From ad3071c2851cb325f59fa4f07e8ca28ea76c7f8d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=BCneyt=20=C5=9Eent=C3=BCrk?= <cneytsenturk@gmail.com>
Date: Thu, 30 Nov 2023 17:05:20 +0300
Subject: [PATCH] User list method changed..

---
 app/Http/Controllers/Api/Auth/Users.php   | 10 +++---
 app/Http/Controllers/Auth/Users.php       | 38 +++++++++++++++++------
 app/Utilities/Info.php                    |  2 +-
 resources/views/auth/users/show.blade.php |  2 +-
 4 files changed, 36 insertions(+), 16 deletions(-)

diff --git a/app/Http/Controllers/Api/Auth/Users.php b/app/Http/Controllers/Api/Auth/Users.php
index 75a3f1ceb..2d769b0fe 100644
--- a/app/Http/Controllers/Api/Auth/Users.php
+++ b/app/Http/Controllers/Api/Auth/Users.php
@@ -18,7 +18,7 @@ class Users extends ApiController
      */
     public function index()
     {
-        $users = user_model_class()::with('companies', 'permissions', 'roles')->collect();
+        $users = user_model_class()::with('companies', 'media', 'permissions', 'roles')->isNotCustomer()->collect();
 
         return Resource::collection($users);
     }
@@ -69,7 +69,7 @@ class Users extends ApiController
      */
     public function update($user_id, Request $request)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
 
         $user = $this->dispatch(new UpdateUser($user, $request));
 
@@ -85,7 +85,7 @@ class Users extends ApiController
      */
     public function enable($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
         
         $user = $this->dispatch(new UpdateUser($user, request()->merge(['enabled' => 1])));
 
@@ -101,7 +101,7 @@ class Users extends ApiController
      */
     public function disable($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
 
         $user = $this->dispatch(new UpdateUser($user, request()->merge(['enabled' => 0])));
 
@@ -119,7 +119,7 @@ class Users extends ApiController
      */
     public function destroy($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
 
         try {
             $this->dispatch(new DeleteUser($user));
diff --git a/app/Http/Controllers/Auth/Users.php b/app/Http/Controllers/Auth/Users.php
index 0ac012be7..f5ddea68b 100644
--- a/app/Http/Controllers/Auth/Users.php
+++ b/app/Http/Controllers/Auth/Users.php
@@ -35,7 +35,7 @@ class Users extends Controller
      */
     public function index()
     {
-        $users = user_model_class()::with('media', 'roles')->collect();
+        $users = user_model_class()::with('companies', 'media', 'permissions', 'roles')->isNotCustomer()->collect();
 
         return $this->response('auth.users.index', compact('users'));
     }
@@ -130,9 +130,9 @@ class Users extends Controller
      */
     public function edit($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
 
-        if (user()->cannot('read-auth-users') && ($user->id != user()->id)) {
+        if ((user()->cannot('read-auth-users') && ($user->id != user()->id)) || empty($user)) {
             abort(403);
         }
 
@@ -198,7 +198,7 @@ class Users extends Controller
     {
         $user = user_model_class()::find($user_id);
 
-        if (user()->cannot('update-auth-users') && ($user->id != user()->id)) {
+        if ((user()->cannot('update-auth-users') && ($user->id != user()->id)) || empty($user)) {
             abort(403);
         }
 
@@ -230,7 +230,11 @@ class Users extends Controller
      */
     public function enable($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
+
+        if (user()->cannot('update-auth-users') || empty($user)) {
+            abort(403);
+        }
 
         $response = $this->ajaxDispatch(new UpdateUser($user, request()->merge(['enabled' => 1])));
 
@@ -250,7 +254,11 @@ class Users extends Controller
      */
     public function disable($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
+
+        if (user()->cannot('update-auth-users') || empty($user)) {
+            abort(403);
+        }
 
         $response = $this->ajaxDispatch(new UpdateUser($user, request()->merge(['enabled' => 0])));
 
@@ -270,7 +278,11 @@ class Users extends Controller
      */
     public function destroy($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
+
+        if (user()->cannot('delete-auth-users') || empty($user)) {
+            abort(403);
+        }
 
         $response = $this->ajaxDispatch(new DeleteUser($user));
 
@@ -298,7 +310,11 @@ class Users extends Controller
      */
     public function readUpcomingBills($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
+
+        if (user()->cannot('read-auth-users') || empty($user)) {
+            abort(403);
+        }
 
         // Mark bill notifications as read
         foreach ($user->unreadNotifications as $notification) {
@@ -322,7 +338,11 @@ class Users extends Controller
      */
     public function readOverdueInvoices($user_id)
     {
-        $user = user_model_class()::find($user_id);
+        $user = user_model_class()::query()->isNotCustomer()->find($user_id);
+
+        if (user()->cannot('read-auth-users') || empty($user)) {
+            abort(403);
+        }
 
         // Mark invoice notifications as read
         foreach ($user->unreadNotifications as $notification) {
diff --git a/app/Utilities/Info.php b/app/Utilities/Info.php
index 28118e0a4..beb045e09 100644
--- a/app/Utilities/Info.php
+++ b/app/Utilities/Info.php
@@ -27,7 +27,7 @@ class Info
 
         $info = array_merge(static::versions(), $basic, [
             'companies' => Company::count(),
-            'users' => user_model_class()::count(),
+            'users' => user_model_class()::query()->isNotCustomer()->count(),
             'invoices' => Document::allCompanies()->invoice()->count(),
             'customers' => Contact::allCompanies()->customer()->count(),
             'php_extensions' => static::phpExtensions(),
diff --git a/resources/views/auth/users/show.blade.php b/resources/views/auth/users/show.blade.php
index 655ec66f8..3e0624222 100644
--- a/resources/views/auth/users/show.blade.php
+++ b/resources/views/auth/users/show.blade.php
@@ -93,7 +93,7 @@
                     @stack('landing_page_input_start')
                     <div class="flex flex-col text-sm sm:mb-5">
                         <div class="font-medium">{{ trans('auth.landing_page') }}</div>
-                        <span>{{ $landing_pages[$user->landing_page] }}</span>
+                        <span>{{ isset($landing_pages[$user->landing_page]) ?  $landing_pages[$user->landing_page] : trans('general.na') }}</span>
                     </div>
                     @stack('landing_page_input_end')