From affcca3d08cb2208ef7abfe1bbe204c92b1a598d Mon Sep 17 00:00:00 2001
From: Prashant Singh <prashant.singh852@webkul.com>
Date: Sat, 22 Dec 2018 16:12:42 +0530
Subject: [PATCH] fixed issue #304

---
 packages/Webkul/Admin/src/Http/routes.php     |  4 ++
 .../Admin/src/Resources/lang/en/app.php       |  8 +++-
 .../customers/confirm-password.blade.php      | 37 ++++++++++++++++++
 packages/Webkul/Ui/src/DataGrid/DataGrid.php  |  1 -
 .../src/Http/Controllers/UserController.php   | 39 ++++++++++++++++++-
 5 files changed, 86 insertions(+), 3 deletions(-)
 create mode 100644 packages/Webkul/Admin/src/Resources/views/customers/confirm-password.blade.php

diff --git a/packages/Webkul/Admin/src/Http/routes.php b/packages/Webkul/Admin/src/Http/routes.php
index 28c0dee76..7a2f0a56c 100644
--- a/packages/Webkul/Admin/src/Http/routes.php
+++ b/packages/Webkul/Admin/src/Http/routes.php
@@ -324,6 +324,10 @@ Route::group(['middleware' => ['web']], function () {
             //delete backend user
             Route::get('/users/delete/{id}', 'Webkul\User\Http\Controllers\UserController@destroy')->name('admin.users.delete');
 
+            Route::post('/confirm/destroy', 'Webkul\User\Http\Controllers\UserController@destroySelf')->defaults('_config', [
+                'redirect' => 'admin.users.index'
+            ])->name('admin.users.confirm.destroy');
+
             // User Role Routes
             Route::get('/roles', 'Webkul\User\Http\Controllers\RoleController@index')->defaults('_config', [
                 'view' => 'admin::users.roles.index'
diff --git a/packages/Webkul/Admin/src/Resources/lang/en/app.php b/packages/Webkul/Admin/src/Resources/lang/en/app.php
index cf43766b8..6f4753234 100644
--- a/packages/Webkul/Admin/src/Resources/lang/en/app.php
+++ b/packages/Webkul/Admin/src/Resources/lang/en/app.php
@@ -99,7 +99,13 @@ return [
             'status-and-role' => 'Status and Role',
             'role' => 'Role',
             'status' => 'Status',
-            'account-is-active' => 'Account is Active'
+            'account-is-active' => 'Account is Active',
+            'current-password' => 'Enter Current Password',
+            'confirm-delete' => 'Confirm Delete This Account',
+            'confirm-delete-title' => 'Confirm password before delete',
+            'delete-last' => 'At least one admin is required.',
+            'delete-success' => 'Success! User deleted',
+            'incorrect-password' => 'The password you entered is incorrect'
         ],
 
         'sessions' => [
diff --git a/packages/Webkul/Admin/src/Resources/views/customers/confirm-password.blade.php b/packages/Webkul/Admin/src/Resources/views/customers/confirm-password.blade.php
new file mode 100644
index 000000000..125112c81
--- /dev/null
+++ b/packages/Webkul/Admin/src/Resources/views/customers/confirm-password.blade.php
@@ -0,0 +1,37 @@
+@extends('admin::layouts.content')
+
+@section('page_title')
+    {{ __('admin::app.customers.customers.title') }}
+@stop
+
+@section('content')
+    <div class="content">
+        <div class="page-header">
+            <div class="page-title">
+                <h1>{{ __('admin::app.users.users.confirm-delete-title') }}</h1>
+            </div>
+            <div class="page-action">
+
+            </div>
+        </div>
+
+        <div class="page-content">
+            <form action="{{ route('admin.users.confirm.destroy') }}" method="POST" @submit.prevent="onSubmit">
+                @csrf
+                <div class="control-group" :class="[errors.has('password') ? 'has-error' : '']">
+                    <label for="password" class="required">
+                        {{ __('admin::app.users.users.current-password') }}
+                    </label>
+
+                    <input type="password" v-validate="'required'" class="control" id="password" name="password" data-vv-as="&quot;{{ __('admin::app.users.users.password') }}&quot;"/>
+
+                    <span class="control-error" v-if="errors.has('password')">
+                        @{{ errors.first('password') }}
+                    </span>
+                </div>
+
+                <input type="submit" class="btn btn-md btn-primary" value="{{ __('admin::app.users.users.confirm-delete') }}">
+            </form>
+        </div>
+    </div>
+@endsection
diff --git a/packages/Webkul/Ui/src/DataGrid/DataGrid.php b/packages/Webkul/Ui/src/DataGrid/DataGrid.php
index b14f58df9..c174266f1 100644
--- a/packages/Webkul/Ui/src/DataGrid/DataGrid.php
+++ b/packages/Webkul/Ui/src/DataGrid/DataGrid.php
@@ -631,7 +631,6 @@ class DataGrid
                         throw new \Exception('Multiple Sort keys Found, Please Resolve the URL Manually.');
                     }
                 } elseif ($key=="search") {
-                    // dd($this->searchable, $parsed);
                     $count_keys = count(array_keys($value));
                     if($count_keys==1)
                     $this->query->where(function ($query) use ($parsed) {
diff --git a/packages/Webkul/User/src/Http/Controllers/UserController.php b/packages/Webkul/User/src/Http/Controllers/UserController.php
index 211ea50e4..f449bbd9b 100644
--- a/packages/Webkul/User/src/Http/Controllers/UserController.php
+++ b/packages/Webkul/User/src/Http/Controllers/UserController.php
@@ -8,6 +8,7 @@ use Illuminate\Support\Facades\Event;
 use Webkul\User\Repositories\AdminRepository as Admin;
 use Webkul\User\Repositories\RoleRepository as Role;
 use Webkul\User\Http\Requests\UserForm;
+use Hash;
 
 /**
  * Admin user controller
@@ -94,7 +95,7 @@ class UserController extends Controller
             $data['password'] = bcrypt($data['password']);
 
         Event::fire('user.admin.create.before');
-        
+
         $admin = $this->admin->create($data);
 
         Event::fire('user.admin.delete.after', $admin);
@@ -165,6 +166,10 @@ class UserController extends Controller
         } else {
             Event::fire('user.admin.delete.before', $id);
 
+            if (auth()->guard('admin')->user()->id == $id) {
+                return view('admin::customers.confirm-password');
+            }
+
             $this->admin->delete($id);
 
             Event::fire('user.admin.delete.after', $id);
@@ -174,4 +179,36 @@ class UserController extends Controller
 
         return redirect()->back();
     }
+
+    /**
+     * destroy current after confirming
+     *
+     * @return mixed
+     */
+    public function destroySelf()
+    {
+        $password = request()->input('password');
+
+        if(Hash::check($password, auth()->guard('admin')->user()->password)) {
+            if($this->admin->count() == 1) {
+                session()->flash('error', trans('admin::app.users.users.delete-last'));
+            } else {
+                $id = auth()->guard('admin')->user()->id;
+
+                Event::fire('user.admin.delete.before', $id);
+
+                $this->admin->delete($id);
+
+                Event::fire('user.admin.delete.after', $id);
+
+                session()->flash('success', trans('admin::app.users.users.delete-success'));
+
+                return redirect()->route('admin.session.create');
+            }
+        } else {
+            session()->flash('warning', trans('admin::app.users.users.incorrect-password'));
+
+            return redirect()->route($this->_config['redirect']);
+        }
+    }
 }
\ No newline at end of file