Saveable settings

This commit is contained in:
Miguel Nogueira 2021-01-06 00:57:27 +00:00
parent 33960270f3
commit 2ec2a92645
Signed by: miguel456
GPG Key ID: 2CF61B825316C6A0
5 changed files with 106 additions and 12 deletions

View File

@ -40,7 +40,14 @@ class OptionsController extends Controller
$options = Option::all();
return view('dashboard.administration.settings')
->with('options', $options);
->with('options', $options)
->with('security', [
'secPolicy' => Options::getOption('pw_security_policy'),
'graceperiod' => Options::getOption('graceperiod'),
'pwExpiry' => Options::getOption('password_expiry'),
'requiresPMC' => Options::getOption('requireGameLicense'),
'enforce2fa' => Options::getOption('force2fa')
]);
}
public function saveSettings(Request $request)

View File

@ -0,0 +1,48 @@
<?php
namespace App\Http\Controllers;
use App\Facades\Options;
use App\Http\Requests\SaveSecuritySettings;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use function PHPSTORM_META\map;
class SecuritySettingsController extends Controller
{
public function save(SaveSecuritySettings $request)
{
$validPolicies = [
'off',
'low',
'medium',
'high'
];
if (in_array($request->secPolicy, $validPolicies))
{
Options::changeOption('pw_security_policy', $request->secPolicy);
Log::debug('[Options] Changing option pw_security_policy', [
'new_value' => $request->secPolicy
]);
}
else
{
Log::debug('[WARN] Ignoring bogus policy', [
'avaliable' => $validPolicies,
'given' >= $request->secPolicy
]);
}
Options::changeOption('graceperiod', $request->graceperiod);
Options::changeOption('password_expiry', $request->pwExpiry);
Options::changeOption('force2fa', $request->enforce2fa);
Options::changeOption('requireGameLicense', $request->requirePMC);
$request->session()->flash('success', 'Settings saved successfully.');
return redirect()->back();
}
}

View File

@ -0,0 +1,34 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class SaveSecuritySettings extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'secPolicy' => 'required|string',
'graceperiod' => 'required|integer',
'pwExpiry' => 'required|integer',
'enforce2fa' => 'required|boolean',
'requirePMC' => 'required|boolean'
];
}
}

View File

@ -138,7 +138,7 @@
<div class="card-body">
<form name="security" id="security" method="post">
<form name="security" id="security" method="post" action={{ route('saveSecuritySettings') }}>
@csrf
<div class="form-group">
@ -147,10 +147,10 @@
<select class="custom-select form-control" name="secPolicy">
<option value="nil" disabled>Choose a security policy</option>
<option value="off">Disabled (default)</option>
<option value="low">Low</option>
<option value="low">Medium</option>
<option value="low">High (╯°□°)╯︵ ┻━┻</option>
<option value="off" {{ ($security['secPolicy'] == 'off') ? 'selected' : '' }}>Disabled (default)</option>
<option value="low" {{ ($security['secPolicy'] == 'low') ? 'selected' : '' }}>Low</option>
<option value="medium" {{ ($security['secPolicy'] == 'medium') ? 'selected' : '' }}>Medium</option>
<option value="high" {{ ($security['secPolicy'] == 'high') ? 'selected' : '' }}>High (╯°□°)╯︵ ┻━┻</option>
</select>
@ -158,27 +158,27 @@
<div class="form-group">
<label for="graceperiod">Grace period for 2FA requirement (above <code>reviewer</code>)</label>
<input type="text" class="form-control" id="graceperiod" placeholder="time in days">
<input type="text" class="form-control" id="graceperiod" placeholder="time in days" name="graceperiod" value="{{$security['graceperiod']}}">
<p class="text-muted text-sm"><i class="fas fa-info-circle"></i> Users will be locked out after this time period if they fail to enable 2FA. Leave empty to disable.</p>
</div>
<div class="form-group">
<label for="graceperiod">Password Expiry Control</label>
<input type="text" class="form-control" id="graceperiod" placeholder="time in days">
<label for="pwExpiry">Password Expiry Control</label>
<input type="text" class="form-control" id="pwExpiry" placeholder="time in days" name="pwExpiry" value="{{ $security['pwExpiry'] }}">
<p class="text-muted text-sm"><i class="fas fa-info-circle"></i> Leave this field blank to disable. Users will be forced to reset their password after the specified time.</p>
</div>
<div class="form-group form-check">
<input type="hidden" name="enforce2fa" value="0">
<input type="checkbox" name="enforce2fa" value="1" id="enforce2fa" class="form-check-input">
<input type="checkbox" name="enforce2fa" value="1" id="enforce2fa" class="form-check-input" {{ $security['enforce2fa'] == true ? 'checked' : '' }}>
<label for="enforceAdmin2fa">Force roles above <code>reviewer</code> to use two factor authentication?</label>
</div>
<div class="form-group form-check">
<input type="hidden" name="requirePMC" value="0">
<input type="checkbox" name="requirePMC" value="1" id="requirePMC" class="form-check-input">
<input type="checkbox" name="requirePMC" value="1" id="requirePMC" class="form-check-input" {{ $security['requiresPMC'] == true ? 'checked' : '' }}>
<label for="requirePMC">Require a valid game license to signup?</label>
<p class="text-muted text-sm"><i class="fas fa-info-circle"></i> Choose a game in the section below, if applicable.</p>
</div>
@ -188,7 +188,7 @@
</div>
<div class="card-footer">
<button type="button" class="btn btn-success"><i class="fas fa-save"></i> Save Changes</button>
<button onclick="$('#security').submit()" type="button" class="btn btn-success"><i class="fas fa-save"></i> Save Changes</button>
</div>
</div>

View File

@ -36,6 +36,7 @@ use App\Http\Controllers\UserController;
use App\Http\Controllers\VacancyController;
use App\Http\Controllers\VoteController;
use App\Http\Controllers\OptionsController;
use App\Http\Controllers\SecuritySettingsController;
use Illuminate\Support\Facades\Route;
use Mcamara\LaravelLocalization\Facades\LaravelLocalization;
@ -164,6 +165,7 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo
Route::get('/settings/account', [UserController::class, 'showAccount'])
->name('showAccountSettings');
Route::patch('/settings/account/change-password', [UserController::class, 'changePassword'])
->name('changePassword');
@ -204,6 +206,9 @@ Route::group(['prefix' => LaravelLocalization::setLocale(), 'middleware' => ['lo
Route::post('settings/save', [OptionsController::class, 'saveSettings'])
->name('saveSettings');
Route::post('settings/security/save', [SecuritySettingsController::class, 'save'])
->name('saveSecuritySettings');
Route::post('players/ban/{user}', [BanController::class, 'insert'])
->name('banUser');