Access attachment via token

app/Http/Controllers/AdminController.php

@@ -19,6 +19,7 @@ use OpenTok\MediaMode;
 use OpenTok\OpenTok;
 use Illuminate\Support\Facades\Storage;
 use Exception;
+use Ramsey\Uuid\Uuid;
 
 class AdminController extends Controller
 {
@@ -314,6 +315,12 @@ class AdminController extends Controller
         return view('app.my-account.admin.users.sub.emails', compact('user', 'emailsSent'));
     }
 
+    public function userSmses(Request $request, User $user){
+        $detailJson = $user->detailJson();
+        $smsesSent = @$detailJson->smses_sent ?? [];
+        return view('app.my-account.admin.users.sub.smses', compact('user', 'smsesSent'));
+    }
+
     public function userMessages(Request $request, User $user){
         $messages = Message::where('to_user_id', $user->id)->orWhere('from_user_id', $user->id);
         $messages = $messages->orderBy('created_at', 'ASC')->paginate(25);
@@ -443,27 +450,77 @@ class AdminController extends Controller
         return $this->pass($user->uid);
     }
 
+    public function createNewSms(Request $request){
+        $userUid = $request->get('userUid');
+        $user = User::where('uid', $userUid)->first();
+        if (!$user) {
+        return $this->fail('Invalid user!');
+        }
+        $content = $request->get('content');
+        $fromNumber = $request->get('fromNumber');
+        $toNumber = $request->get('toNumber');
+
+        $response = $this->sendSmsToUser($user, [
+            'fromNumber' => $fromNumber,
+            'toNumber' => $toNumber,
+            'content' => $content
+        ]);
+
+        return $this->pass($user->uid);
+    }
+
+    protected function sendSmsToUser($user, $params){
+        $detailJson = $user->detailJson();
+        $detailJson->smses_sent = @$detailJson->smses_sent ?? [];
+
+        $smsData = [
+            'created_at' => date('Y-m-d h:m:s'),
+            'from' => $params['fromNumber'],
+            'to' => $params['toNumber'],
+            'content' => $params['content']
+        ];
+
+        array_unshift($detailJson->smses_sent, $smsData);
+
+        $data = [
+            'fromNumber' => $params['fromNumber'],
+            'toNumber' => $params['toNumber'],
+            'message' => $params['content'],
+            'secret' => 'Superman2022@'
+        ];
+        $response = $this->callJava('/api/sms/send', $data, $this->sessionKey);
+        if (!@$response['success']) {
+            return $this->fail($response['message'] ?? 'Failed!');
+        }
+
+        $user->detail_json = json_encode($detailJson);
+        $user->save();
+        return;
+    }
+
     public function storeUserDetailJson(Request $request, User $user)
-  {
-    $data = [
-      'uid' => $user->uid,
-      'phone_number' => $request->get('phoneNumber'),
-      'notification_option' => $request->get('notificationOption'),
-      'request_change_password' => 1,
-    ];
+    {
+        $data = [
+        'uid' => $user->uid,
+        'phone_number' => $request->get('phoneNumber'),
+        'notification_option' => $request->get('notificationOption'),
+        'request_change_password' => 1,
+        ];
 
-    $res = $this->callJava('/api/user/upsertDetailJson', $data, $this->sessionKey);
-  }
+        $res = $this->callJava('/api/user/upsertDetailJson', $data, $this->sessionKey);
+    }
 
   public function uploadFile(Request $request, StoreOrder $order){
     $fileRef = $request->get('file_name', 'file');
-    $storageResponse = $this->storeFileAs($request, $fileRef, StoreOrder::FILE_PATH);
-    
+    $accessToken = (string) Uuid::uuid6();
+    $storageResponse = $this->storeFileAs($request, $fileRef, StoreOrder::FILE_PATH, $accessToken);
+       
     $detailJson = json_decode($order->detail_json ?? '{}', true);
     $detailJson[$fileRef] = $storageResponse;
     $order->detail_json = json_encode($detailJson);
     $order->save();
-    return $this->pass();
+
+    return $this->pass();    
   }
 
   public function emailReport(Request $request, StoreOrder $order){
@@ -489,4 +546,17 @@ class AdminController extends Controller
         return $this->fail($e->getMessage());
     }
   }
+
+  public function smsReport(Request $request, StoreOrder $order){
+    $results_attachment = $order->getDetailJsonValue('results_attachment');
+    $user = $order->user;
+    
+    $response = $this->sendSmsToUser($user, [
+        'fromNumber' => $request->get('fromNumber'),
+        'toNumber' => $request->get('toNumber'),
+        'content' => $request->get('message')
+    ]);
+
+    return $this->pass();
+  }
 }

app/Http/Controllers/Controller.php

@@ -14,6 +14,7 @@ use App\Models\BaseModel;
 use Ramsey\Uuid\Uuid;
 use Illuminate\Support\Facades\Mail;
 use App\Mail\NotifyEmail;
+use App\Models\StoreOrder;
 
 use App\Models\AppSession;
 
@@ -165,19 +166,26 @@ class Controller extends BaseController
         }
     }
     
-    public function storeFileAs(Request $request, $fileRef, $path){
+    public function storeFileAs(Request $request, $fileRef, $path, $accessToken = null){
         $file = $request->file($fileRef);
 		if ($file) {
 			$uid = Uuid::uuid6();
             $originalFileName = $file->getClientOriginalName();
 			$fileName = $uid . "." . $file->extension();
 			$tempPath = Storage::putFileAs($path, $file, $fileName);
-            return [
+            $data = [
                 'path' => $tempPath,
                 'fileName' => $fileName,
                 'url' => route('view-uploaded-file', $fileName),
                 'orginalFileName' => $originalFileName
             ];
+
+            if($accessToken){
+                $data['attachment_access_token'] = $accessToken;
+                $data['attachmentAccessTokenUrl'] = route('view-uploaded-file-via-access-token', $accessToken);
+            }
+
+            return $data;
 		}
         return null;
     }
@@ -188,4 +196,12 @@ class Controller extends BaseController
     public function viewUploadedFile(Request $request, $file){
         return $this->downloadFileByPath($file, BaseModel::FILE_PATH);
     }
+    public function viewUploadedFileViaToken(Request $request, $token){
+        $order = StoreOrder::whereRaw("(detail_json)::json->'results_attachment'->>'attachment_access_token' = ?", [$token])->first();
+        if(!$order) abort(404);
+        $orderDetailJson = $order->detailJson();
+        $fileName = $orderDetailJson->results_attachment->fileName;
+        
+        return $this->downloadFileByPath($fileName, BaseModel::FILE_PATH);
+    }
 }

resources/views/app/my-account/admin/orders/forms/email-results-attachment.blade.php

@@ -6,10 +6,10 @@
             <textarea name="message" class="form-control form-control-sm" accept="application/pdf" style="min-height:100px;"></textarea>
         </div>
         <div class="mb-2">
-            <span class="me-1">Report: <i class="fas fa-paperclip fa-fw"></i> <a href="{{ $results_attachment['url'] }}" target="_blank">{{ $results_attachment['orginalFileName'] }}</a></span>
+            <span class="me-1">Report: <i class="fas fa-paperclip fa-fw"></i> <a href="{{ $results_attachment['attachmentAccessTokenUrl'] }}" target="_blank">{{ $results_attachment['orginalFileName'] }}</a></span>
         </div>    
         <div>
-            <button submit class="btn btn-sm btn-primary me-2">Upload</button>
+            <button submit class="btn btn-sm btn-primary me-2">Email</button>
             <button cancel class="btn btn-sm btn-default border">Cancel</button>
         </div>
     </form>

resources/views/app/my-account/admin/orders/forms/sms-results-attachment.blade.php

@@ -0,0 +1,31 @@
+<?php
+    $userDetailJson = $user->detailJson();
+    $phoneNumber = $user->phone_number ?? @$userDetailJson->phone_number;
+?>
+<div moe wide>
+    <a start show href="#">SMS Results</a>
+    <form url="{{ route('admin.orders.view.sms-report', $order) }}">
+        <div class="mb-2">
+            <label class="text-sm text-secondary mb-1">From Number<sup class="text-danger">*</sup></label>
+            <input type="text" name="fromNumber" class="form-control form-control-sm" value="{{ config('app.phoneNumber') }}" required />
+        </div>
+        <div class="mb-2">
+            <label class="text-sm text-secondary mb-1">To Number<sup class="text-danger">*</sup></label>
+            <input type="text" name="toNumber" class="form-control form-control-sm" value="{{ @$phoneNumber }}"
+                required />
+        </div>
+        <div class="mb-2">
+            <label class="fw-bold mb-1">Message</label>
+            <textarea name="message" class="form-control form-control-sm" accept="application/pdf" style="min-height:100px;">Your report is out: {{ $results_attachment['attachmentAccessTokenUrl'] }}</textarea>
+        </div>
+        <div class="mb-2">
+            <span class="me-1">Report: <i class="fas fa-paperclip fa-fw"></i> <a
+                    href="{{ $results_attachment['attachmentAccessTokenUrl'] }}"
+                    target="_blank">{{ $results_attachment['orginalFileName'] }}</a></span>
+        </div>
+        <div>
+            <button submit class="btn btn-sm btn-primary me-2">Send</button>
+            <button cancel class="btn btn-sm btn-default border">Cancel</button>
+        </div>
+    </form>
+</div>

resources/views/app/my-account/admin/orders/partials/results.blade.php

@@ -1,19 +1,28 @@
 <div>
     <?php
         $results_attachment = $order->getDetailJsonValue('results_attachment');
+        $user = $order->user;
+        $userDetailJson = $user->detailJson();
     ?>
     @if(!$results_attachment)
         @include("app.my-account.admin.orders.forms.upload-results-attachment")
     @else
     <div class="d-flex align-items-center">
-        <span class="me-1">Report: <i class="fas fa-paperclip fa-fw"></i> <a href="{{ $results_attachment['url'] }}" target="_blank">{{ $results_attachment['orginalFileName'] }}</a></span>
+        <span class="me-1">Report: <i class="fas fa-paperclip fa-fw"></i> <a href="{{ $results_attachment['attachmentAccessTokenUrl'] }}" target="_blank">{{ $results_attachment['orginalFileName'] }}</a></span>
         <div>
             @include("app.my-account.admin.orders.forms.upload-results-attachment", ['edit' => true])
         </div>
         <span class="text-muted mx-1">|</span>
-        <div>
-            @include('app.my-account.admin.orders.forms.email-results-attachment')
-        </div>
+        @if(@$userDetailJson->notification_option === 'email')
+            <div>
+                @include('app.my-account.admin.orders.forms.email-results-attachment')
+            </div>
+        @endif
+        @if(@$userDetailJson->notification_option === 'phone')
+            <div>
+                @include('app.my-account.admin.orders.forms.sms-results-attachment')
+            </div>
+        @endif
     </div>
     @endif
 </div>

resources/views/app/my-account/admin/users/forms/create-sms.blade.php

@@ -0,0 +1,29 @@
+<?php
+    $userDetailJson = $user->detailJson();
+    $phoneNumber = $user->phone_number ?? @$userDetailJson->phone_number;
+?>
+<div moe relative>
+    <a start show href="#">+ Send SMS</a>
+    <form url="{{ route('admin.create-new-sms') }}" redir="/admin/users/view/[data]/smses" right>
+        <input type="hidden" name="userUid" value="{{ $user->uid }}" />
+        <h4 class="fw-bold mb-4">New SMS</h4>
+        <div>
+            <div class="mb-2">
+                <label class="text-sm text-secondary mb-1">From Number<sup class="text-danger">*</sup></label>
+                <input type="text" name="fromNumber" class="form-control form-control-sm" value="{{ config('app.phoneNumber') }}" required />
+            </div>
+            <div class="mb-2">
+                <label class="text-sm text-secondary mb-1">To Number<sup class="text-danger">*</sup></label>
+                <input type="text" name="toNumber" class="form-control form-control-sm" value="{{ @$phoneNumber }}" required />
+            </div>
+            <div class="mb-2">
+                <label class="text-sm text-secondary mb-1">Message<sup class="text-danger">*</sup></label>
+                <textarea name="content" class="form-control form-control-sm" rows="5" required style="height: auto;"></textarea>
+            </div>
+        </div>
+        <div class="d-flex align-items-center mt-3">
+            <button type="button" class="btn py-2 btn-grey border w-100 no-shadow" cancel>Cancel</button>
+            <button class="btn py-2 btn-primary w-100 ms-3" submit>Send</button>
+        </div>
+    </form>
+</div>

resources/views/app/my-account/admin/users/partials/sidebar.blade.php

@@ -42,6 +42,10 @@ $currentMenu = \Illuminate\Support\Facades\Request::segment(4);
                 <a class="nav-link {{\Illuminate\Support\Facades\Route::getCurrentRoute()->getName() === 'admin.users.view.emails' ? 'active' : ''}}"
                    href="{{ route('admin.users.view.emails', $user) }}">Emails Sent</a>
             </li>
+            <li class="nav-item ps-2">
+                <a class="nav-link {{\Illuminate\Support\Facades\Route::getCurrentRoute()->getName() === 'admin.users.view.smses' ? 'active' : ''}}"
+                   href="{{ route('admin.users.view.smses', $user) }}">SMSes Sent</a>
+            </li>
             <li class="nav-item ps-2">
                 <a class="nav-link {{\Illuminate\Support\Facades\Route::getCurrentRoute()->getName() === 'admin.users.view.messages' ? 'active' : ''}}"
                    href="{{ route('admin.users.view.messages', $user) }}">Messages</a>

resources/views/app/my-account/admin/users/sub/info/name.blade.php

@@ -22,10 +22,14 @@
                 <span class="me-2">PayPal Email: <b>{{ $user->paypal_email_address ?? '--' }}</b></span>
             @endif
             <span class="me-2">Phone Number: <b>{{ $user->phone_number ?? @$userDetailJson->phone_number ?? '--' }}</b></span>
-            <span class="me-2">Notification Option: <b>{{ @$userDetailJson->notification_option ?? '--' }}</b></span>
+            <span class="me-2">Notification Option: <b>{{ ucwords(@$userDetailJson->notification_option ?? '--') }}</b></span>
             <span>
                 @include('app.my-account.admin.users.forms.create-email')
             </span>
+            <span class="text-muted mx-1">|</span>
+            <span>
+                @include('app.my-account.admin.users.forms.create-sms')
+            </span>
         </div>
     </div>
     <div>

resources/views/app/my-account/admin/users/sub/smses.blade.php

@@ -0,0 +1,40 @@
+@extends('app.my-account.admin.users.single')
+
+@section('details')
+    <div class="my-4">
+        <div class="d-flex align-items-center justify-content-between">
+            <h4 class="m-0"><b>SMSes Sent</b></h4>  
+            <div>
+                @include('app.my-account.admin.users.forms.create-sms')
+            </div>
+        </div>
+        
+        <div class="table-responsive">
+            <table class="table table-sm table-hover table-striped table-bordered mb-0">
+                <thead>
+                    <tr>
+                        <th>Sent At</th>
+                        <th>From</th>
+                        <th>To</th>
+                        <th>Text</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    @foreach ($smsesSent as $sms)
+                        <tr>
+                            <td>{{ friendly_date($sms->created_at) }}</td>
+                            <td><?= $sms->from ?></td>
+                            <td><?= $sms->to ?></td>
+                            <td><?= nl2br($sms->content) ?></td>
+                        </tr>
+                    @endforeach
+                    @if(!count($smsesSent))
+                        <tr>
+                            <td colspan="4">No SMSes sent!</td>
+                        </tr>
+                    @endif
+                </tbody>
+            </table>
+        </div>
+    </div>
+@endsection

routes/web.php

@@ -35,6 +35,8 @@ Route::middleware('ensureUserNotLoggedIn')->group(function () {
     Route::post('/process-reset-password', [LoginController::class, 'processResetPassword'])->name('process-reset-password');
 });
 
+Route::get('/attachment/{token}', [Controller::class, 'viewUploadedFileViaToken'])->name('view-uploaded-file-via-access-token');
+
 Route::group(['middleware' => ['ensureUserLoggedIn']], function () {
     Route::get('/file/view/{file}', [Controller::class, 'viewUploadedFile'])->name('view-uploaded-file');
 
@@ -54,6 +56,7 @@ Route::group(['middleware' => ['ensureUserLoggedIn']], function () {
             Route::get('/users', [AdminController::class, 'users'])->name('.users');
             Route::post('/create-new-user', [AdminController::class, 'createNewUser'])->name('.create-new-user');
             Route::post('/create-new-email', [AdminController::class, 'createNewEmail'])->name('.create-new-email');
+            Route::post('/create-new-sms', [AdminController::class, 'createNewSms'])->name('.create-new-sms');
             Route::prefix('/users/view/{user}')->name('.users.view')->group(function () {
                 Route::get('/dashboard', [AdminController::class, 'userDashboard'])->name('.dashboard');
                 Route::get('/orders', [AdminController::class, 'userOrders'])->name('.orders');
@@ -62,6 +65,7 @@ Route::group(['middleware' => ['ensureUserLoggedIn']], function () {
                 Route::get('/user-events', [AdminController::class, 'userUserEvents'])->name('.user-events');
                 Route::get('/payment-methods', [AdminController::class, 'userPaymentMethods'])->name('.payment-methods');
                 Route::get('/emails', [AdminController::class, 'userEmails'])->name('.emails');
+                Route::get('/smses', [AdminController::class, 'userSmses'])->name('.smses');
                 Route::get('/messages', [AdminController::class, 'userMessages'])->name('.messages');
                 Route::get('messages/{message}/attachments', [AdminController::class, 'userMessageAttachments'])->name('message-attachments');
             });
@@ -75,6 +79,7 @@ Route::group(['middleware' => ['ensureUserLoggedIn']], function () {
                 Route::post('/order-charge', [AdminController::class, 'orderCharge'])->name('.order-charge');
                 Route::post('/file/upload', [AdminController::class, 'uploadFile'])->name('.upload-file');
                 Route::post('/email-report', [AdminController::class, 'emailReport'])->name('.email-report');
+                Route::post('/sms-report', [AdminController::class, 'smsReport'])->name('.sms-report');
             });
 
             Route::get('/payment-methods', [AdminController::class, 'paymentMethods'])->name('.payment-methods');