Membership Approval

app/HMS/Entities/Role.php

@@ -22,6 +22,9 @@ class Role implements RoleContract
 
     const SUPERUSER = 'user.super';
 
+    const TEAM_MEMBERSHIP = 'team.membership';
+    const TEAM_TRUSTEES = 'team.trustees';
+
     /**
      * @var int
      */
@@ -270,10 +273,10 @@ public function setRetained($retained): Role
      */
     public function routeNotificationForSlack(): string
     {
-        if ($this->name = 'team.Trustees') {
-            return Meta::get('trustee_slack_webhook');
+        if ($this->name == self::TEAM_TRUSTEES) {
+            return config('hms.trustee_slack_webhook');
         } else {
-            return Meta::get('team_slack_webhook');
+            return config('hms.team_slack_webhook');
         }
     }
 }

app/HMS/Entities/User.php

@@ -32,7 +32,7 @@ class User implements AuthenticatableContract, CanResetPasswordContract, HasRole
     /**
      * @var string Users first name
      */
-    protected $firstname;
+    public $name;
 
     /**
      * @var string Users last name
@@ -47,7 +47,7 @@ class User implements AuthenticatableContract, CanResetPasswordContract, HasRole
     /**
      * @var string Users email address
      */
-    protected $email;
+    public $email;
 
     /**
      * @var string Users remember me token for persisting login sessions
@@ -83,7 +83,7 @@ class User implements AuthenticatableContract, CanResetPasswordContract, HasRole
      */
     public function __construct(string $firstname, string $lastname, string $username, string $email)
     {
-        $this->firstname = $firstname;
+        $this->name = $firstname;
         $this->lastname = $lastname;
         $this->username = $username;
         $this->email = $email;
@@ -104,7 +104,7 @@ public function getId()
      */
     public function getFirstname(): string
     {
-        return $this->firstname;
+        return $this->name;
     }
 
     /**
@@ -118,9 +118,9 @@ public function getLastname(): string
     /**
      * @return string
      */
-    public function getFullName(): string
+    public function getFullname(): string
     {
-        return $this->firstname . ' ' . $this->lastname;
+        return $this->name . ' ' . $this->lastname;
     }
 
     /**
@@ -264,6 +264,48 @@ public function getKey()
         return $this->getAuthIdentifier();
     }
 
+    /**
+     * Sets the value of firstname.
+     *
+     * @param string $name the name
+     *
+     * @return self
+     */
+    public function setFirstname($firstname)
+    {
+        $this->name = $firstname;
+
+        return $this;
+    }
+
+    /**
+     * Sets the value of lastname.
+     *
+     * @param string $lastname the lastname
+     *
+     * @return self
+     */
+    public function setLastname($lastname)
+    {
+        $this->lastname = $lastname;
+
+        return $this;
+    }
+
+    /**
+     * Sets the value of email.
+     *
+     * @param string $email the email
+     *
+     * @return self
+     */
+    public function setEmail($email)
+    {
+        $this->email = $email;
+
+        return $this;
+    }
+
     /**
      * @return ArrayCollection|Email[]
      */

app/HMS/Helpers/SiteVisitor.php

@@ -18,7 +18,7 @@ public function inTheSpace($request = null)
         }
 
         // Allowed IPs
-        $allowed = [env('RESTRICED_IP_RANGE', '10.0.0.0/8')];
+        $allowed = [config('hms.restriced_ip_range')];
 
         if (IpUtils::checkIp($request->ip(), $allowed)) {
             return true;

app/HMS/Mappings/HMS.Entities.User.dcm.yml

@@ -17,7 +17,8 @@ HMS\Entities\User:
       generator:
         strategy: AUTO
   fields:
-    firstname:
+    name:
+      column: firstname
       type: string
     lastname:
       type: string

app/HMS/Repositories/Doctrine/DoctrineUserRepository.php

@@ -49,20 +49,26 @@ public function findOneByEmail(string $email)
 
     /**
      * @param  string $searchQuery
+     * @param  bool $hasAccount limit to users with associated accounts
      * @return array
      */
-    public function searchLike(string $searchQuery)
+    public function searchLike(string $searchQuery, ?bool $hasAccount = false)
     {
         $q = parent::createQueryBuilder('user')
             ->leftJoin('user.profile', 'profile')->addSelect('profile')
             ->leftJoin('user.account', 'account')->addSelect('account')
-            ->where('user.firstname LIKE :keyword')
+            ->where('user.name LIKE :keyword')
             ->orWhere('user.lastname LIKE :keyword')
             ->orWhere('user.username LIKE :keyword')
             ->orWhere('user.email LIKE :keyword')
             ->orWhere('profile.addressPostcode LIKE :keyword')
-            ->orWhere('account.paymentRef LIKE :keyword')
-            ->setParameter('keyword', '%'.$searchQuery.'%')
+            ->orWhere('account.paymentRef LIKE :keyword');
+
+        if ($hasAccount) {
+            $q = $q->andWhere('user.account IS NOT NULL');
+        }
+
+        $q = $q->setParameter('keyword', '%'.$searchQuery.'%')
             ->getQuery();
 
         return $q->getResult();

app/HMS/Repositories/UserRepository.php

@@ -32,9 +32,10 @@ public function findOneByEmail(string $email);
 
     /**
      * @param  string $searchQuery
+     * @param  bool $hasAccount limit to users with associated accounts
      * @return array
      */
-    public function searchLike(string $searchQuery);
+    public function searchLike(string $searchQuery, ?bool $hasAccount = false);
 
     /**
      * save User to the DB.

app/HMS/User/Permissions/RoleManager.php

@@ -104,12 +104,10 @@ public function addUserToRole(User $user, Role $role)
      * @param User   $user
      * @param string $roleName take a role name string rather than a role enitity
      */
-    public function addUserToRoleByName(User $user, $roleName)
+    public function addUserToRoleByName(User $user, string $roleName)
     {
         $role = $this->roleRepository->findOneByName($roleName);
-        $user->getRoles()->add($role);
-        $this->userRepository->save($user);
-        event(new UserAddedToRole($user, $role));
+        $this->addUserToRole($user, $role);
     }
 
     /**
@@ -124,4 +122,15 @@ public function removeUserFromRole(User $user, Role $role)
         event(new UserRemovedFromRole($user, $role));
         $this->entityManager->refresh($user);
     }
+
+    /**
+     * remove a user from a role and fire of an update event.
+     * @param  User   $user
+     * @param string $roleName take a role name string rather than a role enitity
+     */
+    public function removeUserFromRoleByName(User $user, string $roleName)
+    {
+        $role = $this->roleRepository->findOneByName($roleName);
+        $this->removeUserFromRole($user, $role);
+    }
 }

app/HMS/User/ProfileManager.php

@@ -5,6 +5,7 @@
 use Carbon\Carbon;
 use HMS\Entities\User;
 use HMS\Entities\Profile;
+use Illuminate\Http\Request;
 use HMS\Repositories\MetaRepository;
 use HMS\Repositories\UserRepository;
 use HMS\Repositories\ProfileRepository;
@@ -86,4 +87,66 @@ public function create(User $user, string $address1, ?string $address2, ?string
 
         return $user;
     }
+
+    /**
+     * update the user form a form request.
+     * @param  User    $user    user to update
+     * @param  Illuminate\Http\Request $request
+     * @return User
+     */
+    public function updateUserProfileFromRequest(User $user, Request $request)
+    {
+        $profile = $user->getProfile();
+
+        if ($request['address1']) {
+            $profile->setAddress1($request['address1']);
+        }
+
+        // Nullable field
+        if ($request->exists('address2')) {
+            $profile->setAddress2($request['address2']);
+        }
+
+        // Nullable field
+        if ($request->exists('address3')) {
+            $profile->setAddress3($request['address3']);
+        }
+
+        if ($request['addressCity']) {
+            $profile->setAddressCity($request['addressCity']);
+        }
+
+        if ($request['addressCounty']) {
+            $profile->setAddressCounty($request['addressCounty']);
+        }
+
+        if ($request['addressPostcode']) {
+            $profile->setAddressPostcode($request['addressPostcode']);
+        }
+
+        if ($request['contactNumber']) {
+            $profile->setContactNumber($request['contactNumber']);
+        }
+
+        // Nullable field
+        if ($request->exists('dateOfBirth')) {
+            if (is_null($request['dataOfBirth'])) {
+                $profile->setDateOfBirth(null);
+            } else {
+                $profile->setDateOfBirth(new Carbon($request['dateOfBirth']));
+            }
+        }
+
+        if ($request['creditLimit']) {
+            $profile->setCreditLimit($request['creditLimit']);
+        }
+
+        if ($request['unlockText']) {
+            $profile->setUnlockText($request['unlockText']);
+        }
+
+        $this->userRepository->save($user);
+
+        return $user;
+    }
 }

app/HMS/User/UserManager.php

@@ -5,6 +5,7 @@
 use HMS\Entities\Role;
 use HMS\Entities\User;
 use HMS\Auth\PasswordStore;
+use Illuminate\Http\Request;
 use HMS\Repositories\UserRepository;
 use HMS\User\Permissions\RoleManager;
 
@@ -64,7 +65,32 @@ public function create(string $firstname, string $lastname, string $username, st
         $this->userRepository->save($user);
         $this->passwordStore->add($user->getUsername(), $password);
 
-        $this->roleManager->addUserToRoleByName($user, Role::MEMBER_CURRENT);
+        $this->roleManager->addUserToRoleByName($user, Role::MEMBER_APPROVAL);
+
+        return $user;
+    }
+
+    /**
+     * update the user form a form request.
+     * @param  User    $user    user to update
+     * @param  Illuminate\Http\Request $request
+     * @return User
+     */
+    public function updateFromRequest(User $user, Request $request): User
+    {
+        if ($request['firstname']) {
+            $user->setFirstname($request['firstname']);
+        }
+
+        if ($request['lastname']) {
+            $user->setLastname($request['lastname']);
+        }
+
+        if ($request['email']) {
+            $user->setEmail($request['email']);
+        }
+
+        $this->userRepository->save($user);
 
         return $user;
     }

app/Http/Controllers/Api/SearchController.php

@@ -0,0 +1,62 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use HMS\Repositories\UserRepository;
+
+class SearchController extends Controller
+{
+    /**
+     * @var UserRepository
+     */
+    protected $userRepository;
+
+    /**
+     * Create a new controller instance.
+     *
+     * @param UserRepository $userRepository
+     */
+    public function __construct(UserRepository $userRepository)
+    {
+        $this->userRepository = $userRepository;
+
+        $this->middleware('can:search.users')->only(['usersSearch']);
+    }
+
+    /**
+     * Search for users.
+     *
+     * @param Request $request
+     * @param  string $searchQuery
+     * @return \Illuminate\Http\Response
+     */
+    public function users(string $searchQuery = null, Request $request)
+    {
+        if ($request['q']) {
+            $searchQuery = $request['q'];
+        } elseif (is_null($searchQuery)) {
+            return response()->json([]);
+        }
+
+        // TODO: consider how to paginate response (posible fractal)
+        $users = $this->userRepository->searchLike($searchQuery, $request->input('withAccount', false));
+        $json = [];
+
+        foreach ($users as $user) {
+            $json[] = [
+                'id' => $user->getId(),
+                'fullname' => $user->getFullname(),
+                'username' => $user->getUsername(),
+                'email' => $user->getEmail(),
+                'address1' => $user->getProfile() ? $user->getProfile()->getAddress1() : null,
+                'addressPostcode' => $user->getProfile() ? $user->getProfile()->getAddressPostcode() : null,
+                'accountId' => $user->getAccount() ? $user->getAccount()->getId() : null,
+                'paymentRef' => $user->getAccount() ? $user->getAccount()->getPaymentRef() : null,
+            ];
+        }
+
+        return response()->json($json);
+    }
+}