feat(email): allow admins to edit user emails

Author: ScuffedNewt

app/Http/Controllers/Admin/Users/UserController.php

@@ -163,26 +163,56 @@ public function postUserAlias(Request $request, $name, $id) {
         return redirect()->back();
     }
 
-    public function postUserAccount(Request $request, $name) {
+    /**
+     * Updates a user's account information.
+     *
+     * @param mixed $name
+     *
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postUserAccount(Request $request, UserService $service, $name) {
         $user = User::where('name', $name)->first();
 
         if (!$user) {
             flash('Invalid user.')->error();
         } elseif (!Auth::user()->canEditRank($user->rank)) {
             flash('You cannot edit the information of a user that has a higher rank than yourself.')->error();
-        } elseif ($user->settings->update(['is_fto' => $request->get('is_fto') ?: 0])) {
-            if (!(new UserService)->logAdminAction(Auth::user(), 'Edited User', 'Edited '.$user->displayname)) {
-                flash('Failed to log admin action.')->error();
+        } else {
+            if ($request->get('is_fto') != $user->settings->is_fto) {
+                if ($user->settings->update(['is_fto' => $request->get('is_fto') ?: 0])) {
+                    if (!(new UserService)->logAdminAction(Auth::user(), 'Edited User', 'Edited '.$user->displayname)) {
+                        flash('Failed to log admin action.')->error();
 
-                return redirect()->back();
+                        return redirect()->back();
+                    }
+
+                    UserUpdateLog::create(['staff_id' => Auth::user()->id, 'user_id' => $user->id, 'data' => ['is_fto' => $request->get('is_fto') ? 'Yes' : 'No'], 'type' => 'FTO Status Change']);
+                } else {
+                    flash('Failed to update FTO status.')->error();
+
+                    return redirect()->back();
+                }
             }
 
-            UserUpdateLog::create(['staff_id' => Auth::user()->id, 'user_id' => $user->id, 'data' => ['is_fto' => $request->get('is_fto') ? 'Yes' : 'No'], 'type' => 'FTO Status Change']);
-            flash('Updated user\'s account information successfully.')->success();
-        } else {
-            flash('Failed to update user\'s account information.')->error();
+            if ($request->get('email') != $user->email) {
+                $request->validate([
+                    'email' => 'required|string|email|max:255|unique:users',
+                ]);
+
+                if ($service->updateEmail($request->only(['email']), Auth::user())) {
+                    flash('Email updated successfully. A verification email has been sent to the user\'s new email address.')->success();
+                } else {
+                    foreach ($service->errors()->getMessages()['error'] as $error) {
+                        flash($error)->error();
+                    }
+
+                    return redirect()->back();
+                }
+            }
         }
 
+        flash('Updated user\'s account information successfully.')->success();
+
         return redirect()->back();
     }
 

app/Models/User/User.php

@@ -95,7 +95,7 @@ class User extends Authenticatable implements MustVerifyEmail {
      * Get all of the user's update logs.
      */
     public function logs() {
-        return $this->hasMany('App\Models\User\UserUpdateLog');
+        return $this->hasMany(UserUpdateLog::class);
     }
 
     /**

resources/views/admin/users/user.blade.php

@@ -60,7 +60,7 @@
         <div class="form-group row">
             <label class="col-md-2 col-form-label">Email Address</label>
             <div class="col-md-10">
-                {!! Form::text('email', $user->email, ['class' => 'form-control', 'disabled']) !!}
+                {!! Form::text('email', $user->email, ['class' => 'form-control', Auth::user()->isAdmin ? '' : 'disabled']) !!}
             </div>
         </div>
         <div class="form-group row">