Fixed broken banning logic
This commit is contained in:
parent
ad5c3404cc
commit
535a2c3973
@ -24,34 +24,38 @@ class BanController extends Controller
|
||||
$duration = strtolower($request->durationOperator);
|
||||
$durationOperand = $request->durationOperand;
|
||||
|
||||
$expiryDate = now();
|
||||
|
||||
if (!empty($duration))
|
||||
{
|
||||
$expiryDate = now();
|
||||
|
||||
switch($duration)
|
||||
{
|
||||
case 'days':
|
||||
$expiryDate->addDays($duration);
|
||||
$expiryDate->addDays($durationOperand);
|
||||
break;
|
||||
|
||||
case 'weeks':
|
||||
$expiryDate->addWeeks($duration);
|
||||
$expiryDate->addWeeks($durationOperand);
|
||||
break;
|
||||
|
||||
case 'months':
|
||||
$expiryDate->addMonths($duration);
|
||||
$expiryDate->addMonths($durationOperand);
|
||||
break;
|
||||
|
||||
case 'years':
|
||||
$expiryDate->addYears($duration);
|
||||
$expiryDate->addYears($durationOperand);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// Essentially permanent
|
||||
$expiryDate->addYears(100);
|
||||
}
|
||||
|
||||
$ban = Ban::create([
|
||||
'userID' => $user->id,
|
||||
'reason' => $request->reason,
|
||||
'reason' => $reason,
|
||||
'bannedUntil' => $expiryDate->toDateTimeString() ?? null,
|
||||
'userAgent' => "Unknown",
|
||||
'authorUserID' => Auth::user()->id
|
||||
|
@ -13,7 +13,7 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can view any models.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param User $user
|
||||
* @return mixed
|
||||
*/
|
||||
public function viewAny(User $user)
|
||||
@ -24,8 +24,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can view the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function view(User $user, Appointment $appointment)
|
||||
@ -36,7 +36,7 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can create models.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param User $user
|
||||
* @return mixed
|
||||
*/
|
||||
public function create(User $user)
|
||||
@ -47,8 +47,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function update(User $user, Appointment $appointment)
|
||||
@ -59,8 +59,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can delete the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function delete(User $user, Appointment $appointment)
|
||||
@ -71,8 +71,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can restore the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function restore(User $user, Appointment $appointment)
|
||||
@ -83,8 +83,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can permanently delete the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function forceDelete(User $user, Appointment $appointment)
|
||||
|
@ -5,6 +5,8 @@ namespace App\Policies;
|
||||
use App\Ban;
|
||||
use App\User;
|
||||
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class BanPolicy
|
||||
{
|
||||
@ -41,7 +43,13 @@ class BanPolicy
|
||||
*/
|
||||
public function create(User $user)
|
||||
{
|
||||
return $user->hasRole('admin') && $user->isNot(Auth::user());
|
||||
Log::debug("Authorization check started", [
|
||||
'requiredRoles' => 'admin',
|
||||
'currentRoles' => $user->roles(),
|
||||
'hasRequiredRole' => $user->hasRole('admin'),
|
||||
'isCurrentUser' => Auth::user()->is($user)
|
||||
]);
|
||||
return $user->hasRole('admin') && Auth::user()->isNot($user);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -44,10 +44,10 @@
|
||||
@csrf
|
||||
|
||||
<label for="reason">Reason</label>
|
||||
<input type="string" name="reason" id="reason" class="form-control" placeholder="e.g. Spamming">
|
||||
<input type="text" name="reason" id="reason" class="form-control" placeholder="e.g. Spamming">
|
||||
|
||||
<div class="input-group">
|
||||
<input type="text" class="form-control" name="durationOperand" aria-label="Punishment duration">
|
||||
<input type="text" class="form-control" name="durationOperator" aria-label="Punishment duration">
|
||||
<div class="input-group-append">
|
||||
<button id="durationDropdown" class="btn btn-outline-secondary dropdown-toggle duration-btn" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Duration</button>
|
||||
<div class="dropdown-menu">
|
||||
@ -61,7 +61,7 @@
|
||||
</div>
|
||||
<p class="text-muted text-sm">Leave empty for a permanent ban</p>
|
||||
|
||||
<input id="operator" type="hidden" value="" name="durationOperator" class="duration-operator-fld">
|
||||
<input id="operator" type="hidden" value="" name="durationOperand" class="duration-operator-fld">
|
||||
|
||||
</form>
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user