Proximity/staffmanager
1
0
Fork 0
forked from miguel456/rbrecruiter
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: Proximity:master
Branches Tags
Proximity:master
Proximity:develop
Proximity:analysis-a2Jl7D
Proximity:analysis-aoLDWj
Proximity:feature/RSM-7-notification-channels
Proximity:l10n_translate
Proximity:translate
Proximity:l10n_master
miguel456:develop
miguel456:master
miguel456:l10n_translate
miguel456:translate
miguel456:l10n_master
Proximity:0.6.2
Proximity:0.6.1
Proximity:0.6.0
Proximity:0.5.2
Proximity:0.5.1
Proximity:0.5.0
Proximity:0.4.0
Proximity:0.3.0
Proximity:0.2.0
Proximity:0.1.0
miguel456:0.1.0
miguel456:0.2.0
miguel456:0.3.0
miguel456:0.4.0
miguel456:0.5.0
miguel456:0.5.1
miguel456:0.5.2
miguel456:0.6.0
miguel456:0.6.1
miguel456:0.6.2
miguel456:0.7.0
..
compare: Proximity:0.3.0
Branches Tags
Proximity:develop
Proximity:master
Proximity:analysis-a2Jl7D
Proximity:analysis-aoLDWj
Proximity:feature/RSM-7-notification-channels
Proximity:l10n_translate
Proximity:translate
Proximity:l10n_master
miguel456:develop
miguel456:master
miguel456:l10n_translate
miguel456:translate
miguel456:l10n_master
Proximity:0.6.2
Proximity:0.6.1
Proximity:0.6.0
Proximity:0.5.2
Proximity:0.5.1
Proximity:0.5.0
Proximity:0.4.0
Proximity:0.3.0
Proximity:0.2.0
Proximity:0.1.0
miguel456:0.1.0
miguel456:0.2.0
miguel456:0.3.0
miguel456:0.4.0
miguel456:0.5.0
miguel456:0.5.1
miguel456:0.5.2
miguel456:0.6.0
miguel456:0.6.1
miguel456:0.6.2
miguel456:0.7.0

No commits in common. "master" and "0.3.0" have entirely different histories.
master ... 0.3.0

187 changed files with 12902 additions and 19071 deletions
Show Stats Expand all files Collapse all files

12
.env.example
View File

@ -3,9 +3,6 @@ APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost
APP_LOGO="https://www.raspberrypi.org/app/uploads/2020/05/Raspberry-Pi-OS-downloads-image-150x150-1.png"
APP_SITEHOMEPAGE=""
# This can be your main homepage, other than this site itself
LOG_CHANNEL=stack
@ -21,6 +18,9 @@ RECAPTCHA_PRIVATE_KEY=
RECAPTCHA_VERIFY_URL="https://www.google.com/recaptcha/api/siteverify"
# WARNING: Your contact form will be useless if you change this value. Only change this URL if Google updates it.
IPGEO_API_KEY=""
IPGEO_API_URL=""
MOJANG_STATUS_URL="https://status.mojang.com/check"
MOJANG_API_URL="https://api.mojang.com"
@ -29,7 +29,7 @@ IPGEO_API_URL="https://api.ipgeolocation.io/ipgeo"
ARCANEDEV_LOGVIEWER_MIDDLEWARE=web,auth,can:admin.maintenance.logs.view
RELEASE=staffmanagement@0.6.1
RELEASE=staffmanagement@0.2.0
SLACK_INTEGRATION_WEBHOOK=
@ -65,8 +65,4 @@ PUSHER_APP_CLUSTER=mt1
MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
# Mostly for developers, but with Papertrail, you can easily see what the app's users are doing without relying on
# the internal log viewer.
SENTRY_LARAVEL_DSN=
PAPERTRAIL_URL=
PAPERTRAIL_PORT

1
.gitignore vendored
View File

@ -4,7 +4,6 @@
/public/storage
/storage/*.key
/vendor
/tools
.env
.env.backup
.phpunit.result.cache

2
.idea/hrm-mcserver.iml generated
View File

@ -39,9 +39,7 @@
<excludeFolder url="file://$MODULE_DIR$/vendor/laravel/ui" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/commonmark" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/flysystem" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/mime-type-detection" />
<excludeFolder url="file://$MODULE_DIR$/vendor/maximebf/debugbar" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mcamara/laravel-localization" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mockery/mockery" />
<excludeFolder url="file://$MODULE_DIR$/vendor/monolog/monolog" />
<excludeFolder url="file://$MODULE_DIR$/vendor/myclabs/deep-copy" />

14
.idea/php.xml generated
View File

@ -127,20 +127,6 @@
<path value="$PROJECT_DIR$/vendor/symfony/string" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-intl-grapheme" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-php80" />
<path value="$PROJECT_DIR$/vendor/bacon/bacon-qr-code" />
<path value="$PROJECT_DIR$/vendor/dasprid/enum" />
<path value="$PROJECT_DIR$/vendor/geo-sot/laravel-env-editor" />
<path value="$PROJECT_DIR$/vendor/laravel/slack-notification-channel" />
<path value="$PROJECT_DIR$/vendor/symfony/polyfill-php70" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa-laravel" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa" />
<path value="$PROJECT_DIR$/vendor/pragmarx/google2fa-qrcode" />
<path value="$PROJECT_DIR$/vendor/arcanedev/log-viewer" />
<path value="$PROJECT_DIR$/vendor/arcanedev/support" />
<path value="$PROJECT_DIR$/vendor/paragonie/constant_time_encoding" />
<path value="$PROJECT_DIR$/vendor/graham-campbell/markdown" />
<path value="$PROJECT_DIR$/vendor/league/mime-type-detection" />
<path value="$PROJECT_DIR$/vendor/mcamara/laravel-localization" />
</include_path>
</component>
<component name="PhpProjectSharedConfiguration" php_language_level="7.2" />

5
.phive/phars.xml
View File

@ -1,5 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<phive xmlns="https://phar.io/phive">
<phar name="phpunit" version="^9.2.5" installed="9.2.5" location="./tools/phpunit" copy="false"/>
<phar name="php-cs-fixer" version="^2.16.4" installed="2.16.4" location="./tools/php-cs-fixer" copy="false"/>
</phive>

76
CODE_OF_CONDUCT.md
View File

@ -1,76 +0,0 @@
# Contributor Covenant Code of Conduct
## Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, sex characteristics, gender identity and expression,
level of experience, education, socio-economic status, nationality, personal
appearance, race, religion, or sexual identity and orientation.
## Our Standards
Examples of behavior that contributes to creating a positive environment
include:
* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or
advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic
address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a
professional setting
## Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.
## Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an appointed
representative at an online or offline event. Representation of a project may be
further defined and clarified by project maintainers.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project team at support@spacejewel-hosting.com. All
complaints will be reviewed and investigated and will result in a response that
is deemed necessary and appropriate to the circumstances. The project team is
obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
[homepage]: https://www.contributor-covenant.org
For answers to common questions about this code of conduct, see
https://www.contributor-covenant.org/faq

29
CONTRIBUTING.md
View File

@ -1,29 +0,0 @@
# Thank you for contributing!
Read this file carefully before contributing to the project. It's important that everyone follows these rules to ensure smooth contribution.
## General workflow
Since the project is under version 1.0.0, the master branch can be quite unstable, and even unusable. For this reason, I recommend you stick to the published
releases, unless you intend on helping out with the project.
New features are commited directly to the ``master`` branch, while translations are commited to a special service branch, merged onto ``translate``, tested, and
merged back to master. Above version 1.0.0, new features should follow the same procedure as translations.
## Before commiting
Before commiting, make sure your code adheres to the Laravel coding guidelines, as well as PSR-4. I'll personally review and merge each PR.
Thank you for your interest!
# Bug reports
As always, bug reports should stick to the bug report template. GitHub makes this easy for you by letting you choose which issue template you'd like to use
before reporting an isuse. This helps everyone stay in the same page.
Issues published without a template might take longer to be resolved, or may be ignored and marked ``wontfix``.
# Licensing
Any contributions you make will be under the GNU GPL v3 license, which is the license that covers this project.

1
Procfile
View File

@ -1 +0,0 @@
web: vendor/bin/heroku-php-apache2 public/

17
README.md
View File

@ -1,11 +1,10 @@
# RB Recruiter v 0.6.2 [![Crowdin](https://badges.crowdin.net/raspberry-staff-manager/localized.svg)](https://crowdin.com/project/raspberry-staff-manager)
## The quick and pain-free form management solution for communities
# Raspberry Teams - The Simple Staff Application Manager v 0.1.0
## The quick and pain-free staff application manager (for Minecraft)
Have you ever gotten tired of managing your Minecraft server/network's applications through Discord (or anything else) and having to scroll through hundreds of new messages just to find that one applicant's username?
Wish you had a better application managemet strategy? Well, then Raspberry Teams is for you! It was originally designed and developed for internal use for a gameserver network, but sharing is caring!
Wish you had a better application managemet strategy? Well, then Raspberry Teams is for you! It was originally designed and developed for internal use, but sharing is caring! After noticing a worrying lack of "human resources" management systems on SpigotMC's resources section (There was only one outdated/unsupported project), I've decided to take it up into my own terms and start working on it.
# Features (not exhaustive)
@ -47,14 +46,6 @@ Tech stack:
- AdminLTE / Bootstrap 4
- jQuery / Plain Javascript
- vueJS (in the future)
# Stability
Currently, the ``master`` branch is highly unstable, since it's under active development. Expect it to break with each commit. Even though I make an effort to make sure each commit is good to go before pushing, things might still break unexpectedly, and you may find a lot of bugs (which you should report).
Every released version is currently pre-release. If you really want to run this before version ``1.0.0`` comes out, always stay on the latest version, as those will always be tested before release, ensuring less chaos.
*Note: This application is NOT production ready! It won't be until the first stable release comes out, which might take a bit longer.
# Operating System Requirements
@ -69,7 +60,7 @@ Tech stack:
- JSON
- Curl (highly recommended)
- Image Magick (imagick) for 2FA support
# Installation

19
SECURITY.md
View File

@ -1,19 +0,0 @@
# Security Policy
## Supported Versions
The following versions are currently supported:
| Version | Supported |
| ------- | ------------------ |
| 0.1.x | :x: |
| 0.5.x | :x: |
| 0.6.x | :white_check_mark: |
## Reporting a Vulnerability
To securely report a vulnerability, you may send me an email directly containing the details of said vulnerability: ``me@nogueira.codes``.
You may optionally encrypt your message with my [public PGP key](http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x48DF709E7405702B).
Use this free [online encryption tool](https://www.igolder.com/pgp/encryption/) if you don't know how to use PGP on your desktop.

10
app/Appointment.php
View File

@ -7,13 +7,11 @@ use Illuminate\Database\Eloquent\Model;
class Appointment extends Model
{
public $fillable = [
'appointmentDescription',
'appointmentDate',
'applicationID',
'appointmentDescription',
'appointmentDate',
'applicationID',
'appointmentStatus',
'appointmentLocation',
'meetingNotes',
'userAccepted'
'appointmentLocation'
];
public function application()

8
app/Ban.php
View File

@ -8,7 +8,7 @@ class Ban extends Model
{
public $fillable = [
'userID',
'reason',
'bannedUntil',
@ -16,11 +16,7 @@ class Ban extends Model
'authorUserID'
];
public $dates = [
'bannedUntil'
];
public function user()
{
return $this->belongsTo('App\User', 'userID', 'id');

6
app/Console/Commands/Install.php
View File

@ -99,16 +99,12 @@ class Install extends Command
$settings['MAIL_PASSWORD'] = $this->secret('SMTP Password (Input won\'t be seen)');
$settings['MAIL_PORT'] = $this->ask('SMTP Server Port');
$settings['MAIL_HOST'] = $this->ask('SMTP Server Hostname');
$settings['MAIL_FROM_ADDRESS'] = $this->ask('E-mail address to send from');
$this->info('== Notification Settings (5/6) (Slack) ==');
$settings['SLACK_INTEGRATION_WEBHOOK'] = $this->ask('Integration webhook URL');
$this->info('== Web Settings (6/6) ==');
$settings['APP_URL'] = $this->ask('Application\'s URL (ex. https://where.you.installed.theapp.com): ');
$settings['APP_LOGO'] = $this->ask('App logo (Link to an image): ');
$settings['APP_SITEHOMEPAGE'] = $this->ask('Site homepage (appears in the main header): ');
$settings['APP_URL'] = $this->ask('Application\'s URL');
} while(!$this->confirm('Are you sure you want to save these settings? You can always go back and try again.'));

5
app/CustomFacades/IP.php
View File

@ -16,6 +16,11 @@ class IP
public function lookup(string $IP): object
{
if (empty($IP))
{
throw new LogicException(__METHOD__ . 'is missing parameter IP!');
}
$params = [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP

14
app/Facades/ContextAwareValidation.php
View File

@ -1,14 +0,0 @@
<?php
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class ContextAwareValidation extends Facade
{
protected static function getFacadeAccessor()
{
return 'contextAwareValidator';
}
}

13
app/Facades/Options.php
View File

@ -1,13 +0,0 @@
<?php
namespace App\Facades;
use \Illuminate\Support\Facades\Facade;
class Options extends Facade
{
public static function getFacadeAccessor()
{
return 'smOptions';
}
}

2
app/Form.php
View File

@ -16,7 +16,7 @@ class Form extends Model
public function vacancies()
{
return $this->hasMany('App\Vacancy', 'vacancyFormID', 'id');
return $this->hasMany('vacancies', 'vacancyFormID', 'id');
}
public function responses()

138
app/Helpers/ContextAwareValidator.php
View File

@ -1,138 +0,0 @@
<?php
namespace App\Helpers;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Collection;
class ContextAwareValidator
{
/**
* The excludedNames array will make the validator ignore any of these names when including names into the rules.
* @var array
*/
private $excludedNames = [
'_token',
'_method',
'formName'
];
/**
* Utility wrapper for json_encode.
*
* @param array $value The array to be converted.
* @return string The JSON representation of $value
*/
private function encode(array $value) : string
{
return json_encode($value);
}
/**
* The getValidator() method will take an array of fields from the request body, iterates through them,
* and dynamically adds validation rules for them. Depending on parameters, it may or may not generate
* a form structure for rendering purposes.
*
* This method is mostly meant by internal use by means of static proxies (Facades), in order to reduce code repetition;
* Using it outside it's directed scope may cause unexpected results; For instance, the method expects inputs to be in array format, e.g. myFieldNameID1[],
* myFieldNameID2[], and so on and so forth.
*
* This isn't checked by the code yet, but if you're implementing it this way in the HTML markup, make sure it's consistent (e.g. use a loop).
*
* P.S This method automatically ignores the CSRF token for validation.
*
* @param array $fields The request form fields
* @param bool $generateStructure Whether to incldue a JSON-ready form structure for rendering
* @param bool $includeFormName Whether to include formName in the list of validation rules
* @return Validator|Collection A validator instance you can use to check for validity, or a Collection with a validator and structure (validator, structure)
*/
public function getValidator(array $fields, bool $generateStructure = false, bool $includeFormName = false)
{
$formStructure = [];
$validator = [];
if ($includeFormName)
{
$validator['formName'] = 'required|string|max:100';
}
foreach ($fields as $fieldName => $field)
{
if(!in_array($fieldName, $this->excludedNames))
{
$validator[$fieldName . ".0"] = 'required|string';
$validator[$fieldName . ".1"] = 'required|string';
if ($generateStructure)
{
$formStructure['fields'][$fieldName]['title'] = $field[0];
$formStructure['fields'][$fieldName]['type'] = $field[1];
}
}
}
$validatorInstance = Validator::make($fields, $validator);
return ($generateStructure) ?
collect([
'validator' => $validatorInstance,
'structure' => $this->encode($formStructure)
])
: $validatorInstance;
}
/**
* The getResponseValidator method is similar to the getValidator method; It basically takes
* an array of fields from a previous form (that probably went through the other method) and adds validation
* to the field names.
*
* Also generates the storable response structure if you tell it to.
*
* @param array $fields The received fields
* @param array $formStructure The form structure - You must supply this if you want the response structure
* @param bool $generateResponseStructure Whether to generate the response structure
* @return Validator|Collection A collection or a validator, depending on the args. Will return validatior if only fields are supplied.
*/
public function getResponseValidator(array $fields, array $formStructure = [], bool $generateResponseStructure = true)
{
$responseStructure = [];
$validator = [];
if (empty($formStructure) && $generateResponseStructure)
{
throw new \InvalidArgumentException('Illegal combination of arguments supplied! Please check the method\'s documentation.');
}
foreach($fields as $fieldName => $value)
{
if(!in_array($fieldName, $this->excludedNames))
{
$validator[$fieldName] = 'required|string';
if ($generateResponseStructure)
{
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
}
$validatorInstance = Validator::make($fields, $validator);
return ($generateResponseStructure) ?
collect([
'validator' => $validatorInstance,
'responseStructure' => $this->encode($responseStructure)
])
: $validatorInstance;
}
}

94
app/Helpers/Options.php
View File

@ -1,94 +0,0 @@
<?php
namespace App\Helpers;
use App\Options as Option;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Log;
class Options
{
public function getOption(string $option): string
{
$value = Cache::get($option);
if (is_null($value))
{
Log::debug('Option ' . $option . 'not found in cache, refreshing from database');
$value = Option::where('option_name', $option)->first();
if (is_null($value))
throw new \Exception('This option does not exist.');
Cache::put($option, $value);
Cache::put($option . '_desc', 'Undefined description');
}
return $value->option_value;
}
public function setOption(string $option, string $value, string $description)
{
Option::create([
'option_name' => $option,
'option_value' => $value,
'friendly_name' => $description
]);
Cache::put($option, $value, now()->addDay());
Cache::put($option . '_desc', $description, now()->addDay());
}
public function pullOption($option): array
{
$oldOption = Option::where('option_name', $option)->first();
Option::find($oldOption->id)->delete();
// putMany is overkill here
return [
Cache::pull($option),
Cache::pull($option . '_desc')
];
}
public function changeOption($option, $newValue)
{
$dbOption = Option::where('option_name', $option);
if ($dbOption->first())
{
$dbOptionInstance = Option::find($dbOption->first()->id);
Cache::forget($option);
Log::debug('Changing db configuration option', [
'old_value' => $dbOptionInstance->option_value,
'new_value' => $newValue
]);
$dbOptionInstance->option_value = $newValue;
$dbOptionInstance->save();
Log::debug('New db configuration option saved',
[
'option' => $dbOptionInstance->option_value
]);
Cache::put('option_name', $newValue, now()->addDay());
}
else
{
throw new \Exception('This option does not exist.');
}
}
public function optionExists(string $option): bool
{
$dbOption = Option::where('option_name', $option)->first();
$locallyCachedOption = Cache::get($option);
return !is_null($dbOption) || !is_null($locallyCachedOption);
}
}

82
app/Http/Controllers/ApplicationController.php
View File

@ -18,11 +18,8 @@ use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Log;
use ContextAwareValidator;
class ApplicationController extends Controller
{
private function canVote($votes)
{
$allvotes = collect([]);
@ -48,8 +45,11 @@ class ApplicationController extends Controller
}
public function showUserApp(Request $request, Application $application)
public function showUserApp(Request $request, $applicationID)
{
// TODO: Inject it instead (do this where there is no injection, not just here)
$application = Application::find($applicationID);
$this->authorize('view', $application);
if (!is_null($application))
@ -78,8 +78,6 @@ class ApplicationController extends Controller
public function showAllApps()
{
$this->authorize('viewAny', Application::class);
return view('dashboard.appmanagement.all')
->with('applications', Application::paginate(6));
}
@ -188,16 +186,36 @@ class ApplicationController extends Controller
Log::info('Processing new application!');
$formStructure = json_decode($vacancy->first()->forms->formStructure, true);
$responseValidation = ContextAwareValidator::getResponseValidator($request->all(), $formStructure);
$responseStructure = [];
$excludedNames = [
'_token',
];
$validator = [];
foreach($request->all() as $fieldName => $value)
{
if(!in_array($fieldName, $excludedNames))
{
$validator[$fieldName] = 'required|string';
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
Log::info('Built response & validator structure!');
if (!$responseValidation->get('validator')->fails())
$validation = Validator::make($request->all(), $validator);
if (!$validation->fails())
{
$response = Response::create([
'responseFormID' => $vacancy->first()->forms->id,
'associatedVacancyID' => $vacancy->first()->id, // Since a form can be used by multiple vacancies, we can only know which specific vacancy this response ties to by using a vacancy ID
'responseData' => $responseValidation->get('responseStructure')
'responseData' => json_encode($responseStructure)
]);
Log::info('Registered form response for user ' . Auth::user()->name . ' for vacancy ' . $vacancy->first()->vacancyName);
@ -231,41 +249,37 @@ class ApplicationController extends Controller
return redirect()->back();
}
public function updateApplicationStatus(Request $request, Application $application, $newStatus)
public function updateApplicationStatus(Request $request, $applicationID, $newStatus)
{
$application = Application::find($applicationID);
$this->authorize('update', Application::class);
switch ($newStatus)
if (!is_null($application))
{
case 'deny':
switch ($newStatus)
{
case 'deny':
event(new ApplicationDeniedEvent($application));
break;
event(new ApplicationDeniedEvent($application));
break;
case 'interview':
Log::info('User ' . Auth::user()->name . ' has moved application ID ' . $application->id . 'to interview stage');
$request->session()->flash('success', 'Application moved to interview stage! (:');
$application->setStatus('STAGE_INTERVIEW');
case 'interview':
Log::info('User ' . Auth::user()->name . ' has moved application ID ' . $application->id . 'to interview stage');
$request->session()->flash('success', 'Application moved to interview stage! (:');
$application->setStatus('STAGE_INTERVIEW');
$application->user->notify(new ApplicationMoved());
break;
$application->user->notify(new ApplicationMoved());
break;
default:
$request->session()->flash('error', 'There are no suitable statuses to update to. Do not mess with the URL.');
default:
$request->session()->flash('error', 'There are no suitable statuses to update to. Do not mess with the URL.');
}
}
else
{
$request->session()->flash('The application you\'re trying to update does not exist.');
}
return redirect()->back();
}
public function delete(Request $request, Application $application)
{
$this->authorize('delete', $application);
$application->delete(); // observers will run, cleaning it up
$request->session()->flash('success', 'Application deleted. Comments, appointments and responses have also been deleted.');
return redirect()->back();
}
}

78
app/Http/Controllers/AppointmentController.php
View File

@ -24,60 +24,84 @@ class AppointmentController extends Controller
];
public function saveAppointment(Request $request, Application $application)
public function saveAppointment(Request $request, $applicationID)
{
// Unrelated TODO: change if's in application page to a switch statement, & have the row encompass it
$this->authorize('create', Appointment::class);
$appointmentDate = Carbon::parse($request->appointmentDateTime);
$appointment = Appointment::create([
'appointmentDescription' => $request->appointmentDescription,
'appointmentDate' => $appointmentDate->toDateTimeString(),
'applicationID' => $application->id,
'appointmentLocation' => (in_array($request->appointmentLocation, $this->allowedPlatforms)) ? $request->appointmentLocation : 'DISCORD',
]);
$application->setStatus('STAGE_INTERVIEW_SCHEDULED');
$app = Application::find($applicationID);
if (!is_null($app))
{
// make sure this is a valid date by parsing it first
$appointmentDate = Carbon::parse($request->appointmentDateTime);
Log::info('User ' . Auth::user()->name . ' has scheduled an appointment with ' . $application->user->name . ' for application ID' . $application->id, [
'datetime' => $appointmentDate->toDateTimeString(),
'scheduled' => now()
]);
$appointment = Appointment::create([
'appointmentDescription' => $request->appointmentDescription,
'appointmentDate' => $appointmentDate->toDateTimeString(),
'applicationID' => $applicationID,
'appointmentLocation' => (in_array($request->appointmentLocation, $this->allowedPlatforms)) ? $request->appointmentLocation : 'DISCORD',
]);
$app->setStatus('STAGE_INTERVIEW_SCHEDULED');
$application->user->notify(new AppointmentScheduled($appointment));
$request->session()->flash('success', 'Appointment successfully scheduled @ ' . $appointmentDate->toDateTimeString());
Log::info('User ' . Auth::user()->name . ' has scheduled an appointment with ' . $app->user->name . ' for application ID' . $app->id, [
'datetime' => $appointmentDate->toDateTimeString(),
'scheduled' => now()
]);
$app->user->notify(new AppointmentScheduled($appointment));
$request->session()->flash('success', 'Appointment successfully scheduled @ ' . $appointmentDate->toDateTimeString());
}
else
{
$request->session()->flash('error', 'Cant\'t schedule an appointment for an application that doesn\'t exist.');
}
return redirect()->back();
}
public function updateAppointment(Request $request, Application $application, $status)
public function updateAppointment(Request $request, $applicationID, $status)
{
$this->authorize('update', $application->appointment);
$this->authorize('update', Appointment::class);
$application = Application::find($applicationID);
$validStatuses = [
'SCHEDULED',
'CONCLUDED'
];
// NOTE: This is a little confusing, refactor
$application->appointment->appointmentStatus = (in_array($status, $validStatuses)) ? strtoupper($status) : 'SCHEDULED';
$application->appointment->save();
$application->setStatus('STAGE_PEERAPPROVAL');
$application->user->notify(new ApplicationMoved());
if (!is_null($application))
{
// NOTE: This is a little confusing, refactor
$application->appointment->appointmentStatus = (in_array($status, $validStatuses)) ? strtoupper($status) : 'SCHEDULED';
$application->appointment->save();
$application->setStatus('STAGE_PEERAPPROVAL');
$application->user->notify(new ApplicationMoved());
$request->session()->flash('success', 'Interview finished! Staff members can now vote on it.');
}
else
{
$request->session()->flash('error', 'The application you\'re trying to update doesn\'t exist or have an appointment.');
}
$request->session()->flash('success', 'Interview finished! Staff members can now vote on it.');
return redirect()->back();
}
// also updates
public function saveNotes(SaveNotesRequest $request, Application $application)
public function saveNotes(SaveNotesRequest $request, $applicationID)
{
$application = Application::find($applicationID);
if (!is_null($application))
{
$application->load('appointment');
$application->appointment->meetingNotes = $request->noteText;
$application->appointment->save();
@ -85,7 +109,7 @@ class AppointmentController extends Controller
}
else
{
$request->session()->flash('error', 'There\'s no appointment to save notes to!');
$request->session()->flash('error', 'Sanity check failed: There\'s no appointment to save notes to!');
}
return redirect()->back();

6
app/Http/Controllers/Auth/LoginController.php
View File

@ -44,7 +44,7 @@ class LoginController extends Controller
// We can't customise the error message, since that would imply overriding the login method, which is large.
// Also, the user should never know that they're banned.
public function attemptLogin(Request $request)
public function attemptLogin(Request $request)
{
$user = User::where('email', $request->email)->first();
@ -60,9 +60,9 @@ class LoginController extends Controller
return $this->originalAttemptLogin($request);
}
}
return $this->originalAttemptLogin($request);
}

2
app/Http/Controllers/Auth/RegisterController.php
View File

@ -70,7 +70,7 @@ class RegisterController extends Controller
'uuid' => ['required', 'string', 'unique:users', 'min:32', 'max:32'],
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:10', 'confirmed', 'regex:/^.*(?=.{3,})(?=.*[a-zA-Z])(?=.*[0-9])(?=.*[\d\x])(?=.*[!$#%]).*$/'],
'password' => ['required', 'string', 'min:8', 'confirmed'],
], [
'uuid.required' => 'Please enter a valid (and Premium) Minecraft username! We do not support cracked users.'
]);

16
app/Http/Controllers/Auth/TwofaController.php
View File

@ -1,16 +0,0 @@
<?php
namespace App\Http\Controllers\Auth;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Traits\AuthenticatesTwoFactor;
class TwofaController extends Controller
{
use AuthenticatesTwoFactor;
protected $redirectTo = '/dashboard';
}

26
app/Http/Controllers/BanController.php
View File

@ -15,7 +15,11 @@ class BanController extends Controller
public function insert(BanUserRequest $request, User $user)
{
$this->authorize('create', [Ban::class, $user]);
if ($user->is(Auth::user()))
{
$request->session()->flash('error', 'You can\'t ban yourself!');
return redirect()->back();
}
if (is_null($user->bans))
{
@ -24,39 +28,35 @@ class BanController extends Controller
$duration = strtolower($request->durationOperator);
$durationOperand = $request->durationOperand;
$expiryDate = now();
if (!empty($duration))
{
$expiryDate = now();
switch($duration)
{
case 'days':
$expiryDate->addDays($durationOperand);
$expiryDate->addDays($duration);
break;
case 'weeks':
$expiryDate->addWeeks($durationOperand);
$expiryDate->addWeeks($duration);
break;
case 'months':
$expiryDate->addMonths($durationOperand);
$expiryDate->addMonths($duration);
break;
case 'years':
$expiryDate->addYears($durationOperand);
$expiryDate->addYears($duration);
break;
}
}
else
{
// Essentially permanent
$expiryDate->addYears(5);
}
$ban = Ban::create([
'userID' => $user->id,
'reason' => $reason,
'bannedUntil' => $expiryDate->format('Y-m-d H:i:s'),
'reason' => $request->reason,
'bannedUntil' => $expiryDate->toDateTimeString() ?? null,
'userAgent' => "Unknown",
'authorUserID' => Auth::user()->id
]);

10
app/Http/Controllers/CommentController.php
View File

@ -22,7 +22,7 @@ class CommentController extends Controller
public function insert(NewCommentRequest $request, Application $application)
{
$this->authorize('create', Comment::class);
$comment = Comment::create([
'authorID' => Auth::user()->id,
'applicationID' => $application->id,
@ -32,6 +32,14 @@ class CommentController extends Controller
if ($comment)
{
foreach (User::all() as $user)
{
if ($user->isStaffMember())
{
$user->notify(new NewComment($comment, $application));
}
}
$request->session()->flash('success', 'Comment posted! (:');
}
else

29
app/Http/Controllers/ContactController.php
View File

@ -4,23 +4,11 @@ namespace App\Http\Controllers;
use Illuminate\Http\Request;
use GuzzleHttp;
use App\Notifications\NewContact;
use Illuminate\Support\Facades\Http;
use App\User;
class ContactController extends Controller
{
protected $users;
public function __construct(User $users)
{
$this->users = $users;
}
public function create(Request $request)
{
$name = $request->name;
@ -30,14 +18,12 @@ class ContactController extends Controller
$challenge = $request->input('captcha');
// TODO: now: add middleware for this verification, move to invisible captcha
$verifyrequest = Http::asForm()->post(config('recaptcha.verify.apiurl'), [
'secret' => config('recaptcha.keys.secret'),
'response' => $challenge,
'remoteip' => $request->ip()
'remoteip' => $_SERVER['REMOTE_ADDR']
]);
$response = json_decode($verifyrequest->getBody(), true);
if (!$response['success'])
@ -46,18 +32,7 @@ class ContactController extends Controller
return redirect()->back();
}
foreach(User::all() as $user)
{
if ($user->hasRole('admin'))
{
$user->notify(new NewContact(collect([
'message' => $msg,
'ip' => $request->ip(),
'email' => $email
])));
}
}
// TODO: Send mail
$request->session()->flash('success', 'Message sent successfully! We usually respond within 48 hours.');
return redirect()->back();

14
app/Http/Controllers/DevToolsController.php
View File

@ -6,30 +6,16 @@ use App\Application;
use App\Events\ApplicationApprovedEvent;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class DevToolsController extends Controller
{
// The use case for Laravel's gate and/or validation Requests is so tiny here that a full-blown policy would be overkill.
protected function isolatedAuthorise()
{
if (!Auth::user()->can('admin.developertools.use'))
{
abort(403, 'You\'re not authorized to access this page.');
}
}
public function index()
{
$this->isolatedAuthorise();
return view('dashboard.administration.devtools')
->with('applications', Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get());
}
public function forceVoteCount(Request $request)
{
$this->isolatedAuthorise();
$application = Application::find($request->application);
if (!is_null($application))

109
app/Http/Controllers/FormController.php
View File

@ -7,8 +7,6 @@ use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Auth;
use ContextAwareValidator;
class FormController extends Controller
{
@ -31,17 +29,39 @@ class FormController extends Controller
{
$this->authorize('create', Form::class);
$fields = $request->all();
$contextValidation = ContextAwareValidator::getValidator($fields, true, true);
$formFields = $request->all();
if (!$contextValidation->get('validator')->fails())
$formStructure = [];
$excludedNames = [
'_token',
'formName' // It's added outside the loop. Not excluding causes unwanted duplication.
];
$validator = [
'formName' => 'required|string|max:100'
];
foreach ($formFields as $fieldName => $field)
{
$storableFormStructure = $contextValidation->get('structure');
if(!in_array($fieldName, $excludedNames))
{
$validator[$fieldName . ".0"] = 'required|string';
$validator[$fieldName . ".1"] = 'required|string';
$formStructure['fields'][$fieldName]['title'] = $field[0];
$formStructure['fields'][$fieldName]['type'] = $field[1];
}
}
$validation = Validator::make($formFields, $validator);
if (!$validation->fails())
{
$storableFormStructure = json_encode($formStructure);
Form::create(
[
'formName' => $fields['formName'],
'formName' => $formFields['formName'],
'formStructure' => $storableFormStructure,
'formStatus' => 'ACTIVE'
]
@ -51,81 +71,28 @@ class FormController extends Controller
return redirect()->to(route('showForms'));
}
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
$request->session()->flash('errors', $validation->errors()->getMessages());
return redirect()->back();
}
public function destroy(Request $request, Form $form)
public function destroy(Request $request, $id)
{
$form = Form::find($id);
$this->authorize('delete', $form);
$deletable = true;
if (!is_null($form) && !is_null($form->vacancies) && $form->vacancies->count() !== 0 || !is_null($form->responses))
// TODO: Check if form is linked to vacancies before allowing deletion
if (!is_null($form))
{
$deletable = false;
}
if ($deletable)
{
$form->delete();
$request->session()->flash('success', 'Form deleted successfully.');
}
else
{
$request->session()->flash('error', 'You cannot delete this form because it\'s tied to one or more applications and ranks, or because it doesn\'t exist.');
$form->delete();
$request->session()->flash('success', 'Form deleted successfully.');
return redirect()->back();
}
$request->session()->flash('error', 'The form you\'re trying to delete does not exist.');
return redirect()->back();
}
public function preview(Request $request, Form $form)
{
$this->authorize('viewAny', Form::class);
return view('dashboard.administration.formpreview')
->with('form', json_decode($form->formStructure, true))
->with('title', $form->formName)
->with('formID', $form->id);
}
public function edit(Request $request, Form $form)
{
$this->authorize('update', $form);
return view('dashboard.administration.editform')
->with('formStructure', json_decode($form->formStructure, true))
->with('title', $form->formName)
->with('formID', $form->id);
}
public function update(Request $request, Form $form)
{
$this->authorize('update', $form);
$contextValidation = ContextAwareValidator::getValidator($request->all(), true);
$this->authorize('update', $form);
if (!$contextValidation->get('validator')->fails())
{
// Add the new structure into the form. New, subsquent fields will be identified by the "new" prefix
// This prefix doesn't actually change the app's behavior when it receives applications.
// Additionally, old applications won't of course display new and updated fields, because we can't travel into the past and get data for them
$form->formStructure = $contextValidation->get('structure');
$form->save();
$request->session()->flash('success', 'Hooray! Your form was updated. New applications for it\'s vacancy will use it.');
}
else
{
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
}
return redirect()->to(route('previewForm', ['form' => $form->id]));
}
}

13
app/Http/Controllers/HomeController.php
View File

@ -15,12 +15,15 @@ class HomeController extends Controller
*/
public function index()
{
// TODO: Relationships for Applications, Users and Responses
// Also prevent apps if user already has one in the space of 30d
// Display apps in the relevant menus
$positions = DB::table('vacancies')
->where('vacancyStatus', 'OPEN')
->where('vacancyCount', '!=', 0)
->get();
$positions = Vacancy::where('vacancyStatus', 'OPEN')
->where('vacancyCount', '<>', 0)
->get();
return view('home')
->with('positions', $positions);
}

77
app/Http/Controllers/OptionsController.php
View File

@ -1,77 +0,0 @@
<?php
namespace App\Http\Controllers;
use App\Facades\Options;
use App\Options as Option;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class OptionsController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Http\Response|\Illuminate\View\View
*/
public function index()
{
// TODO: Obtain this from the facade
$options = Option::all();
return view('dashboard.administration.settings')
->with('options', $options);
}
public function saveSettings(Request $request)
{
if (Auth::user()->can('admin.settings.edit'))
{
Log::debug('Updating application options', [
'ip' => $request->ip(),
'ua' => $request->userAgent(),
'username' => Auth::user()->username
]);
foreach($request->all() as $optionName => $option)
{
try
{
Log::debug('Going through option ' . $optionName);
if (Options::optionExists($optionName))
{
Log::debug('Option exists, updating to new values', [
'opt' => $optionName,
'new_value' => $option
]);
Options::changeOption($optionName, $option);
}
}
catch(\Exception $ex)
{
Log::error('Unable to update options!', [
'msg' => $ex->getMessage(),
'trace' => $ex->getTraceAsString()
]);
report($ex);
$errorCond = true;
$request->session()->flash('error', 'An error occurred while trying to save settings: ' . $ex->getMessage());
}
}
if (!isset($errorCond))
{
$request->session()->flash('success', 'Settings saved successfully!');
}
}
else
{
$request->session()->flash('error', 'You do not have permission to update this resource.');
}
return redirect()->back();
}
}

14
app/Http/Controllers/ProfileController.php
View File

@ -87,6 +87,7 @@ class ProfileController extends Controller
public function saveProfile(ProfileSave $request)
{
// TODO: Switch to route model binding
$profile = User::find(Auth::user()->id)->profile;
$social = [];
@ -119,6 +120,19 @@ class ProfileController extends Controller
$request->session()->flash('success', 'Profile settings saved successfully.');
}
else
{
$gm = 'Guru Meditation #' . rand(0, 1000);
Log::alert('[GURU MEDITATION]: Could not find profile for authenticated user ' . Auth::user()->name . 'whilst trying to update it! Please verify that profiles are being created automatically during signup.',
[
'uuid' => Auth::user()->uuid,
'timestamp' => now(),
'route' => $request->route()->getName(),
'gmcode' => $gm // If this error is reported, the GM code, denoting a severe error, will help us find this entry in the logs
]);
$request->session()->flash('error', 'A technical error has occurred whilst trying to save your profile. Incident details have been recorded. Please report this incident to administrators with the following case number: ' . $gm);
}
return redirect()->back();

92
app/Http/Controllers/UserController.php
View File

@ -8,8 +8,6 @@ use App\Http\Requests\FlushSessionsRequest;
use App\Http\Requests\DeleteUserRequest;
use App\Http\Requests\SearchPlayerRequest;
use App\Http\Requests\UpdateUserRequest;
use App\Http\Requests\Add2FASecretRequest;
use App\Http\Requests\Remove2FASecretRequest;
use App\User;
use App\Ban;
@ -23,8 +21,6 @@ use App\Notifications\EmailChanged;
use App\Notifications\ChangedPassword;
use Spatie\Permission\Models\Role;
use Google2FA;
class UserController extends Controller
{
@ -116,32 +112,10 @@ class UserController extends Controller
}
}
public function showAccount(Request $request)
public function showAccount()
{
$QRCode = null;
if (!$request->user()->has2FA())
{
if ($request->session()->has('twofaAttemptFailed'))
{
$twoFactorSecret = $request->session()->get('current2FA');
}
else
{
$twoFactorSecret = Google2FA::generateSecretKey(32, '');
$request->session()->put('current2FA', $twoFactorSecret);
}
$QRCode = Google2FA::getQRCodeInline(
config('app.name'),
$request->user()->email,
$twoFactorSecret
);
}
return view('dashboard.user.profile.useraccount')
->with('ip', request()->ip())
->with('twofaQRCode', $QRCode);
->with('ip', request()->ip());
}
@ -215,9 +189,6 @@ class UserController extends Controller
public function delete(DeleteUserRequest $request, User $user)
{
$this->authorize('delete', $user);
if ($request->confirmPrompt == 'DELETE ACCOUNT')
{
$user->delete();
@ -235,8 +206,6 @@ class UserController extends Controller
public function update(UpdateUserRequest $request, User $user)
{
$this->authorize('adminEdit', $user);
// Mass update would not be possible here without extra code, making route model binding useless
$user->email = $request->email;
$user->name = $request->name;
@ -273,67 +242,10 @@ class UserController extends Controller
}
public function add2FASecret(Add2FASecretRequest $request)
{
$currentSecret = $request->session()->get('current2FA');
$isValid = Google2FA::verifyKey($currentSecret, $request->otp);
if ($isValid)
{
$request->user()->twofa_secret = $currentSecret;
$request->user()->save();
Log::warning('SECURITY: User activated two-factor authentication', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
Google2FA::login();
Log::warning('SECURITY: Started two factor session automatically', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->session()->forget('current2FA');
if ($request->session()->has('twofaAttemptFailed'))
$request->session()->forget('twofaAttemptFailed');
$request->session()->flash('success', '2FA succesfully enabled! You\'ll now be prompted for an OTP each time you log in.');
}
else
{
$request->session()->flash('error', 'Incorrect code. Please reopen the 2FA settings panel and try again.');
$request->session()->put('twofaAttemptFailed', true);
}
return redirect()->back();
}
public function remove2FASecret(Remove2FASecretRequest $request)
{
Log::warning('SECURITY: Disabling two factor authentication (user initiated)', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->user()->twofa_secret = null;
$request->user()->save();
$request->session()->flash('success', 'Two-factor authentication disabled.');
return redirect()->back();
}
public function terminate(Request $request, User $user)
{
$this->authorize('terminate', User::class);
// TODO: move logic to policy
if (!$user->isStaffMember() || $user->is(Auth::user()))
{
$request->session()->flash('error', 'You cannot terminate this user.');

38
app/Http/Controllers/VacancyController.php
View File

@ -3,19 +3,15 @@
namespace App\Http\Controllers;
use App\Http\Requests\VacancyRequest;
use App\Http\Requests\VacancyEditRequest;
use App\Vacancy;
use App\User;
use App\Form;
use App\Notifications\VacancyClosed;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Auth;
class VacancyController extends Controller
{
public function index()
@ -35,16 +31,10 @@ class VacancyController extends Controller
if (!is_null($form))
{
/* note: since we can't convert HTML back to Markdown, we'll have to do the converting when the user requests a page,
* and leave the database with Markdown only so it can be used and edited everywhere.
* for several vacancies, this would require looping through all of them and replacing MD with HTML, which is obviously not the most clean solution;
* however, the Model can be configured to return MD instead of HTML on that specific field saving us from looping.
*/
Vacancy::create([
'vacancyName' => $request->vacancyName,
'vacancyDescription' => $request->vacancyDescription,
'vacancyFullDescription' => $request->vacancyFullDescription,
'vacancySlug' => Str::slug($request->vacancyName),
'permissionGroupName' => $request->permissionGroup,
'discordRoleID' => $request->discordRole,
@ -64,9 +54,10 @@ class VacancyController extends Controller
}
public function updatePositionAvailability(Request $request, $status, Vacancy $vacancy)
public function updatePositionAvailability(Request $request, $status, $id)
{
$vacancy = Vacancy::find($id);
$this->authorize('update', $vacancy);
if (!is_null($vacancy))
@ -110,29 +101,4 @@ class VacancyController extends Controller
return redirect()->back();
}
public function edit(Request $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
return view('dashboard.administration.editposition')
->with('vacancy', $vacancy);
}
public function update(VacancyEditRequest $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
$vacancy->vacancyFullDescription = $request->vacancyFullDescription;
$vacancy->vacancyDescription = $request->vacancyDescription;
$vacancy->vacancyCount = $request->vacancyCount;
$vacancy->save();
$request->session()->flash('success', 'Vacancy successfully updated.');
return redirect()->back();
}
}

30
app/Http/Controllers/VoteController.php
View File

@ -13,23 +13,33 @@ use Illuminate\Support\Facades\Log;
class VoteController extends Controller
{
public function vote(VoteRequest $voteRequest, Application $application)
public function vote(VoteRequest $voteRequest, $applicationID)
{
$application = Application::find($applicationID);
$this->authorize('create', Vote::class);
$vote = Vote::create([
'userID' => Auth::user()->id,
'allowedVoteType' => $voteRequest->voteType,
]);
$vote->application()->attach($application->id);
if (!is_null($application))
{
$vote = Vote::create([
'userID' => Auth::user()->id,
'allowedVoteType' => $voteRequest->voteType,
]);
$vote->application()->attach($applicationID);
Log::info('User ' . Auth::user()->name . ' has voted in applicant ' . $application->user->name . '\'s application', [
'voteType' => $voteRequest->voteType
]);
$voteRequest->session()->flash('success', 'Your vote has been registered!');
Log::info('User ' . Auth::user()->name . ' has voted in applicant ' . $application->user->name . '\'s application', [
'voteType' => $voteRequest->voteType
]);
$voteRequest->session()->flash('success', 'Your vote has been registered! You will now be notified about the outcome of this application.');
}
else
{
$voteRequest->session()->flash('error', 'Can\t vote a non existant application!');
}
// Cron job will run command that processes votes
return redirect()->back();
}
}

8
app/Http/Kernel.php
View File

@ -64,12 +64,6 @@ class Kernel extends HttpKernel
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'eligibility' => \App\Http\Middleware\ApplicationEligibility::class,
'usernameUUID' => \App\Http\Middleware\UsernameUUID::class,
'forcelogout' => \App\Http\Middleware\ForceLogoutMiddleware::class,
'2fa' => \PragmaRX\Google2FALaravel\Middleware::class,
'localize' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRoutes::class,
'localizationRedirect' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRedirectFilter::class,
'localeSessionRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleSessionRedirect::class,
'localeCookieRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleCookieRedirect::class,
'localeViewPath' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationViewPath::class
'forcelogout' => \App\Http\Middleware\ForceLogoutMiddleware::class
];
}

4
app/Http/Middleware/TrustProxies.php
View File

@ -12,12 +12,12 @@ class TrustProxies extends Middleware
*
* @var array|string
*/
protected $proxies = "*";
protected $proxies;
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_AWS_ELB;
protected $headers = Request::HEADER_X_FORWARDED_ALL;
}

31
app/Http/Requests/Add2FASecretRequest.php
View File

@ -1,31 +0,0 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class Add2FASecretRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
// current logic only updates currently authenticated user
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'otp' => 'required|string|min:6|max:6'
];
}
}

2
app/Http/Requests/BanUserRequest.php
View File

@ -27,7 +27,7 @@ class BanUserRequest extends FormRequest
{
return [
'reason' => 'required|string',
'durationOperand' => 'nullable|string',
'durationOperand' => 'nullable|integer',
'durationOperator' => 'nullable|string'
];
}

31
app/Http/Requests/Remove2FASecretRequest.php
View File

@ -1,31 +0,0 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class Remove2FASecretRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'currentPassword' => 'required|password',
'consent' => 'required|accepted'
];
}
}

34
app/Http/Requests/VacancyEditRequest.php
View File

@ -1,34 +0,0 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
class VacancyEditRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return Auth::user()->can('admin.hiring.vacancy.edit');
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'vacancyDescription' => 'required|string',
'vacancyFullDescription' => 'nullable|string',
'vacancyCount' => 'required|integer|min:1'
];
}
}

1
app/Http/Requests/VacancyRequest.php
View File

@ -26,7 +26,6 @@ class VacancyRequest extends FormRequest
return [
'vacancyName' => 'required|string',
'vacancyDescription' => 'required|string',
'vacancyFullDescription' => 'nullable|string',
'permissionGroup' => 'required|string',
'discordRole' => 'required|string',
'vacancyCount' => 'required|integer',

45
app/Listeners/LogAuthenticationFailure.php
View File

@ -1,45 +0,0 @@
<?php
namespace App\Listeners;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Support\Facades\Log;
class LogAuthenticationFailure
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param object $event
* @return void
*/
public function handle($event)
{
$targetAccountID = 0;
$originalIP = "0.0.0.0";
if (isset($event->user->id))
{
$targetAccountID = $event->user->id;
}
Log::alert('SECURITY (login): Detected failed authentication attempt!', [
'targetAccountID' => $targetAccountID,
'existingAccount' => ($targetAccountID == 0) ? false : true,
'sourceIP' => request()->ip(),
'matchesAccountLastIP' => request()->ip() == $originalIP,
'sourceUserAgent' => request()->userAgent(),
]);
}
}

36
app/Listeners/LogAuthenticationSuccess.php
View File

@ -1,36 +0,0 @@
<?php
namespace App\Listeners;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Support\Facades\Log;
class LogAuthenticationSuccess
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param object $event
* @return void
*/
public function handle($event)
{
Log::info('SECURITY (postauth-pre2fa): Detected successful login attempt', [
'accountID' => $event->user->id,
'sourceIP' => request()->ip(),
'matchesAccountLastIP' => request()->ip() == $event->user->originalIP,
'sourceUserAgent' => request()->userAgent(),
]);
}
}

20
app/Notifications/ApplicationApproved.php
View File

@ -2,8 +2,6 @@
namespace App\Notifications;
use App\Facades\Options;
use App\Traits\Cancellable;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
@ -13,7 +11,7 @@ use App\Application;
class ApplicationApproved extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
public $application;
@ -26,15 +24,15 @@ class ApplicationApproved extends Notification implements ShouldQueue
{
$this->application = $application;
}
public function channels()
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return $this->chooseChannelsViaOptions();
}
public function optOut($notifiable)
{
return Options::getOption('notify_applicant_approved') !== 1;
return ['mail', 'slack'];
}
/**

2
app/Notifications/ApplicationDenied.php
View File

@ -52,7 +52,7 @@ class ApplicationDenied extends Notification implements ShouldQueue
->line('Your most recent application has been denied.')
->line('Our review team denies applications for several reasons, including poor answers.')
->line('Please review your application and try again in 30 days.')
->action('Review application', url(route('showUserApp', ['application' => $this->application->id])))
->action('Review application', url(route('showUserApp', ['id' => $this->application->id])))
->line('Better luck next time!');
}

14
app/Notifications/ApplicationMoved.php
View File

@ -6,12 +6,10 @@ use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use App\Traits\Cancellable;
use App\Facades\Options;
class ApplicationMoved extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
/**
* Create a new notification instance.
@ -23,9 +21,15 @@ class ApplicationMoved extends Notification implements ShouldQueue
//
}
public function optOut($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return Options::getOption('notify_application_status_change') !== 1;
return ['mail'];
}
/**

29
app/Notifications/NewApplicant.php
View File

@ -10,12 +10,9 @@ use Illuminate\Notifications\Notification;
use App\Application;
use App\Vacancy;
use App\Traits\Cancellable;
use App\Facades\Options;
class NewApplicant extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
protected $application;
@ -34,19 +31,15 @@ class NewApplicant extends Notification implements ShouldQueue
$this->vacancy = $vacancy;
}
public function channels()
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
if (Options::getOption('enable_slack_notifications') == 1)
{
return ['slack'];
}
return [];
}
public function optOut($notifiable)
{
return Options::getOption('notify_new_user') !== 1;
return ['slack'];
}
/**
@ -62,7 +55,7 @@ class NewApplicant extends Notification implements ShouldQueue
->subject(config('app.name') . ' - New application')
->line('Someone has just applied for a position. Check it out!')
->line('You are receiving this because you\'re a staff member at ' . config('app.name') . '.')
->action('View Application', url(route('showUserApp', ['application' => $this->application->id])))
->action('View Application', url(route('showUserApp', ['id' => $this->application->id])))
->line('Thank you!');
}
@ -74,7 +67,7 @@ class NewApplicant extends Notification implements ShouldQueue
$vacancyDetails['name'] = $this->vacancy->vacancyName;
$vacancyDetails['slots'] = $this->vacancy->vacancyCount;
$url = route('showUserApp', ['application' => $this->application->id]);
$url = route('showUserApp', ['id' => $this->application->id]);
$applicant = $this->application->user->name;
return (new SlackMessage)

16
app/Notifications/NewComment.php
View File

@ -8,12 +8,10 @@ use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use App\Comment;
use App\Application;
use App\Traits\Cancellable;
use App\Facades\Options;
class NewComment extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
protected $application;
@ -28,9 +26,15 @@ class NewComment extends Notification implements ShouldQueue
$this->application = $application;
}
public function optOut($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return Options::getOption('notify_application_comment') !== 1;
return ['mail'];
}
/**
@ -46,7 +50,7 @@ class NewComment extends Notification implements ShouldQueue
->subject(config('app.name') . ' - New comment')
->line('Someone has just posted a new comment on an application you follow.')
->line('You\'re receiving this email because you\'ve voted/commented on this application.')
->action('Check it out', url(route('showUserApp', ['application' => $this->application->id])))
->action('Check it out', url(route('showUserApp', ['id' => $this->application->id])))
->line('Thank you!');
}

78
app/Notifications/NewContact.php
View File

@ -1,78 +0,0 @@
<?php
namespace App\Notifications;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use Illuminate\Support\Collection;
class NewContact extends Notification
{
use Queueable;
public $message;
/**
* Create a new notification instance.
*
* @return void
*/
public function __construct(Collection $message)
{
$this->message = $message;
}
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return ['mail'];
}
/**
* Get the mail representation of the notification.
*
* @param mixed $notifiable
* @return \Illuminate\Notifications\Messages\MailMessage
*/
public function toMail($notifiable)
{
if ($this->message->has([
'message',
'ip',
'email'
]))
{
return (new MailMessage)
->line('We\'ve received a new contact form submission in the StaffManagement app center.')
->line('This is what they sent: ')
->line('')
->line($this->message->get('message'))
->line('')
->line('This message was received from ' . $this->message->get('ip') . ' and submitted by ' . $this->message->get('email') . '.')
->action('Sign in', url(route('login')))
->line('Thank you!');
}
throw new \InvalidArgumentException("Invalid arguments supplied to NewContact!");
}
/**
* Get the array representation of the notification.
*
* @param mixed $notifiable
* @return array
*/
public function toArray($notifiable)
{
return [
//
];
}
}

20
app/Notifications/NewUser.php
View File

@ -10,12 +10,10 @@ use Illuminate\Notifications\Messages\SlackMessage;
use App\User;
use App\Facades\UUID;
use App\Traits\Cancellable;
use App\Facades\Options;
class NewUser extends Notification implements ShouldQueue
{
use Queueable, Cancellable;
use Queueable;
public $user;
@ -29,14 +27,18 @@ class NewUser extends Notification implements ShouldQueue
$this->user = $user;
}
public function channels($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return $this->chooseChannelsViaOptions();
}
return ($notifiable->isStaffMember())
? ['slack', 'mail']
: ['mail'];
public function optOut($notifiable)
{
return Options::getOption('notify_new_user') !== 1;
}
/**

15
app/Notifications/VacancyClosed.php
View File

@ -6,15 +6,12 @@ use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Notifications\Notification;
use Illuminate\Queue\SerializesModels;
use App\Vacancy;
use App\Facades\Options;
use App\Traits\Cancellable;
class VacancyClosed extends Notification implements ShouldQueue
{
use Queueable, SerializesModels, Cancellable;
use Queueable;
protected $vacancy;
@ -28,9 +25,15 @@ class VacancyClosed extends Notification implements ShouldQueue
$this->vacancy = $vacancy;
}
public function optOut($notifiable)
/**
* Get the notification's delivery channels.
*
* @param mixed $notifiable
* @return array
*/
public function via($notifiable)
{
return Options::getOption('notify_vacancystatus_change') !== 1;
return ['mail'];
}
/**

94
app/Observers/ApplicationObserver.php
View File

@ -1,94 +0,0 @@
<?php
namespace App\Observers;
use App\Application;
use Illuminate\Support\Facades\Log;
class ApplicationObserver
{
/**
* Handle the application "created" event.
*
* @param \App\Application $application
* @return void
*/
public function created(Application $application)
{
//
}
/**
* Handle the application "updated" event.
*
* @param \App\Application $application
* @return void
*/
public function updated(Application $application)
{
//
}
public function deleting(Application $application)
{
$application->response()->delete();
$votes = $application->votes;
foreach ($votes as $vote)
{
Log::debug('Referential integrity cleanup: Deleting and detaching vote ' . $vote->id);
$vote->application()->detach($application->id);
$vote->delete();
}
if (!is_null($application->appointment))
{
Log::debug('RIC: Deleting appointment!');
$application->appointment()->delete();
}
if (!$application->comments->isEmpty())
{
Log::debug('RIC: Deleting comments!');
foreach($application->comments as $comment)
{
$comment->delete();
}
}
// application can now be deleted
}
/**
* Handle the application "deleted" event.
*
* @param \App\Application $application
* @return void
*/
public function deleted(Application $application)
{
//
}
/**
* Handle the application "restored" event.
*
* @param \App\Application $application
* @return void
*/
public function restored(Application $application)
{
//
}
/**
* Handle the application "force deleted" event.
*
* @param \App\Application $application
* @return void
*/
public function forceDeleted(Application $application)
{
//
}
}

25
app/Observers/UserObserver.php
View File

@ -48,7 +48,30 @@ class UserObserver
Log::debug('RIC: Now trying to delete applications and responses...');
foreach($applications as $application)
{
// code moved to Application observer, where it gets rid of attached elements individually
$application->response()->delete();
$votes = $application->votes;
foreach ($votes as $vote)
{
Log::debug('RIC: Deleting and detaching vote ' . $vote->id);
$vote->application()->detach($application->id);
$vote->delete();
}
if (!is_null($application->appointment))
{
Log::debug('RIC: Deleting appointment!');
$application->appointment()->delete();
}
if (!$application->comments->isEmpty())
{
Log::debug('RIC: Deleting comments!');
foreach($application->comments as $comment)
{
$comment->delete();
}
}
Log::debug('RIC: Deleting application ' . $application->id);
$application->delete();

64
app/Observers/VacancyObserver.php
View File

@ -1,64 +0,0 @@
<?php
namespace App\Observers;
use App\Vacancy;
class VacancyObserver
{
/**
* Handle the vacancy "created" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function created(Vacancy $vacancy)
{
//
}
/**
* Handle the vacancy "updated" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function updated(Vacancy $vacancy)
{
//
}
/**
* Handle the vacancy "deleted" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function deleted(Vacancy $vacancy)
{
// TODO: Handle deletion of children's data
}
/**
* Handle the vacancy "restored" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function restored(Vacancy $vacancy)
{
//
}
/**
* Handle the vacancy "force deleted" event.
*
* @param \App\Vacancy $vacancy
* @return void
*/
public function forceDeleted(Vacancy $vacancy)
{
//
}
}

13
app/Options.php
View File

@ -1,13 +0,0 @@
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Options extends Model
{
public $fillable = [
'option_name',
'option_value'
];
}

7
app/Policies/ApplicationPolicy.php
View File

@ -45,11 +45,4 @@ class ApplicationPolicy
{
return $user->hasAnyRole('admin', 'hiringManager');
}
public function delete(User $user, Application $application)
{
return $user->hasRole('admin');
}
}

24
app/Policies/AppointmentPolicy.php
View File

@ -13,7 +13,7 @@ class AppointmentPolicy
/**
* Determine whether the user can view any models.
*
* @param User $user
* @param \App\User $user
* @return mixed
*/
public function viewAny(User $user)
@ -24,8 +24,8 @@ class AppointmentPolicy
/**
* Determine whether the user can view the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function view(User $user, Appointment $appointment)
@ -36,7 +36,7 @@ class AppointmentPolicy
/**
* Determine whether the user can create models.
*
* @param User $user
* @param \App\User $user
* @return mixed
*/
public function create(User $user)
@ -47,8 +47,8 @@ class AppointmentPolicy
/**
* Determine whether the user can update the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function update(User $user, Appointment $appointment)
@ -59,8 +59,8 @@ class AppointmentPolicy
/**
* Determine whether the user can delete the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function delete(User $user, Appointment $appointment)
@ -71,8 +71,8 @@ class AppointmentPolicy
/**
* Determine whether the user can restore the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function restore(User $user, Appointment $appointment)
@ -83,8 +83,8 @@ class AppointmentPolicy
/**
* Determine whether the user can permanently delete the model.
*
* @param User $user
* @param Appointment $appointment
* @param \App\User $user
* @param \App\Appointment $appointment
* @return mixed
*/
public function forceDelete(User $user, Appointment $appointment)

17
app/Policies/BanPolicy.php
View File

@ -5,8 +5,6 @@ namespace App\Policies;
use App\Ban;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class BanPolicy
{
@ -38,19 +36,12 @@ class BanPolicy
/**
* Determine whether the user can create models.
*
* @param \App\User $user
* @param User $targetUser
* @param \App\User $user
* @return mixed
*/
public function create(User $user, User $targetUser)
public function create(User $user)
{
Log::debug("Authorization check started", [
'requiredRoles' => 'admin',
'hasRequiredRole' => $user->hasRole('admin'),
'targetUser' => $targetUser->username,
'isCurrentUser' => Auth::user()->is($user)
]);
return $user->hasRole('admin') && $user->isNot($targetUser);
//
}
/**
@ -62,7 +53,7 @@ class BanPolicy
*/
public function update(User $user, Ban $ban)
{
return $user->hasRole('admin');
//
}
/**

2
app/Policies/FormPolicy.php
View File

@ -57,7 +57,7 @@ class FormPolicy
*/
public function update(User $user, Form $form)
{
return $user->can('admin.hiring.forms');
// unused
}
/**

11
app/Policies/UserPolicy.php
View File

@ -24,12 +24,6 @@ class UserPolicy
return $authUser->is($user) || $authUser->hasRole('admin');
}
// This refers to the admin tools that let staff update more information than users themselves can
public function adminEdit(User $authUser, User $user)
{
return $authUser->hasRole('admin') && $authUser->isNot($user);
}
public function viewStaff(User $user)
{
return $user->can('admin.stafflist');
@ -44,9 +38,4 @@ class UserPolicy
{
return $authUser->hasRole('admin');
}
public function delete(User $authUser, User $subject)
{
return $authUser->hasRole('admin') && $authUser->isNot($subject);
}
}

2
app/Policies/VacancyPolicy.php
View File

@ -53,7 +53,7 @@ class VacancyPolicy
*/
public function update(User $user, Vacancy $vacancy)
{
return $user->hasAnyRole('admin', 'hiringManager');
return $user->hasRole('admin', 'hiringManager');
}
/**

6
app/Providers/AppServiceProvider.php
View File

@ -2,8 +2,6 @@
namespace App\Providers;
use App\Application;
use App\Observers\ApplicationObserver;
use App\Observers\UserObserver;
use App\User;
use Illuminate\Support\Facades\Schema;
@ -34,10 +32,6 @@ class AppServiceProvider extends ServiceProvider
]);
Schema::defaultStringLength(191);
User::observe(UserObserver::class);
Application::observe(ApplicationObserver::class);
$this->app['request']->server->set('HTTPS', $this->app->environment() != 'local');
}
}

16
app/Providers/AuthServiceProvider.php
View File

@ -2,15 +2,15 @@
namespace App\Providers;
use App\Http\Controllers\BanController;
use App\Http\Controllers\VoteController;
use App\Http\Controllers\ProfileController;
use App\Http\Controllers\AppointmentController;
use App\Policies\ProfilePolicy;
use App\Policies\VacancyPolicy;
use App\Policies\UserPolicy;
use App\Policies\BanPolicy;
use App\Policies\FormPolicy;
use App\Policies\VotePolicy;
use App\Policies\ApplicationPolicy;
use App\Policies\AppointmentPolicy;
use App\User;
use App\Form;
use App\Vote;
@ -18,8 +18,6 @@ use App\Vacancy;
use App\Application;
use App\Appointment;
use App\Ban;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
@ -38,9 +36,9 @@ class AuthServiceProvider extends ServiceProvider
Vacancy::class => VacancyPolicy::class,
//Form::class => FormPolicy::class
'App\Form' => 'App\Policies\FormPolicy',
Vote::class => VotePolicy::class,
Ban::class => BanPolicy::class,
Appointment::class => AppointmentPolicy::class
Vote::class => VoteController::class,
Ban::class => BanController::class,
Appointment::class => AppointmentController::class
];
/**

34
app/Providers/ContextAwareValidatorProvider.php
View File

@ -1,34 +0,0 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use App;
class ContextAwareValidatorProvider extends ServiceProvider
{
/**
* Register services.
*
* @return void
*/
public function register()
{
//
}
/**
* Bootstrap services.
*
* @return void
*/
public function boot()
{
App::bind('contextAwareValidator', function(){
return new App\Helpers\ContextAwareValidator();
});
}
}

10
app/Providers/EventServiceProvider.php
View File

@ -2,11 +2,7 @@
namespace App\Providers;
use App\Listeners\LogAuthenticationFailure;
use App\Listeners\LogAuthenticationSuccess;
use App\Listeners\OnUserRegistration;
use Illuminate\Auth\Events\Failed;
use Illuminate\Auth\Events\Login;
use Illuminate\Auth\Events\Registered;
use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
@ -24,12 +20,6 @@ class EventServiceProvider extends ServiceProvider
SendEmailVerificationNotification::class,
OnUserRegistration::class
],
Failed::class => [
LogAuthenticationFailure::class
],
Login::class => [
LogAuthenticationSuccess::class
],
'App\Events\ApplicationApprovedEvent' => [
'App\Listeners\PromoteUser'
],

31
app/Providers/OptionsProvider.php
View File

@ -1,31 +0,0 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use App;
class OptionsProvider extends ServiceProvider
{
/**
* Register services.
*
* @return void
*/
public function register()
{
//
}
/**
* Bootstrap services.
*
* @return void
*/
public function boot()
{
App::bind('smOptions', function (){
return new App\Helpers\Options();
});
}
}

40
app/Traits/AuthenticatesTwoFactor.php
View File

@ -1,40 +0,0 @@
<?php
namespace App\Traits;
use Google2FA;
use App\Http\Requests\Add2FASecretRequest;
use Illuminate\Support\Facades\Log;
trait AuthenticatesTwoFactor
{
public function verify2FA(Add2FASecretRequest $request)
{
$isValid = Google2FA::verifyKey($request->user()->twofa_secret, $request->otp);
if ($isValid)
{
Google2FA::login();
Log::info('SECURITY (postauth): One-time password verification succeeded', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
return redirect()->to($this->redirectTo);
}
else
{
Log::warning('SECURITY (preauth): One-time password verification failed', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->session()->flash('error', 'Your one time password is invalid.');
return redirect()->back();
}
}
}

49
app/Traits/Cancellable.php
View File

@ -1,49 +0,0 @@
<?php
namespace App\Traits;
use App\Facades\Options;
trait Cancellable
{
public function chooseChannelsViaOptions()
{
$channels = [];
if (Options::getOption('enable_slack_notifications') == 1)
{
array_push($channels, 'slack');
}
elseif(Options::getOption('enable_email_notifications') == 1)
{
array_push($channels, 'email');
}
return $channels;
}
public function channels()
{
return ['mail'];
}
public function via($notifiable)
{
if ($this->optOut($notifiable))
{
return [];
}
return $this->channels();
}
public function optOut($notifiable)
{
return false;
}
}

11
app/User.php
View File

@ -7,10 +7,11 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable implements MustVerifyEmail
class User extends Authenticatable
{
use Notifiable;
use HasRoles;
//use MustVerifyEmail;
/**
* The attributes that are mass assignable.
@ -67,24 +68,18 @@ class User extends Authenticatable implements MustVerifyEmail
}
public function isBanned()
{
return !$this->bans()->get()->isEmpty();
}
public function isStaffMember()
{
return $this->hasAnyRole('reviewer', 'admin', 'hiringManager');
}
public function has2FA()
{
return !is_null($this->twofa_secret);
}
public function routeNotificationForSlack($notification)

24
app/Vacancy.php
View File

@ -6,9 +6,6 @@ use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use GrahamCampbell\Markdown\Facades\Markdown;
class Vacancy extends Model
{
public $fillable = [
@ -16,7 +13,6 @@ class Vacancy extends Model
'permissionGroupName',
'vacancyName',
'vacancyDescription',
'vacancyFullDescription',
'discordRoleID',
'vacancyFormID',
'vacancyCount',
@ -25,26 +21,6 @@ class Vacancy extends Model
];
/**
* Get the HTML variant of the vacancyFullDescription attribute.
*
* @param string $value The original value
* @return string
*/
public function getVacancyFullDescriptionAttribute($value)
{
if (!is_null($value))
{
return Markdown::convertToHTML($value);
}
else
{
return null;
}
}
public function forms()
{
return $this->belongsTo('App\Form', 'vacancyFormID', 'id');

33
app/View/Components/Form.php
View File

@ -1,33 +0,0 @@
<?php
namespace App\View\Components;
use Illuminate\View\Component;
class Form extends Component
{
public $formFields;
public $disableFields = false;
/**
* Create a new component instance.
*
* @return void
*/
public function __construct($disableFields = false)
{
$this->disableFields = $disableFields;
}
/**
* Get the view / contents that represent the component.
*
* @return \Illuminate\View\View|string
*/
public function render()
{
return view('components.form');
}
}

33
app/View/Components/NoPermission.php
View File

@ -1,33 +0,0 @@
<?php
namespace App\View\Components;
use Illuminate\View\Component;
class NoPermission extends Component
{
public $type;
public $inDashboard;
/**
* Create a new component instance.
*
* @return void
*/
public function __construct($type, $inDashboard = true)
{
$this->type = $type;
$this->inDashboard = $inDashboard;
}
/**
* Get the view / contents that represent the component.
*
* @return \Illuminate\View\View|string
*/
public function render()
{
return view('components.no-permission');
}
}

4
composer.json
View File

@ -9,22 +9,18 @@
"license": "MIT",
"require": {
"php": "^7.2.5",
"ext-imagick": "*",
"ext-json": "*",
"arcanedev/log-viewer": "^7.0",
"doctrine/dbal": "^2.10",
"fideloper/proxy": "^4.2",
"fruitcake/laravel-cors": "^1.0",
"geo-sot/laravel-env-editor": "^0.9.9",
"graham-campbell/markdown": "^12.0",
"guzzlehttp/guzzle": "^6.5",
"jeroennoten/laravel-adminlte": "^3.2",
"laravel/framework": "^7.0",
"laravel/slack-notification-channel": "^2.0",
"laravel/tinker": "^2.0",
"laravel/ui": "^2.0",
"mcamara/laravel-localization": "^1.5",
"pragmarx/google2fa-laravel": "^1.3",
"sentry/sentry-laravel": "1.7.1",
"spatie/laravel-permission": "^3.13"
},

2257
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

99
config/adminlte.php
View File

@ -14,7 +14,7 @@ return [
|
*/
'title' => env('APP_NAME'),
'title' => 'Raspberry Net',
'title_prefix' => '',
'title_postfix' => '',
@ -45,12 +45,12 @@ return [
|
*/
'logo' => env('APP_NAME'),
'logo_img' => env('APP_LOGO'),
'logo' => 'RaspberryNet Staff',
'logo_img' => 'https://www.raspberrypi.org/app/uploads/2020/05/Raspberry-Pi-OS-downloads-image-150x150-1.png',
'logo_img_class' => 'brand-image img-circle elevation-3',
'logo_img_xl' => null,
'logo_img_xl_class' => 'brand-image-xs',
'logo_img_alt' => env('APP_NAME') . '\'s Temporary Logo',
'logo_img_alt' => 'Raspberry Network Staff Temporary Logo',
/*
|--------------------------------------------------------------------------
@ -209,76 +209,74 @@ return [
'menu' => [
[
'text' => 'm_home',
'icon' => 'fas fa-home',
'url' => 'dashboard'
'text' => 'Home',
'icon' => 'fas fa-home',
'url' => 'dashboard'
],
[
'text' => 'm_directory',
'icon' => 'fas fa-users',
'url' => 'users/directory',
'can' => 'profiles.view.others'
'text' => 'Directory',
'icon' => 'fas fa-users',
'url' => 'users/directory',
'can' => 'profiles.view.others'
],
[
'header' => 'h_applications',
'header' => 'Applications',
'can' => 'applications.view.own'
],
[
'text' => 'm_my_applications',
'text' => 'My Applications',
'icon' => 'fas fa-fw fa-list-ul',
'can' => 'applications.view.own',
'submenu' => [
[
'text' => 'm_curr_applications',
'text' => 'Current Applications',
'icon' => 'fas fa-fw fa-check-double',
'url' => '/applications/my-applications'
]
],
],
'My Profile',
[
'header' => 'h_my_profile',
],
[
'text' => 'm_profile_settings',
'text' => 'Profile Settings',
'url' => '/profile/settings',
'icon' => 'fas fa-fw fa-cog'
],
[
'text' => 'm_account_settings',
'text' => 'My Account Settings',
'icon' => 'fas fa-user-circle',
'url' => '/profile/settings/account'
],
[
'header' => 'h_app_management',
'header' => 'Application Management',
'can' => ['applications.view.all', 'applications.vote']
],
[
'text' => 'm_all_apps',
'url' => 'applications/staff/all',
'icon' => 'fas fa-list-ol',
'can' => 'applications.view.all'
'text' => 'All applications',
'url' => 'applications/staff/all',
'icon' => 'fas fa-list-ol',
'can' => 'applications.view.all'
],
[
'text' => 'm_outstanding_apps',
'text' => 'Outstanding Applications',
'url' => '/applications/staff/outstanding',
'icon' => 'far fa-folder-open',
'can' => 'applications.view.all'
],
[
'text' => 'm_interview_queue',
'text' => 'Interview Queue',
'url' => '/applications/staff/pending-interview',
'icon' => 'fas fa-fw fa-microphone-alt',
'can' => 'applications.view.all'
],
[
'text' => 'm_peer_approval',
'text' => 'Peer Approval Queue',
'url' => '/applications/staff/peer-review',
'icon' => 'fas fa-fw fa-search',
'can' => 'applications.view.all'
],
[
'header' => 'h_admin',
'header' => 'Administration',
'can' => [ // may need to be modified
'admin.hiring.*',
'admin.userlist',
@ -288,38 +286,38 @@ return [
]
],
[
'text' => 'm_staff_m',
'text' => 'Staff Members',
'icon' => 'fas fa-fw fa-users',
'url' => '/hr/staff-members',
'can' => 'admin.stafflist'
],
[ // players who haven't been promoted yet
'text' => 'm_reg_players',
'text' => 'Registered Players',
'icon' => 'fas fa-fw fa-user-friends',
'url' => '/hr/players',
'can' => 'admin.userlist'
],
[
'text' => 'sm_hiring_man',
'icon' => 'far fa-calendar-plus',
'text' => 'Hiring Management',
'icon' => 'far fa-calendar-plus',
'can' => 'admin.hiring.*',
'submenu' => [
[
'text' => 'm_open_pos',
'text' => 'Open Positions',
'icon' => 'fas fa-box-open',
'url' => '/admin/positions'
],
[
'text' => 'sm_forms',
'text' => 'Forms',
'icon' => 'fab fa-wpforms',
'submenu' => [
[
'text' => 'sm_all_forms',
'text' => 'All forms',
'icon' => 'far fa-list-alt',
'url' => '/admin/forms'
],
[
'text' => 'm_form_builder',
'text' => 'Form Builder',
'icon' => 'fas fa-fw fa-hammer',
'url' => '/admin/forms/builder'
]
@ -328,26 +326,26 @@ return [
]
],
[
'text' => 'sm_app_settings',
'text' => 'App Settings',
'icon' => 'fas fa-fw fa-cog',
'can' => 'admin.notificationsettings',
'submenu' => [
[
'text' => 'm_global_app_s',
'icon' => 'fas fa-cogs',
'url' => '/admin/settings',
'can' => 'admin.settings.view'
'text' => 'Global Notification Settings',
'icon' => 'far fa-bell',
'url' => '/admin/notifications',
'can' => 'admin.notificationsettings.edit'
],
[
'text' => 'm_devtools',
'text' => 'Developer Tools',
'icon' => 'fas fa-code',
'url' => '/admin/devtools',
'can' => 'admin.developertools.use'
]
]
]
],
[
'text' => 'm_s_logs',
'text' => 'System Logs',
'url' => '/admin/maintenance/system-logs',
'icon' => 'fas fa-clipboard-list',
'can' => 'admin.maintenance.logs.view'
@ -370,6 +368,7 @@ return [
JeroenNoten\LaravelAdminLte\Menu\Filters\HrefFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\SearchFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\ActiveFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\SubmenuFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\ClassesFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\GateFilter::class,
JeroenNoten\LaravelAdminLte\Menu\Filters\LangFilter::class,
@ -529,16 +528,6 @@ return [
]
]
],
[
'name' => 'AuthCustomisations',
'active' => true,
'files' => [
[
'type' => 'css',
'asset' => false,
'location' => '/css/authpages.css'
]
]
]
],
];

22
config/app.php
View File

@ -15,19 +15,6 @@ return [
'name' => env('APP_NAME', 'Laravel'),
/*
|--------------------------------------------------------------------------
| Application Homepage
|--------------------------------------------------------------------------
|
| This value is the application's homepage.
| If you have a main website other than this application itself, you can link it here.
| It will be used exclusively on the "Homepage" header menu.
|
*/
'sitehomepage' => env('APP_SITEHOMEPAGE', 'https://google.com'),
/*
|--------------------------------------------------------------------------
| Application Environment
@ -177,9 +164,7 @@ return [
/*
* Package Service Providers...
*/
GrahamCampbell\Markdown\MarkdownServiceProvider::class,
/*
* Application Service Providers...
@ -188,12 +173,10 @@ return [
App\Providers\AuthServiceProvider::class,
App\Providers\UUIDConversionProvider::class,
App\Providers\IPInfoProvider::class,
App\Providers\ContextAwareValidatorProvider::class,
// App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class,
App\Providers\RouteServiceProvider::class,
\App\Providers\MojangStatusProvider::class,
\App\Providers\OptionsProvider::class
],
@ -247,10 +230,7 @@ return [
'Validator' => Illuminate\Support\Facades\Validator::class,
'View' => Illuminate\Support\Facades\View::class,
'UUID' => App\Facades\UUID::class,
'IP' => App\Facades\IP::class,
'Markdown' => GrahamCampbell\Markdown\Facades\Markdown::class,
'ContextAwareValidator' => App\Facades\ContextAwareValidation::class,
'Settings' => App\Facades\Options::class
'IP' => App\Facades\IP::class
],

79
config/google2fa.php
View File

@ -1,79 +0,0 @@
<?php
return [
/*
* Enable / disable Google2FA.
*/
'enabled' => env('OTP_ENABLED', true),
/*
* Lifetime in minutes.
*
* In case you need your users to be asked for a new one time passwords from time to time.
*/
'lifetime' => env('OTP_LIFETIME', 0), // 0 = eternal
/*
* Renew lifetime at every new request.
*/
'keep_alive' => env('OTP_KEEP_ALIVE', true),
/*
* Auth container binding.
*/
'auth' => 'auth',
/*
* 2FA verified session var.
*/
'session_var' => 'google2fa',
/*
* One Time Password request input name.
*/
'otp_input' => 'otp',
/*
* One Time Password Window.
*/
'window' => 1,
/*
* Forbid user to reuse One Time Passwords.
*/
'forbid_old_passwords' => false,
/*
* User's table column for google2fa secret.
*/
'otp_secret_column' => 'twofa_secret',
/*
* One Time Password View.
*/
'view' => 'auth.2fa',
/*
* One Time Password error message.
*/
'error_messages' => [
'wrong_otp' => "Your one time code was incorrect.",
'cannot_be_empty' => 'The one time code cannot be empty.',
'unknown' => 'An unknown error has occurred. Please try again.',
],
/*
* Throw exceptions or just fire events?
*/
'throw_exceptions' => env('OTP_THROW_EXCEPTION', true),
/*
* Which image backend to use for generating QR codes?
*
* Supports imagemagick, svg and eps
*/
'qrcode_image_backend' => \PragmaRX\Google2FALaravel\Support\Constants::QRCODE_IMAGE_BACKEND_IMAGEMAGICK,
];

70
config/laravellocalization.php
View File

@ -1,70 +0,0 @@
<?php
return [
// Uncomment the languages that your site supports - or add new ones.
// These are sorted by the native name, which is the order you might show them in a language selector.
// Regional languages are sorted by their base language, so "British English" sorts as "English, British"
'supportedLocales' => [
'en' => ['name' => 'English', 'script' => 'Latn', 'native' => 'English', 'regional' => 'en_GB'],
'es' => ['name' => 'Spanish', 'script' => 'Latn', 'native' => 'Español', 'regional' => 'es_ES'],
'pt' => ['name' => 'Portuguese', 'script' => 'Latn', 'native' => 'Português', 'regional' => 'pt_PT'],
'fr' => ['name' => 'French', 'script' => 'Latn', 'native' => 'Français', 'regional' => 'fr_FR'],
],
// Requires middleware `LaravelSessionRedirect.php`.
//
// Automatically determine locale from browser (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language)
// on first call if it's not defined in the URL. Redirect user to computed localized url.
// For example, if users browser language is `de`, and `de` is active in the array `supportedLocales`,
// the `/about` would be redirected to `/de/about`.
//
// The locale will be stored in session and only be computed from browser
// again if the session expires.
//
// If false, system will take app.php locale attribute
'useAcceptLanguageHeader' => true,
// If `hideDefaultLocaleInURL` is true, then a url without locale
// is identical with the same url with default locale.
// For example, if `en` is default locale, then `/en/about` and `/about`
// would be identical.
//
// If in addition the middleware `LaravelLocalizationRedirectFilter` is active, then
// every url with default locale is redirected to url without locale.
// For example, `/en/about` would be redirected to `/about`.
// It is recommended to use `hideDefaultLocaleInURL` only in
// combination with the middleware `LaravelLocalizationRedirectFilter`
// to avoid duplicate content (SEO).
//
// If `useAcceptLanguageHeader` is true, then the first time
// the locale will be determined from browser and redirect to that language.
// After that, `hideDefaultLocaleInURL` behaves as usual.
'hideDefaultLocaleInURL' => true,
// If you want to display the locales in particular order in the language selector you should write the order here.
//CAUTION: Please consider using the appropriate locale code otherwise it will not work
//Example: 'localesOrder' => ['es','en'],
'localesOrder' => ['en', 'pt', 'fr', 'es'],
// If you want to use custom lang url segments like 'at' instead of 'de-AT', you can use the mapping to tallow the LanguageNegotiator to assign the descired locales based on HTTP Accept Language Header. For example you want ot use 'at', so map HTTP Accept Language Header 'de-AT' to 'at' (['de-AT' => 'at']).
'localesMapping' => [],
// Locale suffix for LC_TIME and LC_MONETARY
// Defaults to most common ".UTF-8". Set to blank on Windows systems, change to ".utf8" on CentOS and similar.
'utf8suffix' => env('LARAVELLOCALIZATION_UTF8SUFFIX', '.UTF-8'),
// URLs which should not be processed, e.g. '/nova', '/nova/*', '/nova-api/*' or specific application URLs
// Defaults to []
'urlsIgnored' => [
'/js/*',
'/img/*',
'/css/*',
'/vendor/*',
'/app.css',
'/robots.txt',
'/slides/*',
'/auth/logout'
],
];

158
config/markdown.php
View File

@ -1,158 +0,0 @@
<?php
declare(strict_types=1);
/*
* This file is part of Laravel Markdown.
*
* (c) Graham Campbell <graham@alt-three.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
return [
/*
|--------------------------------------------------------------------------
| Enable View Integration
|--------------------------------------------------------------------------
|
| This option specifies if the view integration is enabled so you can write
| markdown views and have them rendered as html. The following extensions
| are currently supported: ".md", ".md.php", and ".md.blade.php". You may
| disable this integration if it is conflicting with another package.
|
| Default: true
|
*/
'views' => true,
/*
|--------------------------------------------------------------------------
| CommonMark Extensions
|--------------------------------------------------------------------------
|
| This option specifies what extensions will be automatically enabled.
| Simply provide your extension class names here.
|
| Default: []
|
*/
'extensions' => [],
/*
|--------------------------------------------------------------------------
| Renderer Configuration
|--------------------------------------------------------------------------
|
| This option specifies an array of options for rendering HTML.
|
| Default: [
| 'block_separator' => "\n",
| 'inner_separator' => "\n",
| 'soft_break' => "\n",
| ]
|
*/
'renderer' => [
'block_separator' => "\n",
'inner_separator' => "\n",
'soft_break' => "\n",
],
/*
|--------------------------------------------------------------------------
| Enable Em Tag Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `<em>` parsing is enabled.
|
| Default: true
|
*/
'enable_em' => true,
/*
|--------------------------------------------------------------------------
| Enable Strong Tag Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `<strong>` parsing is enabled.
|
| Default: true
|
*/
'enable_strong' => true,
/*
|--------------------------------------------------------------------------
| Enable Asterisk Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `*` should be parsed for emphasis.
|
| Default: true
|
*/
'use_asterisk' => true,
/*
|--------------------------------------------------------------------------
| Enable Underscore Parsing
|--------------------------------------------------------------------------
|
| This option specifies if `_` should be parsed for emphasis.
|
| Default: true
|
*/
'use_underscore' => true,
/*
|--------------------------------------------------------------------------
| HTML Input
|--------------------------------------------------------------------------
|
| This option specifies how to handle untrusted HTML input.
|
| Default: 'strip'
|
*/
'html_input' => 'strip',
/*
|--------------------------------------------------------------------------
| Allow Unsafe Links
|--------------------------------------------------------------------------
|
| This option specifies whether to allow risky image URLs and links.
|
| Default: true
|
*/
'allow_unsafe_links' => false,
/*
|--------------------------------------------------------------------------
| Maximum Nesting Level
|--------------------------------------------------------------------------
|
| This option specifies the maximum permitted block nesting level.
|
| Default: INF
|
*/
'max_nesting_level' => INF,
];

5
crowdin.yml
View File

@ -1,5 +0,0 @@
files:
- source: /**/lang/**/en/*.php
ignore:
- /**/lang/en/*2.php
translation: /**/lang/**/%two_letters_code%/%original_file_name%

32
database/migrations/2020_07_11_020743_add_detailed_description_to_vacancy.php
View File

@ -1,32 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddDetailedDescriptionToVacancy extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('vacancies', function (Blueprint $table) {
$table->longText('vacancyFullDescription')->nullable()->after('vacancyDescription');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('vacancies', function (Blueprint $table) {
$table->dropColumn('vacancyFullDescription');
});
}
}

32
database/migrations/2020_07_17_053247_add_twofa_secret_to_users.php
View File

@ -1,32 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddTwofaSecretToUsers extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->string('twofa_secret')->nullable()->after('password');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn('twofa_secret');
});
}
}

34
database/migrations/2020_08_30_152900_create_options_table.php
View File

@ -1,34 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateOptionsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('options', function (Blueprint $table) {
$table->id();
$table->string('option_name');
$table->string('option_value');
$table->string('friendly_name');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('options');
}
}

1
database/seeds/DatabaseSeeder.php
View File

@ -13,6 +13,5 @@ class DatabaseSeeder extends Seeder
{
$this->call(PermissionSeeder::class);
$this->call(UserSeeder::class);
$this->call(DefaultOptionsSeeder::class);
}
}

27
database/seeds/DefaultOptionsSeeder.php
View File

@ -1,27 +0,0 @@
<?php
use App\Facades\Options;
use Illuminate\Database\Seeder;
class DefaultOptionsSeeder extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
Options::setOption('notify_new_application_email', true, 'Notify when a new application comes through'); // done
Options::setOption('notify_application_comment', false, 'Notify when someone comments on an application'); // done
Options::setOption('notify_new_user', true, 'Notify when someone signs up'); // done
Options::setOption('notify_application_status_change', true, 'Notify when an application changes status'); // done
Options::setOption('notify_applicant_approved', true, 'Notify when an applicant is approved'); // done
Options::setOption('notify_vacancystatus_change', false, 'Notify when a vacancy\'s status changes'); // done
Options::setOption('enable_slack_notifications', true, 'Enable slack notifications');
Options::setOption('enable_email_notifications', true, 'Enable e-mail notifications');
}
}

31
database/seeds/NewPermissions.php
View File

@ -1,31 +0,0 @@
<?php
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
class NewPermissions extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$developer = Role::create([
'name' => 'developer'
]);
$admin = Role::where('name', 'admin')->first();
Permission::create(['name' => 'admin.settings.view']);
Permission::create(['name' => 'admin.settings.edit']);
$developer->givePermissionTo('admin.developertools.use');
$admin->givePermissionTo('admin.settings.view');
$admin->givePermissionTo('admin.settings.edit');
}
}

20294
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

1
package.json
View File

@ -1,7 +1,6 @@
{
"private": true,
"scripts": {
"postinstall": "npm run prod",
"dev": "npm run development",
"development": "cross-env NODE_ENV=development node_modules/webpack/bin/webpack.js --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js",
"watch": "npm run development -- --watch",

2
public/app.css vendored
View File

@ -1,4 +1,4 @@
.view {
.page-bg {
background: url("/slides/06.png")no-repeat center center;
background-size: cover;
}

81
public/css/login.css vendored
View File

@ -1,81 +0,0 @@
body {
font-family: "Karla", sans-serif;
background-color: #d0d0ce;
min-height: 100vh; }
.brand-wrapper {
margin-bottom: 19px; }
.brand-wrapper .logo {
height: 37px; }
.login-card {
border: 0;
border-radius: 27.5px;
box-shadow: 0 10px 30px 0 rgba(172, 168, 168, 0.43);
overflow: hidden; }
.login-card-img {
border-radius: 0;
position: absolute;
width: 100%;
height: 100%;
-o-object-fit: cover;
object-fit: cover; }
.login-card .card-body {
padding: 85px 60px 60px; }
@media (max-width: 422px) {
.login-card .card-body {
padding: 35px 24px; } }
.login-card-description {
font-size: 25px;
color: #000;
font-weight: normal;
margin-bottom: 23px; }
.login-card form {
max-width: 326px; }
.login-card .form-control {
border: 1px solid #d5dae2;
padding: 15px 25px;
margin-bottom: 20px;
min-height: 45px;
font-size: 13px;
line-height: 15;
font-weight: normal; }
.login-card .form-control::-webkit-input-placeholder {
color: #919aa3; }
.login-card .form-control::-moz-placeholder {
color: #919aa3; }
.login-card .form-control:-ms-input-placeholder {
color: #919aa3; }
.login-card .form-control::-ms-input-placeholder {
color: #919aa3; }
.login-card .form-control::placeholder {
color: #919aa3; }
.login-card .login-btn {
padding: 13px 20px 12px;
background-color: #000;
border-radius: 4px;
font-size: 17px;
font-weight: bold;
line-height: 20px;
color: #fff;
margin-bottom: 24px; }
.login-card .login-btn:hover {
border: 1px solid #000;
background-color: transparent;
color: #000; }
.login-card .forgot-password-link {
font-size: 14px;
color: #919aa3;
margin-bottom: 12px; }
.login-card-footer-text {
font-size: 16px;
color: #0d2366;
margin-bottom: 60px; }
@media (max-width: 767px) {
.login-card-footer-text {
margin-bottom: 24px; } }
.login-card-footer-nav a {
font-size: 14px;
color: #919aa3; }
/*# sourceMappingURL=login.css.map */

1
public/css/login.css.map
View File

@ -1 +0,0 @@
{"version":3,"sources":["login.scss"],"names":[],"mappings":"AAAA;EACI,gCAAgC;EAChC,yBAAyB;EACzB,iBAAiB,EAAA;;AAGrB;EACI,mBAAmB,EAAA;EADvB;IAIQ,YAAY,EAAA;;AAIpB;EACI,SAAS;EACT,qBAAqB;EACrB,mDAAmD;EACnD,gBAAgB,EAAA;EAGhB;IACI,gBAAgB;IAChB,kBAAkB;IAClB,WAAW;IACX,YAAY;IACZ,oBAAiB;OAAjB,iBAAiB,EAAA;EAZzB;IAeQ,uBAAuB,EAAA;IAEvB;MAjBR;QAkBY,kBAAkB,EAAA,EAEzB;EAED;IACI,eAAe;IACf,WAAW;IACX,mBAAmB;IACnB,mBAAmB,EAAA;EA1B3B;IA8BQ,gBAAgB,EAAA;EA9BxB;IAkCQ,yBAAyB;IACzB,kBAAkB;IAClB,mBAAmB;IACnB,gBAAgB;IAChB,eAAe;IACf,eAAe;IACf,mBAAmB,EAAA;IAxC3B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;IA3C1B;MA2CY,cAAc,EAAA;EA3C1B;IAgDQ,uBAAuB;IACvB,sBAAsB;IACtB,kBAAkB;IAClB,eAAe;IACf,iBAAiB;IACjB,iBAAiB;IACjB,WAAW;IACX,mBAAmB,EAAA;IAvD3B;MA0DY,sBAAsB;MACtB,6BAA6B;MAC7B,WAAW,EAAA;EA5DvB;IAiEQ,eAAe;IACf,cAAc;IACd,mBAAmB,EAAA;EAGvB;IACI,eAAe;IACf,cAAc;IACd,mBAAmB,EAAA;IAEnB;MALJ;QAMQ,mBAAmB,EAAA,EAE1B;EAEA;IAEO,eAAe;IACf,cAAc,EAAA","file":"login.css","sourcesContent":["body {\n font-family: \"Karla\", sans-serif;\n background-color: #d0d0ce;\n min-height: 100vh;\n}\n\n.brand-wrapper {\n margin-bottom: 19px;\n\n .logo {\n height: 37px;\n }\n}\n\n.login-card {\n border: 0;\n border-radius: 27.5px;\n box-shadow: 0 10px 30px 0 rgba(172, 168, 168, 0.43);\n overflow: hidden;\n\n\n &-img {\n border-radius: 0;\n position: absolute;\n width: 100%;\n height: 100%;\n object-fit: cover;\n }\n .card-body {\n padding: 85px 60px 60px;\n\n @media (max-width: 422px) {\n padding: 35px 24px;\n }\n }\n\n &-description {\n font-size: 25px;\n color: #000;\n font-weight: normal;\n margin-bottom: 23px;\n }\n\n form {\n max-width: 326px;\n }\n\n .form-control {\n border: 1px solid #d5dae2;\n padding: 15px 25px;\n margin-bottom: 20px;\n min-height: 45px;\n font-size: 13px;\n line-height: 15;\n font-weight: normal;\n\n &::placeholder {\n color: #919aa3;\n }\n }\n\n .login-btn {\n padding: 13px 20px 12px;\n background-color: #000;\n border-radius: 4px;\n font-size: 17px;\n font-weight: bold;\n line-height: 20px;\n color: #fff;\n margin-bottom: 24px;\n\n &:hover {\n border: 1px solid #000;\n background-color: transparent;\n color: #000;\n }\n }\n\n .forgot-password-link {\n font-size: 14px;\n color: #919aa3;\n margin-bottom: 12px;\n }\n\n &-footer-text {\n font-size: 16px;\n color: #0d2366;\n margin-bottom: 60px;\n\n @media (max-width: 767px) {\n margin-bottom: 24px;\n }\n }\n\n &-footer-nav {\n a {\n font-size: 14px;\n color: #919aa3;\n }\n }\n}\n"]}

1
public/img/403.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB

BIN
public/img/authbg.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 623 KiB

1
public/img/editor.svg
View File

@ -1 +0,0 @@
<svg id="a5860ba0-ef67-4914-ac96-07e2ebcccb4f" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" width="1095.74023" height="664.03433" viewBox="0 0 1095.74023 664.03433"><title>abstract</title><rect x="701" y="661" width="394.74023" height="2" fill="#3f3d56"/><polygon points="474 429 474 216 718 216 718 0 0 0 0 643 718 643 718 429 474 429" fill="#3f3d56"/><polygon points="718 216 718 0 469 0 469 213 249 213 249 0 0 0 0 216 225 216 225 429 0 429 0 643 476 643 476 429 474 429 474 216 718 216" opacity="0.1"/><path d="M224.12988,117.98284a172.00382,172.00382,0,0,1-172,172v-172Z" transform="translate(-52.12988 -117.98284)" fill="#6c63ff"/><path d="M132.12988,117.98284a80.00357,80.00357,0,0,1-80,80v44a124.00426,124.00426,0,0,0,124-124Z" transform="translate(-52.12988 -117.98284)" opacity="0.1"/><polygon points="718 60 718 29 553 29 553 0 517 0 517 29 517 60 517 84 517 115 553 115 718 115 718 84 553 84 553 60 718 60" fill="#d0cde1"/><path d="M481.12988,448.98284a81,81,0,1,0-92,80.23639V642.98284H256.36627a81,81,0,1,0,0,22H389.12988v48h22v-48h45v-22h-45V529.21923A81.00034,81.00034,0,0,0,481.12988,448.98284Z" transform="translate(-52.12988 -117.98284)" fill="#d0cde1"/><polygon points="626.5 445.263 662.508 507.631 698.517 570 626.5 570 554.483 570 590.492 507.631 626.5 445.263" fill="#d0cde1"/><polygon points="610.5 578 538.483 578 574.492 515.631 574.742 515.198 561.5 492.263 525.492 554.631 489.483 617 561.5 617 633.517 617 611 578 610.5 578" fill="#6c63ff"/><polygon points="159 345 159 291 186 291 186 259 52 259 52 393 186 393 186 345 159 345" fill="#d0cde1"/><rect x="89" y="234" width="50" height="50" fill="#6c63ff"/><path d="M989.162,357.83165,972.618,401.5551l-59.664,20.935s-36-4-36,16c0,14.18058,43,2,43,2l78.66169-23.57271,24.816-61.44917Z" transform="translate(-52.12988 -117.98284)" fill="#ffb8b8"/><rect x="635" y="228" width="234" height="202" fill="#6c63ff"/><polygon points="747.5 289.263 783.508 351.631 819.517 414 747.5 414 675.483 414 711.492 351.631 747.5 289.263" fill="#3f3d56"/><polygon points="747.331 334.415 763.665 362.708 780 391 747.331 391 714.661 391 730.996 362.708 747.331 334.415" fill="#d0cde1"/><polygon points="747.331 242.415 763.665 270.708 780 299 747.331 299 714.661 299 730.996 270.708 747.331 242.415" fill="#d0cde1"/><path d="M1024.15387,329.42035s-16.544-2.36343-24.816,28.36116-10.63544,33.088-10.63544,33.088,48.45031,7.09029,49.632,4.72686S1048.96988,336.51064,1024.15387,329.42035Z" transform="translate(-52.12988 -117.98284)" fill="#2f2e41"/><circle cx="962.57027" cy="167.71406" r="31.9063" fill="#ffb8b8"/><path d="M1000.51957,311.69463s10.63544,27.17944,7.09029,30.72459,43.72345,8.272,43.72345,8.272,3.54515-17.72572-10.63543-28.36116c0,0-5.90858-17.72572-4.72686-21.27087S1000.51957,311.69463,1000.51957,311.69463Z" transform="translate(-52.12988 -117.98284)" fill="#ffb8b8"/><path d="M1028.88073,323.51178a85.216,85.216,0,0,0-31.9063,21.27087c-14.18058,15.36229-21.27087,20.08915-21.27087,20.08915s-16.544,5.90857-10.63544,34.26973c2.95429,14.18058.88629,30.13373-1.92028,42.54174a265.8223,265.8223,0,0,0-6.35172,58.65559v12.2473s-108.71777,228.071-72.08461,243.43328,69.72118,20.08915,72.08461,16.544,44.90517-187.89267,44.90517-187.89267,11.81715,197.34639,41.36,197.34639,77.99318-8.272,77.99318-8.272l-60.26746-236.343s14.18058-40.17831-21.27087-68.53947l-4.72686-12.99886c19.60447.01,28.56614-124.06968,8.272-134.7155C1043.06131,321.14835,1038.33445,317.6032,1028.88073,323.51178Z" transform="translate(-52.12988 -117.98284)" fill="#2f2e41"/><path d="M999.33786,387.32438l-16.544,43.72345-59.664,20.935s-36-4-36,16c0,14.18058,43,2,43,2l78.6617-23.57271,24.816-61.44918Z" transform="translate(-52.12988 -117.98284)" fill="#ffb8b8"/><ellipse cx="868.62393" cy="652.21718" rx="20.68001" ry="11.81715" fill="#2f2e41"/><ellipse cx="1026.97373" cy="652.21718" rx="20.68001" ry="11.81715" fill="#2f2e41"/><path d="M1027.01734,240.95422h-.00012a25.34145,25.34145,0,0,0-4.89258.48651,21.44172,21.44172,0,0,0-9.34021-2.15271h-.84777c-16.34473,0-29.59461,14.7901-29.59461,33.03461v.00006h5.47669l.88452-6.73224L990,272.32269h4.56226a64.57589,64.57589,0,0,0-2.119,16.55036v33.62384h8.28027l4.79395-12.45795-1.19849,12.45795h53.22314l4.35816-11.32538-1.0896,11.32538h5.99243V296.09613C1066.80311,265.64215,1048.99037,240.95422,1027.01734,240.95422Z" transform="translate(-52.12988 -117.98284)" fill="#2f2e41"/></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 4.3 KiB

BIN
public/img/login.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 436 KiB

1
public/img/preview.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

Before

Width:  |  Height:  |  Size: 7.3 KiB

1
public/js/formbuilder.js vendored
View File

@ -1,4 +1,3 @@
// TODO: Add cleaner and less verbose solution found in formeditor.js
$(document).ready(function() {
$("#add").click(function() {
var lastField = $("#buildyourform div:last");

19
public/js/formeditor.js vendored
View File

@ -1,19 +0,0 @@
// reminder: use vuejs instead, this is still an ugly and cheap solution
$(document).ready(function(){
var fieldID = 0;
var wrapper = $('.field-container');
var newBtn = $('#add');
$(newBtn).click(function(e){
e.preventDefault()
fieldID++;
$(wrapper).append('<div id=group' + fieldID + '><input type="text" name="newFieldID' + fieldID + '[]" class="form-control" />');
$(wrapper).append('<select name="newFieldID' + fieldID + '[]" class="custom-select"> <option value="nil" disabled>Choose a type</option> <option value="textbox">Textbox</option> <option value="textarea">Multi line answer</option> <option value="checkbox">Checkbox</option> </select>');
//$(wrapper).append('<button type="button" class="btn btn-danger btn-sm float-right delete"><i class="fas fa-minus"></i></button></div>');
});
});

25
resources/js/app.js vendored
View File

@ -43,3 +43,28 @@ $("#comment").keyup(function(){
$("#submitComment").on('click', function(){
$("#newComment").submit();
});
window.Vue = require('vue');
/**
* The following block of code may be used to automatically register your
* Vue components. It will recursively scan this directory for the Vue
* components and automatically register them with their "basename".
*
* Eg. ./components/ExampleComponent.vue -> <example-component></example-component>
*/
// const files = require.context('./', true, /\.vue$/i)
// files.keys().map(key => Vue.component(key.split('/').pop().split('.')[0], files(key).default))
Vue.component('example-component', require('./components/ExampleComponent.vue').default);
/**
* Next, we will create a fresh Vue application instance and attach it to
* the page. Then, you may begin adding components to this application
* or customize the JavaScript scaffolding to fit your unique needs.
*/
const app = new Vue({
el: '#app',
});

Some files were not shown because too many files have changed in this diff Show More