2FAuth/app/Observers/UserObserver.php

98 lines
2.6 KiB
PHP
Raw Normal View History

<?php
namespace App\Observers;
use App\Models\User;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Facades\Storage;
class UserObserver
{
/**
* Handle the User "created" event.
*/
2024-03-29 09:42:54 +01:00
public function created(User $user) : void
{
//
}
/**
* Handle the User "updated" event.
*/
2024-03-29 09:42:54 +01:00
public function updated(User $user) : void
{
//
}
/**
* Handle the User "deleting" event.
*/
2024-03-29 09:42:54 +01:00
public function deleting(User $user) : bool
{
Log::info(sprintf('Deletion of User ID #%s requested by User ID #%s', $user->id, Auth::user()->id ?? 'unknown'));
// Prevent deletion of the only administrator
$isLastAdmin = $user->isAdministrator() && User::admins()->count() == 1;
if ($isLastAdmin) {
Log::notice(sprintf('Deletion of user ID #%s refused, cannot delete the only administrator', $user->id));
2024-03-29 09:42:54 +01:00
return false;
}
// Deleting user's twofaccounts icon
$iconPathes = $user->twofaccounts->filter(function ($twofaccount, $key) {
return $twofaccount->icon;
})->map(function ($twofaccount, $key) {
return $twofaccount->icon;
});
Storage::disk('icons')->delete($iconPathes->toArray());
return true;
}
/**
* Handle the User "deleted" event.
*/
2024-03-29 09:42:54 +01:00
public function deleted(User $user) : void
{
// DB has cascade delete enabled to flush 2FA and Groups but,
// for an unknown reason, SQLite refuses to delete these related.
// (despite DB_FOREIGN_KEYS=true which is supposed to enable it)
// So it ends with a direct db delete for SQLite...
if (DB::getDriverName() === 'sqlite') {
DB::table('twofaccounts')->where('user_id', $user->id)->delete();
DB::table('groups')->where('user_id', $user->id)->delete();
}
// We flush webauthn credentials & tokens
Password::broker('webauthn')->deleteToken($user);
$user->flushCredentials();
// And Passport tokens
Password::broker()->deleteToken($user);
DB::table('oauth_access_tokens')->where('user_id', $user->id)->delete();
Log::info(sprintf('User ID #%s and all user traces deleted', $user->id));
}
/**
* Handle the User "restored" event.
*/
2024-03-29 09:42:54 +01:00
public function restored(User $user) : void
{
//
}
/**
* Handle the User "force deleted" event.
*/
2024-03-29 09:42:54 +01:00
public function forceDeleted(User $user) : void
{
//
}
}