Funky Waddle
37ed997989
- Added standard Laravel directory structure and configuration. - Included Svelte and Tailwind configuration for the admin interface. - Added core PHPUnit and testing scripts.
105 lines
2.5 KiB
PHP
105 lines
2.5 KiB
PHP
<?php
|
|
|
|
namespace App\Models;
|
|
|
|
// use Illuminate\Contracts\Auth\MustVerifyEmail;
|
|
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
|
use Illuminate\Foundation\Auth\User as Authenticatable;
|
|
use Illuminate\Notifications\Notifiable;
|
|
|
|
class User extends Authenticatable
|
|
{
|
|
/** @use HasFactory<\Database\Factories\UserFactory> */
|
|
use HasFactory, Notifiable;
|
|
|
|
/**
|
|
* The attributes that are mass assignable.
|
|
*
|
|
* @var list<string>
|
|
*/
|
|
protected $fillable = [
|
|
'name',
|
|
'email',
|
|
'password',
|
|
'is_protected',
|
|
'two_factor_secret',
|
|
'two_factor_recovery_codes',
|
|
'two_factor_confirmed_at',
|
|
];
|
|
|
|
/**
|
|
* Get the roles for the user.
|
|
*/
|
|
public function roles()
|
|
{
|
|
return $this->belongsToMany(Role::class);
|
|
}
|
|
|
|
/**
|
|
* Check if the user has a specific role.
|
|
*/
|
|
public function hasRole(string $role): bool
|
|
{
|
|
return $this->roles()->where('slug', $role)->exists();
|
|
}
|
|
|
|
/**
|
|
* Check if the user has a specific permission.
|
|
*/
|
|
public function hasPermission(string $permission): bool
|
|
{
|
|
if ($this->hasRole('admin')) {
|
|
return true;
|
|
}
|
|
|
|
return $this->roles()->whereHas('permissions', function ($query) use ($permission) {
|
|
$query->where('slug', $permission);
|
|
})->exists();
|
|
}
|
|
|
|
/**
|
|
* The attributes that should be hidden for serialization.
|
|
*
|
|
* @var list<string>
|
|
*/
|
|
protected $hidden = [
|
|
'password',
|
|
'remember_token',
|
|
];
|
|
|
|
/**
|
|
* Get the attributes that should be cast.
|
|
*
|
|
* @return array<string, string>
|
|
*/
|
|
protected function casts(): array
|
|
{
|
|
return [
|
|
'email_verified_at' => 'datetime',
|
|
'password' => 'hashed',
|
|
'is_protected' => 'boolean',
|
|
'two_factor_confirmed_at' => 'datetime',
|
|
];
|
|
}
|
|
|
|
/**
|
|
* Boot the model.
|
|
*/
|
|
protected static function boot()
|
|
{
|
|
parent::boot();
|
|
|
|
static::deleting(function ($user) {
|
|
if ($user->is_protected) {
|
|
throw new \Exception("The protected user '{$user->email}' cannot be deleted.");
|
|
}
|
|
});
|
|
|
|
static::updating(function ($user) {
|
|
if ($user->is_protected && $user->isDirty(['email', 'is_protected'])) {
|
|
throw new \Exception("The protected user '{$user->email}' cannot have critical fields modified.");
|
|
}
|
|
});
|
|
}
|
|
}
|