#!/usr/bin/env bash set -euo pipefail # Review users that likely need enablement. # Criteria: # - Users without roles # - Users with unverified email # # Usage: # scripts/ops/netgescon-users-review.sh # scripts/ops/netgescon-users-review.sh --limit 200 LIMIT=100 while [[ $# -gt 0 ]]; do case "$1" in --limit) LIMIT="$2" shift 2 ;; *) echo "Unknown option: $1" echo "Usage: $0 [--limit ]" exit 1 ;; esac done php artisan tinker --execute=" use App\\Models\\User; \$limit = (int) ${LIMIT}; \$users = User::query() ->with('roles') ->where(function (\$q) { \$q->whereDoesntHave('roles') ->orWhereNull('email_verified_at'); }) ->orderByDesc('created_at') ->limit(\$limit) ->get(); echo 'PENDING_USERS=' . \$users->count() . PHP_EOL; foreach (\$users as \$u) { \$roles = \$u->getRoleNames()->implode(','); if (\$roles === '') { \$roles = 'NO_ROLES'; } \$flags = []; if (\$u->getRoleNames()->isEmpty()) { \$flags[] = 'MISSING_ROLE'; } if (is_null(\$u->email_verified_at)) { \$flags[] = 'UNVERIFIED_EMAIL'; } if (! is_null(\$u->expires_at) && now()->greaterThan(\$u->expires_at)) { \$flags[] = 'EXPIRED'; } echo implode(' | ', [ 'id=' . \$u->id, 'email=' . \$u->email, 'name=' . \$u->name, 'roles=' . \$roles, 'flags=' . implode(',', \$flags), 'created=' . optional(\$u->created_at)->toDateTimeString(), ]) . PHP_EOL; } "