From 96ab7510027de0d9fcb07873a0862686bd6b3c85 Mon Sep 17 00:00:00 2001
From: Nafies Luthfi <nafiesl@gmail.com>
Date: Fri, 19 Apr 2019 10:20:57 +0800
Subject: [PATCH 1/2] Remove setPasswordAttribute for User model

---
 app/Entities/Users/User.php                            | 10 ----------
 app/Http/Controllers/Auth/ChangePasswordController.php |  2 +-
 app/Http/Controllers/InstallationController.php        |  1 +
 app/Http/Controllers/Users/UsersController.php         |  9 +++++++--
 database/factories/ModelFactory.php                    |  2 +-
 tests/Feature/Auth/ChangePasswordTest.php              |  4 ++--
 tests/Feature/Auth/LoginTest.php                       |  2 +-
 tests/Feature/Users/ManageUsersTest.php                |  5 +++++
 8 files changed, 18 insertions(+), 17 deletions(-)

diff --git a/app/Entities/Users/User.php b/app/Entities/Users/User.php
index 44e81ed..59eb7f0 100644
--- a/app/Entities/Users/User.php
+++ b/app/Entities/Users/User.php
@@ -24,16 +24,6 @@ class User extends Authenticatable
     protected $hidden = ['password', 'remember_token', 'api_token'];
 
     /**
-     * Set user password attribute on save.
-     *
-     * @param void
-     */
-    public function setPasswordAttribute($value)
-    {
-        $this->attributes['password'] = bcrypt($value);
-    }
-
-    /**
      * Show user name with link to user detail.
      *
      * @return Illuminate\Support\HtmlString
diff --git a/app/Http/Controllers/Auth/ChangePasswordController.php b/app/Http/Controllers/Auth/ChangePasswordController.php
index 34f698e..3106b5f 100644
--- a/app/Http/Controllers/Auth/ChangePasswordController.php
+++ b/app/Http/Controllers/Auth/ChangePasswordController.php
@@ -43,7 +43,7 @@ class ChangePasswordController extends Controller
 
         if (app('hash')->check($input['old_password'], auth()->user()->password)) {
             $user = auth()->user();
-            $user->password = $input['password'];
+            $user->password = bcrypt($input['password']);
             $user->save();
 
             flash(trans('auth.password_changed'), 'success');
diff --git a/app/Http/Controllers/InstallationController.php b/app/Http/Controllers/InstallationController.php
index 5fd8976..21531fe 100755
--- a/app/Http/Controllers/InstallationController.php
+++ b/app/Http/Controllers/InstallationController.php
@@ -48,6 +48,7 @@ class InstallationController extends Controller
         $adminData = $request->only('name', 'email', 'password');
 
         $adminData['api_token'] = str_random(32);
+        $adminData['password'] = bcrypt($adminData['password']);
 
         $admin = User::create($adminData);
         $admin->assignRole('admin');
diff --git a/app/Http/Controllers/Users/UsersController.php b/app/Http/Controllers/Users/UsersController.php
index 2b987b3..085f191 100755
--- a/app/Http/Controllers/Users/UsersController.php
+++ b/app/Http/Controllers/Users/UsersController.php
@@ -37,8 +37,10 @@ class UsersController extends Controller
             'role'     => 'required|array',
         ]);
 
-        if (!$userData['password']) {
-            $userData['password'] = \Option::get('password_default', 'member');
+        if ($userData['password']) {
+            $userData['password'] = bcrypt($userData['password']);
+        } else {
+            $userData['password'] = bcrypt(\Option::get('password_default', 'member'));
         }
 
         $userData['api_token'] = str_random(32);
@@ -90,6 +92,9 @@ class UsersController extends Controller
             'lang'     => 'required|string|in:en,id',
         ]);
 
+        if ($userData['password']) {
+            $userData['password'] = bcrypt($userData['password']);
+        }
         $user->update($userData);
 
         \DB::table('user_roles')->where(['user_id' => $user->id])->delete();
diff --git a/database/factories/ModelFactory.php b/database/factories/ModelFactory.php
index 9b7deed..dcedcca 100644
--- a/database/factories/ModelFactory.php
+++ b/database/factories/ModelFactory.php
@@ -10,7 +10,7 @@ $factory->define(User::class, function (Faker\Generator $faker) {
     return [
         'name'           => $faker->name,
         'email'          => $faker->unique()->email,
-        'password'       => 'member',
+        'password'       => '$2y$10$TKh8H1.PfQx37YgCzwiKb.KjNyWgaHb9cbcoQgdIVFlYg7B77UdFm', // secret
         'remember_token' => str_random(10),
         'api_token'      => str_random(32),
         'lang'           => 'en',
diff --git a/tests/Feature/Auth/ChangePasswordTest.php b/tests/Feature/Auth/ChangePasswordTest.php
index 8cee67f..90aa3d2 100644
--- a/tests/Feature/Auth/ChangePasswordTest.php
+++ b/tests/Feature/Auth/ChangePasswordTest.php
@@ -24,12 +24,12 @@ class ChangePasswordTest extends TestCase
         ]);
         $this->see(trans('auth.old_password_failed'));
         $this->assertTrue(
-            app('hash')->check('member', $user->password),
+            app('hash')->check('secret', $user->password),
             'The password shouldn\'t changed!'
         );
 
         $this->submitForm(trans('auth.change_password'), [
-            'old_password'          => 'member',
+            'old_password'          => 'secret',
             'password'              => 'rahasia',
             'password_confirmation' => 'rahasia',
         ]);
diff --git a/tests/Feature/Auth/LoginTest.php b/tests/Feature/Auth/LoginTest.php
index a96c141..2e525b1 100644
--- a/tests/Feature/Auth/LoginTest.php
+++ b/tests/Feature/Auth/LoginTest.php
@@ -19,7 +19,7 @@ class LoginTest extends TestCase
 
         $this->submitForm(trans('auth.login'), [
             'email'    => 'email@mail.com',
-            'password' => 'member',
+            'password' => 'secret',
         ]);
 
         $this->see(trans('auth.welcome', ['name' => $user->name]));
diff --git a/tests/Feature/Users/ManageUsersTest.php b/tests/Feature/Users/ManageUsersTest.php
index e54dd13..02e857c 100644
--- a/tests/Feature/Users/ManageUsersTest.php
+++ b/tests/Feature/Users/ManageUsersTest.php
@@ -113,6 +113,11 @@ class ManageUsersTest extends TestCase
             'user_id' => $user2->id,
             'role_id' => 2,
         ]);
+
+        $this->assertTrue(
+            app('hash')->check('password', $user2->fresh()->password),
+            'The password should changed!'
+        );
     }
 
     /** @test */

From dde1d8b0790ba0ee913775bea246bf2a14cfff2e Mon Sep 17 00:00:00 2001
From: Nafies Luthfi <nafiesl@gmail.com>
Date: Sat, 27 Apr 2019 08:12:35 +0800
Subject: [PATCH 2/2] Use whereYear method instead of where like

---
 app/Queries/AdminDashboardQuery.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/Queries/AdminDashboardQuery.php b/app/Queries/AdminDashboardQuery.php
index 0b5458f..166f4ed 100644
--- a/app/Queries/AdminDashboardQuery.php
+++ b/app/Queries/AdminDashboardQuery.php
@@ -26,7 +26,7 @@ class AdminDashboardQuery
     public function totalEarnings($year)
     {
         $totalEarnings = 0;
-        $payments = Payment::where('date', 'like', $year.'%')->get();
+        $payments = Payment::whereYear('date', $year)->get();
         foreach ($payments as $payment) {
             if ($payment->in_out == 1) {
                 $totalEarnings += $payment->amount;
@@ -47,7 +47,7 @@ class AdminDashboardQuery
      */
     public function totalFinishedProjects($year)
     {
-        return Project::where('status_id', 4)->where('start_date', 'like', $year.'%')->count();
+        return Project::where('status_id', 4)->whereYear('start_date', $year)->count();
     }
 
     /**
@@ -61,7 +61,7 @@ class AdminDashboardQuery
     {
         // On Progress, Done, On Hold
         $projects = Project::whereIn('status_id', [2, 3, 6])
-            ->where('start_date', 'like', $year.'%')
+            ->whereYear('start_date', $year)
             ->with('payments')
             ->get();