Proximity/staffmanager
1
0
Fork 0
forked from miguel456/rbrecruiter
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: Proximity:0.3.0
Branches Tags
Proximity:master Proximity:develop Proximity:analysis-a2Jl7D Proximity:analysis-aoLDWj Proximity:feature/RSM-7-notification-channels Proximity:l10n_translate Proximity:translate Proximity:l10n_master miguel456:develop miguel456:master miguel456:l10n_translate miguel456:translate miguel456:l10n_master
Proximity:0.6.2 Proximity:0.6.1 Proximity:0.6.0 Proximity:0.5.2 Proximity:0.5.1 Proximity:0.5.0 Proximity:0.4.0 Proximity:0.3.0 Proximity:0.2.0 Proximity:0.1.0 miguel456:0.1.0 miguel456:0.2.0 miguel456:0.3.0 miguel456:0.4.0 miguel456:0.5.0 miguel456:0.5.1 miguel456:0.5.2 miguel456:0.6.0 miguel456:0.6.1 miguel456:0.6.2 miguel456:0.7.0
...
compare: Proximity:analysis-a2Jl7D
Branches Tags
Proximity:develop Proximity:master Proximity:analysis-a2Jl7D Proximity:analysis-aoLDWj Proximity:feature/RSM-7-notification-channels Proximity:l10n_translate Proximity:translate Proximity:l10n_master miguel456:develop miguel456:master miguel456:l10n_translate miguel456:translate miguel456:l10n_master
Proximity:0.6.2 Proximity:0.6.1 Proximity:0.6.0 Proximity:0.5.2 Proximity:0.5.1 Proximity:0.5.0 Proximity:0.4.0 Proximity:0.3.0 Proximity:0.2.0 Proximity:0.1.0 miguel456:0.1.0 miguel456:0.2.0 miguel456:0.3.0 miguel456:0.4.0 miguel456:0.5.0 miguel456:0.5.1 miguel456:0.5.2 miguel456:0.6.0 miguel456:0.6.1 miguel456:0.6.2 miguel456:0.7.0

197 Commits
0.3.0 ... analysis-a

Author SHA1 Message Date
Miguel Nogueira
773ec570d9 Apply fixes from StyleCI 2020-10-21 00:01:41 +00:00
Miguel Nogueira
53c23f3698 Changed branding for the repo 2020-10-21 00:01:32 +00:00
Miguel N
f1db159eee Update SECURITY.md 2020-09-08 17:44:56 +01:00
Miguel N
0d14a65ee5 Create SECURITY.md 2020-09-08 17:32:56 +01:00
Miguel N
2942157603 Update README.md 2020-09-08 06:16:27 +01:00
Miguel N
11f3fb90d0 Update README.md 2020-09-08 06:16:14 +01:00
Miguel N
937a0206a5 Added existing account check to logs 2020-09-08 01:38:56 +01:00
Miguel N
3598a32ecf Added existing account check to logs 2020-09-08 01:37:33 +01:00
Miguel N
ac8b303e2c Update to logauthfailure 2020-09-08 01:34:47 +01:00
Miguel N
e93abd2ab7 Added logging for successful authentication attempts 2020-09-08 01:31:09 +01:00
Miguel N
20ab381076 Added logging for failed authentication attempts 2020-09-08 01:26:27 +01:00
Miguel N
e566e40404 Update target user in logs 2020-09-08 00:07:50 +01:00
Miguel N
b0a935b8b3 Add acceptable "permanent" ban time 2020-09-08 00:06:27 +01:00
Miguel N
0dfb68dba2 Add acceptable "permanent" ban time 2020-09-08 00:05:37 +01:00
Miguel N
24303052ad Ban validation update 2020-09-07 23:57:50 +01:00
Miguel N
178bc31a6e Ban datetime format 2020-09-07 23:44:14 +01:00
Miguel N
98e557a840 Update ban dates 2020-09-07 23:42:09 +01:00
Miguel N
95bf7c239e Update ban time logic 2020-09-07 23:38:25 +01:00
Miguel N
4d2595dd39 Update ban logic 2020-09-07 23:33:35 +01:00
Miguel N
4e81a41210 Updated installation process 2020-09-07 23:22:25 +01:00
Miguel N
1319ce6b86 Added more debug logging 2020-09-07 22:56:54 +01:00
Miguel N
bea83b650c Added more debug logging 2020-09-07 22:54:20 +01:00
Miguel N
675cc3c329 Import missing facade 2020-09-07 22:35:42 +01:00
Miguel N
e8119b763c Register Application observers 2020-09-07 21:43:48 +01:00
Miguel N
04838048ce Merge pull request #10 from spacejewel-hosting/translate 
Force new users to verify email
 2020-09-03 20:22:11 +01:00
Miguel N
87f8e63b24 Force new users to verify email 2020-09-03 20:06:29 +01:00
Miguel N
7292aab4b7 Merge pull request #9 from spacejewel-hosting/translate 
Menu translations and source files
 2020-09-03 17:38:18 +01:00
Miguel N
9f3780d844 Fix trans key 2020-09-03 17:22:28 +01:00
Miguel N
e37b38f2d9 Update README.md 2020-09-03 17:19:15 +01:00
Miguel N
c83e720a6d Create CONTRIBUTING.md 2020-09-03 17:18:28 +01:00
Miguel N
9241a83844 Merge branch 'translate' of https://github.com/spacejewel-hosting/staffmanagement into translate 2020-09-03 17:00:57 +01:00
Miguel N
c6685331a8 Updated wrong trans() key names 2020-09-03 17:00:09 +01:00
Miguel N
9da9b8e6fc Merge pull request #8 from spacejewel-hosting/l10n_translate 
Portuguese menu & AdminLTE translations
 2020-09-03 16:48:09 +01:00
Miguel N
bb019f71e2 New translations messages.php (Portuguese) 2020-09-03 16:43:59 +01:00
Miguel N
0cde3444ce New translations adminlte.php (Portuguese) 2020-09-03 16:43:57 +01:00
Miguel N
b61fb5642e New translations menu.php (Portuguese) 2020-09-03 16:43:56 +01:00
Miguel N
f7614916bf Merge branch 'l10n_translate' into translate 2020-09-03 16:40:23 +01:00
Miguel N
2ad1548cd6 New translations menu.php (Portuguese) 2020-09-03 16:17:21 +01:00
Miguel N
43579c8fc9 New translations adminlte.php (Portuguese) 2020-09-03 16:17:20 +01:00
Miguel N
0c9cea5c05 New translations messages.php (Portuguese) 2020-09-03 16:17:18 +01:00
Miguel N
4371dd971c New translations menu.php (Spanish) 2020-09-03 16:17:17 +01:00
Miguel N
c57ace1ad9 New translations adminlte.php (Spanish) 2020-09-03 16:17:15 +01:00
Miguel N
c35b37d9b3 New translations messages.php (Spanish) 2020-09-03 16:17:13 +01:00
Miguel N
f25c9f7bc7 New translations menu.php (French) 2020-09-03 16:17:10 +01:00
Miguel N
25cebeefab New translations adminlte.php (French) 2020-09-03 16:17:09 +01:00
Miguel N
8b47dbe2e0 New translations messages.php (French) 2020-09-03 16:17:07 +01:00
Miguel N
290dbe99b6 Update source file menu.php 2020-09-03 16:16:43 +01:00
Miguel N
d7b506ec52 Update source file adminlte.php 2020-09-03 16:16:42 +01:00
Miguel N
d41d94b934 Update source file messages.php 2020-09-03 16:16:40 +01:00
Miguel N
b571d72eaf Update Crowdin configuration file 2020-09-03 16:16:28 +01:00
Miguel Nogueira
0c1f6f75eb Merge remote-tracking branch 'origin/translate' into translate 2020-09-03 16:07:33 +01:00
Miguel Nogueira
5ea9e11a62 AdminLTE i18n Changes 
This commit removes unused language files and preserves the English sources for Crowdin. The account confirmation page has also been re-skinned with the current login/register template.
Some missing translations for 2fa were also added to the main messages file.
Sources for translations for the menus were also added.
 2020-09-03 16:06:51 +01:00
Miguel N
fbd1e83306 Create CODE_OF_CONDUCT.md 2020-09-03 04:47:42 +01:00
Miguel N
50ed47964c Merge pull request #5 from spacejewel-hosting/translate 
New translations (i10n)

This merge adds the following;
 - Completed Portuguese translations
 - Spanish and French translation templates
 - Several bugfixes to Vacancies, Applications, and Appointments
 - Added missing translations
 - Language selection menu

Next feature for 0.6.0:
 - Self updater with Artisan command for non-git installations
 2020-09-03 04:38:25 +01:00
Miguel N
58d6a8ef1f Merge pull request #6 from spacejewel-hosting/l10n_translate 
New Crowdin updates
 2020-09-03 04:30:24 +01:00
Miguel N
d988b9a5cb New translations messages.php (Portuguese) 2020-09-03 03:15:32 +01:00
Miguel N
eeae03dec5 New translations messages.php (Spanish) 2020-09-03 03:15:28 +01:00
Miguel N
c374100eed New translations messages.php (French) 2020-09-03 03:15:24 +01:00
Miguel N
01e3a9edce Update source file messages.php 2020-09-03 03:15:22 +01:00
Miguel Nogueira
d93170b555 Devtools translation string 2020-09-03 02:58:30 +01:00
Miguel Nogueira
8e85e08171 Vacancy tweaks 2020-09-03 02:52:21 +01:00
Miguel Nogueira
de3dba3627 Vacancy tweaks 2020-09-03 02:50:19 +01:00
Miguel N
f7a18816bc New translations messages.php (Portuguese) 2020-09-03 02:43:33 +01:00
Miguel N
369185c4ed New translations messages.php (Spanish) 2020-09-03 02:43:32 +01:00
Miguel N
5ee79880d5 New translations messages.php (French) 2020-09-03 02:43:30 +01:00
Miguel N
75d7181bca Update source file messages.php 2020-09-03 02:43:27 +01:00
Miguel Nogueira
3fe3df7357 Vacancy tweaks 2020-09-03 02:26:05 +01:00
Miguel Nogueira
7e58c3af6b Add more missing translation strings 
Also fixed broken vacancy editor
 2020-09-03 02:20:15 +01:00
Miguel Nogueira
5ca155ba42 Add more missing translation strings 2020-09-03 02:08:14 +01:00
Miguel Nogueira
7c7c20d5b2 Add more missing translation strings 2020-09-03 01:58:29 +01:00
Miguel Nogueira
fdb508fd5a Update lock file 2020-09-03 01:28:38 +01:00
Miguel Nogueira
cbe660f4ad Fix broken notes 2020-09-03 00:39:59 +01:00
Miguel Nogueira
6e34b6b8fa Fix broken notes 2020-09-03 00:38:59 +01:00
Miguel Nogueira
60874c046f Conditionally pre-load Appointment relationship 2020-09-03 00:34:35 +01:00
Miguel Nogueira
e9dd1567b8 Appointment model tweaks 2020-09-03 00:23:09 +01:00
Miguel Nogueira
a95c9518b3 Update ignored URLs list 2020-09-03 00:15:59 +01:00
Miguel Nogueira
af96d193a4 Missing login button translation 2020-09-03 00:11:49 +01:00
Miguel Nogueira
48054f0837 Missing translations 2020-09-02 20:57:38 +01:00
Miguel Nogueira
9b5e35b241 Missing typehint 2020-09-02 20:52:56 +01:00
Miguel Nogueira
4c7783f366 Variable fix 2020-09-02 20:32:34 +01:00
Miguel Nogueira
af2c23a73c Variable fix 2020-09-02 20:30:25 +01:00
Miguel Nogueira
af17bbe468 Close unclosed label 2020-09-02 20:20:01 +01:00
Miguel Nogueira
17f61f0d6b Close unclosed label 2020-09-02 20:17:54 +01:00
Miguel Nogueira
a5aef7deb7 Add missing translation 2020-09-02 20:11:01 +01:00
Miguel Nogueira
f32c4dc68c Fixed misspelled translation string 2020-09-02 20:08:20 +01:00
Miguel Nogueira
687316d77a Language menu accessibility 2020-09-02 20:02:56 +01:00
Miguel Nogueira
ff70c21283 Homepage: add crowdin badge 2020-09-02 19:57:41 +01:00
Miguel Nogueira
727c14d0c2 Added French 🇫🇷 2020-09-02 19:52:01 +01:00
Miguel Nogueira
6b7d2db612 Default flag for English 2020-09-02 19:32:31 +01:00
Miguel Nogueira
d743554df6 Add country flag to dropdown 2020-09-02 19:29:37 +01:00
Miguel Nogueira
fd8bf4f0f2 Update supported locales 2020-09-02 19:28:45 +01:00
Miguel Nogueira
bd530696d2 Quick dropdown toggle 2020-09-02 19:24:32 +01:00
Miguel Nogueira
3040afd730 Default language list item 2020-09-02 19:20:06 +01:00
Miguel Nogueira
e7d2c548c0 Populate language list 2020-09-02 19:15:01 +01:00
Miguel Nogueira
f001a16d4d Add homepage language selector 2020-09-02 19:05:24 +01:00
Miguel Nogueira
d8dbb1a0a2 Add homepage language selector 2020-09-02 19:04:25 +01:00
Miguel Nogueira
4e1b4f5afd Add URLs which should not be localized 2020-09-02 18:53:17 +01:00
Miguel Nogueira
81c0b65404 Add localization middleware 2020-09-02 18:39:45 +01:00
Miguel Nogueira
a10f3f9c96 Fix unclosed a tag causing whole page to be a link 2020-09-02 18:36:35 +01:00
Miguel Nogueira
326e0f8c7c Remove trans() from config file 
Laravel relies on the translation class for this, and this is only loaded after the config files, so menu translation will have to be done exclusively by the AdminLte service provider.
 2020-09-02 18:00:25 +01:00
Miguel Nogueira
a0192cdb02 Added route localization and auto detection 2020-09-02 17:43:27 +01:00
Miguel Nogueira
8f45563b24 Added localization configuration file 2020-09-02 16:15:42 +00:00
Miguel Nogueira
004e9edcb0 Updated dependencies 2020-09-02 16:12:35 +00:00
Miguel N
fafc9dca87 Merge pull request #4 from spacejewel-hosting/l10n_translate 
New Crowdin updates
 2020-09-02 03:59:09 +01:00
Miguel N
800d205c74 New translations validation.php (Portuguese) 2020-09-02 03:53:10 +01:00
Miguel N
3cd7292c36 New translations messages.php (Portuguese) 2020-09-02 03:53:08 +01:00
Miguel N
36db8a1337 New translations messages.php (Portuguese) 2020-09-02 03:08:35 +01:00
Miguel N
bcd11c462a New translations messages.php (Portuguese) 2020-09-02 00:34:47 +01:00
Miguel N
6703ac89c1 Update source file messages.php 2020-09-02 00:34:44 +01:00
Miguel N
fda34ad8bf New translations messages.php (Portuguese) 2020-09-01 23:29:41 +01:00
Miguel N
2cde1cdbbe New translations messages.php (Spanish) 2020-09-01 23:29:38 +01:00
Miguel N
0bca7619f7 New translations messages.php (French) 2020-09-01 23:29:35 +01:00
Miguel Nogueira
d223515d19 Merge translate with master 2020-09-01 23:27:52 +01:00
Miguel Nogueira
93fb7a8432 Merge remote-tracking branch 'origin/master' into master 2020-09-01 23:18:53 +01:00
Miguel Nogueira
6bf0d9f373 Remove Heredoc from messages for better compatibility 2020-09-01 23:18:38 +01:00
Miguel N
db5d150758 New translations validation.php (Portuguese) 2020-09-01 23:13:19 +01:00
Miguel N
348b1a37d0 New translations passwords.php (Portuguese) 2020-09-01 23:13:17 +01:00
Miguel N
86bf02bb42 New translations pagination.php (Portuguese) 2020-09-01 23:13:16 +01:00
Miguel N
6c45573fbe New translations messages.php (Portuguese) 2020-09-01 23:13:14 +01:00
Miguel N
910863bdea New translations auth.php (Portuguese) 2020-09-01 23:13:13 +01:00
Miguel N
884ff74f42 New translations messages.php (Portuguese) 2020-09-01 22:07:20 +01:00
Miguel N
4f1935fbf2 Update README.md 2020-09-01 21:08:12 +01:00
Miguel N
3a53f3bbc2 New translations validation.php (Portuguese) 2020-09-01 21:01:43 +01:00
Miguel N
6c08e839d6 New translations passwords.php (Portuguese) 2020-09-01 21:01:42 +01:00
Miguel N
362ce6c866 New translations pagination.php (Portuguese) 2020-09-01 21:01:40 +01:00
Miguel N
d336354482 New translations messages.php (Portuguese) 2020-09-01 21:01:39 +01:00
Miguel N
88cf53c53d New translations auth.php (Portuguese) 2020-09-01 21:01:37 +01:00
Miguel N
a5568be339 New translations validation.php (Spanish) 2020-09-01 21:01:36 +01:00
Miguel N
d393a8cedc New translations passwords.php (Spanish) 2020-09-01 21:01:34 +01:00
Miguel N
62d5f68279 New translations pagination.php (Spanish) 2020-09-01 21:01:33 +01:00
Miguel N
5c068a325d New translations messages.php (Spanish) 2020-09-01 21:01:32 +01:00
Miguel N
15c02c1de1 New translations auth.php (Spanish) 2020-09-01 21:01:30 +01:00
Miguel N
3782f79b51 New translations validation.php (French) 2020-09-01 21:01:29 +01:00
Miguel N
0c53757912 New translations passwords.php (French) 2020-09-01 21:01:28 +01:00
Miguel N
6db69f997d New translations pagination.php (French) 2020-09-01 21:01:26 +01:00
Miguel N
edb2e4b2d6 New translations messages.php (French) 2020-09-01 21:01:25 +01:00
Miguel N
baac37e967 New translations auth.php (French) 2020-09-01 21:01:23 +01:00
Miguel N
5952ed9248 Update Crowdin configuration file 2020-09-01 20:58:54 +01:00
Miguel N
356483ef7b Update README.md 2020-09-01 20:40:32 +01:00
Miguel Nogueira
b80e168dfb Add side menu localization options 
This commit also adds the option to specify your own logo, from the .env configuration file.
 2020-09-01 20:30:17 +01:00
Miguel Nogueira
9b469c434b Add app render localization options 2020-09-01 19:30:28 +01:00
Miguel Nogueira
ca3a06f248 Add directory localization options 2020-09-01 18:49:08 +01:00
Miguel Nogueira
1e2f331778 Add profile localization options 2020-09-01 17:46:27 +01:00
Miguel Nogueira
4a09fa581d Add application management localization options 2020-09-01 14:40:41 +01:00
Miguel Nogueira
c58b5b56d7 Add administration localization options 2020-09-01 12:43:39 +01:00
Miguel Nogueira
bf5d4058ad Add auth localization options 2020-09-01 01:01:32 +01:00
Miguel Nogueira
f871e14307 Add homepage localization options 2020-09-01 00:29:58 +01:00
Miguel Nogueira
1e78a8e6d9 Use app name 2020-08-31 23:20:53 +01:00
Miguel Nogueira
17fb0e236f Make notifications cancellable 
This commit makes certain notifications cancellable. This enables notifications to be sent conditionally based on the user's choice.
 2020-08-31 22:06:00 +01:00
Miguel Nogueira
27b1f3170b Update settings log level 2020-08-31 20:02:30 +01:00
Miguel Nogueira
00cc36246f Minor import change 2020-08-31 19:53:10 +01:00
Miguel Nogueira
41e3e817a2 Added error messages to settings.blade.php 2020-08-31 19:50:58 +01:00
Miguel Nogueira
2afea88846 Added logging to Settings 2020-08-31 19:47:27 +01:00
Miguel Nogueira
ea96cbc1f5 Options: return value instead of whole model 2020-08-31 18:54:33 +01:00
Miguel Nogueira
2996e66c8b Add missing query builder statement for options 2020-08-31 18:51:35 +01:00
Miguel N
a32af7c464 Delete unused workflow 2020-08-31 18:38:49 +01:00
Miguel Nogueira
cd874c5f58 Settings auth checks 2020-08-31 18:36:38 +01:00
Miguel Nogueira
42de40e320 Added CSRF protection to settings 2020-08-31 18:34:09 +01:00
Miguel Nogueira
faa3a65e2b Added unchecked checkbox workaround 2020-08-31 18:32:08 +01:00
Miguel Nogueira
ba3a139d1c Wrapped settings with form-check 2020-08-31 18:13:44 +01:00
Miguel Nogueira
25ddf81118 Added form control buttons 
Also improved form styling
 2020-08-31 18:11:00 +01:00
Miguel Nogueira
9431eb5036 Updated options rendering 2020-08-31 18:03:20 +01:00
Miguel Nogueira
a3071dccf9 Update wrong view name 2020-08-31 17:58:07 +01:00
Miguel Nogueira
b0cbf65cfc Added missing permissions to roles 2020-08-31 17:55:36 +01:00
Miguel Nogueira
6be5e241d4 Add permission and provider imports 2020-08-31 16:41:01 +01:00
Miguel Nogueira
d6c49a5cf0 Add missing migration 2020-08-30 23:27:06 +01:00
Miguel Nogueira
075617fd32 Merge remote-tracking branch 'origin/master' into master 2020-08-30 23:17:28 +01:00
Miguel Nogueira
da73c91b4a Update DB seeder 2020-08-30 23:17:06 +01:00
Miguel Nogueira
ca82f5882d Add settings page 2020-08-30 23:06:01 +01:00
Miguel N
88c36dd3f8 Updated Readme 2020-08-16 16:11:45 +01:00
Miguel Nogueira
535a2c3973 Fixed broken banning logic 2020-08-13 22:12:17 +01:00
Miguel N
ad5c3404cc Update variable 2020-07-25 01:20:43 +01:00
Miguel N
64d418c590 Add heroku action 2020-07-25 00:28:44 +01:00
Miguel N
62b063ee63 Missed variable name 2020-07-23 02:37:08 +01:00
Miguel N
2c0c404d73 Change wrong param name 2020-07-19 06:01:46 +01:00
Miguel Nogueira
168f08bd96 Remove deprecated SubmenuFilter class 2020-07-18 19:58:49 +01:00
Miguel Nogueira
94d08f1886 Trust Heroku proxies 
This commit also forces the environment into HTTPS when in production.
 2020-07-18 06:33:00 +01:00
Miguel Nogueira
0cf6208577 Add embarassing missing comma 2020-07-18 03:57:56 +01:00
Miguel Nogueira
9255a6c88d Rewrote lock file 2020-07-18 03:55:31 +01:00
Miguel Nogueira
098205a969 Updated required extension name 2020-07-18 03:51:57 +01:00
Miguel Nogueira
bf426e3bdd Updated package lock and added postinstall 2020-07-18 03:45:31 +01:00
Miguel Nogueira
02059bbcb0 Updated dependency lock file 
Also added Imagemagick as a required extension for 2FA
 2020-07-18 03:21:49 +01:00
Miguel Nogueira
91627decbe Added Heroku Procfile 
Also changed required password length for new users
 2020-07-18 02:45:15 +01:00
Miguel Nogueira
2763f777ab Add password strength requirment 
This commit adds a password strength requirement for new users using 
regular expressions.
Also adds a dismissable alert so users know how to create passwords 
properly.
 2020-07-17 23:13:46 +01:00
Miguel Nogueira
d392c0593f Add two factor authentication 2020-07-17 22:44:10 +01:00
Miguel Nogueira
5f1f92a9ce Code review 
This commit fixes some superficial instances of Broken Access Control 
(https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A5-Broken_Access_Control).
There may be some more instances of this, as authorization was only done 
after most of the controllers were done (big mistake).

Some refactoring was also performed, where Route Model Binding with DI 
(dependency injection) was used whenever possible, to increase 
testability of the codebase.
Some reused code was also moved to Helper classes as to enforce DRY; 
There may be some lines of code that are still copy-pasted from other 
parts of the codebase for reuse.

Non-breaking refactoring changes were made, but the app as a whole still 
needs full manual testing, and customised responses to HTTP 500 
responses. Some errors are also not handled gracefully and this wasn't 
checked in this commit.
 2020-07-16 21:21:28 +01:00
Miguel Nogueira
9e2d571298 Fix homepage bg issue 2020-07-16 07:32:52 +01:00
Miguel Nogueira
e16be5dc46 Override styles for auth pages 2020-07-16 07:11:33 +01:00
Miguel Nogueira
1a04880489 Replace basic authentication pages 2020-07-16 06:50:59 +01:00
Miguel Nogueira
3693ce3431 Add footer to all dashboard pages 2020-07-16 06:46:20 +01:00
Miguel Nogueira
4a766620ff Fix appointment policy not being called correctly 
This commit fixes the appointment policy being called at the wrong time, with the wrong arguments.
It also fixes wrong references on the auth service provider, also fixing other issues with poliy usage.

Fixes #3 and SPACEJEWEL-HOSTING-59.
 2020-07-16 05:24:00 +01:00
Miguel Nogueira
bca6020ab0 Add ability to edit forms and add new fields 
This commit adds the ability to edit and modify existing forms.
On the technical side, it also adds a new reusable validation Facade which helps reduce duplicated code.
 2020-07-15 06:48:49 +01:00
Miguel Nogueira
1f50faaea7 Add ability to preview application 2020-07-12 19:36:12 +01:00
Miguel Nogueira
e978a5417b Added ability to delete single application 
Also moved User observer code to Application observer
 2020-07-12 17:01:33 +01:00
Miguel Nogueira
4dc412e53c Added check for constrained models when deleting 2020-07-12 06:39:39 +01:00
Miguel Nogueira
bd0664ce0d Add ability to edit Vacancies 2020-07-11 20:34:26 +01:00
Miguel Nogueira
4b390ea536 Added full Vacancy description 
Also added support for Markdown
 2020-07-11 05:34:12 +01:00
313 changed files with 23524 additions and 13890 deletions
Expand all files Collapse all files

12
.env.example
View File

@@ -3,6 +3,9 @@ APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost
APP_LOGO="https://www.raspberrypi.org/app/uploads/2020/05/Raspberry-Pi-OS-downloads-image-150x150-1.png"
APP_SITEHOMEPAGE=""
# This can be your main homepage, other than this site itself
LOG_CHANNEL=stack
@@ -18,9 +21,6 @@ RECAPTCHA_PRIVATE_KEY=
RECAPTCHA_VERIFY_URL="https://www.google.com/recaptcha/api/siteverify"
# WARNING: Your contact form will be useless if you change this value. Only change this URL if Google updates it.
IPGEO_API_KEY=""
IPGEO_API_URL=""
MOJANG_STATUS_URL="https://status.mojang.com/check"
MOJANG_API_URL="https://api.mojang.com"
@@ -29,7 +29,7 @@ IPGEO_API_URL="https://api.ipgeolocation.io/ipgeo"
ARCANEDEV_LOGVIEWER_MIDDLEWARE=web,auth,can:admin.maintenance.logs.view
RELEASE=staffmanagement@0.2.0
RELEASE=staffmanagement@0.6.1
SLACK_INTEGRATION_WEBHOOK=
@@ -65,4 +65,8 @@ PUSHER_APP_CLUSTER=mt1
MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
# Mostly for developers, but with Papertrail, you can easily see what the app's users are doing without relying on
# the internal log viewer.
SENTRY_LARAVEL_DSN=
PAPERTRAIL_URL=
PAPERTRAIL_PORT

1
.gitignore vendored
View File

@@ -4,6 +4,7 @@
/public/storage
/storage/*.key
/vendor
/tools
.env
.env.backup
.phpunit.result.cache

2
.idea/hrm-mcserver.iml generated
View File

@@ -39,7 +39,9 @@
<excludeFolder url="file://$MODULE_DIR$/vendor/laravel/ui" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/commonmark" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/flysystem" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/mime-type-detection" />
<excludeFolder url="file://$MODULE_DIR$/vendor/maximebf/debugbar" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mcamara/laravel-localization" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mockery/mockery" />
<excludeFolder url="file://$MODULE_DIR$/vendor/monolog/monolog" />
<excludeFolder url="file://$MODULE_DIR$/vendor/myclabs/deep-copy" />

14
.idea/php.xml generated
View File

@@ -127,6 +127,20 @@
<path value="$PROJECT_DIR$/vendor/symfony/string" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-intl-grapheme" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-php80" />
<path value="$PROJECT_DIR$/vendor/bacon/bacon-qr-code" />
<path value="$PROJECT_DIR$/vendor/dasprid/enum" />
<path value="$PROJECT_DIR$/vendor/geo-sot/laravel-env-editor" />
<path value="$PROJECT_DIR$/vendor/laravel/slack-notification-channel" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-php70" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa-laravel" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa-qrcode" />
<path value="$PROJECT_DIR$/vendor/arcanedev/log-viewer" />
<path value="$PROJECT_DIR$/vendor/arcanedev/support" />
<path value="$PROJECT_DIR$/vendor/paragonie/constant_time_encoding" />
<path value="$PROJECT_DIR$/vendor/graham-campbell/markdown" />
<path value="$PROJECT_DIR$/vendor/league/mime-type-detection" />
<path value="$PROJECT_DIR$/vendor/mcamara/laravel-localization" />
</include_path>
</component>
<component name="PhpProjectSharedConfiguration" php_language_level="7.2" />

5
.phive/phars.xml Normal file
View File

@@ -0,0 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<phive xmlns="https://phar.io/phive">
<phar name="phpunit" version="^9.2.5" installed="9.2.5" location="./tools/phpunit" copy="false"/>
<phar name="php-cs-fixer" version="^2.16.4" installed="2.16.4" location="./tools/php-cs-fixer" copy="false"/>
</phive>

76
CODE_OF_CONDUCT.md Normal file
View File

@@ -0,0 +1,76 @@
# Contributor Covenant Code of Conduct
## Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, sex characteristics, gender identity and expression,
level of experience, education, socio-economic status, nationality, personal
appearance, race, religion, or sexual identity and orientation.
## Our Standards
Examples of behavior that contributes to creating a positive environment
include:
* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or
advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic
address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a
professional setting
## Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.
## Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an appointed
representative at an online or offline event. Representation of a project may be
further defined and clarified by project maintainers.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project team at support@spacejewel-hosting.com. All
complaints will be reviewed and investigated and will result in a response that
is deemed necessary and appropriate to the circumstances. The project team is
obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
[homepage]: https://www.contributor-covenant.org
For answers to common questions about this code of conduct, see
https://www.contributor-covenant.org/faq

29
CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,29 @@
# Thank you for contributing!
Read this file carefully before contributing to the project. It's important that everyone follows these rules to ensure smooth contribution.
## General workflow
Since the project is under version 1.0.0, the master branch can be quite unstable, and even unusable. For this reason, I recommend you stick to the published
releases, unless you intend on helping out with the project.
New features are commited directly to the ``master`` branch, while translations are commited to a special service branch, merged onto ``translate``, tested, and
merged back to master. Above version 1.0.0, new features should follow the same procedure as translations.
## Before commiting
Before commiting, make sure your code adheres to the Laravel coding guidelines, as well as PSR-4. I'll personally review and merge each PR.
Thank you for your interest!
# Bug reports
As always, bug reports should stick to the bug report template. GitHub makes this easy for you by letting you choose which issue template you'd like to use
before reporting an isuse. This helps everyone stay in the same page.
Issues published without a template might take longer to be resolved, or may be ignored and marked ``wontfix``.
# Licensing
Any contributions you make will be under the GNU GPL v3 license, which is the license that covers this project.

1
Procfile Normal file
View File

@@ -0,0 +1 @@
web: vendor/bin/heroku-php-apache2 public/

17
README.md
View File

@@ -1,10 +1,11 @@
# Raspberry Teams - The Simple Staff Application Manager v 0.1.0
## The quick and pain-free staff application manager (for Minecraft)
# RB Recruiter v 0.6.2 [![Crowdin](https://badges.crowdin.net/raspberry-staff-manager/localized.svg)](https://crowdin.com/project/raspberry-staff-manager)
## The quick and pain-free form management solution for communities
Have you ever gotten tired of managing your Minecraft server/network's applications through Discord (or anything else) and having to scroll through hundreds of new messages just to find that one applicant's username?
Wish you had a better application managemet strategy? Well, then Raspberry Teams is for you! It was originally designed and developed for internal use, but sharing is caring! After noticing a worrying lack of "human resources" management systems on SpigotMC's resources section (There was only one outdated/unsupported project), I've decided to take it up into my own terms and start working on it.
Wish you had a better application managemet strategy? Well, then Raspberry Teams is for you! It was originally designed and developed for internal use for a gameserver network, but sharing is caring!
# Features (not exhaustive)
@@ -46,6 +47,14 @@ Tech stack:
- AdminLTE / Bootstrap 4
- jQuery / Plain Javascript
- vueJS (in the future)
# Stability
Currently, the ``master`` branch is highly unstable, since it's under active development. Expect it to break with each commit. Even though I make an effort to make sure each commit is good to go before pushing, things might still break unexpectedly, and you may find a lot of bugs (which you should report).
Every released version is currently pre-release. If you really want to run this before version ``1.0.0`` comes out, always stay on the latest version, as those will always be tested before release, ensuring less chaos.
*Note: This application is NOT production ready! It won't be until the first stable release comes out, which might take a bit longer.
# Operating System Requirements
@@ -60,7 +69,7 @@ Tech stack:
- JSON
- Curl (highly recommended)
- Image Magick (imagick) for 2FA support
# Installation

19
SECURITY.md Normal file
View File

@@ -0,0 +1,19 @@
# Security Policy
## Supported Versions
The following versions are currently supported:
| Version | Supported |
| ------- | ------------------ |
| 0.1.x | :x: |
| 0.5.x | :x: |
| 0.6.x | :white_check_mark: |
## Reporting a Vulnerability
To securely report a vulnerability, you may send me an email directly containing the details of said vulnerability: ``me@nogueira.codes``.
You may optionally encrypt your message with my [public PGP key](http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x48DF709E7405702B).
Use this free [online encryption tool](https://www.igolder.com/pgp/encryption/) if you don't know how to use PGP on your desktop.

28
app/Application.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
@@ -10,13 +29,10 @@ class Application extends Model
'applicantUserID',
'applicantFormResponseID',
'applicationStatus'
'applicationStatus',
];
public function user()
{
return $this->belongsTo('App\User', 'applicantUserID', 'id');
@@ -37,7 +53,6 @@ class Application extends Model
return $this->belongsToMany('App\Vote', 'votes_has_application');
}
public function comments()
{
return $this->hasMany('App\Comment', 'applicationID', 'id');
@@ -46,8 +61,7 @@ class Application extends Model
public function setStatus($status)
{
return $this->update([
'applicationStatus' => $status
'applicationStatus' => $status,
]);
}
}

33
app/Appointment.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
@@ -7,23 +26,25 @@ use Illuminate\Database\Eloquent\Model;
class Appointment extends Model
{
public $fillable = [
'appointmentDescription',
'appointmentDate',
'applicationID',
'appointmentDescription',
'appointmentDate',
'applicationID',
'appointmentStatus',
'appointmentLocation'
'appointmentLocation',
'meetingNotes',
'userAccepted',
];
public function application()
{
// FIXME: Possible bug here, where laravel looks for the wrong column in the applications table.
// FIXME: Possible bug here, where laravel looks for the wrong column in the applications table.
return $this->belongsTo('App\Application', 'id', 'applicationID');
}
public function setStatus($status)
{
$this->update([
'appointmentStatus' => $status
'appointmentStatus' => $status,
]);
}
}

31
app/Ban.php
View File

@@ -1,25 +1,46 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
class Ban extends Model
{
public $fillable = [
'userID',
'reason',
'bannedUntil',
'userAgent',
'authorUserID'
'authorUserID',
];
public $dates = [
'bannedUntil',
];
public function user()
{
return $this->belongsTo('App\User', 'userID', 'id');
}
}

23
app/Comment.php
View File

@@ -1,16 +1,34 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
class Comment extends Model
{
protected $fillable = [
'authorID',
'applicationID',
'text'
'text',
];
public function application()
@@ -22,5 +40,4 @@ class Comment extends Model
{
return $this->belongsTo('App\User', 'authorID', 'id');
}
}

79
app/Console/Commands/CountVotes.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands;
use App\Application;
@@ -43,28 +62,23 @@ class CountVotes extends Command
$eligibleApps = Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get();
$pbar = $this->output->createProgressBar($eligibleApps->count());
if($eligibleApps->isEmpty())
{
if ($eligibleApps->isEmpty()) {
$this->error('𐄂 There are no applications that need to be processed.');
return false;
}
foreach ($eligibleApps as $application)
{
foreach ($eligibleApps as $application) {
$votes = $application->votes;
$voteCount = $application->votes->count();
$positiveVotes = 0;
$negativeVotes = 0;
if ($voteCount > 5)
{
$this->info('Counting votes for application ID ' . $application->id);
foreach ($votes as $vote)
{
switch ($vote->allowedVoteType)
{
if ($voteCount > 5) {
$this->info('Counting votes for application ID '.$application->id);
foreach ($votes as $vote) {
switch ($vote->allowedVoteType) {
case 'VOTE_APPROVE':
$positiveVotes++;
break;
@@ -74,7 +88,7 @@ class CountVotes extends Command
}
}
$this->info('Total votes for application ID ' . $application->id . ': ' . $voteCount);
$this->info('Total votes for application ID '.$application->id.': '.$voteCount);
$this->info('Calculating criteria...');
$negativeVotePercent = floor(($negativeVotes / $voteCount) * 100);
$positiveVotePercent = floor(($positiveVotes / $voteCount) * 100);
@@ -83,54 +97,43 @@ class CountVotes extends Command
$this->table([
'% of approval votes',
'% of denial votes'
'% of denial votes',
], [ // array of arrays, e.g. rows
[
$positiveVotePercent . "%",
$negativeVotePercent . "%"
]
$positiveVotePercent.'%',
$negativeVotePercent.'%',
],
]);
if ($pollResult)
{
$this->info('✓ Dispatched promotion event for applicant ' . $application->user->name);
if (!$this->option('dryrun'))
{
if ($pollResult) {
$this->info('✓ Dispatched promotion event for applicant '.$application->user->name);
if (! $this->option('dryrun')) {
$application->response->vacancy->vacancyCount -= 1;
$application->response->vacancy->save();
event(new ApplicationApprovedEvent(Application::find($application->id)));
}
else
{
} else {
$this->warn('Dry run: Event won\'t be dispatched');
}
$pbar->advance();
}
else {
if (!$this->option('dryrun'))
{
} else {
if (! $this->option('dryrun')) {
event(new ApplicationDeniedEvent(Application::find($application->id)));
}
else {
} else {
$this->warn('Dry run: Event won\'t be dispatched');
}
$pbar->advance();
$this->error('𐄂 Applicant ' . $application->user->name . ' does not meet vote criteria (Majority)');
$this->error('𐄂 Applicant '.$application->user->name.' does not meet vote criteria (Majority)');
}
} else {
$this->warn('Application ID'.$application->id.' did not have enough votes for processing (min 5)');
}
else
{
$this->warn("Application ID" . $application->id . " did not have enough votes for processing (min 5)");
}
}
$pbar->finish();
return true;
}
}

155
app/Console/Commands/Install.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands;
use Illuminate\Console\Command;
@@ -39,99 +58,89 @@ class Install extends Command
public function handle()
{
$basePath = base_path();
if (Storage::disk('local')->missing('INSTALLED'))
{
if (Storage::disk('local')->missing('INSTALLED')) {
$this->info('[!! Welcome to Rasberry Teams !!]');
$this->info('>> Installing...');
$this->call('down', [
'--message' => 'Down for maintenance. We\'ll be right back!',
]);
copy($basePath.'/.env.example', $basePath.'/.env');
$this->call('key:generate');
$this->info('[!! Welcome to Rasberry Teams !!]');
$this->info('>> Installing...');
$this->call('down', [
'--message' => 'Down for maintenance. We\'ll be right back!'
]);
$this->info('>> Installing and preparing dependencies. This may take a while, depending on your computer.');
copy($basePath . '/.env.example', $basePath . '/.env');
$this->call('key:generate');
$npmOut = 0;
$npmMessages = [];
$this->info('>> Installing and preparing dependencies. This may take a while, depending on your computer.');
$npmBuildOut = 0;
$npmBuildMessages = [];
$npmOut = 0;
$npmMessages = [];
exec('cd '.$basePath.' && npm install --silent', $npmBuildOut, $npmOut);
exec('cd '.$basePath.'&& npm run dev --silent', $npmBuildMessages, $npmBuildOut);
$npmBuildOut = 0;
$npmBuildMessages = [];
if ($npmOut !== 0 && $npmBuildOut !== 0) {
$this->error('[!] One or more errors have ocurred whilst attempting to install dependencies.');
$this->error('[!] It is recommended to run this command again, and report a bug if it keeps happening.');
exec('cd ' . $basePath . ' && npm install --silent', $npmBuildOut, $npmOut);
exec('cd ' . $basePath . '&& npm run dev --silent', $npmBuildMessages, $npmBuildOut);
return false;
}
$settings = [];
if($npmOut !== 0 && $npmBuildOut !== 0)
{
$this->error('[!] One or more errors have ocurred whilst attempting to install dependencies.');
$this->error('[!] It is recommended to run this command again, and report a bug if it keeps happening.');
$this->info('>> Configuring application - We\'re going to ask a few questions here!');
do {
$this->info('== Database Settings (1/6) ==');
return false;
}
$settings['DB_USERNAME'] = $this->ask('Database username');
$settings['DB_PASSWORD'] = $this->secret('Database password (Input won\'t be seen)');
$settings['DB_DATABASE'] = $this->ask('Database name');
$settings['DB_PORT'] = $this->ask('Database port');
$settings['DB_HOST'] = $this->ask('Database hostname');
$this->info('== Antispam Settings (2/6) (Recaptcha v2) ==');
$settings['RECAPTCHA_SITE_KEY'] = $this->ask('Site key');
$settings['RECAPTCHA_PRIVATE_KEY'] = $this->ask('Private site key');
$this->info('== IP Geolocation Settings (3/6) (refer to README.md) ==');
$settings['IPGEO_API_KEY'] = $this->ask('API Key');
$settings = [];
$this->info('== Notification Settings (4/6) (Email) ==');
$settings['MAIL_USERNAME'] = $this->ask('SMTP Username');
$settings['MAIL_PASSWORD'] = $this->secret('SMTP Password (Input won\'t be seen)');
$settings['MAIL_PORT'] = $this->ask('SMTP Server Port');
$settings['MAIL_HOST'] = $this->ask('SMTP Server Hostname');
$settings['MAIL_FROM'] = $this->ask('E-mail address to send from: ');
$this->info('>> Configuring application - We\'re going to ask a few questions here!');
do
{
$this->info('== Database Settings (1/6) ==');
$this->info('== Notification Settings (5/6) (Slack) ==');
$settings['SLACK_INTEGRATION_WEBHOOK'] = $this->ask('Integration webhook URL');
$settings['DB_USERNAME'] = $this->ask('Database username');
$settings['DB_PASSWORD'] = $this->secret('Database password (Input won\'t be seen)');
$settings['DB_DATABASE'] = $this->ask('Database name');
$settings['DB_PORT'] = $this->ask('Database port');
$settings['DB_HOST'] = $this->ask('Database hostname');
$this->info('== Web Settings (6/6) ==');
$settings['APP_URL'] = $this->ask('Application\'s URL (ex. https://where.you.installed.theapp.com): ');
$settings['APP_LOGO'] = $this->ask('App logo (Link to an image): ');
$settings['APP_SITEHOMEPAGE'] = $this->ask('Site homepage (appears in the main header): ');
} while (! $this->confirm('Are you sure you want to save these settings? You can always go back and try again.'));
$this->info('== Antispam Settings (2/6) (Recaptcha v2) ==');
$settings['RECAPTCHA_SITE_KEY'] = $this->ask('Site key');
$settings['RECAPTCHA_PRIVATE_KEY'] = $this->ask('Private site key');
foreach ($settings as $keyname => $value) {
$this->call('environment:modify', [
'key' => $keyname,
'value' => $value,
]);
}
$this->info('== IP Geolocation Settings (3/6) (refer to README.md) ==');
$settings['IPGEO_API_KEY'] = $this->ask('API Key');
$this->info('>> Saved configuration settings!');
$this->info('>> Preparing database...');
$this->info('== Notification Settings (4/6) (Email) ==');
$settings['MAIL_USERNAME'] = $this->ask('SMTP Username');
$settings['MAIL_PASSWORD'] = $this->secret('SMTP Password (Input won\'t be seen)');
$settings['MAIL_PORT'] = $this->ask('SMTP Server Port');
$settings['MAIL_HOST'] = $this->ask('SMTP Server Hostname');
$this->callSilent('config:cache');
$this->call('migrate');
$this->call('db:seed');
$this->info('== Notification Settings (5/6) (Slack) ==');
$settings['SLACK_INTEGRATION_WEBHOOK'] = $this->ask('Integration webhook URL');
touch($basePath.'/INSTALLED');
$this->info('== Web Settings (6/6) ==');
$settings['APP_URL'] = $this->ask('Application\'s URL');
} while(!$this->confirm('Are you sure you want to save these settings? You can always go back and try again.'));
foreach($settings as $keyname => $value)
{
$this->call('environment:modify', [
'key' => $keyname,
'value' => $value
]);
}
$this->info('>> Saved configuration settings!');
$this->info('>> Preparing database...');
$this->callSilent('config:cache');
$this->call('migrate');
$this->call('db:seed');
touch($basePath . '/INSTALLED');
$this->call('up');
$this->info('>> All done! Visit ' . $basePath . ' to start using your brand new installation of Raspberry Teams!');
}
else
{
$this->error('[!] The application is already installed!');
$this->call('up');
$this->info('>> All done! Visit '.$basePath.' to start using your brand new installation of Raspberry Teams!');
} else {
$this->error('[!] The application is already installed!');
}
}
}

43
app/Console/Commands/SetEnv.php
View File

@@ -1,9 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands;
use Illuminate\Console\Command;
use GeoSot\EnvEditor\Facades\EnvEditor;
use Illuminate\Console\Command;
class SetEnv extends Command
{
@@ -37,20 +56,16 @@ class SetEnv extends Command
*/
public function handle()
{
$path = base_path('/.env');
$key = $this->argument('key');
$value = $this->argument('value');
$path = base_path('/.env');
$key = $this->argument('key');
$value = $this->argument('value');
if (file_exists($path)) {
EnvEditor::editKey($key, $value);
} else {
$this->error('Cannot update a file that doesn\'t exist! Please create .env first.');
if (file_exists($path))
{
EnvEditor::editKey($key, $value);
}
else
{
$this->error('Cannot update a file that doesn\'t exist! Please create .env first.');
return false;
}
return false;
}
}
}

21
app/Console/Kernel.php
View File

@@ -1,10 +1,29 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console;
use App\Jobs\CleanBans;
use Illuminate\Console\Scheduling\Schedule;
use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
use App\Jobs\CleanBans;
class Kernel extends ConsoleKernel
{

50
app/CustomFacades/IP.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\CustomFacades;
use Illuminate\Support\Facades\Cache;
@@ -7,7 +26,6 @@ use Illuminate\Support\Facades\Http;
class IP
{
/**
* Looks up information on a specified IP address. Caches results automatically.
* @param string $IP IP address to lookup
@@ -15,28 +33,18 @@ class IP
*/
public function lookup(string $IP): object
{
if (empty($IP))
{
throw new LogicException(__METHOD__ . 'is missing parameter IP!');
}
$params = [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP
];
// TODO: Maybe unwrap this? Methods are chained here
return json_decode(Cache::remember($IP, 3600, function() use ($IP)
{
return Http::get(config('general.urls.ipapi.ipcheck'), [
$params = [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP
])->body();
}));
'ip' => $IP,
];
// TODO: Maybe unwrap this? Methods are chained here
return json_decode(Cache::remember($IP, 3600, function () use ($IP) {
return Http::get(config('general.urls.ipapi.ipcheck'), [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP,
])->body();
}));
}
}

25
app/Events/ApplicationApprovedEvent.php
View File

@@ -1,13 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use App\Application;
use Illuminate\Broadcasting\Channel;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
@@ -26,6 +41,4 @@ class ApplicationApprovedEvent
{
$this->application = $application;
}
}

24
app/Events/ApplicationDeniedEvent.php
View File

@@ -1,13 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use App\Application;
use Illuminate\Broadcasting\Channel;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
@@ -26,5 +41,4 @@ class ApplicationDeniedEvent
{
$this->application = $application;
}
}

22
app/Events/NewApplicationEvent.php
View File

@@ -1,12 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use Illuminate\Broadcasting\Channel;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;

30
app/Events/UserBannedEvent.php
View File

@@ -1,23 +1,36 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use Illuminate\Broadcasting\Channel;
use App\Ban;
use App\User;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
use App\User;
use App\Ban;
class UserBannedEvent
{
use Dispatchable, InteractsWithSockets, SerializesModels;
public $user;
public $ban;
@@ -32,5 +45,4 @@ class UserBannedEvent
$this->user = $user;
$this->ban = $ban;
}
}

19
app/Exceptions/Handler.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Exceptions;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;

32
app/Facades/ContextAwareValidation.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class ContextAwareValidation extends Facade
{
protected static function getFacadeAccessor()
{
return 'contextAwareValidator';
}
}

19
app/Facades/IP.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;

32
app/Facades/Options.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class Options extends Facade
{
public static function getFacadeAccessor()
{
return 'smOptions';
}
}

23
app/Facades/UUID.php
View File

@@ -1,13 +1,32 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class UUID extends Facade
class UUID extends Facade
{
protected static function getFacadeAccessor()
{
return 'uuidConversionFacade';
}
}
}

23
app/Form.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
@@ -10,13 +29,13 @@ class Form extends Model
'formName',
'formStructure',
'formStatus'
'formStatus',
];
public function vacancies()
{
return $this->hasMany('vacancies', 'vacancyFormID', 'id');
return $this->hasMany('App\Vacancy', 'vacancyFormID', 'id');
}
public function responses()

141
app/Helpers/ContextAwareValidator.php Normal file
View File

@@ -0,0 +1,141 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Helpers;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Validator;
class ContextAwareValidator
{
/**
* The excludedNames array will make the validator ignore any of these names when including names into the rules.
* @var array
*/
private $excludedNames = [
'_token',
'_method',
'formName',
];
/**
* Utility wrapper for json_encode.
*
* @param array $value The array to be converted.
* @return string The JSON representation of $value
*/
private function encode(array $value): string
{
return json_encode($value);
}
/**
* The getValidator() method will take an array of fields from the request body, iterates through them,
* and dynamically adds validation rules for them. Depending on parameters, it may or may not generate
* a form structure for rendering purposes.
*
* This method is mostly meant by internal use by means of static proxies (Facades), in order to reduce code repetition;
* Using it outside it's directed scope may cause unexpected results; For instance, the method expects inputs to be in array format, e.g. myFieldNameID1[],
* myFieldNameID2[], and so on and so forth.
*
* This isn't checked by the code yet, but if you're implementing it this way in the HTML markup, make sure it's consistent (e.g. use a loop).
*
* P.S This method automatically ignores the CSRF token for validation.
*
* @param array $fields The request form fields
* @param bool $generateStructure Whether to incldue a JSON-ready form structure for rendering
* @param bool $includeFormName Whether to include formName in the list of validation rules
* @return Validator|Collection A validator instance you can use to check for validity, or a Collection with a validator and structure (validator, structure)
*/
public function getValidator(array $fields, bool $generateStructure = false, bool $includeFormName = false)
{
$formStructure = [];
$validator = [];
if ($includeFormName) {
$validator['formName'] = 'required|string|max:100';
}
foreach ($fields as $fieldName => $field) {
if (! in_array($fieldName, $this->excludedNames)) {
$validator[$fieldName.'.0'] = 'required|string';
$validator[$fieldName.'.1'] = 'required|string';
if ($generateStructure) {
$formStructure['fields'][$fieldName]['title'] = $field[0];
$formStructure['fields'][$fieldName]['type'] = $field[1];
}
}
}
$validatorInstance = Validator::make($fields, $validator);
return ($generateStructure) ?
collect([
'validator' => $validatorInstance,
'structure' => $this->encode($formStructure),
])
: $validatorInstance;
}
/**
* The getResponseValidator method is similar to the getValidator method; It basically takes
* an array of fields from a previous form (that probably went through the other method) and adds validation
* to the field names.
*
* Also generates the storable response structure if you tell it to.
*
* @param array $fields The received fields
* @param array $formStructure The form structure - You must supply this if you want the response structure
* @param bool $generateResponseStructure Whether to generate the response structure
* @return Validator|Collection A collection or a validator, depending on the args. Will return validatior if only fields are supplied.
*/
public function getResponseValidator(array $fields, array $formStructure = [], bool $generateResponseStructure = true)
{
$responseStructure = [];
$validator = [];
if (empty($formStructure) && $generateResponseStructure) {
throw new \InvalidArgumentException('Illegal combination of arguments supplied! Please check the method\'s documentation.');
}
foreach ($fields as $fieldName => $value) {
if (! in_array($fieldName, $this->excludedNames)) {
$validator[$fieldName] = 'required|string';
if ($generateResponseStructure) {
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
}
$validatorInstance = Validator::make($fields, $validator);
return ($generateResponseStructure) ?
collect([
'validator' => $validatorInstance,
'responseStructure' => $this->encode($responseStructure),
])
: $validatorInstance;
}
}

105
app/Helpers/Options.php Normal file
View File

@@ -0,0 +1,105 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Helpers;
use App\Options as Option;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Log;
class Options
{
public function getOption(string $option): string
{
$value = Cache::get($option);
if (is_null($value)) {
Log::debug('Option '.$option.'not found in cache, refreshing from database');
$value = Option::where('option_name', $option)->first();
if (is_null($value)) {
throw new \Exception('This option does not exist.');
}
Cache::put($option, $value);
Cache::put($option.'_desc', 'Undefined description');
}
return $value->option_value;
}
public function setOption(string $option, string $value, string $description)
{
Option::create([
'option_name' => $option,
'option_value' => $value,
'friendly_name' => $description,
]);
Cache::put($option, $value, now()->addDay());
Cache::put($option.'_desc', $description, now()->addDay());
}
public function pullOption($option): array
{
$oldOption = Option::where('option_name', $option)->first();
Option::find($oldOption->id)->delete();
// putMany is overkill here
return [
Cache::pull($option),
Cache::pull($option.'_desc'),
];
}
public function changeOption($option, $newValue)
{
$dbOption = Option::where('option_name', $option);
if ($dbOption->first()) {
$dbOptionInstance = Option::find($dbOption->first()->id);
Cache::forget($option);
Log::debug('Changing db configuration option', [
'old_value' => $dbOptionInstance->option_value,
'new_value' => $newValue,
]);
$dbOptionInstance->option_value = $newValue;
$dbOptionInstance->save();
Log::debug('New db configuration option saved',
[
'option' => $dbOptionInstance->option_value,
]);
Cache::put('option_name', $newValue, now()->addDay());
} else {
throw new \Exception('This option does not exist.');
}
}
public function optionExists(string $option): bool
{
$dbOption = Option::where('option_name', $option)->first();
$locallyCachedOption = Cache::get($option);
return ! is_null($dbOption) || ! is_null($locallyCachedOption);
}
}

201
app/Http/Controllers/ApplicationController.php
View File

@@ -1,21 +1,36 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Response;
use App\Vacancy;
use App\User;
use App\Events\ApplicationDeniedEvent;
use App\Notifications\NewApplicant;
use App\Notifications\ApplicationMoved;
use App\Notifications\NewApplicant;
use App\Response;
use App\User;
use App\Vacancy;
use ContextAwareValidator;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Log;
class ApplicationController extends Controller
@@ -24,10 +39,8 @@ class ApplicationController extends Controller
{
$allvotes = collect([]);
foreach ($votes as $vote)
{
if ($vote->userID == Auth::user()->id)
{
foreach ($votes as $vote) {
if ($vote->userID == Auth::user()->id) {
$allvotes->push($vote);
}
}
@@ -35,25 +48,17 @@ class ApplicationController extends Controller
return ($allvotes->count() == 1) ? false : true;
}
public function showUserApps()
{
return view('dashboard.user.applications')
->with('applications', Auth::user()->applications);
}
public function showUserApp(Request $request, $applicationID)
public function showUserApp(Request $request, Application $application)
{
// TODO: Inject it instead (do this where there is no injection, not just here)
$application = Application::find($applicationID);
$this->authorize('view', $application);
if (!is_null($application))
{
if (! is_null($application)) {
return view('dashboard.user.viewapp')
->with(
[
@@ -62,27 +67,24 @@ class ApplicationController extends Controller
'structuredResponses' => json_decode($application->response->responseData, true),
'formStructure' => $application->response->form,
'vacancy' => $application->response->vacancy,
'canVote' => $this->canVote($application->votes)
'canVote' => $this->canVote($application->votes),
]
);
}
else
{
} else {
$request->session()->flash('error', 'The application you requested could not be found.');
}
return redirect()->back();
}
public function showAllApps()
{
$this->authorize('viewAny', Application::class);
return view('dashboard.appmanagement.all')
->with('applications', Application::paginate(6));
}
public function showAllPendingApps()
{
$this->authorize('viewAny', Application::class);
@@ -91,7 +93,6 @@ class ApplicationController extends Controller
->with('applications', Application::where('applicationStatus', 'STAGE_SUBMITTED')->get());
}
public function showPendingInterview()
{
$this->authorize('viewAny', Application::class);
@@ -101,16 +102,12 @@ class ApplicationController extends Controller
$pendingInterviews = collect([]);
$upcomingInterviews = collect([]);
foreach ($applications as $application)
{
if (!is_null($application->appointment) && $application->appointment->appointmentStatus == 'CONCLUDED')
{
$count =+ 1;
foreach ($applications as $application) {
if (! is_null($application->appointment) && $application->appointment->appointmentStatus == 'CONCLUDED') {
$count = +1;
}
switch ($application->applicationStatus)
{
switch ($application->applicationStatus) {
case 'STAGE_INTERVIEW':
$upcomingInterviews->push($application);
@@ -121,29 +118,24 @@ class ApplicationController extends Controller
break;
}
}
return view('dashboard.appmanagement.interview')
->with([
'finishedCount' => $count,
'applications' => $pendingInterviews,
'upcomingApplications' => $upcomingInterviews
'upcomingApplications' => $upcomingInterviews,
]);
}
public function showPeerReview()
{
$this->authorize('viewAny', Application::class);
return view('dashboard.appmanagement.peerreview')
->with('applications', Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get());
}
public function renderApplicationForm(Request $request, $vacancySlug)
{
// FIXME: Get rid of references to first(), this is a wonky query
@@ -151,74 +143,44 @@ class ApplicationController extends Controller
$firstVacancy = $vacancyWithForm->first();
if (!$vacancyWithForm->isEmpty() && $firstVacancy->vacancyCount !== 0 && $firstVacancy->vacancyStatus == 'OPEN')
{
if (! $vacancyWithForm->isEmpty() && $firstVacancy->vacancyCount !== 0 && $firstVacancy->vacancyStatus == 'OPEN') {
return view('dashboard.application-rendering.apply')
->with([
'vacancy' => $vacancyWithForm->first(),
'preprocessedForm' => json_decode($vacancyWithForm->first()->forms->formStructure, true)
'preprocessedForm' => json_decode($vacancyWithForm->first()->forms->formStructure, true),
]);
}
else
{
} else {
abort(404, 'The application you\'re looking for could not be found or it is currently unavailable.');
}
}
public function saveApplicationAnswers(Request $request, $vacancySlug)
{
$vacancy = Vacancy::with('forms')->where('vacancySlug', $vacancySlug)->get();
if ($vacancy->first()->vacancyCount == 0 || $vacancy->first()->vacancyStatus !== 'OPEN')
{
$request->session()->flash('error', 'This application is unavailable.');
return redirect()->back();
if ($vacancy->first()->vacancyCount == 0 || $vacancy->first()->vacancyStatus !== 'OPEN') {
$request->session()->flash('error', 'This application is unavailable.');
return redirect()->back();
}
Log::info('Processing new application!');
$formStructure = json_decode($vacancy->first()->forms->formStructure, true);
$responseStructure = [];
$excludedNames = [
'_token',
];
$validator = [];
foreach($request->all() as $fieldName => $value)
{
if(!in_array($fieldName, $excludedNames))
{
$validator[$fieldName] = 'required|string';
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
$responseValidation = ContextAwareValidator::getResponseValidator($request->all(), $formStructure);
Log::info('Built response & validator structure!');
$validation = Validator::make($request->all(), $validator);
if (!$validation->fails())
{
if (! $responseValidation->get('validator')->fails()) {
$response = Response::create([
'responseFormID' => $vacancy->first()->forms->id,
'associatedVacancyID' => $vacancy->first()->id, // Since a form can be used by multiple vacancies, we can only know which specific vacancy this response ties to by using a vacancy ID
'responseData' => json_encode($responseStructure)
'responseData' => $responseValidation->get('responseStructure'),
]);
Log::info('Registered form response for user ' . Auth::user()->name . ' for vacancy ' . $vacancy->first()->vacancyName);
Log::info('Registered form response for user '.Auth::user()->name.' for vacancy '.$vacancy->first()->vacancyName);
$application = Application::create([
'applicantUserID' => Auth::user()->id,
@@ -226,60 +188,57 @@ class ApplicationController extends Controller
'applicationStatus' => 'STAGE_SUBMITTED',
]);
Log::info('Submitted application for user ' . Auth::user()->name . ' with response ID' . $response->id);
Log::info('Submitted application for user '.Auth::user()->name.' with response ID'.$response->id);
foreach(User::all() as $user)
{
if ($user->hasRole('admin'))
{
$user->notify((new NewApplicant($application, $vacancy->first()))->delay(now()->addSeconds(10)));
}
foreach (User::all() as $user) {
if ($user->hasRole('admin')) {
$user->notify((new NewApplicant($application, $vacancy->first()))->delay(now()->addSeconds(10)));
}
}
$request->session()->flash('success', 'Thank you for your application! It will be reviewed as soon as possible.');
return redirect()->to(route('showUserApps'));
}
else
{
Log::warning('Application form for ' . Auth::user()->name . ' contained errors, resetting!');
$request->session()->flash('error', 'There are one or more errors in your application. Please make sure none of your fields are empty, since they are all required.');
return redirect()->to(route('showUserApps'));
} else {
Log::warning('Application form for '.Auth::user()->name.' contained errors, resetting!');
$request->session()->flash('error', 'There are one or more errors in your application. Please make sure none of your fields are empty, since they are all required.');
}
return redirect()->back();
}
public function updateApplicationStatus(Request $request, $applicationID, $newStatus)
public function updateApplicationStatus(Request $request, Application $application, $newStatus)
{
$application = Application::find($applicationID);
$this->authorize('update', Application::class);
if (!is_null($application))
{
switch ($newStatus)
{
case 'deny':
switch ($newStatus) {
case 'deny':
event(new ApplicationDeniedEvent($application));
break;
event(new ApplicationDeniedEvent($application));
break;
case 'interview':
Log::info('User ' . Auth::user()->name . ' has moved application ID ' . $application->id . 'to interview stage');
$request->session()->flash('success', 'Application moved to interview stage! (:');
$application->setStatus('STAGE_INTERVIEW');
case 'interview':
Log::info('User '.Auth::user()->name.' has moved application ID '.$application->id.'to interview stage');
$request->session()->flash('success', 'Application moved to interview stage! (:');
$application->setStatus('STAGE_INTERVIEW');
$application->user->notify(new ApplicationMoved());
break;
$application->user->notify(new ApplicationMoved());
break;
default:
$request->session()->flash('error', 'There are no suitable statuses to update to. Do not mess with the URL.');
}
}
else
{
$request->session()->flash('The application you\'re trying to update does not exist.');
default:
$request->session()->flash('error', 'There are no suitable statuses to update to. Do not mess with the URL.');
}
return redirect()->back();
}
public function delete(Request $request, Application $application)
{
$this->authorize('delete', $application);
$application->delete(); // observers will run, cleaning it up
$request->session()->flash('success', 'Application deleted. Comments, appointments and responses have also been deleted.');
return redirect()->back();
}
}

117
app/Http/Controllers/AppointmentController.php
View File

@@ -1,14 +1,33 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Http\Requests\SaveNotesRequest;
use Carbon\Carbon;
use Illuminate\Http\Request;
use App\Appointment;
use App\Http\Requests\SaveNotesRequest;
use App\Notifications\ApplicationMoved;
use App\Notifications\AppointmentScheduled;
use Carbon\Carbon;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
@@ -20,99 +39,69 @@ class AppointmentController extends Controller
'DISCORD',
'SKYPE',
'MEET',
'TEAMSPEAK'
'TEAMSPEAK',
];
public function saveAppointment(Request $request, $applicationID)
public function saveAppointment(Request $request, Application $application)
{
// Unrelated TODO: change if's in application page to a switch statement, & have the row encompass it
$this->authorize('create', Appointment::class);
$appointmentDate = Carbon::parse($request->appointmentDateTime);
$app = Application::find($applicationID);
$appointment = Appointment::create([
'appointmentDescription' => $request->appointmentDescription,
'appointmentDate' => $appointmentDate->toDateTimeString(),
'applicationID' => $application->id,
'appointmentLocation' => (in_array($request->appointmentLocation, $this->allowedPlatforms)) ? $request->appointmentLocation : 'DISCORD',
]);
$application->setStatus('STAGE_INTERVIEW_SCHEDULED');
if (!is_null($app))
{
// make sure this is a valid date by parsing it first
$appointmentDate = Carbon::parse($request->appointmentDateTime);
Log::info('User '.Auth::user()->name.' has scheduled an appointment with '.$application->user->name.' for application ID'.$application->id, [
'datetime' => $appointmentDate->toDateTimeString(),
'scheduled' => now(),
]);
$appointment = Appointment::create([
'appointmentDescription' => $request->appointmentDescription,
'appointmentDate' => $appointmentDate->toDateTimeString(),
'applicationID' => $applicationID,
'appointmentLocation' => (in_array($request->appointmentLocation, $this->allowedPlatforms)) ? $request->appointmentLocation : 'DISCORD',
]);
$app->setStatus('STAGE_INTERVIEW_SCHEDULED');
Log::info('User ' . Auth::user()->name . ' has scheduled an appointment with ' . $app->user->name . ' for application ID' . $app->id, [
'datetime' => $appointmentDate->toDateTimeString(),
'scheduled' => now()
]);
$app->user->notify(new AppointmentScheduled($appointment));
$request->session()->flash('success', 'Appointment successfully scheduled @ ' . $appointmentDate->toDateTimeString());
}
else
{
$request->session()->flash('error', 'Cant\'t schedule an appointment for an application that doesn\'t exist.');
}
$application->user->notify(new AppointmentScheduled($appointment));
$request->session()->flash('success', 'Appointment successfully scheduled @ '.$appointmentDate->toDateTimeString());
return redirect()->back();
}
public function updateAppointment(Request $request, $applicationID, $status)
public function updateAppointment(Request $request, Application $application, $status)
{
$this->authorize('update', $application->appointment);
$this->authorize('update', Appointment::class);
$application = Application::find($applicationID);
$validStatuses = [
'SCHEDULED',
'CONCLUDED'
'SCHEDULED',
'CONCLUDED',
];
// NOTE: This is a little confusing, refactor
$application->appointment->appointmentStatus = (in_array($status, $validStatuses)) ? strtoupper($status) : 'SCHEDULED';
$application->appointment->save();
if (!is_null($application))
{
// NOTE: This is a little confusing, refactor
$application->appointment->appointmentStatus = (in_array($status, $validStatuses)) ? strtoupper($status) : 'SCHEDULED';
$application->appointment->save();
$application->setStatus('STAGE_PEERAPPROVAL');
$application->user->notify(new ApplicationMoved());
$application->setStatus('STAGE_PEERAPPROVAL');
$application->user->notify(new ApplicationMoved());
$request->session()->flash('success', 'Interview finished! Staff members can now vote on it.');
}
else
{
$request->session()->flash('error', 'The application you\'re trying to update doesn\'t exist or have an appointment.');
}
$request->session()->flash('success', 'Interview finished! Staff members can now vote on it.');
return redirect()->back();
}
// also updates
public function saveNotes(SaveNotesRequest $request, $applicationID)
public function saveNotes(SaveNotesRequest $request, Application $application)
{
$application = Application::find($applicationID);
if (! is_null($application)) {
$application->load('appointment');
if (!is_null($application))
{
$application->appointment->meetingNotes = $request->noteText;
$application->appointment->save();
$request->session()->flash('success', 'Meeting notes have been saved.');
}
else
{
$request->session()->flash('error', 'Sanity check failed: There\'s no appointment to save notes to!');
} else {
$request->session()->flash('error', 'There\'s no appointment to save notes to!');
}
return redirect()->back();
}
}

20
app/Http/Controllers/Auth/ConfirmPasswordController.php
View File

@@ -1,9 +1,27 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ConfirmsPasswords;
class ConfirmPasswordController extends Controller

19
app/Http/Controllers/Auth/ForgotPasswordController.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;

39
app/Http/Controllers/Auth/LoginController.php
View File

@@ -1,10 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\User;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\User;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
@@ -44,26 +62,19 @@ class LoginController extends Controller
// We can't customise the error message, since that would imply overriding the login method, which is large.
// Also, the user should never know that they're banned.
public function attemptLogin(Request $request)
public function attemptLogin(Request $request)
{
$user = User::where('email', $request->email)->first();
if ($user)
{
if ($user) {
$isBanned = $user->isBanned();
if ($isBanned)
{
if ($isBanned) {
return false;
}
else
{
} else {
return $this->originalAttemptLogin($request);
}
}
return $this->originalAttemptLogin($request);
}
}

35
app/Http/Controllers/Auth/RegisterController.php
View File

@@ -1,15 +1,32 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Profile;
use App\Providers\RouteServiceProvider;
use App\User;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use function GuzzleHttp\Psr7\str;
class RegisterController extends Controller
{
@@ -47,10 +64,8 @@ class RegisterController extends Controller
{
$users = User::where('originalIP', \request()->ip())->get();
foreach($users as $user)
{
if ($user && $user->isBanned())
{
foreach ($users as $user) {
if ($user && $user->isBanned()) {
abort(403, 'You do not have permission to access this page.');
}
}
@@ -70,9 +85,9 @@ class RegisterController extends Controller
'uuid' => ['required', 'string', 'unique:users', 'min:32', 'max:32'],
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:8', 'confirmed'],
'password' => ['required', 'string', 'min:10', 'confirmed', 'regex:/^.*(?=.{3,})(?=.*[a-zA-Z])(?=.*[0-9])(?=.*[\d\x])(?=.*[!$#%]).*$/'],
], [
'uuid.required' => 'Please enter a valid (and Premium) Minecraft username! We do not support cracked users.'
'uuid.required' => 'Please enter a valid (and Premium) Minecraft username! We do not support cracked users.',
]);
}
@@ -84,19 +99,19 @@ class RegisterController extends Controller
*/
protected function create(array $data)
{
$user = User::create([
'uuid' => $data['uuid'],
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
'originalIP' => request()->ip()
'originalIP' => request()->ip(),
]);
// It's not the registration controller's concern to create a profile for the user,
// so this code has been moved to it's respective observer, following the separation of concerns pattern.
$user->assignRole('user');
return $user;
}
}

20
app/Http/Controllers/Auth/ResetPasswordController.php
View File

@@ -1,9 +1,27 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ResetsPasswords;
class ResetPasswordController extends Controller

32
app/Http/Controllers/Auth/TwofaController.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Traits\AuthenticatesTwoFactor;
class TwofaController extends Controller
{
use AuthenticatesTwoFactor;
protected $redirectTo = '/dashboard';
}

20
app/Http/Controllers/Auth/VerificationController.php
View File

@@ -1,9 +1,27 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\VerifiesEmails;
class VerificationController extends Controller

81
app/Http/Controllers/BanController.php
View File

@@ -1,91 +1,94 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Ban;
use App\User;
use App\Events\UserBannedEvent;
use App\Http\Requests\BanUserRequest;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class BanController extends Controller
{
public function insert(BanUserRequest $request, User $user)
{
$this->authorize('create', [Ban::class, $user]);
if ($user->is(Auth::user()))
{
$request->session()->flash('error', 'You can\'t ban yourself!');
return redirect()->back();
}
if (is_null($user->bans))
{
if (is_null($user->bans)) {
$reason = $request->reason;
$duration = strtolower($request->durationOperator);
$durationOperand = $request->durationOperand;
$expiryDate = now();
if (!empty($duration))
{
$expiryDate = now();
switch($duration)
{
if (! empty($duration)) {
switch ($duration) {
case 'days':
$expiryDate->addDays($duration);
$expiryDate->addDays($durationOperand);
break;
case 'weeks':
$expiryDate->addWeeks($duration);
$expiryDate->addWeeks($durationOperand);
break;
case 'months':
$expiryDate->addMonths($duration);
$expiryDate->addMonths($durationOperand);
break;
case 'years':
$expiryDate->addYears($duration);
$expiryDate->addYears($durationOperand);
break;
}
} else {
// Essentially permanent
$expiryDate->addYears(5);
}
$ban = Ban::create([
'userID' => $user->id,
'reason' => $request->reason,
'bannedUntil' => $expiryDate->toDateTimeString() ?? null,
'userAgent' => "Unknown",
'authorUserID' => Auth::user()->id
'reason' => $reason,
'bannedUntil' => $expiryDate->format('Y-m-d H:i:s'),
'userAgent' => 'Unknown',
'authorUserID' => Auth::user()->id,
]);
event(new UserBannedEvent($user, $ban));
$request->session()->flash('success', 'User banned successfully! Ban ID: #' . $ban->id);
}
else
{
$request->session()->flash('success', 'User banned successfully! Ban ID: #'.$ban->id);
} else {
$request->session()->flash('error', 'User already banned!');
}
return redirect()->back();
}
public function delete(Request $request, User $user)
{
$this->authorize('delete', $user->bans);
if (!is_null($user->bans))
{
if (! is_null($user->bans)) {
$user->bans->delete();
$request->session()->flash('success', 'User unbanned successfully!');
}
else
{
} else {
$request->session()->flash('error', 'This user isn\'t banned!');
}

52
app/Http/Controllers/CommentController.php
View File

@@ -1,19 +1,34 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Comment;
use App\Http\Requests\NewCommentRequest;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Http\Requests\NewCommentRequest;
use App\Comment;
use App\Application;
use App\Notifications\NewComment;
use App\User;
class CommentController extends Controller
{
public function index()
{
//
@@ -22,33 +37,20 @@ class CommentController extends Controller
public function insert(NewCommentRequest $request, Application $application)
{
$this->authorize('create', Comment::class);
$comment = Comment::create([
'authorID' => Auth::user()->id,
'applicationID' => $application->id,
'text' => $request->comment
'text' => $request->comment,
]);
if ($comment)
{
foreach (User::all() as $user)
{
if ($user->isStaffMember())
{
$user->notify(new NewComment($comment, $application));
}
}
if ($comment) {
$request->session()->flash('success', 'Comment posted! (:');
}
else
{
} else {
$request->session()->flash('error', 'Something went wrong while posting your comment!');
}
return redirect()->back();
}
public function delete(Request $request, Comment $comment)
@@ -59,7 +61,5 @@ class CommentController extends Controller
$request->session()->flash('success', 'Comment deleted!');
return redirect()->back();
}
}

46
app/Http/Controllers/ContactController.php
View File

@@ -1,13 +1,39 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Notifications\NewContact;
use App\User;
use Illuminate\Http\Request;
use GuzzleHttp;
use Illuminate\Support\Facades\Http;
class ContactController extends Controller
{
protected $users;
public function __construct(User $users)
{
$this->users = $users;
}
public function create(Request $request)
{
@@ -18,23 +44,33 @@ class ContactController extends Controller
$challenge = $request->input('captcha');
// TODO: now: add middleware for this verification, move to invisible captcha
$verifyrequest = Http::asForm()->post(config('recaptcha.verify.apiurl'), [
'secret' => config('recaptcha.keys.secret'),
'response' => $challenge,
'remoteip' => $_SERVER['REMOTE_ADDR']
'remoteip' => $request->ip(),
]);
$response = json_decode($verifyrequest->getBody(), true);
if (!$response['success'])
{
if (! $response['success']) {
$request->session()->flash('error', 'Beep beep boop... Robot? Submission failed.');
return redirect()->back();
}
// TODO: Send mail
foreach (User::all() as $user) {
if ($user->hasRole('admin')) {
$user->notify(new NewContact(collect([
'message' => $msg,
'ip' => $request->ip(),
'email' => $email,
])));
}
}
$request->session()->flash('success', 'Message sent successfully! We usually respond within 48 hours.');
return redirect()->back();
}
}

19
app/Http/Controllers/Controller.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;

38
app/Http/Controllers/DashboardController.php
View File

@@ -1,16 +1,32 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Vacancy;
use App\User;
use App\Ban;
use App\Application;
use App\User;
use App\Vacancy;
class DashboardController extends Controller
{
public function index()
{
$totalPeerReview = Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get()->count();
@@ -19,13 +35,11 @@ class DashboardController extends Controller
return view('dashboard.dashboard')
->with([
'vacancies' => Vacancy::all(),
'totalUserCount' => User::all()->count(),
'totalDenied' => $totalDenied,
'totalPeerReview' => $totalPeerReview,
'totalNewApplications' => $totalNewApplications
'vacancies' => Vacancy::all(),
'totalUserCount' => User::all()->count(),
'totalDenied' => $totalDenied,
'totalPeerReview' => $totalPeerReview,
'totalNewApplications' => $totalNewApplications,
]);
}
}

38
app/Http/Controllers/DevToolsController.php
View File

@@ -1,31 +1,59 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Events\ApplicationApprovedEvent;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class DevToolsController extends Controller
{
// The use case for Laravel's gate and/or validation Requests is so tiny here that a full-blown policy would be overkill.
protected function isolatedAuthorise()
{
if (! Auth::user()->can('admin.developertools.use')) {
abort(403, 'You\'re not authorized to access this page.');
}
}
public function index()
{
$this->isolatedAuthorise();
return view('dashboard.administration.devtools')
->with('applications', Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get());
}
public function forceVoteCount(Request $request)
{
$this->isolatedAuthorise();
$application = Application::find($request->application);
if (!is_null($application))
{
if (! is_null($application)) {
event(new ApplicationApprovedEvent($application));
$request->session()->flash('success', 'Event dispatched! Please check the debug logs for more info');
}
else
{
} else {
$request->session()->flash('error', 'Application doesn\'t exist!');
}

123
app/Http/Controllers/FormController.php
View File

@@ -1,15 +1,32 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Form;
use ContextAwareValidator;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Auth;
class FormController extends Controller
{
public function index()
{
$forms = Form::all();
@@ -22,77 +39,97 @@ class FormController extends Controller
public function showFormBuilder()
{
$this->authorize('viewFormbuilder', Form::class);
return view('dashboard.administration.formbuilder');
}
public function saveForm(Request $request)
{
$this->authorize('create', Form::class);
$fields = $request->all();
$formFields = $request->all();
$contextValidation = ContextAwareValidator::getValidator($fields, true, true);
$formStructure = [];
$excludedNames = [
'_token',
'formName' // It's added outside the loop. Not excluding causes unwanted duplication.
];
$validator = [
'formName' => 'required|string|max:100'
];
foreach ($formFields as $fieldName => $field)
{
if(!in_array($fieldName, $excludedNames))
{
$validator[$fieldName . ".0"] = 'required|string';
$validator[$fieldName . ".1"] = 'required|string';
$formStructure['fields'][$fieldName]['title'] = $field[0];
$formStructure['fields'][$fieldName]['type'] = $field[1];
}
}
$validation = Validator::make($formFields, $validator);
if (!$validation->fails())
{
$storableFormStructure = json_encode($formStructure);
if (! $contextValidation->get('validator')->fails()) {
$storableFormStructure = $contextValidation->get('structure');
Form::create(
[
'formName' => $formFields['formName'],
'formName' => $fields['formName'],
'formStructure' => $storableFormStructure,
'formStatus' => 'ACTIVE'
'formStatus' => 'ACTIVE',
]
);
$request->session()->flash('success', 'Form created! You can now link this form to a vacancy.');
return redirect()->to(route('showForms'));
}
$request->session()->flash('errors', $validation->errors()->getMessages());
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
return redirect()->back();
}
public function destroy(Request $request, $id)
public function destroy(Request $request, Form $form)
{
$form = Form::find($id);
$this->authorize('delete', $form);
$deletable = true;
// TODO: Check if form is linked to vacancies before allowing deletion
if (!is_null($form))
{
if (! is_null($form) && ! is_null($form->vacancies) && $form->vacancies->count() !== 0 || ! is_null($form->responses)) {
$deletable = false;
}
if ($deletable) {
$form->delete();
$request->session()->flash('success', 'Form deleted successfully.');
return redirect()->back();
} else {
$request->session()->flash('error', 'You cannot delete this form because it\'s tied to one or more applications and ranks, or because it doesn\'t exist.');
}
$request->session()->flash('error', 'The form you\'re trying to delete does not exist.');
return redirect()->back();
}
public function preview(Request $request, Form $form)
{
$this->authorize('viewAny', Form::class);
return view('dashboard.administration.formpreview')
->with('form', json_decode($form->formStructure, true))
->with('title', $form->formName)
->with('formID', $form->id);
}
public function edit(Request $request, Form $form)
{
$this->authorize('update', $form);
return view('dashboard.administration.editform')
->with('formStructure', json_decode($form->formStructure, true))
->with('title', $form->formName)
->with('formID', $form->id);
}
public function update(Request $request, Form $form)
{
$this->authorize('update', $form);
$contextValidation = ContextAwareValidator::getValidator($request->all(), true);
$this->authorize('update', $form);
if (! $contextValidation->get('validator')->fails()) {
// Add the new structure into the form. New, subsquent fields will be identified by the "new" prefix
// This prefix doesn't actually change the app's behavior when it receives applications.
// Additionally, old applications won't of course display new and updated fields, because we can't travel into the past and get data for them
$form->formStructure = $contextValidation->get('structure');
$form->save();
$request->session()->flash('success', 'Hooray! Your form was updated. New applications for it\'s vacancy will use it.');
} else {
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
}
return redirect()->to(route('previewForm', ['form' => $form->id]));
}
}

32
app/Http/Controllers/HomeController.php
View File

@@ -1,10 +1,27 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Vacancy;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class HomeController extends Controller
{
@@ -15,14 +32,9 @@ class HomeController extends Controller
*/
public function index()
{
// TODO: Relationships for Applications, Users and Responses
// Also prevent apps if user already has one in the space of 30d
// Display apps in the relevant menus
$positions = DB::table('vacancies')
->where('vacancyStatus', 'OPEN')
->where('vacancyCount', '!=', 0)
->get();
$positions = Vacancy::where('vacancyStatus', 'OPEN')
->where('vacancyCount', '<>', 0)
->get();
return view('home')
->with('positions', $positions);

85
app/Http/Controllers/OptionsController.php Normal file
View File

@@ -0,0 +1,85 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Facades\Options;
use App\Options as Option;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class OptionsController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Http\Response|\Illuminate\View\View
*/
public function index()
{
// TODO: Obtain this from the facade
$options = Option::all();
return view('dashboard.administration.settings')
->with('options', $options);
}
public function saveSettings(Request $request)
{
if (Auth::user()->can('admin.settings.edit')) {
Log::debug('Updating application options', [
'ip' => $request->ip(),
'ua' => $request->userAgent(),
'username' => Auth::user()->username,
]);
foreach ($request->all() as $optionName => $option) {
try {
Log::debug('Going through option '.$optionName);
if (Options::optionExists($optionName)) {
Log::debug('Option exists, updating to new values', [
'opt' => $optionName,
'new_value' => $option,
]);
Options::changeOption($optionName, $option);
}
} catch (\Exception $ex) {
Log::error('Unable to update options!', [
'msg' => $ex->getMessage(),
'trace' => $ex->getTraceAsString(),
]);
report($ex);
$errorCond = true;
$request->session()->flash('error', 'An error occurred while trying to save settings: '.$ex->getMessage());
}
}
if (! isset($errorCond)) {
$request->session()->flash('success', 'Settings saved successfully!');
}
} else {
$request->session()->flash('error', 'You do not have permission to update this resource.');
}
return redirect()->back();
}
}

92
app/Http/Controllers/ProfileController.php
View File

@@ -1,12 +1,29 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Http\Requests\ProfileSave;
use Illuminate\Support\Facades\Log;
use App\Profile;
use App\User;
use App\Facades\IP;
use App\Http\Requests\ProfileSave;
use App\User;
use Carbon\Carbon;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
@@ -14,18 +31,15 @@ use Spatie\Permission\Models\Role;
class ProfileController extends Controller
{
public function index()
{
return view('dashboard.user.directory')
public function index()
{
return view('dashboard.user.directory')
->with('users', User::with('profile', 'bans')->paginate(9));
}
}
public function showProfile()
{
$socialLinks = Auth::user()->profile->socialLinks ?? "[]";
$socialLinks = Auth::user()->profile->socialLinks ?? '[]';
$socialMediaProfiles = json_decode($socialLinks, true);
return view('dashboard.user.profile.userprofile')
@@ -36,13 +50,11 @@ class ProfileController extends Controller
'insta' => $socialMediaProfiles['links']['insta'] ?? 'UpdateMe',
'discord' => $socialMediaProfiles['links']['discord'] ?? 'UpdateMe#12345',
]);
}
// Route model binding
public function showSingleProfile(Request $request, User $user)
{
$socialMediaProfiles = json_decode($user->profile->socialLinks, true);
$createdDate = Carbon::parse($user->created_at);
@@ -51,21 +63,15 @@ class ProfileController extends Controller
$roleList = [];
foreach($systemRoles as $role)
{
if (in_array($role, $userRoles))
{
$roleList[$role] = true;
}
else
{
$roleList[$role] = false;
}
foreach ($systemRoles as $role) {
if (in_array($role, $userRoles)) {
$roleList[$role] = true;
} else {
$roleList[$role] = false;
}
}
if (Auth::user()->is($user) || Auth::user()->can('profiles.view.others'))
{
if (Auth::user()->is($user) || Auth::user()->can('profiles.view.others')) {
return view('dashboard.user.profile.displayprofile')
->with([
'profile' => $user->profile,
@@ -73,28 +79,22 @@ class ProfileController extends Controller
'twitter' => $socialMediaProfiles['links']['twitter'] ?? 'UpdateMe',
'insta' => $socialMediaProfiles['links']['insta'] ?? 'UpdateMe',
'discord' => $socialMediaProfiles['links']['discord'] ?? 'UpdateMe#12345',
'since' => $createdDate->englishMonth . " " . $createdDate->year,
'since' => $createdDate->englishMonth.' '.$createdDate->year,
'ipInfo' => IP::lookup($user->originalIP),
'roles' => $roleList
'roles' => $roleList,
]);
}
else
{
} else {
abort(403, 'You cannot view someone else\'s profile.');
}
}
public function saveProfile(ProfileSave $request)
{
// TODO: Switch to route model binding
$profile = User::find(Auth::user()->id)->profile;
$social = [];
if (!is_null($profile))
{
switch ($request->avatarPref)
{
if (! is_null($profile)) {
switch ($request->avatarPref) {
case 'MOJANG':
$avatarPref = 'crafatar';
@@ -118,24 +118,8 @@ class ProfileController extends Controller
$newProfile = $profile->save();
$request->session()->flash('success', 'Profile settings saved successfully.');
}
else
{
$gm = 'Guru Meditation #' . rand(0, 1000);
Log::alert('[GURU MEDITATION]: Could not find profile for authenticated user ' . Auth::user()->name . 'whilst trying to update it! Please verify that profiles are being created automatically during signup.',
[
'uuid' => Auth::user()->uuid,
'timestamp' => now(),
'route' => $request->route()->getName(),
'gmcode' => $gm // If this error is reported, the GM code, denoting a severe error, will help us find this entry in the logs
]);
$request->session()->flash('error', 'A technical error has occurred whilst trying to save your profile. Incident details have been recorded. Please report this incident to administrators with the following case number: ' . $gm);
}
return redirect()->back();
}
}

21
app/Http/Controllers/ResponseController.php
View File

@@ -1,8 +1,25 @@
<?php
namespace App\Http\Controllers;
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
use Illuminate\Http\Request;
namespace App\Http\Controllers;
class ResponseController extends Controller
{

21
app/Http/Controllers/StaffProfileController.php
View File

@@ -1,8 +1,25 @@
<?php
namespace App\Http\Controllers;
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
use Illuminate\Http\Request;
namespace App\Http\Controllers;
class StaffProfileController extends Controller
{

249
app/Http/Controllers/UserController.php
View File

@@ -1,30 +1,47 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Ban;
use App\Http\Requests\Add2FASecretRequest;
use App\Http\Requests\ChangeEmailRequest;
use App\Http\Requests\ChangePasswordRequest;
use App\Http\Requests\FlushSessionsRequest;
use App\Http\Requests\DeleteUserRequest;
use App\Http\Requests\FlushSessionsRequest;
use App\Http\Requests\Remove2FASecretRequest;
use App\Http\Requests\SearchPlayerRequest;
use App\Http\Requests\UpdateUserRequest;
use App\Notifications\ChangedPassword;
use App\Notifications\EmailChanged;
use App\User;
use App\Ban;
use Google2FA;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;
use App\Facades\UUID;
use App\Notifications\EmailChanged;
use App\Notifications\ChangedPassword;
use Spatie\Permission\Models\Role;
class UserController extends Controller
{
public function showStaffMembers()
{
$this->authorize('viewStaff', User::class);
@@ -32,24 +49,20 @@ class UserController extends Controller
$staffRoles = [
'reviewer',
'hiringManager',
'admin'
'admin',
]; // TODO: Un-hardcode this, move to config/roles.php
$users = User::with('roles')->get();
$staffMembers = collect([]);
foreach($users as $user)
{
if (empty($user->roles))
{
foreach ($users as $user) {
if (empty($user->roles)) {
Log::debug($user->role->name);
Log::debug('Staff list: User without role detected; Ignoring');
continue;
}
foreach($user->roles as $role)
{
if (in_array($role->name, $staffRoles))
{
foreach ($user->roles as $role) {
if (in_array($role->name, $staffRoles)) {
$staffMembers->push($user);
continue 2; // Skip directly to the next user instead of comparing more roles for the current user
}
@@ -58,7 +71,7 @@ class UserController extends Controller
return view('dashboard.administration.staff-members')
->with([
'users' => $staffMembers
'users' => $staffMembers,
]);
}
@@ -69,11 +82,9 @@ class UserController extends Controller
$users = User::with('roles')->get();
$players = collect([]);
foreach($users as $user)
{
foreach ($users as $user) {
// TODO: Might be problematic if we don't check if the role is user
if (count($user->roles) == 1)
{
if (count($user->roles) == 1) {
$players->push($user);
}
}
@@ -81,11 +92,10 @@ class UserController extends Controller
return view('dashboard.administration.players')
->with([
'users' => $players,
'bannedUserCount' => Ban::all()->count()
'bannedUserCount' => Ban::all()->count(),
]);
}
public function showPlayersLike(SearchPlayerRequest $request)
{
$this->authorize('viewPlayers', User::class);
@@ -96,28 +106,44 @@ class UserController extends Controller
->orWhere('email', 'LIKE', "%{$searchTerm}%")
->get();
if (!$matchingUsers->isEmpty())
{ $request->session()->flash('success', 'There were ' . $matchingUsers->count() . ' user(s) matching your search.');
if (! $matchingUsers->isEmpty()) {
$request->session()->flash('success', 'There were '.$matchingUsers->count().' user(s) matching your search.');
return view('dashboard.administration.players')
->with([
'users' => $matchingUsers,
'bannedUserCount' => Ban::all()->count()
'bannedUserCount' => Ban::all()->count(),
]);
}
else
{
} else {
$request->session()->flash('error', 'Your search term did not return any results.');
return redirect(route('registeredPlayerList'));
}
}
public function showAccount()
public function showAccount(Request $request)
{
return view('dashboard.user.profile.useraccount')
->with('ip', request()->ip());
}
$QRCode = null;
if (! $request->user()->has2FA()) {
if ($request->session()->has('twofaAttemptFailed')) {
$twoFactorSecret = $request->session()->get('current2FA');
} else {
$twoFactorSecret = Google2FA::generateSecretKey(32, '');
$request->session()->put('current2FA', $twoFactorSecret);
}
$QRCode = Google2FA::getQRCodeInline(
config('app.name'),
$request->user()->email,
$twoFactorSecret
);
}
return view('dashboard.user.profile.useraccount')
->with('ip', request()->ip())
->with('twofaQRCode', $QRCode);
}
public function flushSessions(FlushSessionsRequest $request)
{
@@ -125,14 +151,15 @@ class UserController extends Controller
// This will allow for other actions to be performed on certain events (like login failed event)
Auth::logoutOtherDevices($request->currentPasswordFlush);
Log::notice('User ' . Auth::user()->name . ' has logged out other devices in their account',
Log::notice('User '.Auth::user()->name.' has logged out other devices in their account',
[
'originIPAddress' => $request->ip(),
'userID' => Auth::user()->id,
'timestamp' => now()
'timestamp' => now(),
]);
$request->session()->flash('success', 'Successfully logged out other devices. Remember to change your password if you think you\'ve been compromised.');
return redirect()->back();
}
@@ -140,129 +167,165 @@ class UserController extends Controller
{
$user = User::find(Auth::user()->id);
if (!is_null($user))
{
if (! is_null($user)) {
$user->password = Hash::make($request->newPassword);
$user->save();
Log::info('User ' . $user->name . ' has changed their password', [
Log::info('User '.$user->name.' has changed their password', [
'originIPAddress' => $request->ip(),
'userID' => $user->id,
'timestamp' => now()
'timestamp' => now(),
]);
$user->notify(new ChangedPassword());
Auth::logout();
return redirect()->back();
}
}
public function changeEmail(ChangeEmailRequest $request)
{
$user = User::find(Auth::user()->id);
if (!is_null($user))
{
if (! is_null($user)) {
$user->email = $request->newEmail;
$user->save();
Log::notice('User ' . $user->name . ' has just changed their contact email address', [
Log::notice('User '.$user->name.' has just changed their contact email address', [
'originIPAddress' => $request->ip(),
'userID' => $user->id,
'timestamp' => now()
'timestamp' => now(),
]);
$user->notify(new EmailChanged());
$request->session()->flash('success', 'Your email address has been changed!');
}
else
{
} else {
$request->session()->flash('error', 'There has been an error whilst trying to update your account. Please contact administrators.');
}
return redirect()->back();
}
public function delete(DeleteUserRequest $request, User $user)
{
if ($request->confirmPrompt == 'DELETE ACCOUNT')
{
$this->authorize('delete', $user);
if ($request->confirmPrompt == 'DELETE ACCOUNT') {
$user->delete();
$request->session()->flash('success','User deleted successfully. PII has been erased.');
}
else
{
$request->session()->flash('success', 'User deleted successfully. PII has been erased.');
} else {
$request->session()->flash('error', 'Wrong confirmation text! Try again.');
}
return redirect()->route('registeredPlayerList');
}
public function update(UpdateUserRequest $request, User $user)
{
$this->authorize('adminEdit', $user);
// Mass update would not be possible here without extra code, making route model binding useless
$user->email = $request->email;
$user->name = $request->name;
$user->uuid = $request->uuid;
// Mass update would not be possible here without extra code, making route model binding useless
$user->email = $request->email;
$user->name = $request->name;
$user->uuid = $request->uuid;
$existingRoles = Role::all()
$existingRoles = Role::all()
->pluck('name')
->all();
$roleDiff = array_diff($existingRoles, $request->roles);
$roleDiff = array_diff($existingRoles, $request->roles);
// Adds roles that were selected. Removes roles that aren't selected if the user has them.
foreach($roleDiff as $deselectedRole)
{
if ($user->hasRole($deselectedRole) && $deselectedRole !== 'user')
{
$user->removeRole($deselectedRole);
}
}
foreach($request->roles as $role)
{
if (!$user->hasRole($role))
{
$user->assignRole($role);
// Adds roles that were selected. Removes roles that aren't selected if the user has them.
foreach ($roleDiff as $deselectedRole) {
if ($user->hasRole($deselectedRole) && $deselectedRole !== 'user') {
$user->removeRole($deselectedRole);
}
}
}
foreach ($request->roles as $role) {
if (! $user->hasRole($role)) {
$user->assignRole($role);
}
}
$user->save();
$request->session()->flash('success', 'User updated successfully!');
$user->save();
$request->session()->flash('success', 'User updated successfully!');
return redirect()->back();
return redirect()->back();
}
public function add2FASecret(Add2FASecretRequest $request)
{
$currentSecret = $request->session()->get('current2FA');
$isValid = Google2FA::verifyKey($currentSecret, $request->otp);
if ($isValid) {
$request->user()->twofa_secret = $currentSecret;
$request->user()->save();
Log::warning('SECURITY: User activated two-factor authentication', [
'initiator' => $request->user()->email,
'ip' => $request->ip(),
]);
Google2FA::login();
Log::warning('SECURITY: Started two factor session automatically', [
'initiator' => $request->user()->email,
'ip' => $request->ip(),
]);
$request->session()->forget('current2FA');
if ($request->session()->has('twofaAttemptFailed')) {
$request->session()->forget('twofaAttemptFailed');
}
$request->session()->flash('success', '2FA succesfully enabled! You\'ll now be prompted for an OTP each time you log in.');
} else {
$request->session()->flash('error', 'Incorrect code. Please reopen the 2FA settings panel and try again.');
$request->session()->put('twofaAttemptFailed', true);
}
return redirect()->back();
}
public function remove2FASecret(Remove2FASecretRequest $request)
{
Log::warning('SECURITY: Disabling two factor authentication (user initiated)', [
'initiator' => $request->user()->email,
'ip' => $request->ip(),
]);
$request->user()->twofa_secret = null;
$request->user()->save();
$request->session()->flash('success', 'Two-factor authentication disabled.');
return redirect()->back();
}
public function terminate(Request $request, User $user)
{
$this->authorize('terminate', User::class);
if (!$user->isStaffMember() || $user->is(Auth::user()))
{
// TODO: move logic to policy
if (! $user->isStaffMember() || $user->is(Auth::user())) {
$request->session()->flash('error', 'You cannot terminate this user.');
return redirect()->back();
}
foreach ($user->roles as $role)
{
if ($role->name == 'user')
{
continue;
}
foreach ($user->roles as $role) {
if ($role->name == 'user') {
continue;
}
$user->removeRole($role->name);
$user->removeRole($role->name);
}
Log::info('User ' . $user->name . ' has just been demoted.');
Log::info('User '.$user->name.' has just been demoted.');
$request->session()->flash('success', 'User terminated successfully.');
//TODO: Dispatch event

102
app/Http/Controllers/VacancyController.php
View File

@@ -1,26 +1,45 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Http\Requests\VacancyRequest;
use App\Vacancy;
use App\User;
use App\Form;
use App\Http\Requests\VacancyEditRequest;
use App\Http\Requests\VacancyRequest;
use App\Notifications\VacancyClosed;
use App\User;
use App\Vacancy;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Auth;
class VacancyController extends Controller
{
public function index()
{
$this->authorize('viewAny', Vacancy::class);
$this->authorize('viewAny', Vacancy::class);
return view('dashboard.administration.positions')
->with([
'forms' => Form::all(),
'vacancies' => Vacancy::all()
'vacancies' => Vacancy::all(),
]);
}
@@ -29,59 +48,55 @@ class VacancyController extends Controller
$this->authorize('create', Vacancy::class);
$form = Form::find($request->vacancyFormID);
if (!is_null($form))
{
if (! is_null($form)) {
/* note: since we can't convert HTML back to Markdown, we'll have to do the converting when the user requests a page,
* and leave the database with Markdown only so it can be used and edited everywhere.
* for several vacancies, this would require looping through all of them and replacing MD with HTML, which is obviously not the most clean solution;
* however, the Model can be configured to return MD instead of HTML on that specific field saving us from looping.
*/
Vacancy::create([
'vacancyName' => $request->vacancyName,
'vacancyDescription' => $request->vacancyDescription,
'vacancyFullDescription' => $request->vacancyFullDescription,
'vacancySlug' => Str::slug($request->vacancyName),
'permissionGroupName' => $request->permissionGroup,
'discordRoleID' => $request->discordRole,
'vacancyFormID' => $request->vacancyFormID,
'vacancyCount' => $request->vacancyCount
'vacancyCount' => $request->vacancyCount,
]);
$request->session()->flash('success', 'Vacancy successfully opened. It will now show in the home page.');
}
else
{
} else {
$request->session()->flash('error', 'You cannot create a vacancy without a valid form.');
}
return redirect()->back();
}
public function updatePositionAvailability(Request $request, $status, $id)
public function updatePositionAvailability(Request $request, $status, Vacancy $vacancy)
{
$vacancy = Vacancy::find($id);
$this->authorize('update', $vacancy);
if (!is_null($vacancy))
{
if (! is_null($vacancy)) {
$type = 'success';
switch ($status)
{
switch ($status) {
case 'open':
$vacancy->open();
$message = "Position successfully opened!";
$message = 'Position successfully opened!';
break;
case 'close':
$vacancy->close();
$message = "Position successfully closed!";
$message = 'Position successfully closed!';
foreach(User::all() as $user)
{
if ($user->isStaffMember())
{
$user->notify(new VacancyClosed($vacancy));
}
foreach (User::all() as $user) {
if ($user->isStaffMember()) {
$user->notify(new VacancyClosed($vacancy));
}
}
break;
@@ -90,15 +105,36 @@ class VacancyController extends Controller
$type = 'error';
}
}
else
{
} else {
$message = "The position you're trying to update doesn't exist!";
$type = "error";
$type = 'error';
}
$request->session()->flash($type, $message);
return redirect()->back();
}
public function edit(Request $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
return view('dashboard.administration.editposition')
->with('vacancy', $vacancy);
}
public function update(VacancyEditRequest $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
$vacancy->vacancyFullDescription = $request->vacancyFullDescription;
$vacancy->vacancyDescription = $request->vacancyDescription;
$vacancy->vacancyCount = $request->vacancyCount;
$vacancy->save();
$request->session()->flash('success', 'Vacancy successfully updated.');
return redirect()->back();
}
}

53
app/Http/Controllers/VoteController.php
View File

@@ -1,45 +1,50 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Http\Requests\VoteRequest;
use App\Jobs\ProcessVoteList;
use App\Vote;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class VoteController extends Controller
{
public function vote(VoteRequest $voteRequest, $applicationID)
public function vote(VoteRequest $voteRequest, Application $application)
{
$application = Application::find($applicationID);
$this->authorize('create', Vote::class);
if (!is_null($application))
{
$vote = Vote::create([
'userID' => Auth::user()->id,
'allowedVoteType' => $voteRequest->voteType,
]);
$vote = Vote::create([
'userID' => Auth::user()->id,
'allowedVoteType' => $voteRequest->voteType,
]);
$vote->application()->attach($application->id);
$vote->application()->attach($applicationID);
Log::info('User ' . Auth::user()->name . ' has voted in applicant ' . $application->user->name . '\'s application', [
'voteType' => $voteRequest->voteType
]);
$voteRequest->session()->flash('success', 'Your vote has been registered! You will now be notified about the outcome of this application.');
}
else
{
$voteRequest->session()->flash('error', 'Can\t vote a non existant application!');
}
Log::info('User '.Auth::user()->name.' has voted in applicant '.$application->user->name.'\'s application', [
'voteType' => $voteRequest->voteType,
]);
$voteRequest->session()->flash('success', 'Your vote has been registered!');
// Cron job will run command that processes votes
return redirect()->back();
}
}

27
app/Http/Kernel.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
@@ -64,6 +83,12 @@ class Kernel extends HttpKernel
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'eligibility' => \App\Http\Middleware\ApplicationEligibility::class,
'usernameUUID' => \App\Http\Middleware\UsernameUUID::class,
'forcelogout' => \App\Http\Middleware\ForceLogoutMiddleware::class
'forcelogout' => \App\Http\Middleware\ForceLogoutMiddleware::class,
'2fa' => \PragmaRX\Google2FALaravel\Middleware::class,
'localize' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRoutes::class,
'localizationRedirect' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRedirectFilter::class,
'localeSessionRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleSessionRedirect::class,
'localeCookieRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleCookieRedirect::class,
'localeViewPath' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationViewPath::class,
];
}

39
app/Http/Middleware/ApplicationEligibility.php
View File

@@ -1,12 +1,31 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use App\Application;
use Illuminate\Support\Facades\Log;
use Carbon\Carbon;
use Closure;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\View;
class ApplicationEligibility
@@ -23,37 +42,29 @@ class ApplicationEligibility
{
$curtime = new Carbon(now());
if (Auth::check())
{
if (Auth::check()) {
$applications = Application::where('applicantUserID', Auth::user()->id)->get();
$eligible = true;
$daysRemaining = 0;
if (!$applications->isEmpty())
{
foreach ($applications as $application)
{
if (! $applications->isEmpty()) {
foreach ($applications as $application) {
$appTime = Carbon::parse($application->created_at);
if ($appTime->isSameMonth($curtime))
{
Log::warning('Notice: Application ID ' . $application->id . ' was found to be in the same month as today\'s time, making the user ' . Auth::user()->name . ' ineligible for application');
if ($appTime->isSameMonth($curtime)) {
Log::warning('Notice: Application ID '.$application->id.' was found to be in the same month as today\'s time, making the user '.Auth::user()->name.' ineligible for application');
$eligible = false;
}
}
$allowedTime = Carbon::parse($applications->last()->created_at)->addMonth();
$daysRemaining = $allowedTime->diffInDays(now());
}
View::share('isEligibleForApplication', $eligible);
View::share('eligibilityDaysRemaining', $daysRemaining);
}
return $next($request);
}
}

19
app/Http/Middleware/Authenticate.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;

31
app/Http/Middleware/Bancheck.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Closure;
@@ -20,17 +39,11 @@ class Bancheck
$userIP = $request->ip();
$anonymousUser = User::where('ipAddress', $userIP)->get();
if (Auth::check() && Auth::user()->isBanned())
{
if (Auth::check() && Auth::user()->isBanned()) {
View::share('isBanned', true);
}
elseif(!$anonymousUser->isEmpty() && User::find($anonymousUser->id)->isBanned())
{
} elseif (! $anonymousUser->isEmpty() && User::find($anonymousUser->id)->isBanned()) {
View::share('isBanned', true);
}
else
{
} else {
View::share('isBanned', false);
}

19
app/Http/Middleware/CheckForMaintenanceMode.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware;

19
app/Http/Middleware/EncryptCookies.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;

23
app/Http/Middleware/ForceLogoutMiddleware.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Closure;
@@ -16,11 +35,11 @@ class ForceLogoutMiddleware
*/
public function handle($request, Closure $next)
{
if (Auth::user()->isBanned())
{
if (Auth::user()->isBanned()) {
Auth::logout();
$request->session()->flash('error', 'Error: Your session has been forcefully terminated. Please try again in a few days.');
return redirect('/');
}

19
app/Http/Middleware/RedirectIfAuthenticated.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use App\Providers\RouteServiceProvider;

19
app/Http/Middleware/TrimStrings.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;

23
app/Http/Middleware/TrustProxies.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Fideloper\Proxy\TrustProxies as Middleware;
@@ -12,12 +31,12 @@ class TrustProxies extends Middleware
*
* @var array|string
*/
protected $proxies;
protected $proxies = '*';
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;
protected $headers = Request::HEADER_X_FORWARDED_AWS_ELB;
}

40
app/Http/Middleware/UsernameUUID.php
View File

@@ -1,15 +1,33 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Closure;
use App\Facades\UUID;
use Illuminate\Support\Facades\Http;
use Closure;
class UsernameUUID
{
/**
* Converts a Minecraft username found in the request body to a UUID
* Converts a Minecraft username found in the request body to a UUID.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
@@ -18,23 +36,21 @@ class UsernameUUID
public function handle($request, Closure $next)
{
$input = $request->all();
if (isset($input['uuid']))
{
try
{
$username = $input['uuid'];
$input['uuid'] = UUID::toUUID($username);
}
catch(\InvalidArgumentException $iae)
{
if (isset($input['uuid'])) {
try {
$username = $input['uuid'];
$input['uuid'] = UUID::toUUID($username);
} catch (\InvalidArgumentException $iae) {
report($iae);
$request->session()->flash('error', $iae->getMessage());
return redirect(route('register'));
}
$request->replace($input);
}
return $next($request);
}
}

19
app/Http/Middleware/VerifyCsrfToken.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;

50
app/Http/Requests/Add2FASecretRequest.php Normal file
View File

@@ -0,0 +1,50 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class Add2FASecretRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
// current logic only updates currently authenticated user
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'otp' => 'required|string|min:6|max:6',
];
}
}

24
app/Http/Requests/BanUserRequest.php
View File

@@ -1,11 +1,29 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
class BanUserRequest extends FormRequest
{
/**
@@ -27,8 +45,8 @@ class BanUserRequest extends FormRequest
{
return [
'reason' => 'required|string',
'durationOperand' => 'nullable|integer',
'durationOperator' => 'nullable|string'
'durationOperand' => 'nullable|string',
'durationOperator' => 'nullable|string',
];
}
}

21
app/Http/Requests/ChangeEmailRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -25,7 +44,7 @@ class ChangeEmailRequest extends FormRequest
{
return [
'currentPassword' => 'required|password',
'newEmail' => 'required|email|unique:users,email'
'newEmail' => 'required|email|unique:users,email',
];
}
}

21
app/Http/Requests/ChangePasswordRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -25,7 +44,7 @@ class ChangePasswordRequest extends FormRequest
{
return [
'newPassword' => 'required|string|confirmed',
'oldPassword' => 'required|string|password'
'oldPassword' => 'required|string|password',
];
}
}

21
app/Http/Requests/DeleteUserRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -25,7 +44,7 @@ class DeleteUserRequest extends FormRequest
public function rules()
{
return [
'confirmPrompt' => 'required|string'
'confirmPrompt' => 'required|string',
];
}
}

21
app/Http/Requests/FlushSessionsRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -24,7 +43,7 @@ class FlushSessionsRequest extends FormRequest
public function rules()
{
return [
'currentPasswordFlush' => 'required|password'
'currentPasswordFlush' => 'required|password',
];
}
}

22
app/Http/Requests/NewCommentRequest.php
View File

@@ -1,11 +1,29 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
class NewCommentRequest extends FormRequest
{
/**
@@ -27,7 +45,7 @@ class NewCommentRequest extends FormRequest
public function rules()
{
return [
'comment' => 'required|string|max:600|min:20'
'comment' => 'required|string|max:600|min:20',
];
}
}

22
app/Http/Requests/ProfileSave.php
View File

@@ -1,10 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use App\Profile;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
class ProfileSave extends FormRequest
{
@@ -33,7 +51,7 @@ class ProfileSave extends FormRequest
'socialInsta' => 'nullable|string',
'socialTwitter' => 'nullable|string',
'socialDiscord' => 'nullable|string',
'socialGithub' => 'nullable|string'
'socialGithub' => 'nullable|string',
];
}
}

50
app/Http/Requests/Remove2FASecretRequest.php Normal file
View File

@@ -0,0 +1,50 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class Remove2FASecretRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'currentPassword' => 'required|password',
'consent' => 'required|accepted',
];
}
}

21
app/Http/Requests/SaveNotesRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -24,7 +43,7 @@ class SaveNotesRequest extends FormRequest
public function rules()
{
return [
'noteText' => 'required|string'
'noteText' => 'required|string',
];
}
}

21
app/Http/Requests/SearchPlayerRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -25,7 +44,7 @@ class SearchPlayerRequest extends FormRequest
public function rules()
{
return [
'searchTerm' => 'required|string|max:17' // max user char limit set by Mojang
'searchTerm' => 'required|string|max:17', // max user char limit set by Mojang
];
}
}

21
app/Http/Requests/UpdateUserRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -28,7 +47,7 @@ class UpdateUserRequest extends FormRequest
'email' => 'required|email',
'name' => 'required|string',
'uuid' => 'required|max:32|min:32',
'roles' => 'required_without_all'
'roles' => 'required_without_all',
];
}
}

52
app/Http/Requests/VacancyEditRequest.php Normal file
View File

@@ -0,0 +1,52 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
class VacancyEditRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return Auth::user()->can('admin.hiring.vacancy.edit');
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'vacancyDescription' => 'required|string',
'vacancyFullDescription' => 'nullable|string',
'vacancyCount' => 'required|integer|min:1',
];
}
}

22
app/Http/Requests/VacancyRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -26,10 +45,11 @@ class VacancyRequest extends FormRequest
return [
'vacancyName' => 'required|string',
'vacancyDescription' => 'required|string',
'vacancyFullDescription' => 'nullable|string',
'permissionGroup' => 'required|string',
'discordRole' => 'required|string',
'vacancyCount' => 'required|integer',
'vacancyFormID' => 'required|integer'
'vacancyFormID' => 'required|integer',
];
}
}

21
app/Http/Requests/VoteRequest.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
@@ -24,7 +43,7 @@ class VoteRequest extends FormRequest
public function rules()
{
return [
'voteType' => 'required|string|in:VOTE_DENY,VOTE_APPROVE'
'voteType' => 'required|string|in:VOTE_DENY,VOTE_APPROVE',
];
}
}

47
app/Jobs/CleanBans.php
View File

@@ -1,7 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Jobs;
use App\Ban;
use Carbon\Carbon;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Foundation\Bus\Dispatchable;
@@ -9,15 +30,12 @@ use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\SerializesModels;
use Illuminate\Support\Facades\Log;
use App\Ban;
use Carbon\Carbon;
class CleanBans implements ShouldQueue
{
use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
public $bans;
/**
* Create a new job instance.
*
@@ -34,23 +52,18 @@ class CleanBans implements ShouldQueue
*/
public function handle()
{
Log::debug('Running automatic ban cleaner...');
$bans = Ban::all();
if (!is_null($bans))
{
foreach($this->bans as $ban)
{
$bannedUntil = Carbon::parse($ban->bannedUntil);
if (! is_null($bans)) {
foreach ($this->bans as $ban) {
$bannedUntil = Carbon::parse($ban->bannedUntil);
if ($bannedUntil->equalTo(now()))
{
Log::debug('Deleted ban ' . $ban->id . ' belonging to ' . $ban->user->name);
$ban->delete();
}
}
if ($bannedUntil->equalTo(now())) {
Log::debug('Deleted ban '.$ban->id.' belonging to '.$ban->user->name);
$ban->delete();
}
}
}
}
}

24
app/Listeners/DenyUser.php
View File

@@ -1,11 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Listeners;
use App\Events\ApplicationDeniedEvent;
use App\Notifications\ApplicationDenied;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Support\Facades\Log;
class DenyUser
@@ -29,9 +46,8 @@ class DenyUser
public function handle(ApplicationDeniedEvent $event)
{
$event->application->setStatus('DENIED');
Log::info('User ' . $event->application->user->name . ' just had their application denied.');
Log::info('User '.$event->application->user->name.' just had their application denied.');
$event->application->user->notify(new ApplicationDenied($event->application));
}
}

61
app/Listeners/LogAuthenticationFailure.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Listeners;
use Illuminate\Support\Facades\Log;
class LogAuthenticationFailure
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param object $event
* @return void
*/
public function handle($event)
{
$targetAccountID = 0;
$originalIP = '0.0.0.0';
if (isset($event->user->id)) {
$targetAccountID = $event->user->id;
}
Log::alert('SECURITY (login): Detected failed authentication attempt!', [
'targetAccountID' => $targetAccountID,
'existingAccount' => ($targetAccountID == 0) ? false : true,
'sourceIP' => request()->ip(),
'matchesAccountLastIP' => request()->ip() == $originalIP,
'sourceUserAgent' => request()->userAgent(),
]);
}
}

53
app/Listeners/LogAuthenticationSuccess.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Listeners;
use Illuminate\Support\Facades\Log;
class LogAuthenticationSuccess
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param object $event
* @return void
*/
public function handle($event)
{
Log::info('SECURITY (postauth-pre2fa): Detected successful login attempt', [
'accountID' => $event->user->id,
'sourceIP' => request()->ip(),
'matchesAccountLastIP' => request()->ip() == $event->user->originalIP,
'sourceUserAgent' => request()->userAgent(),
]);
}
}

39
app/Listeners/OnUserBanned.php
View File

@@ -1,15 +1,30 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Listeners;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use App\Events\UserBannedEvent;
use App\Notifications\UserBanned;
use Illuminate\Support\Facades\Log;
use App\User;
use Illuminate\Support\Facades\Log;
class OnUserBanned
{
@@ -31,16 +46,12 @@ class OnUserBanned
*/
public function handle(UserBannedEvent $event)
{
Log::warning('User '.$event->user->name.' has just been banned from the site!');
Log::warning("User " . $event->user->name . " has just been banned from the site!");
foreach(User::all() as $user)
{
if ($user->isStaffMember())
{
$user->notify((new UserBanned($event->user, $event->ban))->delay(now()->addSeconds(10)));
}
foreach (User::all() as $user) {
if ($user->isStaffMember()) {
$user->notify((new UserBanned($event->user, $event->ban))->delay(now()->addSeconds(10)));
}
}
}
}

36
app/Listeners/OnUserRegistration.php
View File

@@ -1,14 +1,30 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Listeners;
use Illuminate\Support\Facades\Log;
use Illuminate\Auth\Events\Registered;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use App\User;
use App\Notifications\NewUser;
use App\User;
use Illuminate\Auth\Events\Registered;
use Illuminate\Support\Facades\Log;
class OnUserRegistration
{
@@ -31,12 +47,10 @@ class OnUserRegistration
public function handle(Registered $event)
{
// TODO: Send push notification to online admins via browser (w/ pusher)
Log::info('User ' . $event->user->name . ' has just registered for an account.');
Log::info('User '.$event->user->name.' has just registered for an account.');
foreach(User::all() as $user)
{
if ($user->hasRole('admin'))
{
foreach (User::all() as $user) {
if ($user->hasRole('admin')) {
$user->notify(new NewUser($event->user));
}
}

31
app/Listeners/PromoteUser.php
View File

@@ -1,13 +1,29 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Listeners;
use App\Events\ApplicationApprovedEvent;
use App\StaffProfile;
use App\Notifications\ApplicationApproved;
use Carbon\Carbon;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use App\StaffProfile;
use Illuminate\Support\Facades\Log;
class PromoteUser
@@ -35,19 +51,18 @@ class PromoteUser
$staffProfile = StaffProfile::create([
'userID' => $event->application->user->id,
'approvalDate' => now()->toDateTimeString(),
'memberNotes' => 'Approved by staff members. Welcome them to the team!'
'memberNotes' => 'Approved by staff members. Welcome them to the team!',
]);
$event->application->user->assignRole('reviewer');
Log::info('User ' . $event->application->user->name . ' has just been promoted!', [
Log::info('User '.$event->application->user->name.' has just been promoted!', [
'newRank' => $event->application->response->vacancy->permissionGroupName,
'staffProfileID' => $staffProfile->id
'staffProfileID' => $staffProfile->id,
]);
$event->application->user->notify(new ApplicationApproved($event->application));
// note: Also notify staff
// TODO: Also assign new app role based on the permission group name
}
}

20
app/Mail/NewContactSubmission.php
View File

@@ -1,9 +1,27 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Mail;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Mail\Mailable;
use Illuminate\Queue\SerializesModels;

49
app/Notifications/ApplicationApproved.php
View File

@@ -1,17 +1,38 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use App\Application;
use App\Facades\Options;
use App\Traits\Cancellable;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Messages\SlackMessage;
use Illuminate\Notifications\Notification;
use App\Application;
class ApplicationApproved extends Notification implements ShouldQueue
{
use Queueable;
use Queueable, Cancellable;
public $application;
@@ -24,15 +45,15 @@ class ApplicationApproved extends Notification implements ShouldQueue
{
$this->application = $application;
}
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
public function channels()
{
return ['mail', 'slack'];
return $this->chooseChannelsViaOptions();
}
public function optOut($notifiable)
{
return Options::getOption('notify_applicant_approved') !== 1;
}
/**
@@ -43,10 +64,9 @@ class ApplicationApproved extends Notification implements ShouldQueue
*/
public function toMail($notifiable)
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - ' . $this->application->response->vacancy->vacancyName . ' application approved')
->subject(config('app.name').' - '.$this->application->response->vacancy->vacancyName.' application approved')
->line('<br />')
->line('Congratulations! Our Staff team has reviewed your application today, and your application has been approved.')
->line('You have just received the Reviewer role, which allows you to view and vote on other applications.')
@@ -60,19 +80,18 @@ class ApplicationApproved extends Notification implements ShouldQueue
public function toSlack($notifiable)
{
$url = route('showSingleProfile', ['user' => $notifiable->id]);
$roles = implode(', ', $notifiable->roles->pluck('name')->all());
return (new SlackMessage)
->success()
->content('A user has been approved on the team. Welcome aboard!')
->attachment(function($attachment) use ($notifiable, $url, $roles){
->attachment(function ($attachment) use ($notifiable, $url, $roles) {
$attachment->title('New staff member')
->fields([
'Name' => $notifiable->name,
'Email' => $notifiable->email,
'Roles' => $roles
'Roles' => $roles,
])
->action('View profile', $url);
});

38
app/Notifications/ApplicationDenied.php
View File

@@ -1,19 +1,37 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use App\Application;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Messages\SlackMessage;
use Illuminate\Notifications\Notification;
use App\Application;
class ApplicationDenied extends Notification implements ShouldQueue
{
use Queueable;
public $application;
/**
@@ -45,31 +63,29 @@ class ApplicationDenied extends Notification implements ShouldQueue
*/
public function toMail($notifiable)
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - ' . $this->application->response->vacancy->vacancyName . ' application denied')
->subject(config('app.name').' - '.$this->application->response->vacancy->vacancyName.' application denied')
->line('Your most recent application has been denied.')
->line('Our review team denies applications for several reasons, including poor answers.')
->line('Please review your application and try again in 30 days.')
->action('Review application', url(route('showUserApp', ['id' => $this->application->id])))
->action('Review application', url(route('showUserApp', ['application' => $this->application->id])))
->line('Better luck next time!');
}
public function toSlack($notifiable)
{
$notifiableName = $notifiable->name;
$notifiableName = $notifiable->name;
return (new SlackMessage)
return (new SlackMessage)
->error()
->content('An application has just been denied.')
->attachment(function($attachment) use ($notifiableName){
->attachment(function ($attachment) use ($notifiableName) {
$attachment->title('Application denied!')
->content($notifiableName . '\'s application has just been denied. They can try again in 30 days.');
->content($notifiableName.'\'s application has just been denied. They can try again in 30 days.');
});
}
/**
* Get the array representation of the notification.
*

35
app/Notifications/ApplicationMoved.php
View File

@@ -1,7 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use App\Facades\Options;
use App\Traits\Cancellable;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
@@ -9,7 +30,7 @@ use Illuminate\Notifications\Notification;
class ApplicationMoved extends Notification implements ShouldQueue
{
use Queueable;
use Queueable, Cancellable;
/**
* Create a new notification instance.
@@ -21,15 +42,9 @@ class ApplicationMoved extends Notification implements ShouldQueue
//
}
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
public function optOut($notifiable)
{
return ['mail'];
return Options::getOption('notify_application_status_change') !== 1;
}
/**
@@ -42,7 +57,7 @@ class ApplicationMoved extends Notification implements ShouldQueue
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - Application Updated')
->subject(config('app.name').' - Application Updated')
->line('Your most recent application has been moved up a stage.')
->line('This means our team has reviewed it and an interview will be scheduled ASAP.')
->action('Sign in', url(route('login')))

21
app/Notifications/AppointmentFinished.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use Illuminate\Bus\Queueable;
@@ -42,7 +61,7 @@ class AppointmentFinished extends Notification implements ShouldQueue
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - Appointment completed')
->subject(config('app.name').' - Appointment completed')
->line('Your appointment has been marked as completed!')
->line('Please allow an additional day for your application to be fully processed.')
->action('View applications', url(route('showUserApps')))

31
app/Notifications/AppointmentScheduled.php
View File

@@ -1,19 +1,36 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use App\Appointment;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use App\Appointment;
class AppointmentScheduled extends Notification implements ShouldQueue
{
use Queueable;
protected $appointment;
/**
@@ -47,10 +64,10 @@ class AppointmentScheduled extends Notification implements ShouldQueue
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - Interview scheduled')
->line('A voice interview has been scheduled for you @ ' . $this->appointment->appointmentDate . '.')
->line('With the following details: ' . $this->appointment->appointmentDescription)
->line('This meeting will take place @ ' . $this->appointment->appointmentLocation . '. You will receive an email soon with details on how to join this meeting.')
->subject(config('app.name').' - Interview scheduled')
->line('A voice interview has been scheduled for you @ '.$this->appointment->appointmentDate.'.')
->line('With the following details: '.$this->appointment->appointmentDescription)
->line('This meeting will take place @ '.$this->appointment->appointmentLocation.'. You will receive an email soon with details on how to join this meeting.')
->line('You are expected to show up at least 5 minutes before the scheduled date.')
->action('Sign in', url(route('login')))
->line('Thank you!');

21
app/Notifications/ChangedPassword.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use Illuminate\Bus\Queueable;
@@ -42,7 +61,7 @@ class ChangedPassword extends Notification implements ShouldQueue
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - Account password changed')
->subject(config('app.name').' - Account password changed')
->line('The password for the account registered to this email address has just been changed.')
->line('If this was not you, please contact an administrator immediately.')
->action('Sign in', url(route('login')))

21
app/Notifications/EmailChanged.php
View File

@@ -1,5 +1,24 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use Illuminate\Bus\Queueable;
@@ -42,7 +61,7 @@ class EmailChanged extends Notification implements ShouldQueue
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - Email address changed')
->subject(config('app.name').' - Email address changed')
->line('The email address for your account has just been updated, either by you or an administrator.')
->action('Sign in', url(route('login')))
->line('Thank you!');

67
app/Notifications/NewApplicant.php
View File

@@ -1,23 +1,42 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use App\Application;
use App\Facades\Options;
use App\Traits\Cancellable;
use App\Vacancy;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Messages\SlackMessage;
use Illuminate\Notifications\Notification;
use App\Application;
use App\Vacancy;
class NewApplicant extends Notification implements ShouldQueue
{
use Queueable;
use Queueable, Cancellable;
protected $application;
protected $vacancy;
/**
@@ -31,15 +50,18 @@ class NewApplicant extends Notification implements ShouldQueue
$this->vacancy = $vacancy;
}
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
public function channels()
{
return ['slack'];
if (Options::getOption('enable_slack_notifications') == 1) {
return ['slack'];
}
return [];
}
public function optOut($notifiable)
{
return Options::getOption('notify_new_user') !== 1;
}
/**
@@ -52,37 +74,36 @@ class NewApplicant extends Notification implements ShouldQueue
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - New application')
->subject(config('app.name').' - New application')
->line('Someone has just applied for a position. Check it out!')
->line('You are receiving this because you\'re a staff member at ' . config('app.name') . '.')
->action('View Application', url(route('showUserApp', ['id' => $this->application->id])))
->line('You are receiving this because you\'re a staff member at '.config('app.name').'.')
->action('View Application', url(route('showUserApp', ['application' => $this->application->id])))
->line('Thank you!');
}
public function toSlack($notifiable)
{
$vacancyDetails = [];
$vacancyDetails['name'] = $this->vacancy->vacancyName;
$vacancyDetails['slots'] = $this->vacancy->vacancyCount;
$url = route('showUserApp', ['id' => $this->application->id]);
$url = route('showUserApp', ['application' => $this->application->id]);
$applicant = $this->application->user->name;
return (new SlackMessage)
->success()
->content('Notice: New application coming through. Please review as soon as possible.')
->attachment(function($attachment) use ($vacancyDetails, $url, $applicant){
->attachment(function ($attachment) use ($vacancyDetails, $url, $applicant) {
$attachment->title('Application details')
->fields([
'Applied for' => $vacancyDetails['name'],
'Avaiable positions' => $vacancyDetails['slots'],
'Applicant' => $applicant
'Applied for' => $vacancyDetails['name'],
'Avaiable positions' => $vacancyDetails['slots'],
'Applicant' => $applicant,
])
->action('Review application', $url);
});
}
/**
* Get the array representation of the notification.
*

42
app/Notifications/NewComment.php
View File

@@ -1,18 +1,38 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use App\Application;
use App\Comment;
use App\Facades\Options;
use App\Traits\Cancellable;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use App\Comment;
use App\Application;
class NewComment extends Notification implements ShouldQueue
{
use Queueable;
use Queueable, Cancellable;
protected $application;
@@ -26,15 +46,9 @@ class NewComment extends Notification implements ShouldQueue
$this->application = $application;
}
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
public function optOut($notifiable)
{
return ['mail'];
return Options::getOption('notify_application_comment') !== 1;
}
/**
@@ -47,10 +61,10 @@ class NewComment extends Notification implements ShouldQueue
{
return (new MailMessage)
->from(config('notification.sender.address'), config('notification.sender.name'))
->subject(config('app.name') . ' - New comment')
->subject(config('app.name').' - New comment')
->line('Someone has just posted a new comment on an application you follow.')
->line('You\'re receiving this email because you\'ve voted/commented on this application.')
->action('Check it out', url(route('showUserApp', ['id' => $this->application->id])))
->action('Check it out', url(route('showUserApp', ['application' => $this->application->id])))
->line('Thank you!');
}

95
app/Notifications/NewContact.php Normal file
View File

@@ -0,0 +1,95 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Notifications;
use Illuminate\Bus\Queueable;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use Illuminate\Support\Collection;
class NewContact extends Notification
{
use Queueable;
public $message;
/**
* Create a new notification instance.
*
* @return void
*/
public function __construct(Collection $message)
{
$this->message = $message;
}
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return ['mail'];
}
/**
* Get the mail representation of the notification.
*
* @param mixed $notifiable
* @return \Illuminate\Notifications\Messages\MailMessage
*/
public function toMail($notifiable)
{
if ($this->message->has([
'message',
'ip',
'email',
])) {
return (new MailMessage)
->line('We\'ve received a new contact form submission in the StaffManagement app center.')
->line('This is what they sent: ')
->line('')
->line($this->message->get('message'))
->line('')
->line('This message was received from '.$this->message->get('ip').' and submitted by '.$this->message->get('email').'.')
->action('Sign in', url(route('login')))
->line('Thank you!');
}
throw new \InvalidArgumentException('Invalid arguments supplied to NewContact!');
}
/**
* Get the array representation of the notification.
*
* @param mixed $notifiable
* @return array
*/
public function toArray($notifiable)
{
return [
//
];
}
}

Some files were not shown because too many files have changed in this diff Show More