`View::share('title', trans('firefly.profile'));`
			`View::share('mainTitleIcon', 'fa-user');`

			`return $next($request);`
			`}`
			`);`
Move authentication around. 2016-01-08 18:29:47 +01:00			`}`
More code. 2015-02-25 21:19:06 +01:00
			`/**`
Code cleanup. Signed-off-by: James Cole <thegrumpydictator@gmail.com> 2016-08-26 09:30:52 +02:00			`* @return View`
More code. 2015-02-25 21:19:06 +01:00			`*/`
			`public function changePassword()`
			`{`
New tests 2017-02-12 17:58:16 +01:00			`if (intval(getenv('SANDSTORM')) === 1) {`
			`return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));`
			`}`

Add restrictions for demo accounts. 2016-12-25 13:09:29 +01:00			`if (auth()->user()->hasRole('demo')) {`
			`Session::flash('info', strval(trans('firefly.cannot_change_demo')));`

			`return redirect(route('profile.index'));`
			`}`

Updates for translations. 2016-10-29 07:44:46 +02:00			`$title = auth()->user()->email;`
			`$subTitle = strval(trans('firefly.change_your_password'));`
			`$subTitleIcon = 'fa-key';`

			`return view('profile.change-password', compact('title', 'subTitle', 'subTitleIcon'));`
More code. 2015-02-25 21:19:06 +01:00			`}`

Built a routine that will allow you to completely delete an account. 2015-04-22 07:54:56 +02:00			`/**`
Code cleanup. Signed-off-by: James Cole <thegrumpydictator@gmail.com> 2016-08-26 09:30:52 +02:00			`* @return View`
Built a routine that will allow you to completely delete an account. 2015-04-22 07:54:56 +02:00			`*/`
			`public function deleteAccount()`
			`{`
New tests 2017-02-12 17:58:16 +01:00			`if (intval(getenv('SANDSTORM')) === 1) {`
			`return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));`
			`}`

Add restrictions for demo accounts. 2016-12-25 13:09:29 +01:00			`if (auth()->user()->hasRole('demo')) {`
			`Session::flash('info', strval(trans('firefly.cannot_delete_demo')));`

			`return redirect(route('profile.index'));`
			`}`

Updates for translations. 2016-10-29 07:44:46 +02:00			`$title = auth()->user()->email;`
			`$subTitle = strval(trans('firefly.delete_account'));`
			`$subTitleIcon = 'fa-trash';`

			`return view('profile.delete-account', compact('title', 'subTitle', 'subTitleIcon'));`
Built a routine that will allow you to completely delete an account. 2015-04-22 07:54:56 +02:00			`}`

			`/**`
Code cleanup. Signed-off-by: James Cole <thegrumpydictator@gmail.com> 2016-08-26 09:30:52 +02:00			`* @return View`
Built a routine that will allow you to completely delete an account. 2015-04-22 07:54:56 +02:00			`*`
			`*/`
Covered profile controller with tests. 2015-05-03 09:19:14 +02:00			`public function index()`
Cleaning up. 2015-04-28 15:26:30 +02:00			`{`
This code fixes #349 2016-10-20 19:10:43 +02:00			`$subTitle = auth()->user()->email;`
			`$userId = auth()->user()->id;`

			`return view('profile.index', compact('subTitle', 'userId'));`
Built a routine that will allow you to completely delete an account. 2015-04-22 07:54:56 +02:00			`}`

More code. 2015-02-25 21:19:06 +01:00			`/**`
New tests. 2016-12-18 17:54:11 +01:00			`* @param ProfileFormRequest $request`
			`* @param UserRepositoryInterface $repository`
General cleanup. 2015-05-03 12:58:55 +02:00			`*`
New tests. 2016-12-18 17:54:11 +01:00			`* @return \Illuminate\Http\RedirectResponse\|\Illuminate\Routing\Redirector`
More code. 2015-02-25 21:19:06 +01:00			`*/`
New tests. 2016-12-18 17:54:11 +01:00			`public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository)`
More code. 2015-02-25 21:19:06 +01:00			`{`
New tests 2017-02-12 17:58:16 +01:00			`if (intval(getenv('SANDSTORM')) === 1) {`
			`return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));`
			`}`

Add restrictions for demo accounts. 2016-12-25 13:09:29 +01:00			`if (auth()->user()->hasRole('demo')) {`
			`Session::flash('info', strval(trans('firefly.cannot_change_demo')));`

			`return redirect(route('profile.index'));`
			`}`

More code. 2015-02-25 21:19:06 +01:00			`// old, new1, new2`
Code clean up 2016-09-16 12:15:58 +02:00			`if (!Hash::check($request->get('current_password'), auth()->user()->password)) {`
All new translations for #218 2016-03-20 11:38:01 +01:00			`Session::flash('error', strval(trans('firefly.invalid_current_password')));`
More code. 2015-02-25 21:19:06 +01:00
Cleanup redirect code. 2015-07-06 16:27:21 +02:00			`return redirect(route('profile.change-password'));`
More code. 2015-02-25 21:19:06 +01:00			`}`
Various small optimisations [skip ci] 2017-01-05 10:06:46 +01:00
			`try {`
			`$this->validatePassword($request->get('current_password'), $request->get('new_password'));`
			`} catch (ValidationException $e) {`
			`Session::flash('error', $e->getMessage());`
More code. 2015-02-25 21:19:06 +01:00
Cleanup redirect code. 2015-07-06 16:27:21 +02:00			`return redirect(route('profile.change-password'));`
More code. 2015-02-25 21:19:06 +01:00			`}`

			`// update the user with the new password.`
New tests. 2016-12-18 17:54:11 +01:00			`$repository->changePassword(auth()->user(), $request->get('new_password'));`
All new translations for #218 2016-03-20 11:38:01 +01:00			`Session::flash('success', strval(trans('firefly.password_changed')));`
More code. 2015-02-25 21:19:06 +01:00
Many new renamed routes that will break half of Firefly. 2016-12-05 21:58:23 +01:00			`return redirect(route('profile.index'));`
More code. 2015-02-25 21:19:06 +01:00			`}`

Covered profile controller with tests. 2015-05-03 09:19:14 +02:00			`/**`
Code for #456 2016-12-12 15:24:47 +01:00			`* @param UserRepositoryInterface $repository`
General cleanup. 2015-05-03 12:58:55 +02:00			`* @param DeleteAccountFormRequest $request`
Covered profile controller with tests. 2015-05-03 09:19:14 +02:00			`*`
Code for #456 2016-12-12 15:24:47 +01:00			`* @return \Illuminate\Http\RedirectResponse\|\Illuminate\Routing\Redirector`
Covered profile controller with tests. 2015-05-03 09:19:14 +02:00			`*/`
Code for #456 2016-12-12 15:24:47 +01:00			`public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request)`
Covered profile controller with tests. 2015-05-03 09:19:14 +02:00			`{`
New tests 2017-02-12 17:58:16 +01:00			`if (intval(getenv('SANDSTORM')) === 1) {`
			`return view('error')->with('message', strval(trans('firefly.sandstorm_not_available')));`
			`}`

Add restrictions for demo accounts. 2016-12-25 13:09:29 +01:00			`if (auth()->user()->hasRole('demo')) {`
			`Session::flash('info', strval(trans('firefly.cannot_delete_demo')));`

			`return redirect(route('profile.index'));`
			`}`

Covered profile controller with tests. 2015-05-03 09:19:14 +02:00			`// old, new1, new2`
Code clean up 2016-09-16 12:15:58 +02:00			`if (!Hash::check($request->get('password'), auth()->user()->password)) {`
All new translations for #218 2016-03-20 11:38:01 +01:00			`Session::flash('error', strval(trans('firefly.invalid_password')));`
Covered profile controller with tests. 2015-05-03 09:19:14 +02:00
Cleanup redirect code. 2015-07-06 16:27:21 +02:00			`return redirect(route('profile.delete-account'));`
More code. 2015-02-25 21:19:06 +01:00			`}`
Code for #456 2016-12-12 15:24:47 +01:00			`$user = auth()->user();`
			`Log::info(sprintf('User #%d has opted to delete their account', auth()->user()->id));`
			`// make repository delete user:`
			`auth()->logout();`
Covered profile controller with tests. 2015-05-03 09:19:14 +02:00			`Session::flush();`
Code for #456 2016-12-12 15:24:47 +01:00			`$repository->destroy($user);`

Add some GA events. 2015-05-25 07:26:19 +02:00			`Session::flash('gaEventCategory', 'user');`
			`Session::flash('gaEventAction', 'delete-account');`
More code. 2015-02-25 21:19:06 +01:00
Lots of new translations. 2015-07-26 07:39:04 +02:00
Cleanup redirect code. 2015-07-06 16:27:21 +02:00			`return redirect(route('index'));`
More code. 2015-02-25 21:19:06 +01:00			`}`
Covered profile controller with tests. 2015-05-03 09:19:14 +02:00
Some code cleanup and reordering 2016-01-24 15:58:16 +01:00			`/**`
			`* @param string $old`
Various small optimisations [skip ci] 2017-01-05 10:06:46 +01:00			`* @param string $new`
Some code cleanup and reordering 2016-01-24 15:58:16 +01:00			`*`
Various small optimisations [skip ci] 2017-01-05 10:06:46 +01:00			`* @return bool`
			`* @throws ValidationException`
Some code cleanup and reordering 2016-01-24 15:58:16 +01:00			`*/`
Various small optimisations [skip ci] 2017-01-05 10:06:46 +01:00			`protected function validatePassword(string $old, string $new): bool`
Some code cleanup and reordering 2016-01-24 15:58:16 +01:00			`{`
Various small optimisations [skip ci] 2017-01-05 10:06:46 +01:00			`if ($new === $old) {`
			`throw new ValidationException(strval(trans('firefly.should_change')));`
Some code cleanup and reordering 2016-01-24 15:58:16 +01:00			`}`

			`return true;`

			`}`

Covered profile controller with tests. 2015-05-03 09:19:14 +02:00
More code. 2015-02-25 21:19:06 +01:00			`}`