Proximity/staffmanager
1
0
Fork 0
forked from miguel456/rbrecruiter
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: Proximity:master
Branches Tags
Proximity:master
Proximity:develop
Proximity:analysis-a2Jl7D
Proximity:analysis-aoLDWj
Proximity:feature/RSM-7-notification-channels
Proximity:l10n_translate
Proximity:translate
Proximity:l10n_master
miguel456:develop
miguel456:master
miguel456:l10n_translate
miguel456:translate
miguel456:l10n_master
Proximity:0.6.2
Proximity:0.6.1
Proximity:0.6.0
Proximity:0.5.2
Proximity:0.5.1
Proximity:0.5.0
Proximity:0.4.0
Proximity:0.3.0
Proximity:0.2.0
Proximity:0.1.0
miguel456:0.1.0
miguel456:0.2.0
miguel456:0.3.0
miguel456:0.4.0
miguel456:0.5.0
miguel456:0.5.1
miguel456:0.5.2
miguel456:0.6.0
miguel456:0.6.1
miguel456:0.6.2
miguel456:0.7.0
..
compare: Proximity:0.3.0
Branches Tags
Proximity:develop
Proximity:master
Proximity:analysis-a2Jl7D
Proximity:analysis-aoLDWj
Proximity:feature/RSM-7-notification-channels
Proximity:l10n_translate
Proximity:translate
Proximity:l10n_master
miguel456:develop
miguel456:master
miguel456:l10n_translate
miguel456:translate
miguel456:l10n_master
Proximity:0.6.2
Proximity:0.6.1
Proximity:0.6.0
Proximity:0.5.2
Proximity:0.5.1
Proximity:0.5.0
Proximity:0.4.0
Proximity:0.3.0
Proximity:0.2.0
Proximity:0.1.0
miguel456:0.1.0
miguel456:0.2.0
miguel456:0.3.0
miguel456:0.4.0
miguel456:0.5.0
miguel456:0.5.1
miguel456:0.5.2
miguel456:0.6.0
miguel456:0.6.1
miguel456:0.6.2
miguel456:0.7.0

No commits in common. "master" and "0.3.0" have entirely different histories.
master ... 0.3.0

187 changed files with 12902 additions and 19071 deletions
Show Stats Expand all files Collapse all files

12
.env.example
View File

@ -3,9 +3,6 @@ APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost
APP_LOGO="https://www.raspberrypi.org/app/uploads/2020/05/Raspberry-Pi-OS-downloads-image-150x150-1.png"
APP_SITEHOMEPAGE=""
# This can be your main homepage, other than this site itself
LOG_CHANNEL=stack
@ -21,6 +18,9 @@ RECAPTCHA_PRIVATE_KEY=
RECAPTCHA_VERIFY_URL="https://www.google.com/recaptcha/api/siteverify"
# WARNING: Your contact form will be useless if you change this value. Only change this URL if Google updates it.
IPGEO_API_KEY=""
IPGEO_API_URL=""
MOJANG_STATUS_URL="https://status.mojang.com/check"
MOJANG_API_URL="https://api.mojang.com"
@ -29,7 +29,7 @@ IPGEO_API_URL="https://api.ipgeolocation.io/ipgeo"
ARCANEDEV_LOGVIEWER_MIDDLEWARE=web,auth,can:admin.maintenance.logs.view
RELEASE=staffmanagement@0.6.1
RELEASE=staffmanagement@0.2.0
SLACK_INTEGRATION_WEBHOOK=
@ -65,8 +65,4 @@ PUSHER_APP_CLUSTER=mt1
MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
# Mostly for developers, but with Papertrail, you can easily see what the app's users are doing without relying on
# the internal log viewer.
SENTRY_LARAVEL_DSN=
PAPERTRAIL_URL=
PAPERTRAIL_PORT

1
.gitignore vendored
View File

@ -4,7 +4,6 @@
/public/storage
/storage/*.key
/vendor
/tools
.env
.env.backup
.phpunit.result.cache

2
.idea/hrm-mcserver.iml generated
View File

@ -39,9 +39,7 @@
<excludeFolder url="file://$MODULE_DIR$/vendor/laravel/ui" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/commonmark" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/flysystem" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/mime-type-detection" />
<excludeFolder url="file://$MODULE_DIR$/vendor/maximebf/debugbar" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mcamara/laravel-localization" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mockery/mockery" />
<excludeFolder url="file://$MODULE_DIR$/vendor/monolog/monolog" />
<excludeFolder url="file://$MODULE_DIR$/vendor/myclabs/deep-copy" />

14
.idea/php.xml generated
View File

@ -127,20 +127,6 @@
<path value="$PROJECT_DIR$/vendor/symfony/string" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-intl-grapheme" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-php80" />
<path value="$PROJECT_DIR$/vendor/bacon/bacon-qr-code" />
<path value="$PROJECT_DIR$/vendor/dasprid/enum" />
<path value="$PROJECT_DIR$/vendor/geo-sot/laravel-env-editor" />
<path value="$PROJECT_DIR$/vendor/laravel/slack-notification-channel" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-php70" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa-laravel" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa-qrcode" />
<path value="$PROJECT_DIR$/vendor/arcanedev/log-viewer" />
<path value="$PROJECT_DIR$/vendor/arcanedev/support" />
<path value="$PROJECT_DIR$/vendor/paragonie/constant_time_encoding" />
<path value="$PROJECT_DIR$/vendor/graham-campbell/markdown" />
<path value="$PROJECT_DIR$/vendor/league/mime-type-detection" />
<path value="$PROJECT_DIR$/vendor/mcamara/laravel-localization" />
</include_path>
</component>
<component name="PhpProjectSharedConfiguration" php_language_level="7.2" />

5
.phive/phars.xml
View File

@ -1,5 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<phive xmlns="https://phar.io/phive">
<phar name="phpunit" version="^9.2.5" installed="9.2.5" location="./tools/phpunit" copy="false"/>
<phar name="php-cs-fixer" version="^2.16.4" installed="2.16.4" location="./tools/php-cs-fixer" copy="false"/>
</phive>

76
CODE_OF_CONDUCT.md
View File

@ -1,76 +0,0 @@
# Contributor Covenant Code of Conduct
## Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, sex characteristics, gender identity and expression,
level of experience, education, socio-economic status, nationality, personal
appearance, race, religion, or sexual identity and orientation.
## Our Standards
Examples of behavior that contributes to creating a positive environment
include:
* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or
advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic
address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a
professional setting
## Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.
## Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an appointed
representative at an online or offline event. Representation of a project may be
further defined and clarified by project maintainers.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project team at support@spacejewel-hosting.com. All
complaints will be reviewed and investigated and will result in a response that
is deemed necessary and appropriate to the circumstances. The project team is
obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
[homepage]: https://www.contributor-covenant.org
For answers to common questions about this code of conduct, see
https://www.contributor-covenant.org/faq

29
CONTRIBUTING.md
View File

@ -1,29 +0,0 @@
# Thank you for contributing!
Read this file carefully before contributing to the project. It's important that everyone follows these rules to ensure smooth contribution.
## General workflow
Since the project is under version 1.0.0, the master branch can be quite unstable, and even unusable. For this reason, I recommend you stick to the published
releases, unless you intend on helping out with the project.
New features are commited directly to the ``master`` branch, while translations are commited to a special service branch, merged onto ``translate``, tested, and
merged back to master. Above version 1.0.0, new features should follow the same procedure as translations.
## Before commiting
Before commiting, make sure your code adheres to the Laravel coding guidelines, as well as PSR-4. I'll personally review and merge each PR.
Thank you for your interest!
# Bug reports
As always, bug reports should stick to the bug report template. GitHub makes this easy for you by letting you choose which issue template you'd like to use
before reporting an isuse. This helps everyone stay in the same page.
Issues published without a template might take longer to be resolved, or may be ignored and marked ``wontfix``.
# Licensing
Any contributions you make will be under the GNU GPL v3 license, which is the license that covers this project.

1
Procfile
View File

@ -1 +0,0 @@
web: vendor/bin/heroku-php-apache2 public/

17
README.md
View File

@ -1,11 +1,10 @@
# RB Recruiter v 0.6.2 [![Crowdin](https://badges.crowdin.net/raspberry-staff-manager/localized.svg)](https://crowdin.com/project/raspberry-staff-manager)
## The quick and pain-free form management solution for communities
# Raspberry Teams - The Simple Staff Application Manager v 0.1.0
## The quick and pain-free staff application manager (for Minecraft)
Have you ever gotten tired of managing your Minecraft server/network's applications through Discord (or anything else) and having to scroll through hundreds of new messages just to find that one applicant's username?
Wish you had a better application managemet strategy? Well, then Raspberry Teams is for you! It was originally designed and developed for internal use for a gameserver network, but sharing is caring!
Wish you had a better application managemet strategy? Well, then Raspberry Teams is for you! It was originally designed and developed for internal use, but sharing is caring! After noticing a worrying lack of "human resources" management systems on SpigotMC's resources section (There was only one outdated/unsupported project), I've decided to take it up into my own terms and start working on it.
# Features (not exhaustive)
@ -48,14 +47,6 @@ Tech stack:
- jQuery / Plain Javascript
- vueJS (in the future)
# Stability
Currently, the ``master`` branch is highly unstable, since it's under active development. Expect it to break with each commit. Even though I make an effort to make sure each commit is good to go before pushing, things might still break unexpectedly, and you may find a lot of bugs (which you should report).
Every released version is currently pre-release. If you really want to run this before version ``1.0.0`` comes out, always stay on the latest version, as those will always be tested before release, ensuring less chaos.
*Note: This application is NOT production ready! It won't be until the first stable release comes out, which might take a bit longer.
# Operating System Requirements
Currently, this application is only supported on Linux environments (Ubuntu 20.04 or derivatives are recommended).
@ -69,7 +60,7 @@ Tech stack:
- JSON
- Curl (highly recommended)
- Image Magick (imagick) for 2FA support
# Installation

19
SECURITY.md
View File

@ -1,19 +0,0 @@
# Security Policy
## Supported Versions
The following versions are currently supported:
| Version | Supported |
| ------- | ------------------ |
| 0.1.x | :x: |
| 0.5.x | :x: |
| 0.6.x | :white_check_mark: |
## Reporting a Vulnerability
To securely report a vulnerability, you may send me an email directly containing the details of said vulnerability: ``me@nogueira.codes``.
You may optionally encrypt your message with my [public PGP key](http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x48DF709E7405702B).
Use this free [online encryption tool](https://www.igolder.com/pgp/encryption/) if you don't know how to use PGP on your desktop.

4
app/Appointment.php
View File

@ -11,9 +11,7 @@ class Appointment extends Model
'appointmentDate',
'applicationID',
'appointmentStatus',
'appointmentLocation',
'meetingNotes',
'userAccepted'
'appointmentLocation'
];
public function application()

4
app/Ban.php
View File

@ -17,10 +17,6 @@ class Ban extends Model
];
public $dates = [
'bannedUntil'
];
public function user()
{
return $this->belongsTo('App\User', 'userID', 'id');

6
app/Console/Commands/Install.php
View File

@ -99,16 +99,12 @@ class Install extends Command
$settings['MAIL_PASSWORD'] = $this->secret('SMTP Password (Input won\'t be seen)');
$settings['MAIL_PORT'] = $this->ask('SMTP Server Port');
$settings['MAIL_HOST'] = $this->ask('SMTP Server Hostname');
$settings['MAIL_FROM_ADDRESS'] = $this->ask('E-mail address to send from');
$this->info('== Notification Settings (5/6) (Slack) ==');
$settings['SLACK_INTEGRATION_WEBHOOK'] = $this->ask('Integration webhook URL');
$this->info('== Web Settings (6/6) ==');
$settings['APP_URL'] = $this->ask('Application\'s URL (ex. https://where.you.installed.theapp.com): ');
$settings['APP_LOGO'] = $this->ask('App logo (Link to an image): ');
$settings['APP_SITEHOMEPAGE'] = $this->ask('Site homepage (appears in the main header): ');
$settings['APP_URL'] = $this->ask('Application\'s URL');
} while(!$this->confirm('Are you sure you want to save these settings? You can always go back and try again.'));

5
app/CustomFacades/IP.php
View File

@ -16,6 +16,11 @@ class IP
public function lookup(string $IP): object
{
if (empty($IP))
{
throw new LogicException(__METHOD__ . 'is missing parameter IP!');
}
$params = [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP

14
app/Facades/ContextAwareValidation.php
View File

@ -1,14 +0,0 @@
<?php
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class ContextAwareValidation extends Facade
{
protected static function getFacadeAccessor()
{
return 'contextAwareValidator';
}
}

13
app/Facades/Options.php
View File

@ -1,13 +0,0 @@
<?php
namespace App\Facades;
use \Illuminate\Support\Facades\Facade;
class Options extends Facade
{
public static function getFacadeAccessor()
{
return 'smOptions';
}
}

2
app/Form.php
View File

@ -16,7 +16,7 @@ class Form extends Model
public function vacancies()
{
return $this->hasMany('App\Vacancy', 'vacancyFormID', 'id');
return $this->hasMany('vacancies', 'vacancyFormID', 'id');
}
public function responses()

138
app/Helpers/ContextAwareValidator.php
View File

@ -1,138 +0,0 @@
<?php
namespace App\Helpers;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Collection;
class ContextAwareValidator
{
/**
* The excludedNames array will make the validator ignore any of these names when including names into the rules.
* @var array
*/
private $excludedNames = [
'_token',
'_method',
'formName'
];
/**
* Utility wrapper for json_encode.
*
* @param array $value The array to be converted.
* @return string The JSON representation of $value
*/
private function encode(array $value) : string
{
return json_encode($value);
}
/**
* The getValidator() method will take an array of fields from the request body, iterates through them,
* and dynamically adds validation rules for them. Depending on parameters, it may or may not generate
* a form structure for rendering purposes.
*
* This method is mostly meant by internal use by means of static proxies (Facades), in order to reduce code repetition;
* Using it outside it's directed scope may cause unexpected results; For instance, the method expects inputs to be in array format, e.g. myFieldNameID1[],
* myFieldNameID2[], and so on and so forth.
*
* This isn't checked by the code yet, but if you're implementing it this way in the HTML markup, make sure it's consistent (e.g. use a loop).
*
* P.S This method automatically ignores the CSRF token for validation.
*
* @param array $fields The request form fields
* @param bool $generateStructure Whether to incldue a JSON-ready form structure for rendering
* @param bool $includeFormName Whether to include formName in the list of validation rules
* @return Validator|Collection A validator instance you can use to check for validity, or a Collection with a validator and structure (validator, structure)
*/
public function getValidator(array $fields, bool $generateStructure = false, bool $includeFormName = false)
{
$formStructure = [];
$validator = [];
if ($includeFormName)
{
$validator['formName'] = 'required|string|max:100';
}
foreach ($fields as $fieldName => $field)
{
if(!in_array($fieldName, $this->excludedNames))
{
$validator[$fieldName . ".0"] = 'required|string';
$validator[$fieldName . ".1"] = 'required|string';
if ($generateStructure)
{
$formStructure['fields'][$fieldName]['title'] = $field[0];
$formStructure['fields'][$fieldName]['type'] = $field[1];
}
}
}
$validatorInstance = Validator::make($fields, $validator);
return ($generateStructure) ?
collect([
'validator' => $validatorInstance,
'structure' => $this->encode($formStructure)
])
: $validatorInstance;
}
/**
* The getResponseValidator method is similar to the getValidator method; It basically takes
* an array of fields from a previous form (that probably went through the other method) and adds validation
* to the field names.
*
* Also generates the storable response structure if you tell it to.
*
* @param array $fields The received fields
* @param array $formStructure The form structure - You must supply this if you want the response structure
* @param bool $generateResponseStructure Whether to generate the response structure
* @return Validator|Collection A collection or a validator, depending on the args. Will return validatior if only fields are supplied.
*/
public function getResponseValidator(array $fields, array $formStructure = [], bool $generateResponseStructure = true)
{
$responseStructure = [];
$validator = [];
if (empty($formStructure) && $generateResponseStructure)
{
throw new \InvalidArgumentException('Illegal combination of arguments supplied! Please check the method\'s documentation.');
}
foreach($fields as $fieldName => $value)
{
if(!in_array($fieldName, $this->excludedNames))
{
$validator[$fieldName] = 'required|string';
if ($generateResponseStructure)
{
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
}
$validatorInstance = Validator::make($fields, $validator);
return ($generateResponseStructure) ?
collect([
'validator' => $validatorInstance,
'responseStructure' => $this->encode($responseStructure)
])
: $validatorInstance;
}
}

94
app/Helpers/Options.php
View File

@ -1,94 +0,0 @@
<?php
namespace App\Helpers;
use App\Options as Option;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Log;
class Options
{
public function getOption(string $option): string
{
$value = Cache::get($option);
if (is_null($value))
{
Log::debug('Option ' . $option . 'not found in cache, refreshing from database');
$value = Option::where('option_name', $option)->first();
if (is_null($value))
throw new \Exception('This option does not exist.');
Cache::put($option, $value);
Cache::put($option . '_desc', 'Undefined description');
}
return $value->option_value;
}
public function setOption(string $option, string $value, string $description)
{
Option::create([
'option_name' => $option,
'option_value' => $value,
'friendly_name' => $description
]);
Cache::put($option, $value, now()->addDay());
Cache::put($option . '_desc', $description, now()->addDay());
}
public function pullOption($option): array
{
$oldOption = Option::where('option_name', $option)->first();
Option::find($oldOption->id)->delete();
// putMany is overkill here
return [
Cache::pull($option),
Cache::pull($option . '_desc')
];
}
public function changeOption($option, $newValue)
{
$dbOption = Option::where('option_name', $option);
if ($dbOption->first())
{
$dbOptionInstance = Option::find($dbOption->first()->id);
Cache::forget($option);
Log::debug('Changing db configuration option', [
'old_value' => $dbOptionInstance->option_value,
'new_value' => $newValue
]);
$dbOptionInstance->option_value = $newValue;
$dbOptionInstance->save();
Log::debug('New db configuration option saved',
[
'option' => $dbOptionInstance->option_value
]);
Cache::put('option_name', $newValue, now()->addDay());
}
else
{
throw new \Exception('This option does not exist.');
}
}
public function optionExists(string $option): bool
{
$dbOption = Option::where('option_name', $option)->first();
$locallyCachedOption = Cache::get($option);
return !is_null($dbOption) || !is_null($locallyCachedOption);
}
}

56
app/Http/Controllers/ApplicationController.php
View File

@ -18,11 +18,8 @@ use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Log;
use ContextAwareValidator;
class ApplicationController extends Controller
{
private function canVote($votes)
{
$allvotes = collect([]);
@ -48,8 +45,11 @@ class ApplicationController extends Controller
}
public function showUserApp(Request $request, Application $application)
public function showUserApp(Request $request, $applicationID)
{
// TODO: Inject it instead (do this where there is no injection, not just here)
$application = Application::find($applicationID);
$this->authorize('view', $application);
if (!is_null($application))
@ -78,8 +78,6 @@ class ApplicationController extends Controller
public function showAllApps()
{
$this->authorize('viewAny', Application::class);
return view('dashboard.appmanagement.all')
->with('applications', Application::paginate(6));
}
@ -188,16 +186,36 @@ class ApplicationController extends Controller
Log::info('Processing new application!');
$formStructure = json_decode($vacancy->first()->forms->formStructure, true);
$responseValidation = ContextAwareValidator::getResponseValidator($request->all(), $formStructure);
$responseStructure = [];
$excludedNames = [
'_token',
];
$validator = [];
foreach($request->all() as $fieldName => $value)
{
if(!in_array($fieldName, $excludedNames))
{
$validator[$fieldName] = 'required|string';
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
Log::info('Built response & validator structure!');
if (!$responseValidation->get('validator')->fails())
$validation = Validator::make($request->all(), $validator);
if (!$validation->fails())
{
$response = Response::create([
'responseFormID' => $vacancy->first()->forms->id,
'associatedVacancyID' => $vacancy->first()->id, // Since a form can be used by multiple vacancies, we can only know which specific vacancy this response ties to by using a vacancy ID
'responseData' => $responseValidation->get('responseStructure')
'responseData' => json_encode($responseStructure)
]);
Log::info('Registered form response for user ' . Auth::user()->name . ' for vacancy ' . $vacancy->first()->vacancyName);
@ -231,10 +249,13 @@ class ApplicationController extends Controller
return redirect()->back();
}
public function updateApplicationStatus(Request $request, Application $application, $newStatus)
public function updateApplicationStatus(Request $request, $applicationID, $newStatus)
{
$application = Application::find($applicationID);
$this->authorize('update', Application::class);
if (!is_null($application))
{
switch ($newStatus)
{
case 'deny':
@ -253,19 +274,12 @@ class ApplicationController extends Controller
default:
$request->session()->flash('error', 'There are no suitable statuses to update to. Do not mess with the URL.');
}
return redirect()->back();
}
public function delete(Request $request, Application $application)
else
{
$this->authorize('delete', $application);
$application->delete(); // observers will run, cleaning it up
$request->session()->flash('success', 'Application deleted. Comments, appointments and responses have also been deleted.');
return redirect()->back();
$request->session()->flash('The application you\'re trying to update does not exist.');
}
return redirect()->back();
}
}

48
app/Http/Controllers/AppointmentController.php
View File

@ -24,41 +24,60 @@ class AppointmentController extends Controller
];
public function saveAppointment(Request $request, Application $application)
public function saveAppointment(Request $request, $applicationID)
{
// Unrelated TODO: change if's in application page to a switch statement, & have the row encompass it
$this->authorize('create', Appointment::class);
$app = Application::find($applicationID);
if (!is_null($app))
{
// make sure this is a valid date by parsing it first
$appointmentDate = Carbon::parse($request->appointmentDateTime);
$appointment = Appointment::create([
'appointmentDescription' => $request->appointmentDescription,
'appointmentDate' => $appointmentDate->toDateTimeString(),
'applicationID' => $application->id,
'applicationID' => $applicationID,
'appointmentLocation' => (in_array($request->appointmentLocation, $this->allowedPlatforms)) ? $request->appointmentLocation : 'DISCORD',
]);
$application->setStatus('STAGE_INTERVIEW_SCHEDULED');
$app->setStatus('STAGE_INTERVIEW_SCHEDULED');
Log::info('User ' . Auth::user()->name . ' has scheduled an appointment with ' . $application->user->name . ' for application ID' . $application->id, [
Log::info('User ' . Auth::user()->name . ' has scheduled an appointment with ' . $app->user->name . ' for application ID' . $app->id, [
'datetime' => $appointmentDate->toDateTimeString(),
'scheduled' => now()
]);
$application->user->notify(new AppointmentScheduled($appointment));
$app->user->notify(new AppointmentScheduled($appointment));
$request->session()->flash('success', 'Appointment successfully scheduled @ ' . $appointmentDate->toDateTimeString());
}
else
{
$request->session()->flash('error', 'Cant\'t schedule an appointment for an application that doesn\'t exist.');
}
return redirect()->back();
}
public function updateAppointment(Request $request, Application $application, $status)
public function updateAppointment(Request $request, $applicationID, $status)
{
$this->authorize('update', $application->appointment);
$this->authorize('update', Appointment::class);
$application = Application::find($applicationID);
$validStatuses = [
'SCHEDULED',
'CONCLUDED'
];
if (!is_null($application))
{
// NOTE: This is a little confusing, refactor
$application->appointment->appointmentStatus = (in_array($status, $validStatuses)) ? strtoupper($status) : 'SCHEDULED';
$application->appointment->save();
@ -66,18 +85,23 @@ class AppointmentController extends Controller
$application->setStatus('STAGE_PEERAPPROVAL');
$application->user->notify(new ApplicationMoved());
$request->session()->flash('success', 'Interview finished! Staff members can now vote on it.');
}
else
{
$request->session()->flash('error', 'The application you\'re trying to update doesn\'t exist or have an appointment.');
}
return redirect()->back();
}
// also updates
public function saveNotes(SaveNotesRequest $request, Application $application)
public function saveNotes(SaveNotesRequest $request, $applicationID)
{
$application = Application::find($applicationID);
if (!is_null($application))
{
$application->load('appointment');
$application->appointment->meetingNotes = $request->noteText;
$application->appointment->save();
@ -85,7 +109,7 @@ class AppointmentController extends Controller
}
else
{
$request->session()->flash('error', 'There\'s no appointment to save notes to!');
$request->session()->flash('error', 'Sanity check failed: There\'s no appointment to save notes to!');
}
return redirect()->back();

2
app/Http/Controllers/Auth/RegisterController.php
View File

@ -70,7 +70,7 @@ class RegisterController extends Controller
'uuid' => ['required', 'string', 'unique:users', 'min:32', 'max:32'],
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:10', 'confirmed', 'regex:/^.*(?=.{3,})(?=.*[a-zA-Z])(?=.*[0-9])(?=.*[\d\x])(?=.*[!$#%]).*$/'],
'password' => ['required', 'string', 'min:8', 'confirmed'],
], [
'uuid.required' => 'Please enter a valid (and Premium) Minecraft username! We do not support cracked users.'
]);

16
app/Http/Controllers/Auth/TwofaController.php
View File

@ -1,16 +0,0 @@
<?php
namespace App\Http\Controllers\Auth;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Traits\AuthenticatesTwoFactor;
class TwofaController extends Controller
{
use AuthenticatesTwoFactor;
protected $redirectTo = '/dashboard';
}

26
app/Http/Controllers/BanController.php
View File

@ -15,7 +15,11 @@ class BanController extends Controller
public function insert(BanUserRequest $request, User $user)
{
$this->authorize('create', [Ban::class, $user]);
if ($user->is(Auth::user()))
{
$request->session()->flash('error', 'You can\'t ban yourself!');
return redirect()->back();
}
if (is_null($user->bans))
{
@ -24,39 +28,35 @@ class BanController extends Controller
$duration = strtolower($request->durationOperator);
$durationOperand = $request->durationOperand;
$expiryDate = now();
if (!empty($duration))
{
$expiryDate = now();
switch($duration)
{
case 'days':
$expiryDate->addDays($durationOperand);
$expiryDate->addDays($duration);
break;
case 'weeks':
$expiryDate->addWeeks($durationOperand);
$expiryDate->addWeeks($duration);
break;
case 'months':
$expiryDate->addMonths($durationOperand);
$expiryDate->addMonths($duration);
break;
case 'years':
$expiryDate->addYears($durationOperand);
$expiryDate->addYears($duration);
break;
}
}
else
{
// Essentially permanent
$expiryDate->addYears(5);
}
$ban = Ban::create([
'userID' => $user->id,
'reason' => $reason,
'bannedUntil' => $expiryDate->format('Y-m-d H:i:s'),
'reason' => $request->reason,
'bannedUntil' => $expiryDate->toDateTimeString() ?? null,
'userAgent' => "Unknown",
'authorUserID' => Auth::user()->id
]);

8
app/Http/Controllers/CommentController.php
View File

@ -32,6 +32,14 @@ class CommentController extends Controller
if ($comment)
{
foreach (User::all() as $user)
{
if ($user->isStaffMember())
{
$user->notify(new NewComment($comment, $application));
}
}
$request->session()->flash('success', 'Comment posted! (:');
}
else

29
app/Http/Controllers/ContactController.php
View File

@ -4,23 +4,11 @@ namespace App\Http\Controllers;
use Illuminate\Http\Request;
use GuzzleHttp;
use App\Notifications\NewContact;
use Illuminate\Support\Facades\Http;
use App\User;
class ContactController extends Controller
{
protected $users;
public function __construct(User $users)
{
$this->users = $users;
}
public function create(Request $request)
{
$name = $request->name;
@ -30,14 +18,12 @@ class ContactController extends Controller
$challenge = $request->input('captcha');
// TODO: now: add middleware for this verification, move to invisible captcha
$verifyrequest = Http::asForm()->post(config('recaptcha.verify.apiurl'), [
'secret' => config('recaptcha.keys.secret'),
'response' => $challenge,
'remoteip' => $request->ip()
'remoteip' => $_SERVER['REMOTE_ADDR']
]);
$response = json_decode($verifyrequest->getBody(), true);
if (!$response['success'])
@ -46,18 +32,7 @@ class ContactController extends Controller
return redirect()->back();
}
foreach(User::all() as $user)
{
if ($user->hasRole('admin'))
{
$user->notify(new NewContact(collect([
'message' => $msg,
'ip' => $request->ip(),
'email' => $email
])));
}
}
// TODO: Send mail
$request->session()->flash('success', 'Message sent successfully! We usually respond within 48 hours.');
return redirect()->back();

14
app/Http/Controllers/DevToolsController.php
View File

@ -6,30 +6,16 @@ use App\Application;
use App\Events\ApplicationApprovedEvent;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class DevToolsController extends Controller
{
// The use case for Laravel's gate and/or validation Requests is so tiny here that a full-blown policy would be overkill.
protected function isolatedAuthorise()
{
if (!Auth::user()->can('admin.developertools.use'))
{
abort(403, 'You\'re not authorized to access this page.');
}
}
public function index()
{
$this->isolatedAuthorise();
return view('dashboard.administration.devtools')
->with('applications', Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get());
}
public function forceVoteCount(Request $request)
{
$this->isolatedAuthorise();
$application = Application::find($request->application);
if (!is_null($application))

103
app/Http/Controllers/FormController.php
View File

@ -7,8 +7,6 @@ use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Auth;
use ContextAwareValidator;
class FormController extends Controller
{
@ -31,17 +29,39 @@ class FormController extends Controller
{
$this->authorize('create', Form::class);
$fields = $request->all();
$contextValidation = ContextAwareValidator::getValidator($fields, true, true);
$formFields = $request->all();
if (!$contextValidation->get('validator')->fails())
$formStructure = [];
$excludedNames = [
'_token',
'formName' // It's added outside the loop. Not excluding causes unwanted duplication.
];
$validator = [
'formName' => 'required|string|max:100'
];
foreach ($formFields as $fieldName => $field)
{
$storableFormStructure = $contextValidation->get('structure');
if(!in_array($fieldName, $excludedNames))
{
$validator[$fieldName . ".0"] = 'required|string';
$validator[$fieldName . ".1"] = 'required|string';
$formStructure['fields'][$fieldName]['title'] = $field[0];
$formStructure['fields'][$fieldName]['type'] = $field[1];
}
}
$validation = Validator::make($formFields, $validator);
if (!$validation->fails())
{
$storableFormStructure = json_encode($formStructure);
Form::create(
[
'formName' => $fields['formName'],
'formName' => $formFields['formName'],
'formStructure' => $storableFormStructure,
'formStatus' => 'ACTIVE'
]
@ -51,81 +71,28 @@ class FormController extends Controller
return redirect()->to(route('showForms'));
}
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
$request->session()->flash('errors', $validation->errors()->getMessages());
return redirect()->back();
}
public function destroy(Request $request, Form $form)
public function destroy(Request $request, $id)
{
$form = Form::find($id);
$this->authorize('delete', $form);
$deletable = true;
if (!is_null($form) && !is_null($form->vacancies) && $form->vacancies->count() !== 0 || !is_null($form->responses))
{
$deletable = false;
}
if ($deletable)
// TODO: Check if form is linked to vacancies before allowing deletion
if (!is_null($form))
{
$form->delete();
$request->session()->flash('success', 'Form deleted successfully.');
}
else
{
$request->session()->flash('error', 'You cannot delete this form because it\'s tied to one or more applications and ranks, or because it doesn\'t exist.');
return redirect()->back();
}
$request->session()->flash('error', 'The form you\'re trying to delete does not exist.');
return redirect()->back();
}
public function preview(Request $request, Form $form)
{
$this->authorize('viewAny', Form::class);
return view('dashboard.administration.formpreview')
->with('form', json_decode($form->formStructure, true))
->with('title', $form->formName)
->with('formID', $form->id);
}
public function edit(Request $request, Form $form)
{
$this->authorize('update', $form);
return view('dashboard.administration.editform')
->with('formStructure', json_decode($form->formStructure, true))
->with('title', $form->formName)
->with('formID', $form->id);
}
public function update(Request $request, Form $form)
{
$this->authorize('update', $form);
$contextValidation = ContextAwareValidator::getValidator($request->all(), true);
$this->authorize('update', $form);
if (!$contextValidation->get('validator')->fails())
{
// Add the new structure into the form. New, subsquent fields will be identified by the "new" prefix
// This prefix doesn't actually change the app's behavior when it receives applications.
// Additionally, old applications won't of course display new and updated fields, because we can't travel into the past and get data for them
$form->formStructure = $contextValidation->get('structure');
$form->save();
$request->session()->flash('success', 'Hooray! Your form was updated. New applications for it\'s vacancy will use it.');
}
else
{
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
}
return redirect()->to(route('previewForm', ['form' => $form->id]));
}
}

9
app/Http/Controllers/HomeController.php
View File

@ -15,12 +15,15 @@ class HomeController extends Controller
*/
public function index()
{
// TODO: Relationships for Applications, Users and Responses
// Also prevent apps if user already has one in the space of 30d
// Display apps in the relevant menus
$positions = Vacancy::where('vacancyStatus', 'OPEN')
->where('vacancyCount', '<>', 0)
$positions = DB::table('vacancies')
->where('vacancyStatus', 'OPEN')
->where('vacancyCount', '!=', 0)
->get();
return view('home')
->with('positions', $positions);
}

77
app/Http/Controllers/OptionsController.php
View File

@ -1,77 +0,0 @@
<?php
namespace App\Http\Controllers;
use App\Facades\Options;
use App\Options as Option;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class OptionsController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Http\Response|\Illuminate\View\View
*/
public function index()
{
// TODO: Obtain this from the facade
$options = Option::all();
return view('dashboard.administration.settings')
->with('options', $options);
}
public function saveSettings(Request $request)
{
if (Auth::user()->can('admin.settings.edit'))
{
Log::debug('Updating application options', [
'ip' => $request->ip(),
'ua' => $request->userAgent(),
'username' => Auth::user()->username
]);
foreach($request->all() as $optionName => $option)
{
try
{
Log::debug('Going through option ' . $optionName);
if (Options::optionExists($optionName))
{
Log::debug('Option exists, updating to new values', [
'opt' => $optionName,
'new_value' => $option
]);
Options::changeOption($optionName, $option);
}
}
catch(\Exception $ex)
{
Log::error('Unable to update options!', [
'msg' => $ex->getMessage(),
'trace' => $ex->getTraceAsString()
]);
report($ex);
$errorCond = true;
$request->session()->flash('error', 'An error occurred while trying to save settings: ' . $ex->getMessage());
}
}
if (!isset($errorCond))
{
$request->session()->flash('success', 'Settings saved successfully!');
}
}
else
{
$request->session()->flash('error', 'You do not have permission to update this resource.');
}
return redirect()->back();
}
}

14
app/Http/Controllers/ProfileController.php
View File

@ -87,6 +87,7 @@ class ProfileController extends Controller
public function saveProfile(ProfileSave $request)
{
// TODO: Switch to route model binding
$profile = User::find(Auth::user()->id)->profile;
$social = [];
@ -119,6 +120,19 @@ class ProfileController extends Controller
$request->session()->flash('success', 'Profile settings saved successfully.');
}
else
{
$gm = 'Guru Meditation #' . rand(0, 1000);
Log::alert('[GURU MEDITATION]: Could not find profile for authenticated user ' . Auth::user()->name . 'whilst trying to update it! Please verify that profiles are being created automatically during signup.',
[
'uuid' => Auth::user()->uuid,
'timestamp' => now(),
'route' => $request->route()->getName(),
'gmcode' => $gm // If this error is reported, the GM code, denoting a severe error, will help us find this entry in the logs
]);
$request->session()->flash('error', 'A technical error has occurred whilst trying to save your profile. Incident details have been recorded. Please report this incident to administrators with the following case number: ' . $gm);
}
return redirect()->back();

92
app/Http/Controllers/UserController.php
View File

@ -8,8 +8,6 @@ use App\Http\Requests\FlushSessionsRequest;
use App\Http\Requests\DeleteUserRequest;
use App\Http\Requests\SearchPlayerRequest;
use App\Http\Requests\UpdateUserRequest;
use App\Http\Requests\Add2FASecretRequest;
use App\Http\Requests\Remove2FASecretRequest;
use App\User;
use App\Ban;
@ -23,8 +21,6 @@ use App\Notifications\EmailChanged;
use App\Notifications\ChangedPassword;
use Spatie\Permission\Models\Role;
use Google2FA;
class UserController extends Controller
{
@ -116,32 +112,10 @@ class UserController extends Controller
}
}
public function showAccount(Request $request)
public function showAccount()
{
$QRCode = null;
if (!$request->user()->has2FA())
{
if ($request->session()->has('twofaAttemptFailed'))
{
$twoFactorSecret = $request->session()->get('current2FA');
}
else
{
$twoFactorSecret = Google2FA::generateSecretKey(32, '');
$request->session()->put('current2FA', $twoFactorSecret);
}
$QRCode = Google2FA::getQRCodeInline(
config('app.name'),
$request->user()->email,
$twoFactorSecret
);
}
return view('dashboard.user.profile.useraccount')
->with('ip', request()->ip())
->with('twofaQRCode', $QRCode);
->with('ip', request()->ip());
}
@ -215,9 +189,6 @@ class UserController extends Controller
public function delete(DeleteUserRequest $request, User $user)
{
$this->authorize('delete', $user);
if ($request->confirmPrompt == 'DELETE ACCOUNT')
{
$user->delete();
@ -235,8 +206,6 @@ class UserController extends Controller
public function update(UpdateUserRequest $request, User $user)
{
$this->authorize('adminEdit', $user);
// Mass update would not be possible here without extra code, making route model binding useless
$user->email = $request->email;
$user->name = $request->name;
@ -273,67 +242,10 @@ class UserController extends Controller
}
public function add2FASecret(Add2FASecretRequest $request)
{
$currentSecret = $request->session()->get('current2FA');
$isValid = Google2FA::verifyKey($currentSecret, $request->otp);
if ($isValid)
{
$request->user()->twofa_secret = $currentSecret;
$request->user()->save();
Log::warning('SECURITY: User activated two-factor authentication', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
Google2FA::login();
Log::warning('SECURITY: Started two factor session automatically', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->session()->forget('current2FA');
if ($request->session()->has('twofaAttemptFailed'))
$request->session()->forget('twofaAttemptFailed');
$request->session()->flash('success', '2FA succesfully enabled! You\'ll now be prompted for an OTP each time you log in.');
}
else
{
$request->session()->flash('error', 'Incorrect code. Please reopen the 2FA settings panel and try again.');
$request->session()->put('twofaAttemptFailed', true);
}
return redirect()->back();
}
public function remove2FASecret(Remove2FASecretRequest $request)
{
Log::warning('SECURITY: Disabling two factor authentication (user initiated)', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->user()->twofa_secret = null;
$request->user()->save();
$request->session()->flash('success', 'Two-factor authentication disabled.');
return redirect()->back();
}
public function terminate(Request $request, User $user)
{
$this->authorize('terminate', User::class);
// TODO: move logic to policy
if (!$user->isStaffMember() || $user->is(Auth::user()))
{
$request->session()->flash('error', 'You cannot terminate this user.');

38
app/Http/Controllers/VacancyController.php
View File

@ -3,19 +3,15 @@
namespace App\Http\Controllers;
use App\Http\Requests\VacancyRequest;
use App\Http\Requests\VacancyEditRequest;
use App\Vacancy;
use App\User;
use App\Form;
use App\Notifications\VacancyClosed;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Auth;
class VacancyController extends Controller
{
public function index()
@ -35,16 +31,10 @@ class VacancyController extends Controller
if (!is_null($form))
{
/* note: since we can't convert HTML back to Markdown, we'll have to do the converting when the user requests a page,
* and leave the database with Markdown only so it can be used and edited everywhere.
* for several vacancies, this would require looping through all of them and replacing MD with HTML, which is obviously not the most clean solution;
* however, the Model can be configured to return MD instead of HTML on that specific field saving us from looping.
*/
Vacancy::create([
'vacancyName' => $request->vacancyName,
'vacancyDescription' => $request->vacancyDescription,
'vacancyFullDescription' => $request->vacancyFullDescription,
'vacancySlug' => Str::slug($request->vacancyName),
'permissionGroupName' => $request->permissionGroup,
'discordRoleID' => $request->discordRole,
@ -64,9 +54,10 @@ class VacancyController extends Controller
}
public function updatePositionAvailability(Request $request, $status, Vacancy $vacancy)
public function updatePositionAvailability(Request $request, $status, $id)
{
$vacancy = Vacancy::find($id);
$this->authorize('update', $vacancy);
if (!is_null($vacancy))
@ -110,29 +101,4 @@ class VacancyController extends Controller
return redirect()->back();
}
public function edit(Request $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
return view('dashboard.administration.editposition')
->with('vacancy', $vacancy);
}
public function update(VacancyEditRequest $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
$vacancy->vacancyFullDescription = $request->vacancyFullDescription;
$vacancy->vacancyDescription = $request->vacancyDescription;
$vacancy->vacancyCount = $request->vacancyCount;
$vacancy->save();
$request->session()->flash('success', 'Vacancy successfully updated.');
return redirect()->back();
}
}

16
app/Http/Controllers/VoteController.php
View File

@ -13,23 +13,33 @@ use Illuminate\Support\Facades\Log;
class VoteController extends Controller
{
public function vote(VoteRequest $voteRequest, Application $application)
public function vote(VoteRequest $voteRequest, $applicationID)
{
$application = Application::find($applicationID);
$this->authorize('create', Vote::class);
if (!is_null($application))
{
$vote = Vote::create([
'userID' => Auth::user()->id,
'allowedVoteType' => $voteRequest->voteType,
]);
$vote->application()->attach($application->id);
$vote->application()->attach($applicationID);
Log::info('User ' . Auth::user()->name . ' has voted in applicant ' . $application->user->name . '\'s application', [
'voteType' => $voteRequest->voteType
]);
$voteRequest->session()->flash('success', 'Your vote has been registered!');
$voteRequest->session()->flash('success', 'Your vote has been registered! You will now be notified about the outcome of this application.');
}
else
{
$voteRequest->session()->flash('error', 'Can\t vote a non existant application!');
}
// Cron job will run command that processes votes
return redirect()->back();
}
}

8
app/Http/Kernel.php
View File

@ -64,12 +64,6 @@ class Kernel extends HttpKernel
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'eligibility' => \App\Http\Middleware\ApplicationEligibility::class,
'usernameUUID' => \App\Http\Middleware\UsernameUUID::class,
'forcelogout' => \App\Http\Middleware\ForceLogoutMiddleware::class,
'2fa' => \PragmaRX\Google2FALaravel\Middleware::class,
'localize' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRoutes::class,
'localizationRedirect' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRedirectFilter::class,
'localeSessionRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleSessionRedirect::class,
'localeCookieRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleCookieRedirect::class,
'localeViewPath' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationViewPath::class
'forcelogout' => \App\Http\Middleware\ForceLogoutMiddleware::class
];
}

4
app/Http/Middleware/TrustProxies.php
View File

@ -12,12 +12,12 @@ class TrustProxies extends Middleware
*
* @var array|string
*/
protected $proxies = "*";
protected $proxies;
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_AWS_ELB;
protected $headers = Request::HEADER_X_FORWARDED_ALL;
}

31
app/Http/Requests/Add2FASecretRequest.php
View File

@ -1,31 +0,0 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class Add2FASecretRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
// current logic only updates currently authenticated user
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'otp' => 'required|string|min:6|max:6'
];
}
}

2
app/Http/Requests/BanUserRequest.php
View File

@ -27,7 +27,7 @@ class BanUserRequest extends FormRequest
{
return [
'reason' => 'required|string',
'durationOperand' => 'nullable|string',
'durationOperand' => 'nullable|integer',
'durationOperator' => 'nullable|string'
];
}

31
app/Http/Requests/Remove2FASecretRequest.php
View File

@ -1,31 +0,0 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class Remove2FASecretRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'currentPassword' => 'required|password',
'consent' => 'required|accepted'
];
}
}

34
app/Http/Requests/VacancyEditRequest.php
View File

@ -1,34 +0,0 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
class VacancyEditRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return Auth::user()->can('admin.hiring.vacancy.edit');
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'vacancyDescription' => 'required|string',
'vacancyFullDescription' => 'nullable|string',
'vacancyCount' => 'required|integer|min:1'
];
}
}

1
app/Http/Requests/VacancyRequest.php
View File

@ -26,7 +26,6 @@ class VacancyRequest extends FormRequest
return [
'vacancyName' => 'required|string',
'vacancyDescription' => 'required|string',
'vacancyFullDescription' => 'nullable|string',
'permissionGroup' => 'required|string',
'discordRole' => 'required|string',
'vacancyCount' => 'required|integer',

45
app/Listeners/LogAuthenticationFailure.php
View File

@ -1,45 +0,0 @@
<?php
namespace App\Listeners;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Support\Facades\Log;
class LogAuthenticationFailure
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param object $event
* @return void
*/
public function handle($event)
{
$targetAccountID = 0;
$originalIP = "0.0.0.0";
if (isset($event->user->id))
{
$targetAccountID = $event->user->id;
}
Log::alert('SECURITY (login): Detected failed authentication attempt!', [
'targetAccountID' => $targetAccountID,
'existingAccount' => ($targetAccountID == 0) ? false : true,
'sourceIP' => request()->ip(),
'matchesAccountLastIP' => request()->ip() == $originalIP,
'sourceUserAgent' => request()->userAgent(),
]);
}
}

36
app/Listeners/LogAuthenticationSuccess.php
View File

@ -1,36 +0,0 @@
<?php
namespace App\Listeners;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Support\Facades\Log;
class LogAuthenticationSuccess
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param object $event
* @return void
*/
public function handle($event)
{
Log::info('SECURITY (postauth-pre2fa): Detected successful login attempt', [
'accountID' => $event->user->id,
'sourceIP' => request()->ip(),
'matchesAccountLastIP' => request()->ip() == $event->user->originalIP,
'sourceUserAgent' => request()->userAgent(),
]);
}
}

20
app/Notifications/ApplicationApproved.php
View File

@ -2,8 +2,6 @@
namespace App\Notifications;
use App\Facades\Options;
use App\Traits\Cancellable;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
@ -13,7 +11,7 @@ use App\Application;
class ApplicationApproved extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
public $application;
@ -26,15 +24,15 @@ class ApplicationApproved extends Notification implements ShouldQueue
{
$this->application = $application;
}
public function channels()
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return $this->chooseChannelsViaOptions();
}
public function optOut($notifiable)
{
return Options::getOption('notify_applicant_approved') !== 1;
return ['mail', 'slack'];
}
/**

2
app/Notifications/ApplicationDenied.php
View File

@ -52,7 +52,7 @@ class ApplicationDenied extends Notification implements ShouldQueue
->line('Your most recent application has been denied.')
->line('Our review team denies applications for several reasons, including poor answers.')
->line('Please review your application and try again in 30 days.')
->action('Review application', url(route('showUserApp', ['application' => $this->application->id])))
->action('Review application', url(route('showUserApp', ['id' => $this->application->id])))
->line('Better luck next time!');
}

14
app/Notifications/ApplicationMoved.php
View File

@ -6,12 +6,10 @@ use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use App\Traits\Cancellable;
use App\Facades\Options;
class ApplicationMoved extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
/**
* Create a new notification instance.
@ -23,9 +21,15 @@ class ApplicationMoved extends Notification implements ShouldQueue
//
}
public function optOut($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return Options::getOption('notify_application_status_change') !== 1;
return ['mail'];
}
/**

27
app/Notifications/NewApplicant.php
View File

@ -10,12 +10,9 @@ use Illuminate\Notifications\Notification;
use App\Application;
use App\Vacancy;
use App\Traits\Cancellable;
use App\Facades\Options;
class NewApplicant extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
protected $application;
@ -34,21 +31,17 @@ class NewApplicant extends Notification implements ShouldQueue
$this->vacancy = $vacancy;
}
public function channels()
{
if (Options::getOption('enable_slack_notifications') == 1)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return ['slack'];
}
return [];
}
public function optOut($notifiable)
{
return Options::getOption('notify_new_user') !== 1;
}
/**
* Get the mail representation of the notification.
*
@ -62,7 +55,7 @@ class NewApplicant extends Notification implements ShouldQueue
->subject(config('app.name') . ' - New application')
->line('Someone has just applied for a position. Check it out!')
->line('You are receiving this because you\'re a staff member at ' . config('app.name') . '.')
->action('View Application', url(route('showUserApp', ['application' => $this->application->id])))
->action('View Application', url(route('showUserApp', ['id' => $this->application->id])))
->line('Thank you!');
}
@ -74,7 +67,7 @@ class NewApplicant extends Notification implements ShouldQueue
$vacancyDetails['name'] = $this->vacancy->vacancyName;
$vacancyDetails['slots'] = $this->vacancy->vacancyCount;
$url = route('showUserApp', ['application' => $this->application->id]);
$url = route('showUserApp', ['id' => $this->application->id]);
$applicant = $this->application->user->name;
return (new SlackMessage)

16
app/Notifications/NewComment.php
View File

@ -8,12 +8,10 @@ use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use App\Comment;
use App\Application;
use App\Traits\Cancellable;
use App\Facades\Options;
class NewComment extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
protected $application;
@ -28,9 +26,15 @@ class NewComment extends Notification implements ShouldQueue
$this->application = $application;
}
public function optOut($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return Options::getOption('notify_application_comment') !== 1;
return ['mail'];
}
/**
@ -46,7 +50,7 @@ class NewComment extends Notification implements ShouldQueue
->subject(config('app.name') . ' - New comment')
->line('Someone has just posted a new comment on an application you follow.')
->line('You\'re receiving this email because you\'ve voted/commented on this application.')
->action('Check it out', url(route('showUserApp', ['application' => $this->application->id])))
->action('Check it out', url(route('showUserApp', ['id' => $this->application->id])))
->line('Thank you!');
}

78
app/Notifications/NewContact.php
View File

@ -1,78 +0,0 @@
<?php
namespace App\Notifications;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use Illuminate\Support\Collection;
class NewContact extends Notification
{
use Queueable;
public $message;
/**
* Create a new notification instance.
*
* @return void
*/
public function __construct(Collection $message)
{
$this->message = $message;
}
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return ['mail'];
}
/**
* Get the mail representation of the notification.
*
* @param mixed $notifiable
* @return \Illuminate\Notifications\Messages\MailMessage
*/
public function toMail($notifiable)
{
if ($this->message->has([
'message',
'ip',
'email'
]))
{
return (new MailMessage)
->line('We\'ve received a new contact form submission in the StaffManagement app center.')
->line('This is what they sent: ')
->line('')
->line($this->message->get('message'))
->line('')
->line('This message was received from ' . $this->message->get('ip') . ' and submitted by ' . $this->message->get('email') . '.')
->action('Sign in', url(route('login')))
->line('Thank you!');
}
throw new \InvalidArgumentException("Invalid arguments supplied to NewContact!");
}
/**
* Get the array representation of the notification.
*
* @param mixed $notifiable
* @return array
*/
public function toArray($notifiable)
{
return [
//
];
}
}

20
app/Notifications/NewUser.php
View File

@ -10,12 +10,10 @@ use Illuminate\Notifications\Messages\SlackMessage;
use App\User;
use App\Facades\UUID;
use App\Traits\Cancellable;
use App\Facades\Options;
class NewUser extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
public $user;
@ -29,14 +27,18 @@ class NewUser extends Notification implements ShouldQueue
$this->user = $user;
}
public function channels($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return $this->chooseChannelsViaOptions();
}
return ($notifiable->isStaffMember())
? ['slack', 'mail']
: ['mail'];
public function optOut($notifiable)
{
return Options::getOption('notify_new_user') !== 1;
}
/**

15
app/Notifications/VacancyClosed.php
View File

@ -6,15 +6,12 @@ use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use Illuminate\Queue\SerializesModels;
use App\Vacancy;
use App\Facades\Options;
use App\Traits\Cancellable;
class VacancyClosed extends Notification implements ShouldQueue
{
use Queueable, SerializesModels, Cancellable;
use Queueable;
protected $vacancy;
@ -28,9 +25,15 @@ class VacancyClosed extends Notification implements ShouldQueue
$this->vacancy = $vacancy;
}
public function optOut($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return Options::getOption('notify_vacancystatus_change') !== 1;
return ['mail'];
}
/**

94
app/Observers/ApplicationObserver.php
View File

@ -1,94 +0,0 @@
<?php
namespace App\Observers;
use App\Application;
use Illuminate\Support\Facades\Log;
class ApplicationObserver
{
/**
* Handle the application "created" event.
*
* @param \App\Application $application
* @return void
*/
public function created(Application $application)
{
//
}
/**
* Handle the application "updated" event.
*
* @param \App\Application $application
* @return void
*/
public function updated(Application $application)
{
//
}
public function deleting(Application $application)
{
$application->response()->delete();
$votes = $application->votes;
foreach ($votes as $vote)
{
Log::debug('Referential integrity cleanup: Deleting and detaching vote ' . $vote->id);
$vote->application()->detach($application->id);
$vote->delete();
}
if (!is_null($application->appointment))
{
Log::debug('RIC: Deleting appointment!');
$application->appointment()->delete();
}
if (!$application->comments->isEmpty())
{
Log::debug('RIC: Deleting comments!');
foreach($application->comments as $comment)
{
$comment->delete();
}
}
// application can now be deleted
}
/**
* Handle the application "deleted" event.
*
* @param \App\Application $application
* @return void
*/
public function deleted(Application $application)
{
//
}
/**
* Handle the application "restored" event.
*
* @param \App\Application $application
* @return void
*/
public function restored(Application $application)
{
//
}
/**
* Handle the application "force deleted" event.
*
* @param \App\Application $application
* @return void
*/
public function forceDeleted(Application $application)
{
//
}
}

25
app/Observers/UserObserver.php
View File

@ -48,7 +48,30 @@ class UserObserver
Log::debug('RIC: Now trying to delete applications and responses...');
foreach($applications as $application)
{
// code moved to Application observer, where it gets rid of attached elements individually
$application->response()->delete();
$votes = $application->votes;
foreach ($votes as $vote)
{
Log::debug('RIC: Deleting and detaching vote ' . $vote->id);
$vote->application()->detach($application->id);
$vote->delete();
}
if (!is_null($application->appointment))
{
Log::debug('RIC: Deleting appointment!');
$application->appointment()->delete();
}
if (!$application->comments->isEmpty())
{
Log::debug('RIC: Deleting comments!');
foreach($application->comments as $comment)
{
$comment->delete();
}
}
Log::debug('RIC: Deleting application ' . $application->id);
$application->delete();

64
app/Observers/VacancyObserver.php
View File

@ -1,64 +0,0 @@
<?php
namespace App\Observers;
use App\Vacancy;
class VacancyObserver
{
/**
* Handle the vacancy "created" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function created(Vacancy $vacancy)
{
//
}
/**
* Handle the vacancy "updated" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function updated(Vacancy $vacancy)
{
//
}
/**
* Handle the vacancy "deleted" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function deleted(Vacancy $vacancy)
{
// TODO: Handle deletion of children's data
}
/**
* Handle the vacancy "restored" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function restored(Vacancy $vacancy)
{
//
}
/**
* Handle the vacancy "force deleted" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function forceDeleted(Vacancy $vacancy)
{
//
}
}

13
app/Options.php
View File

@ -1,13 +0,0 @@
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Options extends Model
{
public $fillable = [
'option_name',
'option_value'
];
}

7
app/Policies/ApplicationPolicy.php
View File

@ -45,11 +45,4 @@ class ApplicationPolicy
{
return $user->hasAnyRole('admin', 'hiringManager');
}
public function delete(User $user, Application $application)
{
return $user->hasRole('admin');
}
}

24
app/Policies/AppointmentPolicy.php
View File

@ -13,7 +13,7 @@ class AppointmentPolicy
/**
* Determine whether the user can view any models.
*
* @param User $user
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
@ -24,8 +24,8 @@ class AppointmentPolicy
/**
* Determine whether the user can view the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function view(User $user, Appointment $appointment)
@ -36,7 +36,7 @@ class AppointmentPolicy
/**
* Determine whether the user can create models.
*
* @param User $user
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
@ -47,8 +47,8 @@ class AppointmentPolicy
/**
* Determine whether the user can update the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function update(User $user, Appointment $appointment)
@ -59,8 +59,8 @@ class AppointmentPolicy
/**
* Determine whether the user can delete the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function delete(User $user, Appointment $appointment)
@ -71,8 +71,8 @@ class AppointmentPolicy
/**
* Determine whether the user can restore the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function restore(User $user, Appointment $appointment)
@ -83,8 +83,8 @@ class AppointmentPolicy
/**
* Determine whether the user can permanently delete the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function forceDelete(User $user, Appointment $appointment)

15
app/Policies/BanPolicy.php
View File

@ -5,8 +5,6 @@ namespace App\Policies;
use App\Ban;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class BanPolicy
{
@ -39,18 +37,11 @@ class BanPolicy
* Determine whether the user can create models.
*
* @param \App\User $user
* @param User $targetUser
* @return mixed
*/
public function create(User $user, User $targetUser)
public function create(User $user)
{
Log::debug("Authorization check started", [
'requiredRoles' => 'admin',
'hasRequiredRole' => $user->hasRole('admin'),
'targetUser' => $targetUser->username,
'isCurrentUser' => Auth::user()->is($user)
]);
return $user->hasRole('admin') && $user->isNot($targetUser);
//
}
/**
@ -62,7 +53,7 @@ class BanPolicy
*/
public function update(User $user, Ban $ban)
{
return $user->hasRole('admin');
//
}
/**

2
app/Policies/FormPolicy.php
View File

@ -57,7 +57,7 @@ class FormPolicy
*/
public function update(User $user, Form $form)
{
return $user->can('admin.hiring.forms');
// unused
}
/**

11
app/Policies/UserPolicy.php
View File

@ -24,12 +24,6 @@ class UserPolicy
return $authUser->is($user) || $authUser->hasRole('admin');
}
// This refers to the admin tools that let staff update more information than users themselves can
public function adminEdit(User $authUser, User $user)
{
return $authUser->hasRole('admin') && $authUser->isNot($user);
}
public function viewStaff(User $user)
{
return $user->can('admin.stafflist');
@ -44,9 +38,4 @@ class UserPolicy
{
return $authUser->hasRole('admin');
}
public function delete(User $authUser, User $subject)
{
return $authUser->hasRole('admin') && $authUser->isNot($subject);
}
}

2
app/Policies/VacancyPolicy.php
View File

@ -53,7 +53,7 @@ class VacancyPolicy
*/
public function update(User $user, Vacancy $vacancy)
{
return $user->hasAnyRole('admin', 'hiringManager');
return $user->hasRole('admin', 'hiringManager');
}
/**

6
app/Providers/AppServiceProvider.php
View File

@ -2,8 +2,6 @@
namespace App\Providers;
use App\Application;
use App\Observers\ApplicationObserver;
use App\Observers\UserObserver;
use App\User;
use Illuminate\Support\Facades\Schema;
@ -34,10 +32,6 @@ class AppServiceProvider extends ServiceProvider
]);
Schema::defaultStringLength(191);
User::observe(UserObserver::class);
Application::observe(ApplicationObserver::class);
$this->app['request']->server->set('HTTPS', $this->app->environment() != 'local');
}
}

16
app/Providers/AuthServiceProvider.php
View File

@ -2,15 +2,15 @@
namespace App\Providers;
use App\Http\Controllers\BanController;
use App\Http\Controllers\VoteController;
use App\Http\Controllers\ProfileController;
use App\Http\Controllers\AppointmentController;
use App\Policies\ProfilePolicy;
use App\Policies\VacancyPolicy;
use App\Policies\UserPolicy;
use App\Policies\BanPolicy;
use App\Policies\FormPolicy;
use App\Policies\VotePolicy;
use App\Policies\ApplicationPolicy;
use App\Policies\AppointmentPolicy;
use App\User;
use App\Form;
use App\Vote;
@ -18,8 +18,6 @@ use App\Vacancy;
use App\Application;
use App\Appointment;
use App\Ban;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
@ -38,9 +36,9 @@ class AuthServiceProvider extends ServiceProvider
Vacancy::class => VacancyPolicy::class,
//Form::class => FormPolicy::class
'App\Form' => 'App\Policies\FormPolicy',
Vote::class => VotePolicy::class,
Ban::class => BanPolicy::class,
Appointment::class => AppointmentPolicy::class
Vote::class => VoteController::class,
Ban::class => BanController::class,
Appointment::class => AppointmentController::class
];
/**

34
app/Providers/ContextAwareValidatorProvider.php
View File

@ -1,34 +0,0 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use App;
class ContextAwareValidatorProvider extends ServiceProvider
{
/**
* Register services.
*
* @return void
*/
public function register()
{
//
}
/**
* Bootstrap services.
*
* @return void
*/
public function boot()
{
App::bind('contextAwareValidator', function(){
return new App\Helpers\ContextAwareValidator();
});
}
}

10
app/Providers/EventServiceProvider.php
View File

@ -2,11 +2,7 @@
namespace App\Providers;
use App\Listeners\LogAuthenticationFailure;
use App\Listeners\LogAuthenticationSuccess;
use App\Listeners\OnUserRegistration;
use Illuminate\Auth\Events\Failed;
use Illuminate\Auth\Events\Login;
use Illuminate\Auth\Events\Registered;
use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
@ -24,12 +20,6 @@ class EventServiceProvider extends ServiceProvider
SendEmailVerificationNotification::class,
OnUserRegistration::class
],
Failed::class => [
LogAuthenticationFailure::class
],
Login::class => [
LogAuthenticationSuccess::class
],
'App\Events\ApplicationApprovedEvent' => [
'App\Listeners\PromoteUser'
],

31
app/Providers/OptionsProvider.php
View File

@ -1,31 +0,0 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use App;
class OptionsProvider extends ServiceProvider
{
/**
* Register services.
*
* @return void
*/
public function register()
{
//
}
/**
* Bootstrap services.
*
* @return void
*/
public function boot()
{
App::bind('smOptions', function (){
return new App\Helpers\Options();
});
}
}

40
app/Traits/AuthenticatesTwoFactor.php
View File

@ -1,40 +0,0 @@
<?php
namespace App\Traits;
use Google2FA;
use App\Http\Requests\Add2FASecretRequest;
use Illuminate\Support\Facades\Log;
trait AuthenticatesTwoFactor
{
public function verify2FA(Add2FASecretRequest $request)
{
$isValid = Google2FA::verifyKey($request->user()->twofa_secret, $request->otp);
if ($isValid)
{
Google2FA::login();
Log::info('SECURITY (postauth): One-time password verification succeeded', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
return redirect()->to($this->redirectTo);
}
else
{
Log::warning('SECURITY (preauth): One-time password verification failed', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->session()->flash('error', 'Your one time password is invalid.');
return redirect()->back();
}
}
}

49
app/Traits/Cancellable.php
View File

@ -1,49 +0,0 @@
<?php
namespace App\Traits;
use App\Facades\Options;
trait Cancellable
{
public function chooseChannelsViaOptions()
{
$channels = [];
if (Options::getOption('enable_slack_notifications') == 1)
{
array_push($channels, 'slack');
}
elseif(Options::getOption('enable_email_notifications') == 1)
{
array_push($channels, 'email');
}
return $channels;
}
public function channels()
{
return ['mail'];
}
public function via($notifiable)
{
if ($this->optOut($notifiable))
{
return [];
}
return $this->channels();
}
public function optOut($notifiable)
{
return false;
}
}

11
app/User.php
View File

@ -7,10 +7,11 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable implements MustVerifyEmail
class User extends Authenticatable
{
use Notifiable;
use HasRoles;
//use MustVerifyEmail;
/**
* The attributes that are mass assignable.
@ -67,24 +68,18 @@ class User extends Authenticatable implements MustVerifyEmail
}
public function isBanned()
{
return !$this->bans()->get()->isEmpty();
}
public function isStaffMember()
{
return $this->hasAnyRole('reviewer', 'admin', 'hiringManager');
}
public function has2FA()
{
return !is_null($this->twofa_secret);
}
public function routeNotificationForSlack($notification)

24
app/Vacancy.php
View File

@ -6,9 +6,6 @@ use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use GrahamCampbell\Markdown\Facades\Markdown;
class Vacancy extends Model
{
public $fillable = [
@ -16,7 +13,6 @@ class Vacancy extends Model
'permissionGroupName',
'vacancyName',
'vacancyDescription',
'vacancyFullDescription',
'discordRoleID',
'vacancyFormID',
'vacancyCount',
@ -25,26 +21,6 @@ class Vacancy extends Model
];
/**
* Get the HTML variant of the vacancyFullDescription attribute.
*
* @param string $value The original value
* @return string
*/
public function getVacancyFullDescriptionAttribute($value)
{
if (!is_null($value))
{
return Markdown::convertToHTML($value);
}
else
{
return null;
}
}
public function forms()
{
return $this->belongsTo('App\Form', 'vacancyFormID', 'id');

33
app/View/Components/Form.php
View File

@ -1,33 +0,0 @@
<?php
namespace App\View\Components;
use Illuminate\View\Component;
class Form extends Component
{
public $formFields;
public $disableFields = false;
/**
* Create a new component instance.
*
* @return void
*/
public function __construct($disableFields = false)
{
$this->disableFields = $disableFields;
}
/**
* Get the view / contents that represent the component.
*
* @return \Illuminate\View\View|string
*/
public function render()
{
return view('components.form');
}
}

33
app/View/Components/NoPermission.php
View File

@ -1,33 +0,0 @@
<?php
namespace App\View\Components;
use Illuminate\View\Component;
class NoPermission extends Component
{
public $type;
public $inDashboard;
/**
* Create a new component instance.
*
* @return void
*/
public function __construct($type, $inDashboard = true)
{
$this->type = $type;
$this->inDashboard = $inDashboard;
}
/**
* Get the view / contents that represent the component.
*
* @return \Illuminate\View\View|string
*/
public function render()
{
return view('components.no-permission');
}
}

4
composer.json
View File

@ -9,22 +9,18 @@
"license": "MIT",
"require": {
"php": "^7.2.5",
"ext-imagick": "*",
"ext-json": "*",
"arcanedev/log-viewer": "^7.0",
"doctrine/dbal": "^2.10",
"fideloper/proxy": "^4.2",
"fruitcake/laravel-cors": "^1.0",
"geo-sot/laravel-env-editor": "^0.9.9",
"graham-campbell/markdown": "^12.0",
"guzzlehttp/guzzle": "^6.5",
"jeroennoten/laravel-adminlte": "^3.2",
"laravel/framework": "^7.0",
"laravel/slack-notification-channel": "^2.0",
"laravel/tinker": "^2.0",
"laravel/ui": "^2.0",
"mcamara/laravel-localization": "^1.5",
"pragmarx/google2fa-laravel": "^1.3",
"sentry/sentry-laravel": "1.7.1",
"spatie/laravel-permission": "^3.13"
},

2257
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

79
config/adminlte.php
View File

@ -14,7 +14,7 @@ return [
|
*/
'title' => env('APP_NAME'),
'title' => 'Raspberry Net',
'title_prefix' => '',
'title_postfix' => '',
@ -45,12 +45,12 @@ return [
|
*/
'logo' => env('APP_NAME'),
'logo_img' => env('APP_LOGO'),
'logo' => 'RaspberryNet Staff',
'logo_img' => 'https://www.raspberrypi.org/app/uploads/2020/05/Raspberry-Pi-OS-downloads-image-150x150-1.png',
'logo_img_class' => 'brand-image img-circle elevation-3',
'logo_img_xl' => null,
'logo_img_xl_class' => 'brand-image-xs',
'logo_img_alt' => env('APP_NAME') . '\'s Temporary Logo',
'logo_img_alt' => 'Raspberry Network Staff Temporary Logo',
/*
|--------------------------------------------------------------------------
@ -209,76 +209,74 @@ return [
'menu' => [
[
'text' => 'm_home',
'text' => 'Home',
'icon' => 'fas fa-home',
'url' => 'dashboard'
],
[
'text' => 'm_directory',
'text' => 'Directory',
'icon' => 'fas fa-users',
'url' => 'users/directory',
'can' => 'profiles.view.others'
],
[
'header' => 'h_applications',
'header' => 'Applications',
'can' => 'applications.view.own'
],
[
'text' => 'm_my_applications',
'text' => 'My Applications',
'icon' => 'fas fa-fw fa-list-ul',
'can' => 'applications.view.own',
'submenu' => [
[
'text' => 'm_curr_applications',
'text' => 'Current Applications',
'icon' => 'fas fa-fw fa-check-double',
'url' => '/applications/my-applications'
]
],
],
'My Profile',
[
'header' => 'h_my_profile',
],
[
'text' => 'm_profile_settings',
'text' => 'Profile Settings',
'url' => '/profile/settings',
'icon' => 'fas fa-fw fa-cog'
],
[
'text' => 'm_account_settings',
'text' => 'My Account Settings',
'icon' => 'fas fa-user-circle',
'url' => '/profile/settings/account'
],
[
'header' => 'h_app_management',
'header' => 'Application Management',
'can' => ['applications.view.all', 'applications.vote']
],
[
'text' => 'm_all_apps',
'text' => 'All applications',
'url' => 'applications/staff/all',
'icon' => 'fas fa-list-ol',
'can' => 'applications.view.all'
],
[
'text' => 'm_outstanding_apps',
'text' => 'Outstanding Applications',
'url' => '/applications/staff/outstanding',
'icon' => 'far fa-folder-open',
'can' => 'applications.view.all'
],
[
'text' => 'm_interview_queue',
'text' => 'Interview Queue',
'url' => '/applications/staff/pending-interview',
'icon' => 'fas fa-fw fa-microphone-alt',
'can' => 'applications.view.all'
],
[
'text' => 'm_peer_approval',
'text' => 'Peer Approval Queue',
'url' => '/applications/staff/peer-review',
'icon' => 'fas fa-fw fa-search',
'can' => 'applications.view.all'
],
[
'header' => 'h_admin',
'header' => 'Administration',
'can' => [ // may need to be modified
'admin.hiring.*',
'admin.userlist',
@ -288,38 +286,38 @@ return [
]
],
[
'text' => 'm_staff_m',
'text' => 'Staff Members',
'icon' => 'fas fa-fw fa-users',
'url' => '/hr/staff-members',
'can' => 'admin.stafflist'
],
[ // players who haven't been promoted yet
'text' => 'm_reg_players',
'text' => 'Registered Players',
'icon' => 'fas fa-fw fa-user-friends',
'url' => '/hr/players',
'can' => 'admin.userlist'
],
[
'text' => 'sm_hiring_man',
'text' => 'Hiring Management',
'icon' => 'far fa-calendar-plus',
'can' => 'admin.hiring.*',
'submenu' => [
[
'text' => 'm_open_pos',
'text' => 'Open Positions',
'icon' => 'fas fa-box-open',
'url' => '/admin/positions'
],
[
'text' => 'sm_forms',
'text' => 'Forms',
'icon' => 'fab fa-wpforms',
'submenu' => [
[
'text' => 'sm_all_forms',
'text' => 'All forms',
'icon' => 'far fa-list-alt',
'url' => '/admin/forms'
],
[
'text' => 'm_form_builder',
'text' => 'Form Builder',
'icon' => 'fas fa-fw fa-hammer',
'url' => '/admin/forms/builder'
]
@ -328,18 +326,18 @@ return [
]
],
[
'text' => 'sm_app_settings',
'text' => 'App Settings',
'icon' => 'fas fa-fw fa-cog',
'can' => 'admin.notificationsettings',
'submenu' => [
[
'text' => 'm_global_app_s',
'icon' => 'fas fa-cogs',
'url' => '/admin/settings',
'can' => 'admin.settings.view'
'text' => 'Global Notification Settings',
'icon' => 'far fa-bell',
'url' => '/admin/notifications',
'can' => 'admin.notificationsettings.edit'
],
[
'text' => 'm_devtools',
'text' => 'Developer Tools',
'icon' => 'fas fa-code',
'url' => '/admin/devtools',
'can' => 'admin.developertools.use'
@ -347,7 +345,7 @@ return [
]
],
[
'text' => 'm_s_logs',
'text' => 'System Logs',
'url' => '/admin/maintenance/system-logs',
'icon' => 'fas fa-clipboard-list',
'can' => 'admin.maintenance.logs.view'
@ -370,6 +368,7 @@ return [
JeroenNoten\LaravelAdminLte\Menu\Filters\HrefFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\SearchFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\ActiveFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\SubmenuFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\ClassesFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\GateFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\LangFilter::class,
@ -529,16 +528,6 @@ return [
]
]
],
[
'name' => 'AuthCustomisations',
'active' => true,
'files' => [
[
'type' => 'css',
'asset' => false,
'location' => '/css/authpages.css'
]
]
]
],
];

22
config/app.php
View File

@ -15,19 +15,6 @@ return [
'name' => env('APP_NAME', 'Laravel'),
/*
|--------------------------------------------------------------------------
| Application Homepage
|--------------------------------------------------------------------------
|
| This value is the application's homepage.
| If you have a main website other than this application itself, you can link it here.
| It will be used exclusively on the "Homepage" header menu.
|
*/
'sitehomepage' => env('APP_SITEHOMEPAGE', 'https://google.com'),
/*
|--------------------------------------------------------------------------
| Application Environment
@ -177,9 +164,7 @@ return [
/*
* Package Service Providers...
*/
GrahamCampbell\Markdown\MarkdownServiceProvider::class,
/*
* Application Service Providers...
@ -188,12 +173,10 @@ return [
App\Providers\AuthServiceProvider::class,
App\Providers\UUIDConversionProvider::class,
App\Providers\IPInfoProvider::class,
App\Providers\ContextAwareValidatorProvider::class,
// App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class,
App\Providers\RouteServiceProvider::class,
\App\Providers\MojangStatusProvider::class,
\App\Providers\OptionsProvider::class
],
@ -247,10 +230,7 @@ return [
'Validator' => Illuminate\Support\Facades\Validator::class,
'View' => Illuminate\Support\Facades\View::class,
'UUID' => App\Facades\UUID::class,
'IP' => App\Facades\IP::class,
'Markdown' => GrahamCampbell\Markdown\Facades\Markdown::class,
'ContextAwareValidator' => App\Facades\ContextAwareValidation::class,
'Settings' => App\Facades\Options::class
'IP' => App\Facades\IP::class
],

79
config/google2fa.php
View File

@ -1,79 +0,0 @@
<?php
return [
/*
* Enable / disable Google2FA.
*/
'enabled' => env('OTP_ENABLED', true),
/*
* Lifetime in minutes.
*
* In case you need your users to be asked for a new one time passwords from time to time.
*/
'lifetime' => env('OTP_LIFETIME', 0), // 0 = eternal
/*
* Renew lifetime at every new request.
*/
'keep_alive' => env('OTP_KEEP_ALIVE', true),
/*
* Auth container binding.
*/
'auth' => 'auth',
/*
* 2FA verified session var.
*/
'session_var' => 'google2fa',
/*
* One Time Password request input name.
*/
'otp_input' => 'otp',
/*
* One Time Password Window.
*/
'window' => 1,
/*
* Forbid user to reuse One Time Passwords.
*/
'forbid_old_passwords' => false,
/*
* User's table column for google2fa secret.
*/
'otp_secret_column' => 'twofa_secret',
/*
* One Time Password View.
*/
'view' => 'auth.2fa',
/*
* One Time Password error message.
*/
'error_messages' => [
'wrong_otp' => "Your one time code was incorrect.",
'cannot_be_empty' => 'The one time code cannot be empty.',
'unknown' => 'An unknown error has occurred. Please try again.',
],
/*
* Throw exceptions or just fire events?
*/
'throw_exceptions' => env('OTP_THROW_EXCEPTION', true),
/*
* Which image backend to use for generating QR codes?
*
* Supports imagemagick, svg and eps
*/
'qrcode_image_backend' => \PragmaRX\Google2FALaravel\Support\Constants::QRCODE_IMAGE_BACKEND_IMAGEMAGICK,
];

70
config/laravellocalization.php
View File

@ -1,70 +0,0 @@
<?php
return [
// Uncomment the languages that your site supports - or add new ones.
// These are sorted by the native name, which is the order you might show them in a language selector.
// Regional languages are sorted by their base language, so "British English" sorts as "English, British"
'supportedLocales' => [
'en' => ['name' => 'English', 'script' => 'Latn', 'native' => 'English', 'regional' => 'en_GB'],
'es' => ['name' => 'Spanish', 'script' => 'Latn', 'native' => 'Español', 'regional' => 'es_ES'],
'pt' => ['name' => 'Portuguese', 'script' => 'Latn', 'native' => 'Português', 'regional' => 'pt_PT'],
'fr' => ['name' => 'French', 'script' => 'Latn', 'native' => 'Français', 'regional' => 'fr_FR'],
],
// Requires middleware `LaravelSessionRedirect.php`.
//
// Automatically determine locale from browser (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language)
// on first call if it's not defined in the URL. Redirect user to computed localized url.
// For example, if users browser language is `de`, and `de` is active in the array `supportedLocales`,
// the `/about` would be redirected to `/de/about`.
//
// The locale will be stored in session and only be computed from browser
// again if the session expires.
//
// If false, system will take app.php locale attribute
'useAcceptLanguageHeader' => true,
// If `hideDefaultLocaleInURL` is true, then a url without locale
// is identical with the same url with default locale.
// For example, if `en` is default locale, then `/en/about` and `/about`
// would be identical.
//
// If in addition the middleware `LaravelLocalizationRedirectFilter` is active, then
// every url with default locale is redirected to url without locale.
// For example, `/en/about` would be redirected to `/about`.
// It is recommended to use `hideDefaultLocaleInURL` only in
// combination with the middleware `LaravelLocalizationRedirectFilter`
// to avoid duplicate content (SEO).
//
// If `useAcceptLanguageHeader` is true, then the first time
// the locale will be determined from browser and redirect to that language.
// After that, `hideDefaultLocaleInURL` behaves as usual.
'hideDefaultLocaleInURL' => true,
// If you want to display the locales in particular order in the language selector you should write the order here.
//CAUTION: Please consider using the appropriate locale code otherwise it will not work
//Example: 'localesOrder' => ['es','en'],
'localesOrder' => ['en', 'pt', 'fr', 'es'],
// If you want to use custom lang url segments like 'at' instead of 'de-AT', you can use the mapping to tallow the LanguageNegotiator to assign the descired locales based on HTTP Accept Language Header. For example you want ot use 'at', so map HTTP Accept Language Header 'de-AT' to 'at' (['de-AT' => 'at']).
'localesMapping' => [],
// Locale suffix for LC_TIME and LC_MONETARY
// Defaults to most common ".UTF-8". Set to blank on Windows systems, change to ".utf8" on CentOS and similar.
'utf8suffix' => env('LARAVELLOCALIZATION_UTF8SUFFIX', '.UTF-8'),
// URLs which should not be processed, e.g. '/nova', '/nova/*', '/nova-api/*' or specific application URLs
// Defaults to []
'urlsIgnored' => [
'/js/*',
'/img/*',
'/css/*',
'/vendor/*',
'/app.css',
'/robots.txt',
'/slides/*',
'/auth/logout'
],
];

158
config/markdown.php
View File

@ -1,158 +0,0 @@
<?php
declare(strict_types=1);
/*
* This file is part of Laravel Markdown.
*
* (c) Graham Campbell <graham@alt-three.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
return [
/*
|--------------------------------------------------------------------------
| Enable View Integration
|--------------------------------------------------------------------------
|
| This option specifies if the view integration is enabled so you can write
| markdown views and have them rendered as html. The following extensions
| are currently supported: ".md", ".md.php", and ".md.blade.php". You may
| disable this integration if it is conflicting with another package.
|
| Default: true
|
*/
'views' => true,
/*
|--------------------------------------------------------------------------
| CommonMark Extensions
|--------------------------------------------------------------------------
|
| This option specifies what extensions will be automatically enabled.
| Simply provide your extension class names here.
|
| Default: []
|
*/
'extensions' => [],
/*
|--------------------------------------------------------------------------
| Renderer Configuration
|--------------------------------------------------------------------------
|
| This option specifies an array of options for rendering HTML.
|
| Default: [
| 'block_separator' => "\n",
| 'inner_separator' => "\n",
| 'soft_break' => "\n",
| ]
|
*/
'renderer' => [
'block_separator' => "\n",
'inner_separator' => "\n",
'soft_break' => "\n",
],
/*
|--------------------------------------------------------------------------
| Enable Em Tag Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `<em>` parsing is enabled.
|
| Default: true
|
*/
'enable_em' => true,
/*
|--------------------------------------------------------------------------
| Enable Strong Tag Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `<strong>` parsing is enabled.
|
| Default: true
|
*/
'enable_strong' => true,
/*
|--------------------------------------------------------------------------
| Enable Asterisk Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `*` should be parsed for emphasis.
|
| Default: true
|
*/
'use_asterisk' => true,
/*
|--------------------------------------------------------------------------
| Enable Underscore Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `_` should be parsed for emphasis.
|
| Default: true
|
*/
'use_underscore' => true,
/*
|--------------------------------------------------------------------------
| HTML Input
|--------------------------------------------------------------------------
|
| This option specifies how to handle untrusted HTML input.
|
| Default: 'strip'
|
*/
'html_input' => 'strip',
/*
|--------------------------------------------------------------------------
| Allow Unsafe Links
|--------------------------------------------------------------------------
|
| This option specifies whether to allow risky image URLs and links.
|
| Default: true
|
*/
'allow_unsafe_links' => false,
/*
|--------------------------------------------------------------------------
| Maximum Nesting Level
|--------------------------------------------------------------------------
|
| This option specifies the maximum permitted block nesting level.
|
| Default: INF
|
*/
'max_nesting_level' => INF,
];

5
crowdin.yml
View File

@ -1,5 +0,0 @@
files:
- source: /**/lang/**/en/*.php
ignore:
- /**/lang/en/*2.php
translation: /**/lang/**/%two_letters_code%/%original_file_name%

32
database/migrations/2020_07_11_020743_add_detailed_description_to_vacancy.php
View File

@ -1,32 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddDetailedDescriptionToVacancy extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('vacancies', function (Blueprint $table) {
$table->longText('vacancyFullDescription')->nullable()->after('vacancyDescription');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('vacancies', function (Blueprint $table) {
$table->dropColumn('vacancyFullDescription');
});
}
}

32
database/migrations/2020_07_17_053247_add_twofa_secret_to_users.php
View File

@ -1,32 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddTwofaSecretToUsers extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->string('twofa_secret')->nullable()->after('password');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn('twofa_secret');
});
}
}

34
database/migrations/2020_08_30_152900_create_options_table.php
View File

@ -1,34 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateOptionsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('options', function (Blueprint $table) {
$table->id();
$table->string('option_name');
$table->string('option_value');
$table->string('friendly_name');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('options');
}
}

1
database/seeds/DatabaseSeeder.php
View File

@ -13,6 +13,5 @@ class DatabaseSeeder extends Seeder
{
$this->call(PermissionSeeder::class);
$this->call(UserSeeder::class);
$this->call(DefaultOptionsSeeder::class);
}
}

27
database/seeds/DefaultOptionsSeeder.php
View File

@ -1,27 +0,0 @@
<?php
use App\Facades\Options;
use Illuminate\Database\Seeder;
class DefaultOptionsSeeder extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
Options::setOption('notify_new_application_email', true, 'Notify when a new application comes through'); // done
Options::setOption('notify_application_comment', false, 'Notify when someone comments on an application'); // done
Options::setOption('notify_new_user', true, 'Notify when someone signs up'); // done
Options::setOption('notify_application_status_change', true, 'Notify when an application changes status'); // done
Options::setOption('notify_applicant_approved', true, 'Notify when an applicant is approved'); // done
Options::setOption('notify_vacancystatus_change', false, 'Notify when a vacancy\'s status changes'); // done
Options::setOption('enable_slack_notifications', true, 'Enable slack notifications');
Options::setOption('enable_email_notifications', true, 'Enable e-mail notifications');
}
}

31
database/seeds/NewPermissions.php
View File

@ -1,31 +0,0 @@
<?php
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
class NewPermissions extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$developer = Role::create([
'name' => 'developer'
]);
$admin = Role::where('name', 'admin')->first();
Permission::create(['name' => 'admin.settings.view']);
Permission::create(['name' => 'admin.settings.edit']);
$developer->givePermissionTo('admin.developertools.use');
$admin->givePermissionTo('admin.settings.view');
$admin->givePermissionTo('admin.settings.edit');
}
}

2816
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

1
package.json
View File

@ -1,7 +1,6 @@
{
"private": true,
"scripts": {
"postinstall": "npm run prod",
"dev": "npm run development",
"development": "cross-env NODE_ENV=development node_modules/webpack/bin/webpack.js --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js",
"watch": "npm run development -- --watch",

2
public/app.css vendored
View File

@ -1,4 +1,4 @@
.view {
.page-bg {
background: url("/slides/06.png")no-repeat center center;
background-size: cover;
}

81
public/css/login.css vendored
View File

@ -1,81 +0,0 @@
body {
font-family: "Karla", sans-serif;
background-color: #d0d0ce;
min-height: 100vh; }
.brand-wrapper {
margin-bottom: 19px; }
.brand-wrapper .logo {
height: 37px; }
.login-card {
border: 0;
border-radius: 27.5px;
box-shadow: 0 10px 30px 0 rgba(172, 168, 168, 0.43);
overflow: hidden; }
.login-card-img {
border-radius: 0;
position: absolute;
width: 100%;
height: 100%;
-o-object-fit: cover;
object-fit: cover; }
.login-card .card-body {
padding: 85px 60px 60px; }
@media (max-width: 422px) {
.login-card .card-body {
padding: 35px 24px; } }
.login-card-description {
font-size: 25px;
color: #000;
font-weight: normal;
margin-bottom: 23px; }
.login-card form {
max-width: 326px; }
.login-card .form-control {
border: 1px solid #d5dae2;
padding: 15px 25px;
margin-bottom: 20px;
min-height: 45px;
font-size: 13px;
line-height: 15;
font-weight: normal; }
.login-card .form-control::-webkit-input-placeholder {
color: #919aa3; }
.login-card .form-control::-moz-placeholder {
color: #919aa3; }
.login-card .form-control:-ms-input-placeholder {
color: #919aa3; }
.login-card .form-control::-ms-input-placeholder {
color: #919aa3; }
.login-card .form-control::placeholder {
color: #919aa3; }
.login-card .login-btn {
padding: 13px 20px 12px;
background-color: #000;
border-radius: 4px;
font-size: 17px;
font-weight: bold;
line-height: 20px;
color: #fff;
margin-bottom: 24px; }
.login-card .login-btn:hover {
border: 1px solid #000;
background-color: transparent;
color: #000; }
.login-card .forgot-password-link {
font-size: 14px;
color: #919aa3;
margin-bottom: 12px; }
.login-card-footer-text {
font-size: 16px;
color: #0d2366;
margin-bottom: 60px; }
@media (max-width: 767px) {
.login-card-footer-text {
margin-bottom: 24px; } }
.login-card-footer-nav a {
font-size: 14px;
color: #919aa3; }
/*# sourceMappingURL=login.css.map */

1
public/css/login.css.map
View File

@ -1 +0,0 @@
{"version":3,"sources":["login.scss"],"names":[],"mappings":"AAAA;EACI,gCAAgC;EAChC,yBAAyB;EACzB,iBAAiB,EAAA;;AAGrB;EACI,mBAAmB,EAAA;EADvB;IAIQ,YAAY,EAAA;;AAIpB;EACI,SAAS;EACT,qBAAqB;EACrB,mDAAmD;EACnD,gBAAgB,EAAA;EAGhB;IACI,gBAAgB;IAChB,kBAAkB;IAClB,WAAW;IACX,YAAY;IACZ,oBAAiB;OAAjB,iBAAiB,EAAA;EAZzB;IAeQ,uBAAuB,EAAA;IAEvB;MAjBR;QAkBY,kBAAkB,EAAA,EAEzB;EAED;IACI,eAAe;IACf,WAAW;IACX,mBAAmB;IACnB,mBAAmB,EAAA;EA1B3B;IA8BQ,gBAAgB,EAAA;EA9BxB;IAkCQ,yBAAyB;IACzB,kBAAkB;IAClB,mBAAmB;IACnB,gBAAgB;IAChB,eAAe;IACf,eAAe;IACf,mBAAmB,EAAA;IAxC3B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;EA3C1B;IAgDQ,uBAAuB;IACvB,sBAAsB;IACtB,kBAAkB;IAClB,eAAe;IACf,iBAAiB;IACjB,iBAAiB;IACjB,WAAW;IACX,mBAAmB,EAAA;IAvD3B;MA0DY,sBAAsB;MACtB,6BAA6B;MAC7B,WAAW,EAAA;EA5DvB;IAiEQ,eAAe;IACf,cAAc;IACd,mBAAmB,EAAA;EAGvB;IACI,eAAe;IACf,cAAc;IACd,mBAAmB,EAAA;IAEnB;MALJ;QAMQ,mBAAmB,EAAA,EAE1B;EAEA;IAEO,eAAe;IACf,cAAc,EAAA","file":"login.css","sourcesContent":["body {\n font-family: \"Karla\", sans-serif;\n background-color: #d0d0ce;\n min-height: 100vh;\n}\n\n.brand-wrapper {\n margin-bottom: 19px;\n\n .logo {\n height: 37px;\n }\n}\n\n.login-card {\n border: 0;\n border-radius: 27.5px;\n box-shadow: 0 10px 30px 0 rgba(172, 168, 168, 0.43);\n overflow: hidden;\n\n\n &-img {\n border-radius: 0;\n position: absolute;\n width: 100%;\n height: 100%;\n object-fit: cover;\n }\n .card-body {\n padding: 85px 60px 60px;\n\n @media (max-width: 422px) {\n padding: 35px 24px;\n }\n }\n\n &-description {\n font-size: 25px;\n color: #000;\n font-weight: normal;\n margin-bottom: 23px;\n }\n\n form {\n max-width: 326px;\n }\n\n .form-control {\n border: 1px solid #d5dae2;\n padding: 15px 25px;\n margin-bottom: 20px;\n min-height: 45px;\n font-size: 13px;\n line-height: 15;\n font-weight: normal;\n\n &::placeholder {\n color: #919aa3;\n }\n }\n\n .login-btn {\n padding: 13px 20px 12px;\n background-color: #000;\n border-radius: 4px;\n font-size: 17px;\n font-weight: bold;\n line-height: 20px;\n color: #fff;\n margin-bottom: 24px;\n\n &:hover {\n border: 1px solid #000;\n background-color: transparent;\n color: #000;\n }\n }\n\n .forgot-password-link {\n font-size: 14px;\n color: #919aa3;\n margin-bottom: 12px;\n }\n\n &-footer-text {\n font-size: 16px;\n color: #0d2366;\n margin-bottom: 60px;\n\n @media (max-width: 767px) {\n margin-bottom: 24px;\n }\n }\n\n &-footer-nav {\n a {\n font-size: 14px;\n color: #919aa3;\n }\n }\n}\n"]}

1
public/img/403.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB

BIN
public/img/authbg.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 623 KiB

1
public/img/editor.svg
View File

@ -1 +0,0 @@
<svg id="a5860ba0-ef67-4914-ac96-07e2ebcccb4f" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" width="1095.74023" height="664.03433" viewBox="0 0 1095.74023 664.03433"><title>abstract</title><rect x="701" y="661" width="394.74023" height="2" fill="#3f3d56"/><polygon points="474 429 474 216 718 216 718 0 0 0 0 643 718 643 718 429 474 429" fill="#3f3d56"/><polygon points="718 216 718 0 469 0 469 213 249 213 249 0 0 0 0 216 225 216 225 429 0 429 0 643 476 643 476 429 474 429 474 216 718 216" opacity="0.1"/><path d="M224.12988,117.98284a172.00382,172.00382,0,0,1-172,172v-172Z" transform="translate(-52.12988 -117.98284)" fill="#6c63ff"/><path d="M132.12988,117.98284a80.00357,80.00357,0,0,1-80,80v44a124.00426,124.00426,0,0,0,124-124Z" transform="translate(-52.12988 -117.98284)" opacity="0.1"/><polygon points="718 60 718 29 553 29 553 0 517 0 517 29 517 60 517 84 517 115 553 115 718 115 718 84 553 84 553 60 718 60" fill="#d0cde1"/><path d="M481.12988,448.98284a81,81,0,1,0-92,80.23639V642.98284H256.36627a81,81,0,1,0,0,22H389.12988v48h22v-48h45v-22h-45V529.21923A81.00034,81.00034,0,0,0,481.12988,448.98284Z" transform="translate(-52.12988 -117.98284)" fill="#d0cde1"/><polygon points="626.5 445.263 662.508 507.631 698.517 570 626.5 570 554.483 570 590.492 507.631 626.5 445.263" fill="#d0cde1"/><polygon points="610.5 578 538.483 578 574.492 515.631 574.742 515.198 561.5 492.263 525.492 554.631 489.483 617 561.5 617 633.517 617 611 578 610.5 578" fill="#6c63ff"/><polygon points="159 345 159 291 186 291 186 259 52 259 52 393 186 393 186 345 159 345" fill="#d0cde1"/><rect x="89" y="234" width="50" height="50" fill="#6c63ff"/><path d="M989.162,357.83165,972.618,401.5551l-59.664,20.935s-36-4-36,16c0,14.18058,43,2,43,2l78.66169-23.57271,24.816-61.44917Z" transform="translate(-52.12988 -117.98284)" fill="#ffb8b8"/><rect x="635" y="228" width="234" height="202" fill="#6c63ff"/><polygon points="747.5 289.263 783.508 351.631 819.517 414 747.5 414 675.483 414 711.492 351.631 747.5 289.263" fill="#3f3d56"/><polygon points="747.331 334.415 763.665 362.708 780 391 747.331 391 714.661 391 730.996 362.708 747.331 334.415" fill="#d0cde1"/><polygon points="747.331 242.415 763.665 270.708 780 299 747.331 299 714.661 299 730.996 270.708 747.331 242.415" fill="#d0cde1"/><path d="M1024.15387,329.42035s-16.544-2.36343-24.816,28.36116-10.63544,33.088-10.63544,33.088,48.45031,7.09029,49.632,4.72686S1048.96988,336.51064,1024.15387,329.42035Z" transform="translate(-52.12988 -117.98284)" fill="#2f2e41"/><circle cx="962.57027" cy="167.71406" r="31.9063" fill="#ffb8b8"/><path d="M1000.51957,311.69463s10.63544,27.17944,7.09029,30.72459,43.72345,8.272,43.72345,8.272,3.54515-17.72572-10.63543-28.36116c0,0-5.90858-17.72572-4.72686-21.27087S1000.51957,311.69463,1000.51957,311.69463Z" transform="translate(-52.12988 -117.98284)" fill="#ffb8b8"/><path d="M1028.88073,323.51178a85.216,85.216,0,0,0-31.9063,21.27087c-14.18058,15.36229-21.27087,20.08915-21.27087,20.08915s-16.544,5.90857-10.63544,34.26973c2.95429,14.18058.88629,30.13373-1.92028,42.54174a265.8223,265.8223,0,0,0-6.35172,58.65559v12.2473s-108.71777,228.071-72.08461,243.43328,69.72118,20.08915,72.08461,16.544,44.90517-187.89267,44.90517-187.89267,11.81715,197.34639,41.36,197.34639,77.99318-8.272,77.99318-8.272l-60.26746-236.343s14.18058-40.17831-21.27087-68.53947l-4.72686-12.99886c19.60447.01,28.56614-124.06968,8.272-134.7155C1043.06131,321.14835,1038.33445,317.6032,1028.88073,323.51178Z" transform="translate(-52.12988 -117.98284)" fill="#2f2e41"/><path d="M999.33786,387.32438l-16.544,43.72345-59.664,20.935s-36-4-36,16c0,14.18058,43,2,43,2l78.6617-23.57271,24.816-61.44918Z" transform="translate(-52.12988 -117.98284)" fill="#ffb8b8"/><ellipse cx="868.62393" cy="652.21718" rx="20.68001" ry="11.81715" fill="#2f2e41"/><ellipse cx="1026.97373" cy="652.21718" rx="20.68001" ry="11.81715" fill="#2f2e41"/><path d="M1027.01734,240.95422h-.00012a25.34145,25.34145,0,0,0-4.89258.48651,21.44172,21.44172,0,0,0-9.34021-2.15271h-.84777c-16.34473,0-29.59461,14.7901-29.59461,33.03461v.00006h5.47669l.88452-6.73224L990,272.32269h4.56226a64.57589,64.57589,0,0,0-2.119,16.55036v33.62384h8.28027l4.79395-12.45795-1.19849,12.45795h53.22314l4.35816-11.32538-1.0896,11.32538h5.99243V296.09613C1066.80311,265.64215,1048.99037,240.95422,1027.01734,240.95422Z" transform="translate(-52.12988 -117.98284)" fill="#2f2e41"/></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 4.3 KiB

BIN
public/img/login.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 436 KiB

1
public/img/preview.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

Before

Width:  |  Height:  |  Size: 7.3 KiB

1
public/js/formbuilder.js vendored
View File

@ -1,4 +1,3 @@
// TODO: Add cleaner and less verbose solution found in formeditor.js
$(document).ready(function() {
$("#add").click(function() {
var lastField = $("#buildyourform div:last");

19
public/js/formeditor.js vendored
View File

@ -1,19 +0,0 @@
// reminder: use vuejs instead, this is still an ugly and cheap solution
$(document).ready(function(){
var fieldID = 0;
var wrapper = $('.field-container');
var newBtn = $('#add');
$(newBtn).click(function(e){
e.preventDefault()
fieldID++;
$(wrapper).append('<div id=group' + fieldID + '><input type="text" name="newFieldID' + fieldID + '[]" class="form-control" />');
$(wrapper).append('<select name="newFieldID' + fieldID + '[]" class="custom-select"> <option value="nil" disabled>Choose a type</option> <option value="textbox">Textbox</option> <option value="textarea">Multi line answer</option> <option value="checkbox">Checkbox</option> </select>');
//$(wrapper).append('<button type="button" class="btn btn-danger btn-sm float-right delete"><i class="fas fa-minus"></i></button></div>');
});
});

25
resources/js/app.js vendored
View File

@ -43,3 +43,28 @@ $("#comment").keyup(function(){
$("#submitComment").on('click', function(){
$("#newComment").submit();
});
window.Vue = require('vue');
/**
* The following block of code may be used to automatically register your
* Vue components. It will recursively scan this directory for the Vue
* components and automatically register them with their "basename".
*
* Eg. ./components/ExampleComponent.vue -> <example-component></example-component>
*/
// const files = require.context('./', true, /\.vue$/i)
// files.keys().map(key => Vue.component(key.split('/').pop().split('.')[0], files(key).default))
Vue.component('example-component', require('./components/ExampleComponent.vue').default);
/**
* Next, we will create a fresh Vue application instance and attach it to
* the page. Then, you may begin adding components to this application
* or customize the JavaScript scaffolding to fit your unique needs.
*/
const app = new Vue({
el: '#app',
});

612
resources/lang/en/messages.php
View File

@ -1,612 +0,0 @@
<?php
/*
* -- Information for translators | READ BEFORE TRANSLATING ANYTHING ---
* In this file, only translate messages to the right, in this fashion:
* 'something' => 'translate-me'
* Also, don't translate, change, or move placeholders (:this-is-a-placeholder) starting with a colon.
* Try to keep the message as close to the original in meaning as possible. These simple rules also apply to other files you're translating, such as:
* auth.php, pagination.php, passwords.php, and validation.php.
* It is VERY important that you "escape" single quotes with a backslash if they're present in your language, like this: I\'m an escaped quote
*
* Additionally, don't change anything in square or curly brackets, and don't remove pipe (|) characters.
* If you see two messages separated by pipe, then usually the left side is singular and the right side is plural, so translate accordingly.
*
* Thank you for translating!
*/
return [
// ============== MENU TRANSLATIONS ======================
'menu' => [
'my_apps' => 'My Applications',
'current_apps' => 'Current Applications',
'profile_settings' => 'Profile Settings',
'hiring_man' => 'Hiring Management',
'all_forms' => 'All Forms',
'app_settings' => 'App Settings',
'global_app_settings' => 'Global App Settings',
'system_logs' => 'System Logs'
],
// ============== REUSABLE, GENERIC STRINGS ===============
'reusable' => [
'created_at' => 'Created at',
'updated_at' => 'Updated at',
'actions' => 'Actions',
'delete' => 'Delete',
'status' => 'Status',
'view' => 'View',
'view_c' => 'View Details',
'no_access' => 'Application Access Denied',
'validation_err' => 'Validation error!',
'description' => 'Description',
'join_date' => 'Join Date',
'my_acc' => 'My Account',
'confirm' => 'Please Confirm',
'confirm_plain' => 'Confirm',
'confirm_click' => 'Click to Confirm',
'date' => 'Date',
'datetime' => 'Time & Date',
'location' => 'Location',
'none_yet' => 'None yet',
'reason' => 'Reason',
'days' => 'Days',
'weeks' => 'Weeks',
'months' => 'Months',
'years' => 'Years',
'yes' => 'Yes',
'no' => 'No',
'roles' => 'Roles',
'member_since' => 'Member since :date',
'lookup' => 'Lookup :ipAddress',
'abt' => 'About',
'acc' => 'Account',
'settings' => 'Settings',
'profile' => 'My Profile',
'code' => 'code',
'here' => 'here',
'auth_req' => 'Please authenticate',
'eligible' => 'Eligible',
'ineligible' => 'Ineligible',
'schedule' => 'Schedule',
'schedule_action' => 'Schedule an Appointment',
'platform' => 'Platform',
'notepad' => 'Shared Notepad', // Context: The shared notepad that appears when votes are needed,
'appointment_info' => 'Appointment Information',
'ip_info' => 'IP Address Information for'
],
// ============== HOMEPAGE MESSAGES ======================
'home' => 'Home',
'homepagetxt' => 'Homepage',
'login' => 'Sign in',
'logout' => 'Sign out',
'register' => 'Sign up',
'dashboard' => 'Dashboard',
'back' => 'Go back',
'homepage_welcome' => 'Welcome to our team management center!',
'homepage_explainer_line1' => 'Here, you can apply for open staff member positions, view your application status, and manage your profile.',
'homepage_explainer_line2' => 'Sign up with Email to continue.',
'footer_copy' => 'All rights reserved',
'global_error' => 'An error occurred',
'global_success' => 'Success!',
'txt_learn_more' => 'Learn more',
'opening_nodetails' => 'There don\'t seem to be any details',
'opening_nodetails_exp' => 'This opening does not have any details yet.',
'details_m_title' => 'Opening details',
'open_positions' => 'Open Positions',
'last_updated' => 'Last updated',
'open_position_count' => '{1} There is :count open position!|[2,*] There are :count open positions!',
'ineligible_days_remaining' => 'Ineligible (:days) day(s) remaining',
'txt_apply' => 'Apply', // Context: Apply as in applying for a "job", e.g. registering for a job
'txt_application' => 'Application',
'application_closed' => 'Applications Closed',
'application_closed_intro' => 'Hello there!',
'application_closed_intro_line2' => '
We are currently not hiring any new staff members at the moment. If you\'d like to apply, check out our Discord\'s
announcement channel for news when a new position opens.
Our application cycle usually lasts two weeks, so if you\'re seeing this, it\'s because it finished, and new one will begin soon.
',
'where_work' => 'Where you\'ll work',
'join_team' => 'Join The Team',
'join_team_cta' => 'Join the team today and help out network grow and prosper!',
'contact_cta' => 'Any questions? Leave a message!',
'contact_disclaimer' => '*This is not an application form. Any applications sent here will be ignored.',
'contactlabel_name' => 'Name',
'contactlabel_email' => 'E-mail',
'contactlabel_subject' => 'Subject (ex. Site Suggestion)',
'contactlabel_send' => 'Send',
// ======================== AUTHENTICATION MESSAGES ===========================
'2fa_txt' => 'Two-Factor Authentication',
'2fa_sronly' => 'Two-factor secret code (You can find this on Google Authenticator)',
'2fa_lostcode' => 'Don\'t know the code?',
'2fa_cancel_login' => 'Cancel login (logout)',
'terms' => 'Terms of Use',
'ppolicy' => 'Privacy Policy',
'signin_cta' => 'Sign into your account',
'password' => 'Password',
'remember_me' => 'Remember me',
'forgot_pw' => 'Forgot password?',
'register_cta' => 'Register here',
'no_acc' => 'Don\'t have an account?',
'register_acc' => 'Register a new account',
'pwsec' => [
'line1' => 'Basic password security',
'line2' => 'For your security, we implement strict password policies. It\'s also advisable to let your password manager or browser generate and save passwords for you (if it\'s a private device).',
'line3' => 'Passwords must be a combination of: ',
'line4' => 'A minimum of 10 characters;',
'line5' => 'At least 3 uppercase characters;',
'line6' => 'At least 3 numbers;',
'line7' => 'Any number of special characters.'
],
'sronly_confirmpassword' => 'Confirm Password', // hint: sronly stands for screen-reader only
'sronly_mcusername' => 'Minecraft Username (Premium)',
'have_account' => 'Have an account with us?',
'login_here' => 'Login here',
'register_txt' => 'Register',
// ===================== DASHBOARD & COMPONENT MESSAGES ===========================
'modal_close' => 'Close',
'component_nopermission' => 'We\'re sorry, but you do not have permission to access this web page.',
'component_accessdenied' => 'Access Denied',
'component_contact' => 'Please contact your administrator if you believe this was in error.',
'welcome_back' => 'Welcome back,',
'eligible' => 'Eligible',
'ineligible' => 'Ineligible',
'eligibility_status' => 'Your current application eligibility status: :badgeStatus',
'ongoing_apps' => 'Ongoing apps',
'denied_apps' => 'Denied apps',
'users_staff' => 'Total Users + Staff',
'new_apps' => 'New applications',
'v_backlog' => 'Vote backlog',
'ranks' => 'Available ranks',
'open' => 'Open',
'closed' => 'Closed',
'upcoming' => 'Your upcoming interviews',
'soon' => 'Coming soon',
//=================== ADMINISTRATION MESSAGES (for all administration pages) ===============
'adm' => 'Administration',
'devtools' => 'Developer Tools',
'devtools_evn' => 'Event Management',
'devoptions' => 'Developer Options',
'forceeval' => 'Please choose an application to force re-evaluation',
'appid' => 'Application ID',
'no_valid_app' => 'There are no valid applications',
'choose_app' => 'Choose an application',
'dispatch_event' => 'Dispatch event now',
'devtools_warn' => 'Do not use these options if you don\'t know what you\'re doing, even if you have access to this page.',
'warn' => 'Warning',
'override_votes' => 'Override Vote Evaluation',
'artisan_evaluate' => 'Artisan: Evaluate Votes Now', // Tip: Artisan is a program name, therefore not translatable
'devtools_info' => 'This panel may be also used to completely override the vote system in stalemate scenarios',
'forms' => 'Forms',
'positions' => 'Positions', // Context: Positions as in job opening
'edit_form' => 'Edit Form',
'edt' => 'Editor',
'edit' => 'Edit',
'edt_action' => 'Editing',
'txtbox' => 'Textbox',
'multiline' => 'Multi line answer',
'checkbox' => 'Checkbox',
'field_type' => 'Choose a field type',
'save_exit' => 'Save & Quit',
'new_field' => 'New field',
'vacancy_edit' => 'Vacancy Editor',
'new_vacancy' => 'New Vacancy',
'form_consistency' => 'For consistency purposes, grayed out fields can\'t be edited.',
'vacancy' => [
'add' => 'Add vacancy',
'name' => 'Vacancy Name',
'description' => 'Vacancy Description',
'details' => 'Vacancy Details',
'markdown' => 'Markdown Supported',
'no_details' => 'No details yet... Add some!',
'permission_group' => 'Permission Group',
'permission_group_tooltip' => 'The permission group from your server/network\'s permissions manager. Compatible with Luckperms and PEX.',
'discord_roleid' => 'Discord Role ID',
'discord_roleid_tooltip' => 'Discord Desktop: Go to your Account Settings > Appearance -> Advanced and toggle Developer Mode. On your server\'s roles tab, right click any role to copy it\'s ID.',
'current_form' => 'Current Form (uneditable)',
'remaining_slots' => 'Remaining slots',
'free_slots' => 'Free slots',
'free_slots_tooltip' => 'How many submissions before the vacancy stops accepting new applicants?',
'save' => 'Save Changes',
'cancel' => 'Cancel',
'close_vacancy' => 'Close Position',
'description_tooltip' => 'Add things like admission requirements, rank resposibilities and roles, and anything else you feel is necessary',
''
],
'form' => 'Form',
'form_builder' => [
'builder' => 'Form Builder',
'builder_name' => 'Application Form Management Tool',
'name_form' => 'Name your form...',
'save_form' => 'Save Form',
],
'form_preview' => [
'preview' => 'Preview',
'title' => 'Application Form Preview',
'looks' => 'This is how your form looks like to applicants',
'f_info' => 'You may edit it and add more fields later.',
''
],
'forms_p' => [
'available_forms' => 'Available forms',
'form_title' => 'Form title',
'empty_noforms' => 'Nothing to see here! Please add some forms first.',
'new_form' => 'NEW FORM'
],
'players' => [
'reg_players' => 'Registered Players',
'reg_players_staff' => 'See Registered Players (Applicant Pool)',
'total_banned' => 'Total Banned Players',
'search' => 'Search players',
'f_p_search' => 'Full/partial email search',
'p_disclaimer' => 'Please note: This list only includes players registered in the team management portal. In a future release, all network players will be shown here.',
'listing' => 'Player Listing',
'reg_date' => 'Registration Date',
'ign' => 'IGN', // Context: Short for In-Game Name
'banned' => 'Banned',
'active' => 'Active',
'no_reg' => 'There are no registered players!',
'no_reg_exp' => "
Registered players are those without a staff role in the team management application.
There may be other users registered in the platform, but they won't be displayed here.
",
'see_staff' => 'See Staff Members'
],
'positions_p' => [
'application_form' => 'Application Form',
'select_form' => 'Select a form...',
'no_form_error' => "
You cannot create a vacancy without any forms with which people would apply.
create a form first, then, create a vacancy.
A single form is allowed to have multiple vacancies, so you can attach future vacancies to the same form if you'd like.
",
'new_pos' => 'NEW POSITION',
'empty_pos_warning' => 'Nothing to see here! Open some vacancies first. This will get applicants pouring in! (hopefully)',
'manage_forms' => 'MANAGE APPLICATION FORMS',
],
'settings' => [
'settings' => 'Settings',
'settings_header' => 'Notification Settings',
'settings_p' => 'Change which notifications are sent here.',
'back_btn' => 'Back to Dashboard'
],
'staff' => [
'members' => 'Staff Members',
'active_sm' => 'Active Staff Members',
'm_listing' => 'Member Listing',
'f_name' => 'Full Name',
'rank' => 'Rank',
],
// ======================== APPLICATION RENDERING MESSAGES =========================
'application_r' => [
'appl_submit_warn' => 'Are you sure you want to submit your application? Please review each of your answers carefully before doing so.',
'appl_submit_doublewarn' => 'Please note: Applications CANNOT be modified once they\'re submitted!',
'acceptsend' => 'Accept & Send',
'review' => 'Review',
'applying_for' => 'You are applying for: :name',
'welcome' => [
'yrs_old' => 'Years old', // Context: "years old" as in: Tom is 24 years old
'line1' => 'We\'re glad you\'ve decided to apply. Generally, applications take 48 hours to be processed and reviewed. Depending on the circumstances and the volume of applications, you may receive an answer in a shorter time.',
'line2' => 'Please fill out the form below. Keep all answers concise and complete. Please keep in mind that the age requirement is at least :agerqr.',
'line3' => 'Asking about your application will result in instant denial. Everything you need to know is here.'
],
'app_timeout' => 'Your account is not permitted to submit another application. Please wait :days more days before trying to submit an application.'
],
'application_m' => [
'title' => 'Application Management',
'all_apps' => 'All Applications',
'modal_confirm' => 'Are you sure?',
'really_delete' => 'Really delete this?',
'outstanding_sm' => 'Outstanding',
'outstanding_apps' => 'Outstanding Applications',
'outstanding_subm' => 'Outstanding (Submitted)',
'interview_q' => 'Interview Queue',
'interview_p' => 'Interview',
'interview_s' => 'Interview Scheduled',
'finished_int' => 'Finished Interviews',
'schedule_int' => 'Schedule Interviews',
'p_review' => 'Peer Review',
'applicant' => 'Applicant',
'interviewee' => 'Interviewee',
'pending_int' => 'Pending Interview',
'schedule' => 'Schedule',
'view_interview_queue' => 'View Interview Queue',
'view_approval_queue' => 'View Approval Queue',
'view_outstanding_queue' => 'View Outstanding Queue',
'approved' => 'Approved',
'denied' => 'Denied',
'unknown_stat' => 'Unknown',
'consequence_irreversible' => 'IRREVERSIBLE',
'delete_action_warning' => 'This action is :consequence.',
'delete_explainer' => 'Comments, appointments and any votes attached to this application WILL be deleted too. Please make sure this application really needs to be deleted.',
'all_apps_header' => 'You\'re looking at all applications ever received',
'all_apps_exp' => 'Here, you have quick and easy access to all applications ever received by the system.',
'no_apps' => 'There are no applications here',
'no_apps_exp' => 'We couldn\'t find any applications. Maybe no one has applied yet? Please try again later.',
'int_applications' => 'Applications',
'no_apps_pending_int' => 'No Applications Pending Interview',
'no_apps_pending_int_exp' => 'There are no applications that have been moved up to the Interview stage. Please check the outstanding queue.There are no applications that have been moved up to the Interview stage. Please check the outstanding queue.',
'upcoming_int' => 'My Upcoming Interviews',
'pending_schedule' => 'Pending Schedule',
'no_upcoming' => 'There are no upcoming interviews',
'no_upcoming_exp' => 'Please check other queues down in the application process. Applicants here may have already been interviewed.',
'no_outstanding' => 'Seeing no applications? Check with an Administrator to make sure that there are available open positions.',
'no_outstanding_exp' => 'Advertising on relevant forums made for this purpose is also a good idea.',
'applicant_name' => 'Applicant Name',
'application_date' => 'Application Date',
'no_pending' => 'There are no pending applications',
'no_pending_exp' => 'It seems like no one new has applied yet. Checkout the interview and approval queues for applications that might have moved up the ladder by now.',
'voting_reminder' => [
'title' => 'Voting Reminder',
'line1' => 'Applications which gain more than 50% of positive votes are automatically approved after one day.',
'line2' => 'Conversely, applications that do not reach this number are automatically denied.',
'line3' => 'Please note that the vote system can be overridden'
],
'no_pending_review' => 'There are no applications pending review',
'no_pending_review_exp' => 'Check the other queues for any applications! Applications will be shown here as soon as their interview is completed. You\'ll be able to view meeting notes and vote based on your observations.',
],
// ============= PROFILE & USER MESSAGES ===============
'profile' => [
'title' => ':name\'s profile',
'profile' => 'Profile',
'users' => 'Users',
'account_banned' => 'Account banned',
'account_banned_exp' => 'This user has been banned by the moderators.',
'ban_confirm' => 'Please confirm that you want to ban this user account. You\'ll need to add a reason and expiration date to confirm this. Bans don\'t transfer to connected Minecraft networks (yet).',
'leave_empty' => 'Leave empty for a permanent ban',
'duration' => 'Duration',
'p_duration' => 'Punishment duration',
'p_duration_exp' => 'e.g. Spamming',
'ban' => 'Ban',
'terminate_notice' => 'You are about to terminate a staff member',
'terminate_notice_warning' => 'Terminating a staff member will remove their privileges on the team management site and Network.
They will be notified of their termination. Make sure to have discussed this with them first.',
'terminate_notice_consequence' => 'THIS PROCESS IS IRREVERSIBLE AND IMMEDIATE',
'terminate_txt' => 'Terminate Staff Member',
'delete_acc_warn' => 'WARNING: This is a potentially destructive action!',
'delete_acc_consequence' => 'Deleting a user\'s account is an irreversible process. Historic and current applications, votes, and profile content, as well as any personally identifiable information will be immediately erased.',
'type_to_confirm' => 'Type to confirm:',
'type_placeholder' => 'Please type the above',
'delete_acc' => 'Delete Account',
'edit_acc' => 'Edit Account',
'ban_acc' => 'Ban Account',
'unban_acc' => 'Unban Account',
'search_result' => 'Search results',
'origin_cc' => 'Origin country',
'state_prov' => 'State/Province',
'district' => 'District (if any)',
'city' => 'City',
'zipcode' => 'Zipcode',
'coords' => 'Coordinates',
'european' => 'European?',
'isp' => 'ISP', // Internet service provider
'org' => 'Organization (if any)',
'ctype' => 'C. Type', // Internet Connection type
'timezone' => 'Timezone',
'noresults' => 'This query returned no results.',
'edituser' => 'Edit PII and Roles', // PII: Personally identifiable information
'edituser_consequence' => 'Warning! This is a sensitive setting! Changing this could have unintended consequences!',
'acc_management' => 'Account Management (Admin)',
'discord_tag' => 'User\'s Discord Tag: :discordTag',
'account_settings' => 'Account Settings',
'account_settings_personal' => 'My Account Settings',
'2fa_welcome' => 'We\'re glad you decided to increase your account\'s security!',
'supported_apps' => 'Supported apps you can install: ',
'scan_code' => 'Scan the :scannable code with your preferred app, and then copy the code here.',
'otp' => 'One-time code',
'2fa_enable' => 'Enable 2FA',
'2fa_remove_consequence' => 'Removing two-factor authentication will reduce the security of your account.',
'2fa_password_confirm' => 'Confirm your password to continue',
'2fa_password_confirm_exp' => 'To prevent unauthorized changes, a password is always required for sensitive operations.',
'2fa_disable_consent' => '"I understand the possible consequences of disabling two factor authentication"',
'2fa_remove' => 'Remove 2FA',
'2fa_remove_extended' => 'Remove Two-Factor Authentication',
'2fa_send_code' => 'Send 2FA Code',
'2fa_send_code_s' => '2FA Code (ex. 41351)',
'security_lgotherdev' => 'For your security, you\'ll need to re-enter your password before logging out other devices. If you believe your account has been compromised, please change your password instead, as that will automatically log out anyone else who might using your account, and prevent them from signing back in.',
'password_reenter' => 'Re-enter your password',
'acc_security' => 'Account Security',
'2fa' => 'Two Factor Authentication',
'sessions' => 'Sessions',
'contact_settings' => 'Contact Settings (E-Mail)',
'change_password' => 'Change Password',
'change_password_exp' => 'Change your password here. This will log you out from all existing sessions for your security.',
'old_pass' => 'Old Password',
'forgot_pw' => 'Forgot your password? Reset it :link',
'new_pw' => 'New Password',
'2fa_enable_success' => 'Hooray! 2FA is setup correctly for your account. A code will be asked each time you login.',
'2fa_avail' => 'Two-factor auth is available for your account.',
'2fa_avail_exp' => ' Enabling this security option greatly increases your account\'s security in case your password ever gets stolen.',
'session_manager' => 'Session Manager',
'terminate_others' => 'Terminating other sessions is generally a good idea if your account has been compromised.',
'current_session' => 'Your current session: logged in from :ipAddress',
'flush_session' => 'Flush sessions',
'personal_data_change' => 'Need to change personal data? You can do so here.',
'current_email' => 'Current Email Address',
'new_email' => 'New Email Address',
'current_password' => 'Current Password',
'security_nochangepw' => 'For security reasons, you cannot make important account changes without confirming your password. You\'ll also need to verify your new email.',
'change_email' => 'Change Email Address',
'basic_info' => 'Basic Information',
'fl_name' => 'First / Last Name',
'shortbio' => 'Short Bio',
'about_me' => 'About Me',
'pref_media' => 'Preferences & Media',
'avatar_source' => 'Retrieve avatar from: ',
'social_media' => 'Social Media',
'github_user' => 'Github Username',
'twitter_user' => 'Twitter Username',
'insta_user' => 'Instagram Username',
'discord_user' => 'Discord Handle',
'update_prfl' => 'Update Profile'
],
// ==================== USER ACCOUNT MESSAGES (NON-PRIVILEGED) =====================
'user' => [
'app_process' => [
'title' => 'Application Process',
'line1' => 'Please allow up to three days for your application to be processed. Your application will be reviewed by every team member, and will move up in stages.',
'line2' => 'If an interview is scheduled, you\'ll need to open your application here and confirm the time, date, and location assigned for you.'
],
'account_standing' => 'Account Standing',
'account_eligibility' => 'Your account is currently :eligibility for application',
'days_remaining_acc_alt' => 'As of today, there are :days remaining until you\'re permitted to submit another application.',
'my_ongoingapps' => 'My Ongoing Applications',
'submitted' => 'Submitted',
'peer_approval' => 'Peer Approval',
'peer_approval_q' => 'Peer Approval Queue',
'nothing_to_show' => 'Nothing to show',
'nothing_to_show_exp' => 'You currently have no applications to display. If you\'re eligible, you may apply once every month.',
'directory' => [
'itsyou' => 'It\'s you!',
'title' => 'User Directory',
'directory' => 'Directory'
]
],
'view_app' => [
'title' => 'Viewing application',
'viewing_app' => 'Viewing :user\'s application',
'cantvote' => 'You cannot vote on this application anymore.',
'no_notes' => 'There are no notes yet. Add some!',
'deny_confirm' => 'Are you sure you want to deny this application? Please keep in mind that this user will only be allowed to apply 30 days after their first application.',
'deny_confirm_consequence' => 'This action cannot be undone.',
'deny_confirm_btn' => 'Confirm: Deny Applicant',
'form_updated_alert' => 'If this form has been updated, new fields and updated questions will not show up here!',
'context_info' => 'Contextual Information',
'appl_ip' => 'Applicant IP Address',
'appl_for' => 'Applying for',
'currentstatus' => 'Current Status',
'decisionmod' => 'Decision & Moderation Tools',
'denyapp' => 'Deny applicant',
'nextstage' => 'Move to next stage',
'appointment_desc' => 'Appointment description',
'int_date_time' => 'Interview Date & Time',
'choosedate' => 'Click to choose a date',
'appointment_loc' => 'Appointment Location',
'pref_platform' => 'Select your preferred platform',
'coming_soon_int' => 'Embedded in-house video conferencing coming soon, powered by Jitsi Meet',
'scheduled_for' => 'Interview Scheduled for:',
'platform' => 'Platform',
'finish_meeting' => 'Finish Meeting',
'view_notes' => 'View Meeting Notes',
'vote_app' => 'Vote on this application',
'vote_explainer' => [
'line1' => 'If you weren\'t present during this meeting, you can view the shared meeting notepad to help you make a decision.',
'line2' => 'You may vote on as many applications as needed; However, you can only vote once per application.',
'line3' => 'Votes carry no weight based on rank. This system has been designed with fairness and ease of use in mind.'
],
'vote_approve' => 'Vote: Approve Applicant',
'vote_deny' => 'Vote: Deny Applicant',
'm_notes' => 'Meeting notes',
'view_more' => 'View more Applications',
'comments' => 'Comments',
'no_comments' => 'There are no comments here.',
'no_comments_exp' => 'There are no comments here! Comments are only visible to staff members. Be the first to share your input! Commenting may help with decision-making when time comes to vote for an application.',
'commenting_as' => 'Commenting as :username',
'max_chars' => 'max characters', // Context: A number is added before max characters
'post' => 'Post', // Context: Post as in post comment
]
// ==================== END OF MAIN I18N FILE ======================
];

Some files were not shown because too many files have changed in this diff Show More