237 lines
8.9 KiB
PHP
237 lines
8.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use Illuminate\Http\Request;
|
|
use App\Models\User;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use App\Rules\PasswordRule;
|
|
use Illuminate\Database\QueryException;
|
|
use Illuminate\Support\Facades\Log;
|
|
use Illuminate\Support\Facades\Storage;
|
|
use Illuminate\Validation\Rule;
|
|
use Illuminate\Validation\Rules\Password;
|
|
use Illuminate\Validation\ValidationException;
|
|
use Spatie\Permission\Models\Permission;
|
|
use Spatie\Permission\Models\Role;
|
|
|
|
class UserController extends Controller
|
|
{
|
|
public function index()
|
|
{
|
|
$this->authorize('viewAny', User::class);
|
|
$users = User::paginate(10);
|
|
return view('users.index', compact('users'));
|
|
}
|
|
|
|
public function create()
|
|
{
|
|
$this->authorize('create', User::class);
|
|
$roles = Role::all();
|
|
return view('users.create', compact('roles'));
|
|
}
|
|
|
|
public function store(Request $request)
|
|
{
|
|
$this->authorize('create', User::class);
|
|
try {
|
|
// Validación de datos
|
|
$validated = $request->validate([
|
|
'title' => 'nullable|string|max:10',
|
|
'first_name' => 'required|string|max:50',
|
|
'last_name' => 'required|string|max:50',
|
|
'username' => 'required|string|unique:users|max:30',
|
|
'password' => ['required',
|
|
new PasswordRule(
|
|
minLength: 12,
|
|
requireUppercase: true,
|
|
requireNumeric: true,
|
|
requireSpecialCharacter: true,
|
|
//uncompromised: true, // Verificar contra Have I Been Pwned
|
|
//requireLetters: true
|
|
),
|
|
Password::defaults()->mixedCase()->numbers()->symbols()
|
|
->uncompromised(3) // Número mínimo de apariciones en brechas
|
|
],
|
|
'start_date' => 'nullable|date',
|
|
'end_date' => 'nullable|date|after_or_equal:start_date',
|
|
'email' => 'required|email|unique:users',
|
|
'phone' => 'nullable|string|max:20',
|
|
'address' => 'nullable|string|max:255'
|
|
]);
|
|
|
|
// Creación del usuario
|
|
$user = User::create([
|
|
'title' => $validated['title'],
|
|
'first_name' => $validated['first_name'],
|
|
'last_name' => $validated['last_name'],
|
|
'username' => $validated['username'],
|
|
'password' => Hash::make($validated['password']),
|
|
'email' => $validated['email'],
|
|
'phone' => $validated['phone'],
|
|
'address' => $validated['address'],
|
|
'access_start' => $validated['start_date'],
|
|
'access_end' => $validated['end_date'],
|
|
'is_active' => true
|
|
]);
|
|
|
|
if ($request->hasFile('photo')) {
|
|
$path = $request->file('photo')->store('public/photos');
|
|
$user->profile_photo_path = basename($path);
|
|
$user->save();
|
|
}
|
|
|
|
// Asignación de roles (opcional, usando Spatie Permissions)
|
|
// $user->assignRole('user');
|
|
|
|
return redirect()->route('users.index')->with('success', 'Usuario creado exitosamente.')->with('temp_password', $validated['password']);;
|
|
} catch (\Exception $e) {
|
|
return back()->withInput()->with('error', 'Error al crear el usuario: ' . $e->getMessage());
|
|
}
|
|
}
|
|
|
|
public function edit(User $user)
|
|
{
|
|
$this->authorize('update', $user);
|
|
$roles = Role::all();
|
|
$userRoles = $user->roles->pluck('id')->toArray();
|
|
return view('users.create', compact('user', 'roles', 'userRoles'));
|
|
}
|
|
|
|
public function update(Request $request, User $user)
|
|
{
|
|
try {
|
|
// Validación de datos
|
|
$validated = $request->validate([
|
|
'title' => 'nullable|string|max:10',
|
|
'first_name' => 'required|string|max:50',
|
|
'last_name' => 'required|string|max:50',
|
|
'username' => [
|
|
'required',
|
|
'string',
|
|
'max:30',
|
|
Rule::unique('users')->ignore($user->id)
|
|
],
|
|
'password' => [
|
|
'nullable',
|
|
Password::min(12)
|
|
->mixedCase()
|
|
->numbers()
|
|
->symbols()
|
|
->uncompromised(3)
|
|
],
|
|
'start_date' => 'nullable|date',
|
|
'end_date' => 'nullable|date|after_or_equal:start_date',
|
|
'email' => [
|
|
'required',
|
|
'email',
|
|
Rule::unique('users')->ignore($user->id)
|
|
],
|
|
'phone' => 'nullable|string|max:20',
|
|
'address' => 'nullable|string|max:255'
|
|
]);
|
|
|
|
// Preparar datos para actualización
|
|
$updateData = [
|
|
'title' => $validated['title'],
|
|
'first_name' => $validated['first_name'],
|
|
'last_name' => $validated['last_name'],
|
|
'username' => $validated['username'],
|
|
'email' => $validated['email'],
|
|
'phone' => $validated['phone'],
|
|
'address' => $validated['address'],
|
|
'access_start' => $validated['start_date'],
|
|
'access_end' => $validated['end_date'],
|
|
'is_active' => $request->has('is_active') // Si usas un checkbox
|
|
];
|
|
|
|
// Actualizar contraseña solo si se proporciona
|
|
if (!empty($validated['password'])) {
|
|
$updateData['password'] = Hash::make($validated['password']);
|
|
}
|
|
|
|
if ($request->hasFile('photo')) {
|
|
// Eliminar foto anterior si existe
|
|
if ($user->prfile_photo_path) {
|
|
Storage::delete('public/photos/'.$user->profile_photo_path);
|
|
}
|
|
|
|
$path = $request->file('photo')->store('public/photos');
|
|
$user->update(['profile_photo_path' => basename($path)]);
|
|
}
|
|
|
|
// Actualizar el usuario
|
|
$user->update($updateData);
|
|
|
|
// Redireccionar con mensaje de éxito
|
|
return redirect()->route('users.show', $user)
|
|
->with('success', 'Usuario actualizado exitosamente');
|
|
|
|
} catch (ValidationException $e) {
|
|
// Redireccionar con errores de validación
|
|
return redirect()->back()->withErrors($e->validator)->withInput();
|
|
|
|
} catch (QueryException $e) {
|
|
// Manejar errores de base de datos
|
|
$errorCode = $e->errorInfo[1];
|
|
$errorMessage = 'Error al actualizar el usuario: ';
|
|
|
|
if ($errorCode == 1062) {
|
|
$errorMessage .= 'El nombre de usuario o correo electrónico ya está en uso';
|
|
} else {
|
|
$errorMessage .= 'Error en la base de datos';
|
|
}
|
|
|
|
Log::error("Error actualizando usuario ID {$user->id}: " . $e->getMessage());
|
|
return redirect()->back()->with('error', $errorMessage)->withInput();
|
|
|
|
} catch (\Exception $e) {
|
|
// Manejar otros errores
|
|
Log::error("Error general actualizando usuario ID {$user->id}: " . $e->getMessage());
|
|
return redirect()->back()->with('error', 'Ocurrió un error inesperado al actualizar el usuario')->withInput();
|
|
}
|
|
}
|
|
|
|
public function show(User $user)
|
|
{
|
|
$previousUser = User::where('id', '<', $user->id)->latest('id')->first();
|
|
$nextUser = User::where('id', '>', $user->id)->oldest('id')->first();
|
|
|
|
return view('users.show', [
|
|
'user' => $user,
|
|
'previousUser' => $previousUser,
|
|
'nextUser' => $nextUser,
|
|
'permissionGroups' => Permission::all()->groupBy('group')
|
|
]);
|
|
}
|
|
|
|
public function updatePassword(Request $request, User $user)
|
|
{
|
|
$this->authorize('update', $user);
|
|
|
|
$request->validate([
|
|
'password' => 'required|min:8|confirmed'
|
|
]);
|
|
|
|
$user->update([
|
|
'password' => Hash::make($request->password)
|
|
]);
|
|
|
|
return redirect()->back()
|
|
->with('success', 'Contraseña actualizada correctamente');
|
|
}
|
|
|
|
public function destroy(User $user)
|
|
{
|
|
$this->authorize('delete', $user);
|
|
|
|
if($user->is_protected) {
|
|
return redirect()->back()
|
|
->with('error', 'No se puede eliminar un usuario protegido');
|
|
}
|
|
|
|
$user->delete();
|
|
return redirect()->route('users.index')
|
|
->with('success', 'Usuario eliminado correctamente');
|
|
}
|
|
} |