UserController.php

<?php

declare(strict_types=1);

/**
 * @copyright  2020 Podlibre
 * @license    https://www.gnu.org/licenses/agpl-3.0.en.html AGPL3
 * @link       https://castopod.org/
 */

namespace Modules\Admin\Controllers;

use App\Models\UserModel;
use CodeIgniter\Exceptions\PageNotFoundException;
use CodeIgniter\HTTP\RedirectResponse;
use Config\Services;
use Modules\Auth\Authorization\GroupModel;
use Modules\Auth\Entities\User;

class UserController extends BaseController
{
    protected ?User $user;

    public function _remap(string $method, string ...$params): mixed
    {
        if ($params === []) {
            return $this->{$method}();
        }

        if ($this->user = (new UserModel())->find($params[0])) {
            return $this->{$method}();
        }

        throw PageNotFoundException::forPageNotFound();
    }

    public function list(): string
    {
        $data = [
            'users' => (new UserModel())->findAll(),
        ];

        return view('user/list', $data);
    }

    public function view(): string
    {
        $data = [
            'user' => $this->user,
        ];

        replace_breadcrumb_params([
            0 => $this->user->username,
        ]);
        return view('user/view', $data);
    }

    public function create(): string
    {
        helper('form');

        $data = [
            'roles' => (new GroupModel())->getUserRoles(),
        ];

        return view('user/create', $data);
    }

    public function attemptCreate(): RedirectResponse
    {
        $userModel = new UserModel();

        // Validate here first, since some things,
        // like the password, can only be validated properly here.
        $rules = array_merge(
            $userModel->getValidationRules([
                'only' => ['username'],
            ]),
            [
                'email' => 'required|valid_email|is_unique[users.email]',
                'password' => 'required|strong_password',
            ],
        );

        if (! $this->validate($rules)) {
            return redirect()
                ->back()
                ->withInput()
                ->with('errors', $this->validator->getErrors());
        }

        // Save the user
        $user = new User($this->request->getPost());

        // Activate user
        $user->activate();

        // Force user to reset his password on first connection
        $user->forcePasswordReset();

        if (! $userModel->insert($user)) {
            return redirect()
                ->back()
                ->withInput()
                ->with('errors', $userModel->errors());
        }

        // Success!
        return redirect()
            ->route('user-list')
            ->with('message', lang('User.messages.createSuccess', [
                'username' => $user->username,
            ]));
    }

    public function edit(): string
    {
        helper('form');

        $roles = (new GroupModel())->getUserRoles();
        $roleOptions = array_reduce(
            $roles,
            function ($result, $role) {
                $result[$role->name] = lang('User.roles.' . $role->name);
                return $result;
            },
            [],
        );

        $data = [
            'user' => $this->user,
            'roleOptions' => $roleOptions,
        ];

        replace_breadcrumb_params([
            0 => $this->user->username,
        ]);
        return view('user/edit', $data);
    }

    public function attemptEdit(): RedirectResponse
    {
        $authorize = Services::authorization();

        $roles = $this->request->getPost('roles');
        $authorize->setUserGroups($this->user->id, $roles ?? []);

        // Success!
        return redirect()
            ->route('user-list')
            ->with('message', lang('User.messages.rolesEditSuccess', [
                'username' => $this->user->username,
            ]));
    }

    public function forcePassReset(): RedirectResponse
    {
        $userModel = new UserModel();
        $this->user->forcePasswordReset();

        if (! $userModel->update($this->user->id, $this->user)) {
            return redirect()
                ->back()
                ->with('errors', $userModel->errors());
        }

        // Success!
        return redirect()
            ->route('user-list')
            ->with(
                'message',
                lang('User.messages.forcePassResetSuccess', [
                    'username' => $this->user->username,
                ]),
            );
    }

    public function ban(): RedirectResponse
    {
        $authorize = Services::authorization();
        if ($authorize->inGroup('superadmin', $this->user->id)) {
            return redirect()
                ->back()
                ->with('errors', [
                    lang('User.messages.banSuperAdminError', [
                        'username' => $this->user->username,
                    ]),
                ]);
        }

        $userModel = new UserModel();
        // TODO: add ban reason?
        $this->user->ban('');

        if (! $userModel->update($this->user->id, $this->user)) {
            return redirect()
                ->back()
                ->with('errors', $userModel->errors());
        }

        return redirect()
            ->route('user-list')
            ->with('message', lang('User.messages.banSuccess', [
                'username' => $this->user->username,
            ]));
    }

    public function unBan(): RedirectResponse
    {
        $userModel = new UserModel();
        $this->user->unBan();

        if (! $userModel->update($this->user->id, $this->user)) {
            return redirect()
                ->back()
                ->with('errors', $userModel->errors());
        }

        return redirect()
            ->route('user-list')
            ->with('message', lang('User.messages.unbanSuccess', [
                'username' => $this->user->username,
            ]));
    }

    public function delete(): RedirectResponse
    {
        $authorize = Services::authorization();
        if ($authorize->inGroup('superadmin', $this->user->id)) {
            return redirect()
                ->back()
                ->with('errors', [
                    lang('User.messages.deleteSuperAdminError', [
                        'username' => $this->user->username,
                    ]),
                ]);
        }

        (new UserModel())->delete($this->user->id);

        return redirect()
            ->back()
            ->with('message', lang('User.messages.deleteSuccess', [
                'username' => $this->user->username,
            ]));
    }
}