mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
82ea950263d362f81c70990d73156b593781225d
librenms-librenms/app/Models/User.php
Tony Murray 89fae9be1d Move API routing to Laravel (#10457) 
* Add more api helper functions
to centralize code more

* Enable cors

* Initial Legacy route in Laravel

* Force api v0 responses to json
Add a couple more routes

* more paths, pretty print the json response
pass parameters to the api function

* devices basic functions

* Port generic graph function
check permissions function accepts callback to avoid lots of if statements

* move vlans

* links

* graphs

* fdb

* health

* wireless

* port graphs

* ip functions
split em up

* port_stack

* components

* compoment add/edit/delete

* get_device_groups

* port stats

* port graphs

* get_devices_by_group

* port_groups

* api_get_graph

* show_endpoints

* get_bill

* get_bill_graph

* get_bill_graphdata

* get_bill_history

* get_bill_history_graph

* remaining bill functions

* list_alerts

* ack/unmute alert

* Some cleanups

* Some cleanups

* list_alert_rules

* alert rule add/edit/delete

* inventory

* list_cbgp

* vrf

* list_ipsec

* list_fdb

* list_links (fix both usages)

* list_locations

* list_locations

* list_vlans

* list_ip_addresses

* list_arp

* list_ip_networks

* cleanup

* services

* list_logs and fix authlog.......

* cleanup

* cleanup 2

* remove slim

* don't load schema more than once

* basic test

* fix style

* downgrade laravel-cors to a version that supports PHP 7.1
2019-07-29 16:32:37 -05:00

202 lines
4.9 KiB
PHP
Raw Blame History

<?php
namespace App\Models;
use App\Events\UserCreated;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use LibreNMS\Authentication\LegacyAuth;
class User extends Authenticatable
{
use Notifiable;
protected $primaryKey = 'user_id';
protected $fillable = ['realname', 'username', 'email', 'level', 'descr', 'can_modify_passwd', 'auth_type', 'auth_id'];
protected $hidden = ['password', 'remember_token', 'pivot'];
protected $attributes = [ // default values
'descr' => '',
'realname' => '',
'email' => '',
];
protected $dispatchesEvents = [
'created' => UserCreated::class,
];
protected $casts = [
'realname' => 'string',
'descr' => 'string',
'email' => 'string',
'can_modify_passwd' => 'integer',
];
// ---- Helper Functions ----
/**
* Test if this user has global read access
* these users have a level of 5, 10 or 11 (demo).
*
* @return boolean
*/
public function hasGlobalRead()
{
return $this->hasGlobalAdmin() || $this->level == 5;
}
/**
* Test if this user has global admin access
* these users have a level of 10 or 11 (demo).
*
* @return boolean
*/
public function hasGlobalAdmin()
{
return $this->level >= 10;
}
/**
* Test if the User is an admin.
*
* @return boolean
*/
public function isAdmin()
{
return $this->level == 10;
}
/**
* Test if this user is the demo user
*
* @return bool
*/
public function isDemo()
{
return $this->level == 11;
}
/**
* Check if this user has access to a device
*
* @param Device|int $device can be a device Model or device id
* @return bool
*/
public function canAccessDevice($device)
{
return $this->hasGlobalRead() || $this->devices->contains($device);
}
/**
* Helper function to hash passwords before setting
*
* @param string $password
*/
public function setPassword($password)
{
$this->attributes['password'] = $password ? password_hash($password, PASSWORD_DEFAULT) : null;
}
/**
* Check if the given user can set the password for this user
*
* @param User $user
* @return bool
*/
public function canSetPassword($user)
{
if ($user && LegacyAuth::get()->canUpdatePasswords()) {
if ($user->isAdmin()) {
return true;
}
return $user->is($this) && $this->can_modify_passwd;
}
return false;
}
// ---- Query scopes ----
/**
* This restricts the query to only users that match the current auth method
* It is not needed when using user_id, but should be used for username and auth_id
*
* @param Builder $query
* @return Builder
*/
public function scopeThisAuth($query)
{
// find user including ones where we might not know the auth type
$type = LegacyAuth::getType();
return $query->where(function ($query) use ($type) {
$query->where('auth_type', $type)
->orWhereNull('auth_type')
->orWhere('auth_type', '');
});
}
// ---- Accessors/Mutators ----
public function setRealnameAttribute($realname)
{
$this->attributes['realname'] = (string)$realname;
}
public function setDescrAttribute($descr)
{
$this->attributes['descr'] = (string)$descr;
}
public function setEmailAttribute($email)
{
$this->attributes['email'] = (string)$email;
}
public function setCanModifyPasswdAttribute($modify)
{
$this->attributes['can_modify_passwd'] = $modify ? 1 : 0;
}
// ---- Define Relationships ----
public function apiToken()
{
return $this->hasOne('App\Models\ApiToken', 'user_id', 'user_id');
}
public function devices()
{
if ($this->hasGlobalRead()) {
return Device::query();
} else {
return $this->belongsToMany('App\Models\Device', 'devices_perms', 'user_id', 'device_id');
}
}
public function ports()
{
if ($this->hasGlobalRead()) {
return Port::query();
} else {
//FIXME we should return all ports for a device if the user has been given access to the whole device.
return $this->belongsToMany('App\Models\Port', 'ports_perms', 'user_id', 'port_id');
}
}
public function dashboards()
{
return $this->hasMany('App\Models\Dashboard', 'user_id');
}
public function preferences()
{
return $this->hasMany('App\Models\UserPref', 'user_id');
}
public function widgets()
{
return $this->hasMany('App\Models\UserWidget', 'user_id');
}
}
Reference in New Issue View Git Blame Copy Permalink