Fixed broken banning logic
This commit is contained in:
parent
ad5c3404cc
commit
535a2c3973
|
@ -24,34 +24,38 @@ class BanController extends Controller
|
||||||
$duration = strtolower($request->durationOperator);
|
$duration = strtolower($request->durationOperator);
|
||||||
$durationOperand = $request->durationOperand;
|
$durationOperand = $request->durationOperand;
|
||||||
|
|
||||||
|
$expiryDate = now();
|
||||||
|
|
||||||
if (!empty($duration))
|
if (!empty($duration))
|
||||||
{
|
{
|
||||||
$expiryDate = now();
|
|
||||||
|
|
||||||
switch($duration)
|
switch($duration)
|
||||||
{
|
{
|
||||||
case 'days':
|
case 'days':
|
||||||
$expiryDate->addDays($duration);
|
$expiryDate->addDays($durationOperand);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'weeks':
|
case 'weeks':
|
||||||
$expiryDate->addWeeks($duration);
|
$expiryDate->addWeeks($durationOperand);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'months':
|
case 'months':
|
||||||
$expiryDate->addMonths($duration);
|
$expiryDate->addMonths($durationOperand);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'years':
|
case 'years':
|
||||||
$expiryDate->addYears($duration);
|
$expiryDate->addYears($durationOperand);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
// Essentially permanent
|
||||||
|
$expiryDate->addYears(100);
|
||||||
|
}
|
||||||
|
|
||||||
$ban = Ban::create([
|
$ban = Ban::create([
|
||||||
'userID' => $user->id,
|
'userID' => $user->id,
|
||||||
'reason' => $request->reason,
|
'reason' => $reason,
|
||||||
'bannedUntil' => $expiryDate->toDateTimeString() ?? null,
|
'bannedUntil' => $expiryDate->toDateTimeString() ?? null,
|
||||||
'userAgent' => "Unknown",
|
'userAgent' => "Unknown",
|
||||||
'authorUserID' => Auth::user()->id
|
'authorUserID' => Auth::user()->id
|
||||||
|
|
|
@ -13,7 +13,7 @@ class AppointmentPolicy
|
||||||
/**
|
/**
|
||||||
* Determine whether the user can view any models.
|
* Determine whether the user can view any models.
|
||||||
*
|
*
|
||||||
* @param \App\User $user
|
* @param User $user
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function viewAny(User $user)
|
public function viewAny(User $user)
|
||||||
|
@ -24,8 +24,8 @@ class AppointmentPolicy
|
||||||
/**
|
/**
|
||||||
* Determine whether the user can view the model.
|
* Determine whether the user can view the model.
|
||||||
*
|
*
|
||||||
* @param \App\User $user
|
* @param User $user
|
||||||
* @param \App\Appointment $appointment
|
* @param Appointment $appointment
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function view(User $user, Appointment $appointment)
|
public function view(User $user, Appointment $appointment)
|
||||||
|
@ -36,7 +36,7 @@ class AppointmentPolicy
|
||||||
/**
|
/**
|
||||||
* Determine whether the user can create models.
|
* Determine whether the user can create models.
|
||||||
*
|
*
|
||||||
* @param \App\User $user
|
* @param User $user
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function create(User $user)
|
public function create(User $user)
|
||||||
|
@ -47,8 +47,8 @@ class AppointmentPolicy
|
||||||
/**
|
/**
|
||||||
* Determine whether the user can update the model.
|
* Determine whether the user can update the model.
|
||||||
*
|
*
|
||||||
* @param \App\User $user
|
* @param User $user
|
||||||
* @param \App\Appointment $appointment
|
* @param Appointment $appointment
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function update(User $user, Appointment $appointment)
|
public function update(User $user, Appointment $appointment)
|
||||||
|
@ -59,8 +59,8 @@ class AppointmentPolicy
|
||||||
/**
|
/**
|
||||||
* Determine whether the user can delete the model.
|
* Determine whether the user can delete the model.
|
||||||
*
|
*
|
||||||
* @param \App\User $user
|
* @param User $user
|
||||||
* @param \App\Appointment $appointment
|
* @param Appointment $appointment
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function delete(User $user, Appointment $appointment)
|
public function delete(User $user, Appointment $appointment)
|
||||||
|
@ -71,8 +71,8 @@ class AppointmentPolicy
|
||||||
/**
|
/**
|
||||||
* Determine whether the user can restore the model.
|
* Determine whether the user can restore the model.
|
||||||
*
|
*
|
||||||
* @param \App\User $user
|
* @param User $user
|
||||||
* @param \App\Appointment $appointment
|
* @param Appointment $appointment
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function restore(User $user, Appointment $appointment)
|
public function restore(User $user, Appointment $appointment)
|
||||||
|
@ -83,8 +83,8 @@ class AppointmentPolicy
|
||||||
/**
|
/**
|
||||||
* Determine whether the user can permanently delete the model.
|
* Determine whether the user can permanently delete the model.
|
||||||
*
|
*
|
||||||
* @param \App\User $user
|
* @param User $user
|
||||||
* @param \App\Appointment $appointment
|
* @param Appointment $appointment
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function forceDelete(User $user, Appointment $appointment)
|
public function forceDelete(User $user, Appointment $appointment)
|
||||||
|
|
|
@ -5,6 +5,8 @@ namespace App\Policies;
|
||||||
use App\Ban;
|
use App\Ban;
|
||||||
use App\User;
|
use App\User;
|
||||||
use Illuminate\Auth\Access\HandlesAuthorization;
|
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||||
|
use Illuminate\Support\Facades\Auth;
|
||||||
|
use Illuminate\Support\Facades\Log;
|
||||||
|
|
||||||
class BanPolicy
|
class BanPolicy
|
||||||
{
|
{
|
||||||
|
@ -41,7 +43,13 @@ class BanPolicy
|
||||||
*/
|
*/
|
||||||
public function create(User $user)
|
public function create(User $user)
|
||||||
{
|
{
|
||||||
return $user->hasRole('admin') && $user->isNot(Auth::user());
|
Log::debug("Authorization check started", [
|
||||||
|
'requiredRoles' => 'admin',
|
||||||
|
'currentRoles' => $user->roles(),
|
||||||
|
'hasRequiredRole' => $user->hasRole('admin'),
|
||||||
|
'isCurrentUser' => Auth::user()->is($user)
|
||||||
|
]);
|
||||||
|
return $user->hasRole('admin') && Auth::user()->isNot($user);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -44,10 +44,10 @@
|
||||||
@csrf
|
@csrf
|
||||||
|
|
||||||
<label for="reason">Reason</label>
|
<label for="reason">Reason</label>
|
||||||
<input type="string" name="reason" id="reason" class="form-control" placeholder="e.g. Spamming">
|
<input type="text" name="reason" id="reason" class="form-control" placeholder="e.g. Spamming">
|
||||||
|
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<input type="text" class="form-control" name="durationOperand" aria-label="Punishment duration">
|
<input type="text" class="form-control" name="durationOperator" aria-label="Punishment duration">
|
||||||
<div class="input-group-append">
|
<div class="input-group-append">
|
||||||
<button id="durationDropdown" class="btn btn-outline-secondary dropdown-toggle duration-btn" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Duration</button>
|
<button id="durationDropdown" class="btn btn-outline-secondary dropdown-toggle duration-btn" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Duration</button>
|
||||||
<div class="dropdown-menu">
|
<div class="dropdown-menu">
|
||||||
|
@ -61,7 +61,7 @@
|
||||||
</div>
|
</div>
|
||||||
<p class="text-muted text-sm">Leave empty for a permanent ban</p>
|
<p class="text-muted text-sm">Leave empty for a permanent ban</p>
|
||||||
|
|
||||||
<input id="operator" type="hidden" value="" name="durationOperator" class="duration-operator-fld">
|
<input id="operator" type="hidden" value="" name="durationOperand" class="duration-operator-fld">
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue