From 2ec2a92645c6384cd3ede42055355813c77f06c7 Mon Sep 17 00:00:00 2001
From: Miguel N <miguel456@spacejewel-hosting.com>
Date: Wed, 6 Jan 2021 00:57:27 +0000
Subject: [PATCH] Saveable settings

---
 app/Http/Controllers/OptionsController.php    |  9 +++-
 .../SecuritySettingsController.php            | 48 +++++++++++++++++++
 app/Http/Requests/SaveSecuritySettings.php    | 34 +++++++++++++
 .../administration/settings.blade.php         | 22 ++++-----
 routes/web.php                                |  5 ++
 5 files changed, 106 insertions(+), 12 deletions(-)
 create mode 100644 app/Http/Controllers/SecuritySettingsController.php
 create mode 100644 app/Http/Requests/SaveSecuritySettings.php

diff --git a/app/Http/Controllers/OptionsController.php b/app/Http/Controllers/OptionsController.php
index 2bba992..2ffb67b 100755
--- a/app/Http/Controllers/OptionsController.php
+++ b/app/Http/Controllers/OptionsController.php
@@ -40,7 +40,14 @@ class OptionsController extends Controller
         $options = Option::all();
 
         return view('dashboard.administration.settings')
-            ->with('options', $options);
+            ->with('options', $options)
+            ->with('security', [
+                'secPolicy' => Options::getOption('pw_security_policy'),
+                'graceperiod' => Options::getOption('graceperiod'),
+                'pwExpiry' => Options::getOption('password_expiry'),
+                'requiresPMC' => Options::getOption('requireGameLicense'),
+                'enforce2fa' => Options::getOption('force2fa')
+            ]);
     }
 
     public function saveSettings(Request $request)
diff --git a/app/Http/Controllers/SecuritySettingsController.php b/app/Http/Controllers/SecuritySettingsController.php
new file mode 100644
index 0000000..14b214d
--- /dev/null
+++ b/app/Http/Controllers/SecuritySettingsController.php
@@ -0,0 +1,48 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Facades\Options;
+use App\Http\Requests\SaveSecuritySettings;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
+
+use function PHPSTORM_META\map;
+
+class SecuritySettingsController extends Controller
+{
+    public function save(SaveSecuritySettings $request)
+    {
+        $validPolicies = [
+            'off',
+            'low',
+            'medium',
+            'high'
+        ];
+
+        if (in_array($request->secPolicy, $validPolicies))
+        {
+            Options::changeOption('pw_security_policy', $request->secPolicy);
+
+            Log::debug('[Options] Changing option pw_security_policy', [
+                'new_value' => $request->secPolicy
+            ]);
+        }
+        else
+        {
+            Log::debug('[WARN] Ignoring bogus policy', [
+                'avaliable' => $validPolicies,
+                'given' >= $request->secPolicy
+            ]);
+        }
+
+        Options::changeOption('graceperiod', $request->graceperiod);
+        Options::changeOption('password_expiry', $request->pwExpiry);
+        Options::changeOption('force2fa', $request->enforce2fa);
+        Options::changeOption('requireGameLicense', $request->requirePMC);
+
+        $request->session()->flash('success', 'Settings saved successfully.');
+        return redirect()->back();
+
+    }
+}
diff --git a/app/Http/Requests/SaveSecuritySettings.php b/app/Http/Requests/SaveSecuritySettings.php
new file mode 100644
index 0000000..245d630
--- /dev/null
+++ b/app/Http/Requests/SaveSecuritySettings.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class SaveSecuritySettings extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'secPolicy' => 'required|string',
+            'graceperiod' => 'required|integer',
+            'pwExpiry' => 'required|integer',
+            'enforce2fa' => 'required|boolean',
+            'requirePMC' => 'required|boolean' 
+        ];
+    }
+}
diff --git a/resources/views/dashboard/administration/settings.blade.php b/resources/views/dashboard/administration/settings.blade.php
index 0fe0d73..5c5f39b 100755
--- a/resources/views/dashboard/administration/settings.blade.php
+++ b/resources/views/dashboard/administration/settings.blade.php
@@ -138,7 +138,7 @@
 
                 <div class="card-body">
 
-                    <form name="security" id="security" method="post">
+                    <form name="security" id="security" method="post" action={{ route('saveSecuritySettings') }}>
                         @csrf
 
                         <div class="form-group">
@@ -147,10 +147,10 @@
                             <select class="custom-select form-control" name="secPolicy">
                             
                                 <option value="nil" disabled>Choose a security policy</option>
-                                <option value="off">Disabled (default)</option>
-                                <option value="low">Low</option>
-                                <option value="low">Medium</option>
-                                <option value="low">High (╯°□°）╯︵ ┻━┻</option>
+                                <option value="off" {{ ($security['secPolicy'] == 'off') ? 'selected' : '' }}>Disabled (default)</option>
+                                <option value="low" {{ ($security['secPolicy'] == 'low') ? 'selected' : '' }}>Low</option>
+                                <option value="medium" {{ ($security['secPolicy'] == 'medium') ? 'selected' : '' }}>Medium</option>
+                                <option value="high" {{ ($security['secPolicy'] == 'high') ? 'selected' : '' }}>High (╯°□°）╯︵ ┻━┻</option>
 
                             </select>
 
@@ -158,27 +158,27 @@
 
                         <div class="form-group">
                             <label for="graceperiod">Grace period for 2FA requirement (above <code>reviewer</code>)</label>
-                            <input type="text" class="form-control" id="graceperiod" placeholder="time in days">
+                            <input type="text" class="form-control" id="graceperiod" placeholder="time in days" name="graceperiod" value="{{$security['graceperiod']}}">
                             <p class="text-muted text-sm"><i class="fas fa-info-circle"></i> Users will be locked out after this time period if they fail to enable 2FA. Leave empty to disable.</p>
                         </div>
 
 
                         <div class="form-group">
-                            <label for="graceperiod">Password Expiry Control</label>
-                            <input type="text" class="form-control" id="graceperiod" placeholder="time in days">
+                            <label for="pwExpiry">Password Expiry Control</label>
+                            <input type="text" class="form-control" id="pwExpiry" placeholder="time in days" name="pwExpiry" value="{{ $security['pwExpiry'] }}">
                             <p class="text-muted text-sm"><i class="fas fa-info-circle"></i> Leave this field blank to disable. Users will be forced to reset their password after the specified time.</p>
                         </div>
 
 
                         <div class="form-group form-check">
                             <input type="hidden" name="enforce2fa" value="0">
-                            <input type="checkbox" name="enforce2fa" value="1" id="enforce2fa" class="form-check-input">
+                            <input type="checkbox" name="enforce2fa" value="1" id="enforce2fa" class="form-check-input" {{ $security['enforce2fa'] == true ? 'checked' : '' }}>
                             <label for="enforceAdmin2fa">Force roles above <code>reviewer</code> to use two factor authentication?</label>
                         </div>  
 
                          <div class="form-group form-check">
                             <input type="hidden" name="requirePMC" value="0">
-                            <input type="checkbox" name="requirePMC" value="1" id="requirePMC" class="form-check-input">
+                            <input type="checkbox" name="requirePMC" value="1" id="requirePMC" class="form-check-input" {{ $security['requiresPMC'] == true ? 'checked' : '' }}>
                             <label for="requirePMC">Require a valid game license to signup?</label>
                             <p class="text-muted text-sm"><i class="fas fa-info-circle"></i> Choose a game in the section below, if applicable.</p>
                         </div>
@@ -188,7 +188,7 @@
                 </div>
 
                 <div class="card-footer">
-                    <button type="button" class="btn btn-success"><i class="fas fa-save"></i> Save Changes</button>
+                    <button onclick="$('#security').submit()" type="button" class="btn btn-success"><i class="fas fa-save"></i> Save Changes</button>
                 </div>
                 
             </div>
diff --git a/routes/web.php b/routes/web.php
index 25f1b08..01e0170 100755
--- a/routes/web.php
+++ b/routes/web.php
@@ -36,6 +36,7 @@ use App\Http\Controllers\UserController;
 use App\Http\Controllers\VacancyController;
 use App\Http\Controllers\VoteController;
 use App\Http\Controllers\OptionsController;
+use App\Http\Controllers\SecuritySettingsController;
 use Illuminate\Support\Facades\Route;
 use Mcamara\LaravelLocalization\Facades\LaravelLocalization;
 
@@ -164,6 +165,7 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo
             Route::get('/settings/account', [UserController::class, 'showAccount'])
                 ->name('showAccountSettings');
 
+
             Route::patch('/settings/account/change-password', [UserController::class, 'changePassword'])
                 ->name('changePassword');
 
@@ -204,6 +206,9 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo
             Route::post('settings/save', [OptionsController::class, 'saveSettings'])
                 ->name('saveSettings');
 
+            Route::post('settings/security/save', [SecuritySettingsController::class, 'save'])
+                ->name('saveSecuritySettings');
+
             Route::post('players/ban/{user}', [BanController::class, 'insert'])
                 ->name('banUser');