_index($request); } /** * @api {post} /users/create Create * @apiDescription Create User Entity * * @apiVersion 4.0.0 * @apiName CreateUser * @apiGroup User * * @apiUse AuthHeader * * @apiPermission users_create * @apiPermission users_full_access * * @apiParam {String} user_language The language of the new user (e.g., "en") * @apiParam {String} timezone The timezone of the new user (e.g., "Europe/Moscow") * @apiParam {Integer} role_id ID of the role of the new user * @apiParam {Integer} active Will new user be active or not `(1 - active, 0 - not)` * @apiParam {Integer} screenshots_state State of screenshots monitoring (e.g., 1 for enabled) * @apiParam {Boolean} send_invite Whether to send an invitation to the new user (true - send, false - do not send) * @apiParam {Boolean} manual_time Whether manual time tracking is enabled for the new user * @apiParam {Integer} screenshots_interval Interval in minutes for taking screenshots * @apiParam {Integer} computer_time_popup Time in minutes before showing a time popup * @apiParam {String} type The type of user (e.g., "employee") * @apiParam {Boolean} web_and_app_monitoring Whether web and app monitoring is enabled * @apiParam {String} email New user email * @apiParam {String} password New user password * @apiParam {String} full_name New user name * @apiParamExample {json} Request Example * { * "user_language" : "en", * "timezone" : "Europe/Moscow", * "role_id" : 2, * "active" : true, * "screenshots_state" : 1, * "send_invite" : 1, * "manual_time" : 1, * "screenshots_interval" : 10, * "computer_time_popup" : 3, * "type" : "employee", * "web_and_app_monitoring" : 1, * "email" : "123@cattr.app", * "password" : "password", * "full_name" : "name" * } * @apiSuccess {String} full_name Full name of the user. * @apiSuccess {String} email Email address of the user. * @apiSuccess {String} user_language Language of the user. * @apiSuccess {Boolean} active Whether the user is active. * @apiSuccess {Integer} screenshots_state State of screenshots monitoring. * @apiSuccess {Boolean} manual_time Whether manual time tracking is enabled. * @apiSuccess {Integer} screenshots_interval Interval in minutes for taking screenshots. * @apiSuccess {Integer} computer_time_popup Time in minutes before showing a time popup. * @apiSuccess {String} timezone Timezone of the user. * @apiSuccess {Integer} role_id ID of the role assigned to the user. * @apiSuccess {String} type Type of the user (e.g., "employee"). * @apiSuccess {Boolean} web_and_app_monitoring Whether web and app monitoring is enabled. * @apiSuccess {Boolean} screenshots_state_locked Whether the screenshot state is locked. * @apiSuccess {Boolean} invitation_sent Whether an invitation has been sent. * @apiSuccess {String} updated_at Timestamp of the last update. * @apiSuccess {String} created_at Timestamp of when the user was created. * @apiSuccess {Integer} id ID of the created user. * @apiSuccess {Boolean} online Whether the user is currently online. * @apiSuccess {Boolean} can_view_team_tab Whether the user can view the team tab. * @apiSuccess {Boolean} can_create_task Whether the user can create tasks. * * * @apiSuccessExample {json} Response Example * HTTP/1.1 200 OK * { * "full_name": "name", * "email": "123@cattr.app", * "user_language": "en", * "active": 1, * "screenshots_state": 1, * "manual_time": 1, * "screenshots_interval": 10, * "computer_time_popup": 3, * "timezone": "Europe/Moscow", * "role_id": 2, * "type": "employee", * "web_and_app_monitoring": true, * "screenshots_state_locked": true, * "invitation_sent": true, * "updated_at": "2024-08-21T14:29:06.000000Z", * "created_at": "2024-08-21T14:29:06.000000Z", * "id": 10, * "online": false, * "can_view_team_tab": false, * "can_create_task": false * } * * @apiUse 400Error * @apiUse ValidationError * @apiUse UnauthorizedError * @apiUse ForbiddenError */ /** * @param CreateUserRequest $request * @return JsonResponse * @throws Throwable */ public function create(CreateUserRequest $request): JsonResponse { Filter::listen(Filter::getRequestFilterName(), static function ($requestData) use ($request) { $requestData['screenshots_state_locked'] = $request->user()->isAdmin() && ScreenshotsState::tryFrom($requestData['screenshots_state'])->mustBeInherited(); return $requestData; }); return $this->_create($request); } /** * @api {post} /users/edit Edit * @apiDescription Edit User * * @apiVersion 4.0.0 * @apiName EditUser * @apiGroup User * * @apiUse AuthHeader * * @apiPermission users_edit * @apiPermission users_full_access * @apiParam {String} user_language The language of the new user (e.g., "en") * @apiParam {String} timezone The timezone of the new user (e.g., "Europe/Moscow") * @apiParam {Integer} role_id ID of the role of the new user * @apiParam {Integer} id The ID of the user being edited. * @apiParam {String} full_name New user name * @apiParam {String} email New user email * @apiParam {String} url URL associated with the user * @apiParam {Integer} company_id The ID of the company to which the user belongs * @apiParam {String} avatar The URL of the user’s avatar * @apiParam {Integer} screenshots_state State of screenshots monitoring (e.g., 1 for enabled) * @apiParam {Boolean} manual_time Whether manual time tracking is enabled for the new user * @apiParam {Integer} computer_time_popup Time in minutes before showing a time popup * @apiParam {Boolean} blur_screenshots Indicates if screenshots are blurred * @apiParam {Boolean} web_and_app_monitoring Whether web and app monitoring is enabled * @apiParam {Integer} screenshots_interval Interval in minutes for taking screenshots * @apiParam {Integer} active Will new user be active or not `(1 - active, 0 - not)` * @apiParam {String} deleted_at Deletion timestamp, or `null` if the user is not deleted. * @apiParam {Boolean} send_invite Whether to send an invitation to the new user (true - send, false - do not send) * * * * @apiParam {String} type The type of user (e.g., "employee") * * @apiParam {String} password New user password * * * @apiParamExample {json} Request Example * { * "user_language" : "en", * "timezone" : "Europe/Moscow", * "role_id" : 2, * "id" : 3, * "full_name" : "Rachael Reichert", * "email": "projectAuditor@example.com", * "url" : null, * "company_id" : 1, * "avatar" : null, * "screenshots_state" : 1, * "manual_time" : 0, * "computer_time_popup" : 300, * "blur_screenshots" : false, * "web_and_app_monitoring" : true, * "screenshots_interval" : 5, * "active" : true, * "deleted_at" : null, * "created_at" : "2023-10-26T10:26:42.000000Z", * "updated_at" : "2023-10-26T10:26:42.000000Z", * "important" : 0, * "change_password" : 0, * "type" : "employee", * "invitation_sent" : false, * "nonce" : 0, * "client_installed" : 0, * "permanent_screenshots" : 0, * "last_activity" : "2023-10-26 10:05:42", * "screenshots_state_locked" : false, * "online" : false, * "can_view_team_tab" : false, * "can_create_task" : false * } * @apiUse UserObject * @apiUse 400Error * @apiUse ValidationError * @apiUse UnauthorizedError * @apiUse ItemNotFoundError */ /** * @param EditUserRequest $request * @return JsonResponse * @throws Throwable */ public function edit(EditUserRequest $request): JsonResponse { Filter::listen(Filter::getActionFilterName(), static function (User $user) use ($request) { if ($user->screenshots_state_locked && !$request->user()->isAdmin()) { $user->screenshots_state = $user->getOriginal('screenshots_state'); return $user; } $user->screenshots_state_locked = $request->user()->isAdmin() && ScreenshotsState::tryFrom($user->screenshots_state)->mustBeInherited(); return $user; }); return $this->_edit($request); } /** * @api {get, post} /users/show Show User * @apiDescription Retrieves detailed information about a specific user. * * @apiVersion 4.0.0 * @apiName ShowUser * @apiGroup User * * @apiUse AuthHeader * * @apiPermission users_show * @apiPermission users_full_access * * @apiParam {Integer} id User id * * @apiParamExample {json} Request Example: * { * "id": 1 * } * @apiUse UserObject * * @apiUse 400Error * @apiUse UnauthorizedError * @apiUse ItemNotFoundError * @apiUse ForbiddenError * @apiUse ValidationError */ /** * @param ShowUserRequest $request * @return JsonResponse * @throws Exception * @throws Throwable */ public function show(ShowUserRequest $request): JsonResponse { return $this->_show($request); } /** * @throws Throwable * @api {post} /users/remove Destroy * @apiDescription Destroy User * * @apiVersion 4.0.0 * @apiName DestroyUser * @apiGroup User * * @apiUse AuthHeader * * @apiPermission users_remove * @apiPermission users_full_access * * @apiParam {Integer} id ID of the target user * * @apiParamExample {json} Request Example * { * "id": 1 * } * * @apiSuccess {String} message Destroy status * * @apiSuccessExample {json} Response Example * HTTP/1.1 204 No Content * { * } * * @apiUse 400Error * @apiUse ValidationError * @apiUse ForbiddenError * @apiUse UnauthorizedError */ public function destroy(DestroyUserRequest $request): JsonResponse { return $this->_destroy($request); } /** * @throws Exception * @api {get,post} /users/count Count * @apiDescription Count Users * * @apiVersion 4.0.0 * @apiName Count * @apiGroup User * * @apiUse AuthHeader * * @apiPermission users_count * @apiPermission users_full_access * * @apiSuccess {String} total Amount of users that we have * * @apiSuccessExample {json} Response Example * HTTP/1.1 200 OK * { * "total": 2 * } * * @apiUse 400Error * @apiUse ForbiddenError * @apiUse UnauthorizedError */ public function count(ListUsersRequest $request): JsonResponse { return $this->_count($request); } /** * @param SendInviteUserRequest $request * @return JsonResponse * @throws Throwable */ /** * @api {post} /api/users/send-invite Send User Invitation * @apiDescription Sends an invitation to a user by generating a password, marking the invitation as sent, and dispatching relevant events. * * @apiVersion 4.0.0 * @apiName SendUserInvite * @apiGroup User * * @apiUse AuthHeader * * @apiPermission users_invite * * @apiParam {Integer} id The ID of the user to whom the invitation will be sent. * * @apiParamExample {json} Request Example: * { * "id": 1 * } * * @apiSuccess {String} message A confirmation that the invite was sent successfully. * * @apiSuccessExample {json} Success Response: * HTTP/1.1 204 No Content * * @apiUse 400Error * @apiUse ForbiddenError * @apiUse UnauthorizedError */ public function sendInvite(SendInviteUserRequest $request): JsonResponse { $requestId = Filter::process(Filter::getRequestFilterName(), $request->validated('id')); $itemsQuery = $this->getQuery(['id' => $requestId]); CatEvent::dispatch(Filter::getBeforeActionEventName(), $requestId); $item = Filter::process(Filter::getActionFilterName(), $itemsQuery->first()); $password = Str::random(); $item->password = $password; $item->invitation_sent = true; $item->save(); throw_unless($item, new NotFoundHttpException); CatEvent::dispatch(Filter::getAfterActionEventName(), [$requestId, $item]); $language = Settings::scope('core')->get('language', 'en'); Mail::to($item->email)->locale($language)->send(new UserCreated($item->email, $password)); return responder()->success()->respond(204); } /** * @api {patch} /users/activity Activity * @apiDescription Updates the time of the user's last activity * * @apiVersion 4.0.0 * @apiName Activity * @apiGroup User * * @apiUse AuthHeader * * @apiSuccessExample {json} Response Example * HTTP/1.1 204 No Content * { * } * * @apiUse UnauthorizedError */ public function updateActivity(): JsonResponse { $user = request()->user(); CatEvent::dispatch(Filter::getBeforeActionEventName(), $user); Filter::process(Filter::getActionFilterName(), $user)->update(['last_activity' => Carbon::now()]); CatEvent::dispatch(Filter::getAfterActionEventName(), $user); return responder()->success()->respond(204); } }