Compare commits

..

No commits in common. "develop" and "master" have entirely different histories.

586 changed files with 29673 additions and 41579 deletions

0
.editorconfig Executable file → Normal file
View File

14
.env.example Executable file → Normal file
View File

@ -7,18 +7,10 @@ APP_LOGO="https://www.raspberrypi.org/app/uploads/2020/05/Raspberry-Pi-OS-downlo
APP_SITEHOMEPAGE=""
# This can be your main homepage, other than this site itself
# Forces ssl connections even if the environment is set to "local".
# Void if env is production.
NONPROD_FORCE_SECURE=false
# Disables certain features for security purposes while running an open authentication system
# Enable only for demonostration purposes
DEMO_MODE=false
LOG_CHANNEL=daily
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=z
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
@ -37,7 +29,7 @@ IPGEO_API_URL="https://api.ipgeolocation.io/ipgeo"
ARCANEDEV_LOGVIEWER_MIDDLEWARE=web,auth,can:admin.maintenance.logs.view
RELEASE=0.6.2
RELEASE=staffmanagement@0.6.1
SLACK_INTEGRATION_WEBHOOK=

0
.gitattributes vendored Executable file → Normal file
View File

0
.github/ISSUE_TEMPLATE/bug_report.md vendored Executable file → Normal file
View File

0
.github/ISSUE_TEMPLATE/feature_request.md vendored Executable file → Normal file
View File

0
.gitignore vendored Executable file → Normal file
View File

139
.idea/hrm-mcserver.iml Normal file
View File

@ -0,0 +1,139 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="WEB_MODULE" version="4">
<component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$">
<sourceFolder url="file://$MODULE_DIR$/tests" isTestSource="true" packagePrefix="Tests\" />
<sourceFolder url="file://$MODULE_DIR$/spec" isTestSource="true" />
<sourceFolder url="file://$MODULE_DIR$/app" isTestSource="false" packagePrefix="App\" />
<excludeFolder url="file://$MODULE_DIR$/vendor/almasaeed2010/adminlte" />
<excludeFolder url="file://$MODULE_DIR$/vendor/asm89/stack-cors" />
<excludeFolder url="file://$MODULE_DIR$/vendor/barryvdh/laravel-debugbar" />
<excludeFolder url="file://$MODULE_DIR$/vendor/brick/math" />
<excludeFolder url="file://$MODULE_DIR$/vendor/clue/stream-filter" />
<excludeFolder url="file://$MODULE_DIR$/vendor/composer" />
<excludeFolder url="file://$MODULE_DIR$/vendor/dnoegel/php-xdg-base-dir" />
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/cache" />
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/dbal" />
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/event-manager" />
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/inflector" />
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/instantiator" />
<excludeFolder url="file://$MODULE_DIR$/vendor/doctrine/lexer" />
<excludeFolder url="file://$MODULE_DIR$/vendor/dragonmantank/cron-expression" />
<excludeFolder url="file://$MODULE_DIR$/vendor/egulias/email-validator" />
<excludeFolder url="file://$MODULE_DIR$/vendor/facade/flare-client-php" />
<excludeFolder url="file://$MODULE_DIR$/vendor/facade/ignition" />
<excludeFolder url="file://$MODULE_DIR$/vendor/facade/ignition-contracts" />
<excludeFolder url="file://$MODULE_DIR$/vendor/fideloper/proxy" />
<excludeFolder url="file://$MODULE_DIR$/vendor/filp/whoops" />
<excludeFolder url="file://$MODULE_DIR$/vendor/fruitcake/laravel-cors" />
<excludeFolder url="file://$MODULE_DIR$/vendor/fzaninotto/faker" />
<excludeFolder url="file://$MODULE_DIR$/vendor/guzzlehttp/guzzle" />
<excludeFolder url="file://$MODULE_DIR$/vendor/guzzlehttp/promises" />
<excludeFolder url="file://$MODULE_DIR$/vendor/guzzlehttp/psr7" />
<excludeFolder url="file://$MODULE_DIR$/vendor/hamcrest/hamcrest-php" />
<excludeFolder url="file://$MODULE_DIR$/vendor/http-interop/http-factory-guzzle" />
<excludeFolder url="file://$MODULE_DIR$/vendor/jean85/pretty-package-versions" />
<excludeFolder url="file://$MODULE_DIR$/vendor/jeroennoten/laravel-adminlte" />
<excludeFolder url="file://$MODULE_DIR$/vendor/laravel/framework" />
<excludeFolder url="file://$MODULE_DIR$/vendor/laravel/tinker" />
<excludeFolder url="file://$MODULE_DIR$/vendor/laravel/ui" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/commonmark" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/flysystem" />
<excludeFolder url="file://$MODULE_DIR$/vendor/league/mime-type-detection" />
<excludeFolder url="file://$MODULE_DIR$/vendor/maximebf/debugbar" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mcamara/laravel-localization" />
<excludeFolder url="file://$MODULE_DIR$/vendor/mockery/mockery" />
<excludeFolder url="file://$MODULE_DIR$/vendor/monolog/monolog" />
<excludeFolder url="file://$MODULE_DIR$/vendor/myclabs/deep-copy" />
<excludeFolder url="file://$MODULE_DIR$/vendor/nesbot/carbon" />
<excludeFolder url="file://$MODULE_DIR$/vendor/nikic/php-parser" />
<excludeFolder url="file://$MODULE_DIR$/vendor/nunomaduro/collision" />
<excludeFolder url="file://$MODULE_DIR$/vendor/opis/closure" />
<excludeFolder url="file://$MODULE_DIR$/vendor/paragonie/random_compat" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phar-io/manifest" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phar-io/version" />
<excludeFolder url="file://$MODULE_DIR$/vendor/php-http/client-common" />
<excludeFolder url="file://$MODULE_DIR$/vendor/php-http/discovery" />
<excludeFolder url="file://$MODULE_DIR$/vendor/php-http/guzzle6-adapter" />
<excludeFolder url="file://$MODULE_DIR$/vendor/php-http/httplug" />
<excludeFolder url="file://$MODULE_DIR$/vendor/php-http/message" />
<excludeFolder url="file://$MODULE_DIR$/vendor/php-http/message-factory" />
<excludeFolder url="file://$MODULE_DIR$/vendor/php-http/promise" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpdocumentor/reflection-common" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpdocumentor/reflection-docblock" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpdocumentor/type-resolver" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpoption/phpoption" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpspec/prophecy" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpunit/php-code-coverage" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpunit/php-file-iterator" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpunit/php-text-template" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpunit/php-timer" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpunit/php-token-stream" />
<excludeFolder url="file://$MODULE_DIR$/vendor/phpunit/phpunit" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/container" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/event-dispatcher" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/http-client" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/http-factory" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/http-message" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/log" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psr/simple-cache" />
<excludeFolder url="file://$MODULE_DIR$/vendor/psy/psysh" />
<excludeFolder url="file://$MODULE_DIR$/vendor/ralouphie/getallheaders" />
<excludeFolder url="file://$MODULE_DIR$/vendor/ramsey/collection" />
<excludeFolder url="file://$MODULE_DIR$/vendor/ramsey/uuid" />
<excludeFolder url="file://$MODULE_DIR$/vendor/scrivo/highlight.php" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/code-unit-reverse-lookup" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/comparator" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/diff" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/environment" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/exporter" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/global-state" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/object-enumerator" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/object-reflector" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/recursion-context" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/resource-operations" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/type" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sebastian/version" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sentry/sentry" />
<excludeFolder url="file://$MODULE_DIR$/vendor/sentry/sentry-laravel" />
<excludeFolder url="file://$MODULE_DIR$/vendor/spatie/laravel-permission" />
<excludeFolder url="file://$MODULE_DIR$/vendor/swiftmailer/swiftmailer" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/console" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/css-selector" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/debug" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/deprecation-contracts" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/error-handler" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/event-dispatcher" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/event-dispatcher-contracts" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/finder" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/http-foundation" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/http-kernel" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/mime" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/options-resolver" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-ctype" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-iconv" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-intl-grapheme" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-intl-idn" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-intl-normalizer" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-mbstring" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-php72" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-php73" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-php80" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/polyfill-uuid" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/process" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/routing" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/service-contracts" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/string" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/translation" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/translation-contracts" />
<excludeFolder url="file://$MODULE_DIR$/vendor/symfony/var-dumper" />
<excludeFolder url="file://$MODULE_DIR$/vendor/theseer/tokenizer" />
<excludeFolder url="file://$MODULE_DIR$/vendor/tijsverkoyen/css-to-inline-styles" />
<excludeFolder url="file://$MODULE_DIR$/vendor/vlucas/phpdotenv" />
<excludeFolder url="file://$MODULE_DIR$/vendor/voku/portable-ascii" />
<excludeFolder url="file://$MODULE_DIR$/vendor/webmozart/assert" />
</content>
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />
</component>
</module>

0
.idea/laravel-plugin.xml Executable file → Normal file
View File

0
.idea/misc.xml Executable file → Normal file
View File

2
.idea/modules.xml Executable file → Normal file
View File

@ -2,7 +2,7 @@
<project version="4">
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/../rbrecruiter/.idea/rbrecruiter.iml" filepath="$PROJECT_DIR$/../rbrecruiter/.idea/rbrecruiter.iml" />
<module fileurl="file://$PROJECT_DIR$/.idea/hrm-mcserver.iml" filepath="$PROJECT_DIR$/.idea/hrm-mcserver.iml" />
</modules>
</component>
</project>

15
.idea/php.xml Executable file → Normal file
View File

@ -141,22 +141,9 @@
<path value="$PROJECT_DIR$/vendor/graham-campbell/markdown" />
<path value="$PROJECT_DIR$/vendor/league/mime-type-detection" />
<path value="$PROJECT_DIR$/vendor/mcamara/laravel-localization" />
<path value="$PROJECT_DIR$/vendor/mpociot/teamwork" />
<path value="$PROJECT_DIR$/vendor/sebastian/code-unit" />
<path value="$PROJECT_DIR$/vendor/sebastian/cli-parser" />
<path value="$PROJECT_DIR$/vendor/sebastian/complexity" />
<path value="$PROJECT_DIR$/vendor/sebastian/lines-of-code" />
<path value="$PROJECT_DIR$/vendor/graham-campbell/result-type" />
<path value="$PROJECT_DIR$/vendor/symfony/http-client" />
<path value="$PROJECT_DIR$/vendor/symfony/http-client-contracts" />
<path value="$PROJECT_DIR$/vendor/phpunit/php-invoker" />
<path value="$PROJECT_DIR$/vendor/awssat/discord-notification-channel" />
<path value="$PROJECT_DIR$/vendor/berkayk/onesignal-laravel" />
<path value="$PROJECT_DIR$/vendor/symfony/psr-http-message-bridge" />
<path value="$PROJECT_DIR$/vendor/laravel/sanctum" />
</include_path>
</component>
<component name="PhpProjectSharedConfiguration" php_language_level="7.3" />
<component name="PhpProjectSharedConfiguration" php_language_level="7.2" />
<component name="PhpUnit">
<phpunit_settings>
<PhpUnitSettings configuration_file_path="$PROJECT_DIR$/phpunit.xml" custom_loader_path="$PROJECT_DIR$/vendor/autoload.php" use_configuration_file="true" />

0
.idea/phpunit.xml Executable file → Normal file
View File

0
.idea/vcs.xml Executable file → Normal file
View File

0
.phive/phars.xml Executable file → Normal file
View File

26
.styleci.yml Executable file → Normal file
View File

@ -1,13 +1,13 @@
risky: false
version: 7
preset: recommended
finder:
exclude:
- "modules"
- "node_modules"
- "storage"
- "vendor"
name: "*.php"
not-name:
- "*.blade.php"
- "_ide_helper.php"
php:
preset: laravel
disabled:
- unused_use
finder:
not-name:
- index.php
- server.php
js:
finder:
not-name:
- webpack.mix.js
css: true

6
.vscode/launch.json vendored Executable file → Normal file
View File

@ -4,15 +4,11 @@
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"name": "Listen for XDebug",
"type": "php",
"request": "launch",
"port": 9000,
"ignore": [
"**/vendor/**/*.php"
]
"port": 9000
},
{
"name": "Launch currently open script",

0
CODE_OF_CONDUCT.md Executable file → Normal file
View File

0
CONTRIBUTING.md Executable file → Normal file
View File

0
LICENSE Executable file → Normal file
View File

0
Procfile Executable file → Normal file
View File

View File

@ -42,13 +42,11 @@ Many other features are currently planned for this app, such as:
# Technical overview
Tech stack:
- [Laravel 8](https://laravel.com/)
- [Eloquent ORM](https://laravel.com/docs/5.0/eloquent)
- [AdminLTE](https://adminlte.io/) /
- [Bootstrap 4](https://getbootstrap.com/docs/4.0/getting-started/introduction/)
- [jQuery](https://jquery.com/)
- [Bootstrap 4](https://getbootstrap.com/)
- [Icons by FontAwesome](https://fontawesome.com/)
- [Laravel 7](https://laravel.com/)
- Eloquent ORM
- AdminLTE / Bootstrap 4
- jQuery / Plain Javascript
- vueJS (in the future)
# Stability
@ -65,7 +63,7 @@ Tech stack:
# Software Requirements
- ``composer`` (min version: 1.8.4)
- ``npm`` (tested w/ v 5.8.0)
- ``php`` (required PHP 8 or newer - lower versions unsupported!)
- ``php`` (required PHP 7 or newer - lower versions unsupported!)
# PHP Extension Requirements

0
SECURITY.md Executable file → Normal file
View File

View File

@ -1,25 +0,0 @@
<?php
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class ApiKey extends Model
{
use HasFactory;
protected $fillable = [
'name',
'status',
'discriminator',
'last_used',
'secret',
'owner_user_id'
];
public function user()
{
return $this->belongsTo('App\User', 'owner_user_id', 'id');
}
}

39
app/Application.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
@ -29,14 +10,12 @@ class Application extends Model
'applicantUserID',
'applicantFormResponseID',
'applicationStatus',
'applicationStatus'
];
public function oneoffApplicant()
{
return $this->hasOne('App\OneoffApplicant', 'application_id', 'id');
}
public function user()
{
@ -58,6 +37,7 @@ class Application extends Model
return $this->belongsToMany('App\Vote', 'votes_has_application');
}
public function comments()
{
return $this->hasMany('App\Comment', 'applicationID', 'id');
@ -66,15 +46,8 @@ class Application extends Model
public function setStatus($status)
{
return $this->update([
'applicationStatus' => $status,
'applicationStatus' => $status
]);
}
public function isOneoff()
{
return $this->user->id == 1; // ID 1 is always the ghost
}
}

25
app/Appointment.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
@ -32,19 +13,19 @@ class Appointment extends Model
'appointmentStatus',
'appointmentLocation',
'meetingNotes',
'userAccepted',
'userAccepted'
];
public function application()
{
// FIXME: Possible bug here, where laravel looks for the wrong column in the applications table.
// FIXME: Possible bug here, where laravel looks for the wrong column in the applications table.
return $this->belongsTo('App\Application', 'id', 'applicationID');
}
public function setStatus($status)
{
$this->update([
'appointmentStatus' => $status,
'appointmentStatus' => $status
]);
}
}

27
app/Ban.php Executable file → Normal file
View File

@ -1,46 +1,29 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
class Ban extends Model
{
public $fillable = [
'userID',
'reason',
'bannedUntil',
'isPermanent',
'authorUserID',
'userAgent',
'authorUserID'
];
public $dates = [
'suspendedUntil',
'bannedUntil'
];
public function user()
{
return $this->belongsTo('App\User', 'userID', 'id');
}
}

23
app/Comment.php Executable file → Normal file
View File

@ -1,34 +1,16 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
class Comment extends Model
{
protected $fillable = [
'authorID',
'applicationID',
'text',
'text'
];
public function application()
@ -40,4 +22,5 @@ class Comment extends Model
{
return $this->belongsTo('App\User', 'authorID', 'id');
}
}

87
app/Console/Commands/CountVotes.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands;
use App\Application;
@ -62,23 +43,28 @@ class CountVotes extends Command
$eligibleApps = Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get();
$pbar = $this->output->createProgressBar($eligibleApps->count());
if ($eligibleApps->isEmpty()) {
if($eligibleApps->isEmpty())
{
$this->error('𐄂 There are no applications that need to be processed.');
return false;
}
foreach ($eligibleApps as $application) {
foreach ($eligibleApps as $application)
{
$votes = $application->votes;
$voteCount = $application->votes->count();
$positiveVotes = 0;
$negativeVotes = 0;
if ($voteCount > 5) {
$this->info('Counting votes for application ID '.$application->id);
foreach ($votes as $vote) {
switch ($vote->allowedVoteType) {
if ($voteCount > 5)
{
$this->info('Counting votes for application ID ' . $application->id);
foreach ($votes as $vote)
{
switch ($vote->allowedVoteType)
{
case 'VOTE_APPROVE':
$positiveVotes++;
break;
@ -88,7 +74,7 @@ class CountVotes extends Command
}
}
$this->info('Total votes for application ID '.$application->id.': '.$voteCount);
$this->info('Total votes for application ID ' . $application->id . ': ' . $voteCount);
$this->info('Calculating criteria...');
$negativeVotePercent = floor(($negativeVotes / $voteCount) * 100);
$positiveVotePercent = floor(($positiveVotes / $voteCount) * 100);
@ -97,43 +83,54 @@ class CountVotes extends Command
$this->table([
'% of approval votes',
'% of denial votes',
'% of denial votes'
], [ // array of arrays, e.g. rows
[
$positiveVotePercent.'%',
$negativeVotePercent.'%',
],
$positiveVotePercent . "%",
$negativeVotePercent . "%"
]
]);
if ($pollResult) {
$this->info('✓ Dispatched promotion event for applicant '.$application->user->name);
if (! $this->option('dryrun')) {
if ($pollResult)
{
$this->info('✓ Dispatched promotion event for applicant ' . $application->user->name);
if (!$this->option('dryrun'))
{
$application->response->vacancy->vacancyCount -= 1;
$application->response->vacancy->save();
event(new ApplicationApprovedEvent(Application::find($application->id)));
} else {
}
else
{
$this->warn('Dry run: Event won\'t be dispatched');
}
$pbar->advance();
} else {
if (! $this->option('dryrun')) {
event(new ApplicationDeniedEvent(Application::find($application->id)));
} else {
$this->warn('Dry run: Event won\'t be dispatched');
}
$pbar->advance();
$this->error('𐄂 Applicant '.$application->user->name.' does not meet vote criteria (Majority)');
}
} else {
$this->warn('Application ID'.$application->id.' did not have enough votes for processing (min 5)');
else {
if (!$this->option('dryrun'))
{
event(new ApplicationDeniedEvent(Application::find($application->id)));
}
else {
$this->warn('Dry run: Event won\'t be dispatched');
}
$pbar->advance();
$this->error('𐄂 Applicant ' . $application->user->name . ' does not meet vote criteria (Majority)');
}
}
else
{
$this->warn("Application ID" . $application->id . " did not have enough votes for processing (min 5)");
}
}
$pbar->finish();
return true;
}
}

View File

@ -1,140 +0,0 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands;
use App\Facades\UUID;
use App\Profile;
use App\User;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Hash;
class CreateUser extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'users:create';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Creates an application user. Seeding the database is for testing environments, so use this command in production for your first admin user.';
/**
* Create a new command instance.
*
* @return void
*/
public function __construct()
{
parent::__construct();
}
/**
* Execute the console command.
*
* @return int
*/
public function handle()
{
do {
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
system('cls');
} else {
system('clear');
}
$this->info('Welcome to the user account creation wizard. If you just installed the application, we recommend you create your first admin user here. If you don\'t, you won\'t gain admin privileges after creating an account in the web interface.');
$this->info('We\'ll ask some questions to get you started.');
$username = $this->ask('Username');
do {
$password = $this->secret('Password');
$password_confirm = $this->secret('Confirm Password');
if ($password === $password_confirm) {
$password = Hash::make($password);
$matches = true;
} else {
$this->error('Password doesn\'t match. Please try again.');
$matches = false;
}
} while (! $matches);
$email = $this->ask('E-mail address');
$name = $this->ask('First/Last Name');
do {
try {
$uuid = UUID::toUUID($this->ask('Minecraft username (Must be a valid Premium account)'));
} catch (\InvalidArgumentException $e) {
$this->error($e->getMessage());
$hasError = true;
}
if (isset($hasError)) {
$continue = true;
} else {
$continue = false;
}
unset($hasError);
} while ($continue);
$this->info('Please check if these details are correct: ');
$this->info('Username: '.$username);
$this->info('Email: '.$email);
$this->info('Name: '.$name);
} while (! $this->confirm('Create user now? You can go back to correct any details.'));
$user = User::create([
'uuid' => $uuid,
'name' => $name,
'email' => $email,
'username' => $username,
'originalIP' => '127.0.0.1',
'password' => $password,
]);
if ($user) {
$user->assignRole('admin', 'reviewer', 'user', 'hiringManager');
Profile::create([
'profileShortBio' => 'Random data '.rand(0, 1000),
'profileAboutMe' => 'Random data '.rand(0, 1000),
'socialLinks' => '[]',
'avatarPreference' => 'gravatar',
'userID' => $user->id,
]);
$this->info('Account created! You may now login at '.route('login').'. Enjoy the app!');
return 0;
} else {
$this->error('There was an unknown problem creating the user. There might have been errors above. Please try again.');
return 1;
}
}
}

View File

@ -1,82 +0,0 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands;
use Faker\Factory;
use Faker\Generator;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Storage;
class MakeFile extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'files:make {count : How many test files to generate}';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Generates test files for the TeamFile model. Use in conjunction with it\'s factory.';
/**
* The faker instance used to obtain dummy text.
*
* @var Generator
*/
private $faker;
/**
* Create a new command instance.
*
* @return void
*/
public function __construct()
{
$this->faker = Factory::create();
parent::__construct();
}
/**
* Execute the console command.
*
* @return int
*/
public function handle()
{
$count = $this->argument('count');
$this->info('Creating '.$this->argument('count').' files!');
for ($max = 1; $max < $count; $max++) {
Storage::disk('local')->put('factory_files/testfile_'.rand(0, 5000).'.txt', $this->faker->paragraphs(40, true));
}
$this->info('Finished creating files! They will be randomly picked by the factory.');
return 0;
}
}

43
app/Console/Commands/SetEnv.php Executable file → Normal file
View File

@ -1,28 +1,9 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands;
use GeoSot\EnvEditor\Facades\EnvEditor;
use Illuminate\Console\Command;
use GeoSot\EnvEditor\Facades\EnvEditor;
class SetEnv extends Command
{
@ -56,16 +37,20 @@ class SetEnv extends Command
*/
public function handle()
{
$path = base_path('/.env');
$key = $this->argument('key');
$value = $this->argument('value');
$path = base_path('/.env');
$key = $this->argument('key');
$value = $this->argument('value');
if (file_exists($path)) {
EnvEditor::editKey($key, $value);
} else {
$this->error('Cannot update a file that doesn\'t exist! Please create .env first.');
return false;
}
if (file_exists($path))
{
EnvEditor::editKey($key, $value);
}
else
{
$this->error('Cannot update a file that doesn\'t exist! Please create .env first.');
return false;
}
}
}

23
app/Console/Kernel.php Executable file → Normal file
View File

@ -1,29 +1,10 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Console;
use App\Jobs\ProcessDueSuspensions;
use Illuminate\Console\Scheduling\Schedule;
use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
use App\Jobs\CleanBans;
class Kernel extends ConsoleKernel
{
@ -50,7 +31,7 @@ class Kernel extends ConsoleKernel
->daily();
// Production value: Every day
$schedule->job(new ProcessDueSuspensions)
$schedule->job(new CleanBans)
->daily();
// Production value: Every day
}

50
app/CustomFacades/IP.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\CustomFacades;
use Illuminate\Support\Facades\Cache;
@ -26,6 +7,7 @@ use Illuminate\Support\Facades\Http;
class IP
{
/**
* Looks up information on a specified IP address. Caches results automatically.
* @param string $IP IP address to lookup
@ -33,23 +15,23 @@ class IP
*/
public function lookup(string $IP): object
{
$params = [
$params = [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP
];
// TODO: Maybe unwrap this? Methods are chained here
return json_decode(Cache::remember($IP, 3600, function() use ($IP)
{
return Http::get(config('general.urls.ipapi.ipcheck'), [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP,
];
'ip' => $IP
])->body();
}));
if (!config('demo.is_enabled')) {
return json_decode(Cache::remember($IP, 3600, function () use ($IP) {
return Http::get(config('general.urls.ipapi.ipcheck'), [
'apiKey' => config('general.keys.ipapi.apikey'),
'ip' => $IP,
])->body();
}));
}
return new class {
public $message = "This feature is disabled.";
};
}
}

25
app/Events/ApplicationApprovedEvent.php Executable file → Normal file
View File

@ -1,28 +1,13 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use App\Application;
use Illuminate\Broadcasting\Channel;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
@ -41,4 +26,6 @@ class ApplicationApprovedEvent
{
$this->application = $application;
}
}

24
app/Events/ApplicationDeniedEvent.php Executable file → Normal file
View File

@ -1,28 +1,13 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use App\Application;
use Illuminate\Broadcasting\Channel;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
@ -41,4 +26,5 @@ class ApplicationDeniedEvent
{
$this->application = $application;
}
}

22
app/Events/NewApplicationEvent.php Executable file → Normal file
View File

@ -1,28 +1,12 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use Illuminate\Broadcasting\Channel;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;

30
app/Events/UserBannedEvent.php Executable file → Normal file
View File

@ -1,36 +1,23 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Events;
use App\Ban;
use App\User;
use Illuminate\Broadcasting\Channel;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Broadcasting\PresenceChannel;
use Illuminate\Broadcasting\PrivateChannel;
use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
use App\User;
use App\Ban;
class UserBannedEvent
{
use Dispatchable, InteractsWithSockets, SerializesModels;
public $user;
public $ban;
@ -45,4 +32,5 @@ class UserBannedEvent
$this->user = $user;
$this->ban = $ban;
}
}

View File

@ -1,11 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
use Illuminate\Database\Eloquent\ModelNotFoundException;
class ApplicationNotFoundException extends ModelNotFoundException
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class EmptyFormException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class EmptyOptionsException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class FailedCaptchaException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class FileUploadException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class FormHasConstraintsException extends Exception
{
//
}

19
app/Exceptions/Handler.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Exceptions;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class IncompleteApplicationException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class InvalidAppointmentException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class InvalidAppointmentStatusException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class InvalidGamePreferenceException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class InvalidInviteException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class OptionCategoryNotFoundException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class OptionNotFoundException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class ProfileNotFoundException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class PublicTeamInviteException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class UnavailableApplicationException extends Exception
{
//
}

View File

@ -1,10 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
class UserAlreadyInvitedException extends Exception
{
//
}

View File

@ -1,11 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
use Illuminate\Database\Eloquent\ModelNotFoundException;
class VacancyNotFoundException extends ModelNotFoundException
{
//
}

30
app/Facades/ContextAwareValidation.php Executable file → Normal file
View File

@ -1,32 +1,14 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class ContextAwareValidation extends Facade
{
protected static function getFacadeAccessor()
{
return 'contextAwareValidator';
}
protected static function getFacadeAccessor()
{
return 'contextAwareValidator';
}
}

View File

@ -1,17 +0,0 @@
<?php
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class DigitalStorageHelper extends Facade
{
protected static function getFacadeAccessor()
{
return 'digitalStorageHelperFacadeRoot';
}
}

19
app/Facades/IP.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;

View File

@ -1,17 +0,0 @@
<?php
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
class JSON extends Facade
{
protected static function getFacadeAccessor()
{
return 'json';
}
}

21
app/Facades/Options.php Executable file → Normal file
View File

@ -1,27 +1,8 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;
use \Illuminate\Support\Facades\Facade;
class Options extends Facade
{

19
app/Facades/UUID.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Facades;
use Illuminate\Support\Facades\Facade;

21
app/Form.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
@ -29,7 +10,7 @@ class Form extends Model
'formName',
'formStructure',
'formStatus',
'formStatus'
];

193
app/Helpers/ContextAwareValidator.php Executable file → Normal file
View File

@ -1,141 +1,138 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Helpers;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Collection;
class ContextAwareValidator
{
/**
* The excludedNames array will make the validator ignore any of these names when including names into the rules.
* @var array
*/
private $excludedNames = [
'_token',
'_method',
'formName',
];
/**
* Utility wrapper for json_encode.
*
* @param array $value The array to be converted.
* @return string The JSON representation of $value
*/
private function encode(array $value): string
* The excludedNames array will make the validator ignore any of these names when including names into the rules.
* @var array
*/
private $excludedNames = [
'_token',
'_method',
'formName'
];
/**
* Utility wrapper for json_encode.
*
* @param array $value The array to be converted.
* @return string The JSON representation of $value
*/
private function encode(array $value) : string
{
return json_encode($value);
return json_encode($value);
}
/**
* The getValidator() method will take an array of fields from the request body, iterates through them,
* and dynamically adds validation rules for them. Depending on parameters, it may or may not generate
* a form structure for rendering purposes.
*
* This method is mostly meant by internal use by means of static proxies (Facades), in order to reduce code repetition;
* Using it outside it's directed scope may cause unexpected results; For instance, the method expects inputs to be in array format, e.g. myFieldNameID1[],
* myFieldNameID2[], and so on and so forth.
*
* This isn't checked by the code yet, but if you're implementing it this way in the HTML markup, make sure it's consistent (e.g. use a loop).
*
* P.S This method automatically ignores the CSRF token for validation.
*
* @param array $fields The request form fields
* @param bool $generateStructure Whether to incldue a JSON-ready form structure for rendering
* @param bool $includeFormName Whether to include formName in the list of validation rules
* @return Validator|Collection A validator instance you can use to check for validity, or a Collection with a validator and structure (validator, structure)
*/
* The getValidator() method will take an array of fields from the request body, iterates through them,
* and dynamically adds validation rules for them. Depending on parameters, it may or may not generate
* a form structure for rendering purposes.
*
* This method is mostly meant by internal use by means of static proxies (Facades), in order to reduce code repetition;
* Using it outside it's directed scope may cause unexpected results; For instance, the method expects inputs to be in array format, e.g. myFieldNameID1[],
* myFieldNameID2[], and so on and so forth.
*
* This isn't checked by the code yet, but if you're implementing it this way in the HTML markup, make sure it's consistent (e.g. use a loop).
*
* P.S This method automatically ignores the CSRF token for validation.
*
* @param array $fields The request form fields
* @param bool $generateStructure Whether to incldue a JSON-ready form structure for rendering
* @param bool $includeFormName Whether to include formName in the list of validation rules
* @return Validator|Collection A validator instance you can use to check for validity, or a Collection with a validator and structure (validator, structure)
*/
public function getValidator(array $fields, bool $generateStructure = false, bool $includeFormName = false)
{
$formStructure = [];
$validator = [];
if ($includeFormName) {
$validator['formName'] = 'required|string';
}
if ($includeFormName)
{
$validator['formName'] = 'required|string|max:100';
}
foreach ($fields as $fieldName => $field) {
if (! in_array($fieldName, $this->excludedNames)) {
$validator[$fieldName.'.0'] = 'required|string';
$validator[$fieldName.'.1'] = 'required|string';
foreach ($fields as $fieldName => $field)
{
if(!in_array($fieldName, $this->excludedNames))
{
$validator[$fieldName . ".0"] = 'required|string';
$validator[$fieldName . ".1"] = 'required|string';
if ($generateStructure) {
if ($generateStructure)
{
$formStructure['fields'][$fieldName]['title'] = $field[0];
$formStructure['fields'][$fieldName]['type'] = $field[1];
}
}
}
}
$validatorInstance = Validator::make($fields, $validator);
}
}
return ($generateStructure) ?
$validatorInstance = Validator::make($fields, $validator);
return ($generateStructure) ?
collect([
'validator' => $validatorInstance,
'structure' => $this->encode($formStructure),
'validator' => $validatorInstance,
'structure' => $this->encode($formStructure)
])
: $validatorInstance;
}
/**
* The getResponseValidator method is similar to the getValidator method; It basically takes
* an array of fields from a previous form (that probably went through the other method) and adds validation
* to the field names.
*
* Also generates the storable response structure if you tell it to.
*
* @param array $fields The received fields
* @param array $formStructure The form structure - You must supply this if you want the response structure
* @param bool $generateResponseStructure Whether to generate the response structure
* @return Validator|Collection A collection or a validator, depending on the args. Will return validatior if only fields are supplied.
*/
* The getResponseValidator method is similar to the getValidator method; It basically takes
* an array of fields from a previous form (that probably went through the other method) and adds validation
* to the field names.
*
* Also generates the storable response structure if you tell it to.
*
* @param array $fields The received fields
* @param array $formStructure The form structure - You must supply this if you want the response structure
* @param bool $generateResponseStructure Whether to generate the response structure
* @return Validator|Collection A collection or a validator, depending on the args. Will return validatior if only fields are supplied.
*/
public function getResponseValidator(array $fields, array $formStructure = [], bool $generateResponseStructure = true)
{
$responseStructure = [];
$validator = [];
if (empty($formStructure) && $generateResponseStructure) {
throw new \InvalidArgumentException('Illegal combination of arguments supplied! Please check the method\'s documentation.');
}
$responseStructure = [];
$validator = [];
foreach ($fields as $fieldName => $value) {
if (! in_array($fieldName, $this->excludedNames)) {
$validator[$fieldName] = 'required|string';
if (empty($formStructure) && $generateResponseStructure)
{
throw new \InvalidArgumentException('Illegal combination of arguments supplied! Please check the method\'s documentation.');
}
if ($generateResponseStructure) {
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
}
foreach($fields as $fieldName => $value)
{
if(!in_array($fieldName, $this->excludedNames))
{
$validator[$fieldName] = 'required|string';
$validatorInstance = Validator::make($fields, $validator);
if ($generateResponseStructure)
{
$responseStructure['responses'][$fieldName]['type'] = $formStructure['fields'][$fieldName]['type'] ?? 'Unavailable';
$responseStructure['responses'][$fieldName]['title'] = $formStructure['fields'][$fieldName]['title'];
$responseStructure['responses'][$fieldName]['response'] = $value;
}
}
}
return ($generateResponseStructure) ?
$validatorInstance = Validator::make($fields, $validator);
return ($generateResponseStructure) ?
collect([
'validator' => $validatorInstance,
'responseStructure' => $this->encode($responseStructure),
'validator' => $validatorInstance,
'responseStructure' => $this->encode($responseStructure)
])
: $validatorInstance;
}
}

View File

@ -1,107 +0,0 @@
<?php declare(strict_types=1);
namespace App\Helpers;
/**
* Class DigitalStorageHelper
*
* The digital storage helper class helps you convert bytes into several other units.
* It should be used whenever you need to display a file's size in a human readable way.
*
* It's framework agnostic, meaning you can take it out of context and it'll still work; However, you'll have to instantiate it first.
* @package App\Helpers
*/
class DigitalStorageHelper
{
/**
* The digital storage value to be manipulated.
* @var $value
*/
protected $value;
/**
* Sets the digital storage value for manipulation.
*
* @param int $value The digital storage value in bytes
* @return $this The current instance
*/
public function setValue(int $value): DigitalStorageHelper
{
$this->value = $value;
return $this;
}
/**
* Converts the digital storage value to kilobytes.
*
* @return float|int
*/
public function toKilobytes(): float
{
return $this->value / 1000;
}
/**
* Converts the digital storage value to megabytes.
*
* @return float|int
*/
public function toMegabytes(): float
{
return $this->value / (1 * pow(10, 6)); // 1 times 10 to the power of 6
}
/**
* Convert the digital storage value to gigabytes. Might be an approximation
*
* @return float
*/
public function toGigabytes(): float
{
return $this->value / (1 * pow(10, 9));
}
/**
* Convert the digital storage value to terabytes.
*
* @return float
*/
public function toTerabytes(): float
{
return $this->value / (1 * pow(10, 12));
}
/**
* Format the digital storage value to one of the units: b, kb, mb, gb and tb.
* The method has been adapted to use both MiB and MB values.
*
* @param int $precision The rounding precision
* @param bool $si Use international system units. Defaults to false
* @return string The human readable digital storage value, in either, for instance, MB or MiB
* @see https://stackoverflow.com/a/2510459/11540218 StackOverflow question regarding unit conversion
* @since 7.3.23
*/
public function formatBytes($precision = 2, $si = false): string
{
$units = ['B', 'KiB', 'MiB', 'GiB', 'TiB'];
if ($si)
$units = ['B', 'KB', 'MB', 'GB', 'TB'];
$bytes = max($this->value, 0);
$pow = floor(($bytes ? log($bytes) : 0) / log(($si) ? 1000 : 1024));
$pow = min($pow, count($units) - 1);
$bytes /= pow(($si) ? 1000 : 1024, $pow);
return round($bytes, $precision) . ' ' . $units[$pow];
}
}

View File

@ -1,142 +0,0 @@
<?php
namespace App\Helpers;
/**
* Class JSON - Used for JSON responses.
* @package App\Helpers
*/
class JSON
{
protected $type, $status, $message, $code, $data, $additional;
/**
* @param mixed $type
*/
public function setResponseType($type): JSON
{
$this->type = $type;
return $this;
}
/**
* @param mixed $additional
*/
public function setAdditional($additional)
{
$this->additional = $additional;
return $this;
}
/**
* @return mixed
*/
public function getAdditional()
{
return $this->additional;
}
/**
* @return mixed
*/
public function getType()
{
return $this->type;
}
/**
* @return mixed
*/
public function getStatus()
{
return $this->status;
}
/**
* @param mixed $status
* @return JSON
*/
public function setStatus($status)
{
$this->status = $status;
return $this;
}
/**
* @return mixed
*/
public function getMessage()
{
return $this->message;
}
/**
* @param mixed $message
* @return JSON
*/
public function setMessage($message)
{
$this->message = $message;
return $this;
}
/**
* @return mixed
*/
public function getCode()
{
return $this->code;
}
/**
* @param mixed $code
* @return JSON
*/
public function setCode($code)
{
$this->code = $code;
return $this;
}
/**
* @return mixed
*/
public function getData()
{
return $this->data;
}
/**
* @param mixed $data
* @return JSON
*/
public function setData($data)
{
$this->data = $data;
return $this;
}
public function build($headers = [])
{
// Uses the same structure as model resources, for consistency when they aren't used.
$response = [
'data' => $this->getData(),
'meta' => [
'status' => $this->getStatus(),
'message' => $this->getMessage(),
]
];
if (!empty($this->additional))
{
foreach($this->additional as $additionalKeyName => $key)
{
$response[$additionalKeyName] = $key;
}
}
return response($response, $this->getCode(), $headers);
}
}

96
app/Helpers/Options.php Executable file → Normal file
View File

@ -1,88 +1,43 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Helpers;
use App\Exceptions\EmptyOptionsException;
use App\Exceptions\OptionNotFoundException;
use App\Options as Option;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Cache;
use Illuminate\Support\Facades\Log;
/**
* The options class. A simple wrapper around the model. Could be a repository, but we're not using that design pattern just yet
*/
class Options
{
/**
* Returns an assortment of settings found in the mentioned category
*
* @param $category The category
* @return Collection The settings in this category
*/
public function getCategory(string $category): Collection
{
$options = Option::where('option_category', $category)->get();
if ($options->isEmpty())
{
throw new EmptyOptionsException('There are no options in category ' . $category);
}
return $options;
}
public function getOption(string $option): string
{
$value = Cache::get($option);
if (is_null($value)) {
Log::debug('Option '.$option.'not found in cache, refreshing from database');
if (is_null($value))
{
Log::debug('Option ' . $option . 'not found in cache, refreshing from database');
$value = Option::where('option_name', $option)->first();
if (is_null($value)) {
throw new OptionNotFoundException('This option does not exist.');
}
Cache::put($option, $value->option_value);
Cache::put($option.'_desc', 'Undefined description');
if (is_null($value))
throw new \Exception('This option does not exist.');
return $value->option_value;
Cache::put($option, $value);
Cache::put($option . '_desc', 'Undefined description');
}
return $value;
return $value->option_value;
}
// Null categories are settings without categories and will appear ungrouped
public function setOption(string $option, string $value, string $description, string $category = null)
public function setOption(string $option, string $value, string $description)
{
Option::create([
'option_name' => $option,
'option_value' => $value,
'friendly_name' => $description,
'option_category' => $category
]);
Option::create([
'option_name' => $option,
'option_value' => $value,
'friendly_name' => $description
]);
Cache::put($option, $value, now()->addDay());
Cache::put($option.'_desc', $description, now()->addDay());
Cache::put($option, $value, now()->addDay());
Cache::put($option . '_desc', $description, now()->addDay());
}
public function pullOption($option): array
@ -93,7 +48,7 @@ class Options
// putMany is overkill here
return [
Cache::pull($option),
Cache::pull($option.'_desc'),
Cache::pull($option . '_desc')
];
}
@ -101,13 +56,14 @@ class Options
{
$dbOption = Option::where('option_name', $option);
if ($dbOption->first()) {
if ($dbOption->first())
{
$dbOptionInstance = Option::find($dbOption->first()->id);
Cache::forget($option);
Log::debug('Changing db configuration option', [
'old_value' => $dbOptionInstance->option_value,
'new_value' => $newValue,
'new_value' => $newValue
]);
$dbOptionInstance->option_value = $newValue;
@ -115,20 +71,24 @@ class Options
Log::debug('New db configuration option saved',
[
'option' => $dbOptionInstance->option_value,
'option' => $dbOptionInstance->option_value
]);
Cache::put('option_name', $newValue, now()->addDay());
} else {
throw new OptionNotFoundException('This option does not exist.');
}
else
{
throw new \Exception('This option does not exist.');
}
}
public function optionExists(string $option): bool
{
$dbOption = Option::where('option_name', $option)->first();
$locallyCachedOption = Cache::get($option);
return ! is_null($dbOption) || ! is_null($locallyCachedOption);
return !is_null($dbOption) || !is_null($locallyCachedOption);
}
}

View File

@ -1,95 +0,0 @@
<?php
namespace App\Http\Controllers;
use App\ApiKey;
use App\Http\Requests\CreateApiKeyRequest;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class ApiKeyController extends Controller
{
public function index()
{
$this->authorize('viewAny', ApiKey::class);
return view('dashboard.administration.keys')
->with('keys', ApiKey::all());
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
*/
public function store(CreateApiKeyRequest $request)
{
$this->authorize('create', ApiKey::class);
$discriminator = "#" . bin2hex(random_bytes(7));
$secret = bin2hex(random_bytes(32));
$key = ApiKey::create([
'name' => $request->keyName,
'discriminator' => $discriminator,
'secret' => Hash::make($secret),
'status' => 'active',
'owner_user_id' => Auth::user()->id
]);
if ($key)
{
$request->session()->flash('success', __('Key successfully registered!'));
$request->session()->flash('finalKey', $discriminator . '.' . $secret);
return redirect()
->back();
}
return redirect()
->back()
->with('error', __('An error occurred whilst trying to create an API key.'));
}
public function revokeKey(Request $request, ApiKey $key)
{
$this->authorize('update', $key);
if ($key->status == 'active')
{
$key->status = 'disabled';
$key->save();
}
else
{
return redirect()
->back()
->with('error', __('Key already revoked.'));
}
return redirect()
->back()
->with('success', __('Key revoked. Apps using this key will stop working.'));
}
/**
* Remove the specified resource from storage.
*/
public function destroy($id)
{
$key = ApiKey::findOrFail($id);
$this->authorize('delete', $key);
$key->delete();
return redirect()
->back()
->with('success', __('Key deleted successfully. Apps using this key will stop working.'));
}
}

268
app/Http/Controllers/ApplicationController.php Executable file → Normal file
View File

@ -1,57 +1,59 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Exceptions\ApplicationNotFoundException;
use App\Exceptions\IncompleteApplicationException;
use App\Exceptions\UnavailableApplicationException;
use App\Exceptions\VacancyNotFoundException;
use App\Services\ApplicationService;
use App\Response;
use App\Vacancy;
use App\User;
use App\Events\ApplicationDeniedEvent;
use App\Notifications\NewApplicant;
use App\Notifications\ApplicationMoved;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Log;
use ContextAwareValidator;
class ApplicationController extends Controller
{
private $applicationService;
private function canVote($votes)
{
$allvotes = collect([]);
public function __construct(ApplicationService $applicationService) {
foreach ($votes as $vote)
{
if ($vote->userID == Auth::user()->id)
{
$allvotes->push($vote);
}
}
$this->applicationService = $applicationService;
return ($allvotes->count() == 1) ? false : true;
}
public function showUserApps()
{
return view('dashboard.user.applications')
->with('applications', Auth::user()->applications);
}
public function showUserApp(Request $request, Application $application)
{
$this->authorize('view', $application);
if (!is_null($application)) {
if (!is_null($application))
{
return view('dashboard.user.viewapp')
->with(
[
@ -60,88 +62,210 @@ class ApplicationController extends Controller
'structuredResponses' => json_decode($application->response->responseData, true),
'formStructure' => $application->response->form,
'vacancy' => $application->response->vacancy,
'canVote' => $this->applicationService->canVote($application->votes),
'canVote' => $this->canVote($application->votes)
]
);
} else {
$request->session()->flash('error', __('The application you requested could not be found.'));
}
else
{
$request->session()->flash('error', 'The application you requested could not be found.');
}
return redirect()->back();
}
public function showAllApps(Request $request)
public function showAllApps()
{
$this->authorize('viewAny', Application::class);
return view('dashboard.appmanagement.all')
->with('applications', Application::all());
->with('applications', Application::paginate(6));
}
public function renderApplicationForm($vacancySlug)
public function showAllPendingApps()
{
try {
return $this->applicationService->renderForm($vacancySlug);
}
catch (ApplicationNotFoundException $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
}
$this->authorize('viewAny', Application::class);
return view('dashboard.appmanagement.outstandingapps')
->with('applications', Application::where('applicationStatus', 'STAGE_SUBMITTED')->get());
}
public function showPendingInterview()
{
$this->authorize('viewAny', Application::class);
$applications = Application::with('appointment', 'user')->get();
$count = 0;
$pendingInterviews = collect([]);
$upcomingInterviews = collect([]);
foreach ($applications as $application)
{
if (!is_null($application->appointment) && $application->appointment->appointmentStatus == 'CONCLUDED')
{
$count =+ 1;
}
switch ($application->applicationStatus)
{
case 'STAGE_INTERVIEW':
$upcomingInterviews->push($application);
break;
case 'STAGE_INTERVIEW_SCHEDULED':
$pendingInterviews->push($application);
break;
}
}
return view('dashboard.appmanagement.interview')
->with([
'finishedCount' => $count,
'applications' => $pendingInterviews,
'upcomingApplications' => $upcomingInterviews
]);
}
public function showPeerReview()
{
$this->authorize('viewAny', Application::class);
return view('dashboard.appmanagement.peerreview')
->with('applications', Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get());
}
public function renderApplicationForm(Request $request, $vacancySlug)
{
// FIXME: Get rid of references to first(), this is a wonky query
$vacancyWithForm = Vacancy::with('forms')->where('vacancySlug', $vacancySlug)->get();
$firstVacancy = $vacancyWithForm->first();
if (!$vacancyWithForm->isEmpty() && $firstVacancy->vacancyCount !== 0 && $firstVacancy->vacancyStatus == 'OPEN')
{
return view('dashboard.application-rendering.apply')
->with([
'vacancy' => $vacancyWithForm->first(),
'preprocessedForm' => json_decode($vacancyWithForm->first()->forms->formStructure, true)
]);
}
else
{
abort(404, 'The application you\'re looking for could not be found or it is currently unavailable.');
}
}
public function saveApplicationAnswers(Request $request, $vacancySlug)
{
try {
$vacancy = Vacancy::with('forms')->where('vacancySlug', $vacancySlug)->get();
$this->applicationService->fillForm(Auth::user(), $request->all(), $vacancySlug);
if ($vacancy->first()->vacancyCount == 0 || $vacancy->first()->vacancyStatus !== 'OPEN')
{
} catch (VacancyNotFoundException | IncompleteApplicationException | UnavailableApplicationException $e) {
$request->session()->flash('error', 'This application is unavailable.');
return redirect()->back();
return redirect()
->back()
->with('error', $e->getMessage());
}
return redirect()
->to(route('showUserApps'))
->with('success', __('Thank you! Your application has been processed and our team will get to it shortly.'));
Log::info('Processing new application!');
$formStructure = json_decode($vacancy->first()->forms->formStructure, true);
$responseValidation = ContextAwareValidator::getResponseValidator($request->all(), $formStructure);
Log::info('Built response & validator structure!');
if (!$responseValidation->get('validator')->fails())
{
$response = Response::create([
'responseFormID' => $vacancy->first()->forms->id,
'associatedVacancyID' => $vacancy->first()->id, // Since a form can be used by multiple vacancies, we can only know which specific vacancy this response ties to by using a vacancy ID
'responseData' => $responseValidation->get('responseStructure')
]);
Log::info('Registered form response for user ' . Auth::user()->name . ' for vacancy ' . $vacancy->first()->vacancyName);
$application = Application::create([
'applicantUserID' => Auth::user()->id,
'applicantFormResponseID' => $response->id,
'applicationStatus' => 'STAGE_SUBMITTED',
]);
Log::info('Submitted application for user ' . Auth::user()->name . ' with response ID' . $response->id);
foreach(User::all() as $user)
{
if ($user->hasRole('admin'))
{
$user->notify((new NewApplicant($application, $vacancy->first()))->delay(now()->addSeconds(10)));
}
}
$request->session()->flash('success', 'Thank you for your application! It will be reviewed as soon as possible.');
return redirect()->to(route('showUserApps'));
}
else
{
Log::warning('Application form for ' . Auth::user()->name . ' contained errors, resetting!');
$request->session()->flash('error', 'There are one or more errors in your application. Please make sure none of your fields are empty, since they are all required.');
}
return redirect()->back();
}
public function updateApplicationStatus(Request $request, Application $application, $newStatus)
{
$messageIsError = false;
$this->authorize('update', Application::class);
try {
$status = $this->applicationService->updateStatus($application, $newStatus);
} catch (\LogicException $ex)
switch ($newStatus)
{
return redirect()
->back()
->with('error', $ex->getMessage());
case 'deny':
event(new ApplicationDeniedEvent($application));
break;
case 'interview':
Log::info('User ' . Auth::user()->name . ' has moved application ID ' . $application->id . 'to interview stage');
$request->session()->flash('success', 'Application moved to interview stage! (:');
$application->setStatus('STAGE_INTERVIEW');
$application->user->notify(new ApplicationMoved());
break;
default:
$request->session()->flash('error', 'There are no suitable statuses to update to. Do not mess with the URL.');
}
return redirect()
->back()
->with('success', $status);
return redirect()->back();
}
/**
* @throws \Illuminate\Auth\Access\AuthorizationException
* @throws \Exception
*/
public function delete(Request $request, Application $application)
{
$this->authorize('delete', $application);
$this->applicationService->delete($application);
return redirect()
->back()
->with('success', __('Application deleted. Comments, appointments and responses have also been deleted.'));
$this->authorize('delete', $application);
$application->delete(); // observers will run, cleaning it up
$request->session()->flash('success', 'Application deleted. Comments, appointments and responses have also been deleted.');
return redirect()->back();
}
}

125
app/Http/Controllers/AppointmentController.php Executable file → Normal file
View File

@ -1,101 +1,94 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Appointment;
use App\Exceptions\InvalidAppointmentException;
use App\Exceptions\InvalidAppointmentStatusException;
use App\Http\Requests\SaveNotesRequest;
use App\Services\AppointmentService;
use App\Services\MeetingNoteService;
use Carbon\Carbon;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use App\Appointment;
use App\Notifications\ApplicationMoved;
use App\Notifications\AppointmentScheduled;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class AppointmentController extends Controller
{
private $allowedPlatforms = [
private $appointmentService;
private $meetingNoteService;
'ZOOM',
'DISCORD',
'SKYPE',
'MEET',
'TEAMSPEAK'
];
public function __construct(AppointmentService $appointmentService, MeetingNoteService $meetingNoteService) {
$this->appointmentService = $appointmentService;
$this->meetingNoteService = $meetingNoteService;
}
public function saveAppointment(Request $request, Application $application): RedirectResponse
public function saveAppointment(Request $request, Application $application)
{
$this->authorize('create', Appointment::class);
$appointmentDate = Carbon::parse($request->appointmentDateTime);
$this->appointmentService->createAppointment($application, $appointmentDate, $request->appointmentDescription, $request->appointmentLocation);
return redirect()
->back()
->with('success',__('Appointment successfully scheduled @ :appointmentTime', ['appointmentTime', $appointmentDate->toDateTimeString()]));
$appointment = Appointment::create([
'appointmentDescription' => $request->appointmentDescription,
'appointmentDate' => $appointmentDate->toDateTimeString(),
'applicationID' => $application->id,
'appointmentLocation' => (in_array($request->appointmentLocation, $this->allowedPlatforms)) ? $request->appointmentLocation : 'DISCORD',
]);
$application->setStatus('STAGE_INTERVIEW_SCHEDULED');
Log::info('User ' . Auth::user()->name . ' has scheduled an appointment with ' . $application->user->name . ' for application ID' . $application->id, [
'datetime' => $appointmentDate->toDateTimeString(),
'scheduled' => now()
]);
$application->user->notify(new AppointmentScheduled($appointment));
$request->session()->flash('success', 'Appointment successfully scheduled @ ' . $appointmentDate->toDateTimeString());
return redirect()->back();
}
/**
* @throws AuthorizationException
*/
public function updateAppointment(Application $application, $status): RedirectResponse
public function updateAppointment(Request $request, Application $application, $status)
{
$this->authorize('update', $application->appointment);
$this->authorize('update', $application->appointment);
try {
$this->appointmentService->updateAppointment($application, $status);
$validStatuses = [
'SCHEDULED',
'CONCLUDED'
];
return redirect()
->back()
->with('success', __("Interview finished! Staff members can now vote on it."));
// NOTE: This is a little confusing, refactor
$application->appointment->appointmentStatus = (in_array($status, $validStatuses)) ? strtoupper($status) : 'SCHEDULED';
$application->appointment->save();
}
catch (InvalidAppointmentStatusException $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
}
$application->setStatus('STAGE_PEERAPPROVAL');
$application->user->notify(new ApplicationMoved());
$request->session()->flash('success', 'Interview finished! Staff members can now vote on it.');
return redirect()->back();
}
// also updates
public function saveNotes(SaveNotesRequest $request, Application $application)
{
try {
if (!is_null($application))
{
$application->load('appointment');
$this->meetingNoteService->addToApplication($application, $request->noteText);
$application->appointment->meetingNotes = $request->noteText;
$application->appointment->save();
return redirect()
->back()
->with('success', 'Saved notes.');
} catch (InvalidAppointmentException $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
$request->session()->flash('success', 'Meeting notes have been saved.');
}
else
{
$request->session()->flash('error', 'There\'s no appointment to save notes to!');
}
return redirect()->back();
}
}

20
app/Http/Controllers/Auth/ConfirmPasswordController.php Executable file → Normal file
View File

@ -1,27 +1,9 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ConfirmsPasswords;
class ConfirmPasswordController extends Controller

19
app/Http/Controllers/Auth/ForgotPasswordController.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;

49
app/Http/Controllers/Auth/LoginController.php Executable file → Normal file
View File

@ -1,31 +1,12 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\User;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
class LoginController extends Controller
{
@ -67,30 +48,22 @@ class LoginController extends Controller
{
$user = User::where('email', $request->email)->first();
if ($user) {
if ($user)
{
$isBanned = $user->isBanned();
if ($isBanned) {
if ($isBanned)
{
return false;
} else {
}
else
{
return $this->originalAttemptLogin($request);
}
}
return $this->originalAttemptLogin($request);
}
public function authenticated(Request $request, User $user)
{
if (!config('demo.is_enabled')) {
if ($user->originalIP !== $request->ip())
{
Log::alert('User IP address changed from last login. Updating.', [
'prev' => $user->originalIP,
'new' => $request->ip()
]);
$user->originalIP = $request->ip();
$user->save();
}
}
}
}

59
app/Http/Controllers/Auth/RegisterController.php Executable file → Normal file
View File

@ -1,33 +1,15 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Profile;
use App\Providers\RouteServiceProvider;
use App\User;
use App\Facades\Options;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use function GuzzleHttp\Psr7\str;
class RegisterController extends Controller
{
@ -65,8 +47,10 @@ class RegisterController extends Controller
{
$users = User::where('originalIP', \request()->ip())->get();
foreach ($users as $user) {
if ($user && $user->isBanned()) {
foreach($users as $user)
{
if ($user && $user->isBanned())
{
abort(403, 'You do not have permission to access this page.');
}
}
@ -82,32 +66,13 @@ class RegisterController extends Controller
*/
protected function validator(array $data)
{
$password = ['required', 'string', 'confirmed'];
switch (Options::getOption('pw_security_policy'))
{ // this could be better structured, switch doesn't feel right
case 'off':
$password = ['required', 'string', 'confirmed'];
break;
case 'low':
$password = ['required', 'string', 'min:10', 'confirmed'];
break;
case 'medium':
$password = ['required', 'string', 'confirmed', 'regex:/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[#?!@$%^&*-]).{12,}$/'];
break;
case 'high':
$password = ['required', 'string', 'confirmed', 'regex:/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{20,}$/'];
}
return Validator::make($data, [
'uuid' => (Options::getOption('requireGameLicense') && Options::getOption('currentGame') == 'MINECRAFT') ? ['required', 'string', 'unique:users', 'min:32', 'max:32'] : ['nullable', 'string'],
'uuid' => ['required', 'string', 'unique:users', 'min:32', 'max:32'],
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => $password,
'password' => ['required', 'string', 'min:10', 'confirmed', 'regex:/^.*(?=.{3,})(?=.*[a-zA-Z])(?=.*[0-9])(?=.*[\d\x])(?=.*[!$#%]).*$/'],
], [
'uuid.required' => 'Please enter a valid (and Premium) Minecraft username! We do not support cracked users.',
'uuid.required' => 'Please enter a valid (and Premium) Minecraft username! We do not support cracked users.'
]);
}
@ -119,19 +84,19 @@ class RegisterController extends Controller
*/
protected function create(array $data)
{
$user = User::create([
'uuid' => $data['uuid'],
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
'originalIP' => config('demo.is_enabled') ? '0.0.0.0' : request()->ip(),
'originalIP' => request()->ip()
]);
// It's not the registration controller's concern to create a profile for the user,
// so this code has been moved to its respective observer, following the separation of concerns pattern.
// so this code has been moved to it's respective observer, following the separation of concerns pattern.
$user->assignRole('user');
return $user;
}
}

20
app/Http/Controllers/Auth/ResetPasswordController.php Executable file → Normal file
View File

@ -1,27 +1,9 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\ResetsPasswords;
class ResetPasswordController extends Controller

26
app/Http/Controllers/Auth/TwofaController.php Executable file → Normal file
View File

@ -1,32 +1,16 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Traits\AuthenticatesTwoFactor;
class TwofaController extends Controller
{
use AuthenticatesTwoFactor;
use AuthenticatesTwoFactor;
protected $redirectTo = '/dashboard';
protected $redirectTo = '/dashboard';
}

20
app/Http/Controllers/Auth/VerificationController.php Executable file → Normal file
View File

@ -1,27 +1,9 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\VerifiesEmails;
class VerificationController extends Controller

114
app/Http/Controllers/BanController.php Executable file → Normal file
View File

@ -1,86 +1,92 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Ban;
use App\Events\UserBannedEvent;
use App\Http\Requests\BanUserRequest;
use App\Services\AccountSuspensionService;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Ban;
use App\User;
use App\Events\UserBannedEvent;
use App\Http\Requests\BanUserRequest;
class BanController extends Controller
{
protected $suspensionService;
public function __construct(AccountSuspensionService $suspensionService)
{
// Inject the service via DI
$this->suspensionService = $suspensionService;
}
public function insert(BanUserRequest $request, User $user)
{
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
}
$this->authorize('create', [Ban::class, $user]);
if (is_null($user->bans))
{
if (!$this->suspensionService->isSuspended($user)) {
$reason = $request->reason;
$duration = strtolower($request->durationOperator);
$durationOperand = $request->durationOperand;
$this->suspensionService->suspend($request->reason, $request->duration, $user, $request->suspensionType);
$request->session()->flash('success', __('Account suspended.'));
$expiryDate = now();
} else {
if (!empty($duration))
{
switch($duration)
{
case 'days':
$expiryDate->addDays($durationOperand);
break;
$request->session()->flash('error', __('Account already suspended!'));
case 'weeks':
$expiryDate->addWeeks($durationOperand);
break;
case 'months':
$expiryDate->addMonths($durationOperand);
break;
case 'years':
$expiryDate->addYears($durationOperand);
break;
}
}
else
{
// Essentially permanent
$expiryDate->addYears(5);
}
$ban = Ban::create([
'userID' => $user->id,
'reason' => $reason,
'bannedUntil' => $expiryDate->format('Y-m-d H:i:s'),
'userAgent' => "Unknown",
'authorUserID' => Auth::user()->id
]);
event(new UserBannedEvent($user, $ban));
$request->session()->flash('success', 'User banned successfully! Ban ID: #' . $ban->id);
}
else
{
$request->session()->flash('error', 'User already banned!');
}
return redirect()->back();
}
public function delete(Request $request, User $user)
{
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
}
$this->authorize('delete', $user->bans);
if ($this->suspensionService->isSuspended($user)) {
$this->suspensionService->unsuspend($user);
$request->session()->flash('success', __('Account unsuspended successfully!'));
} else {
$request->session()->flash('error', __('This account isn\'t suspended!'));
if (!is_null($user->bans))
{
$user->bans->delete();
$request->session()->flash('success', 'User unbanned successfully!');
}
else
{
$request->session()->flash('error', 'This user isn\'t banned!');
}
return redirect()->back();

65
app/Http/Controllers/CommentController.php Executable file → Normal file
View File

@ -1,62 +1,57 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Comment;
use App\Http\Requests\NewCommentRequest;
use App\Services\CommentService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Http\Requests\NewCommentRequest;
use App\Comment;
use App\Application;
use App\Notifications\NewComment;
use App\User;
class CommentController extends Controller
{
private $commentService;
public function __construct(CommentService $commentService) {
$this->commentService = $commentService;
public function index()
{
//
}
public function insert(NewCommentRequest $request, Application $application)
{
$this->authorize('create', Comment::class);
$comment = $this->commentService->addComment($application, $request->comment);
if ($comment) {
$request->session()->flash('success', __('Comment posted!'));
} else {
$request->session()->flash('error', __('Something went wrong while posting your comment!'));
$comment = Comment::create([
'authorID' => Auth::user()->id,
'applicationID' => $application->id,
'text' => $request->comment
]);
if ($comment)
{
$request->session()->flash('success', 'Comment posted! (:');
}
else
{
$request->session()->flash('error', 'Something went wrong while posting your comment!');
}
return redirect()->back();
}
public function delete(Request $request, Comment $comment)
{
$this->authorize('delete', $comment);
$this->commentService->deleteComment($comment);
return redirect()
->back()
->with('success', __('Comment deleted!'));
$comment->delete();
$request->session()->flash('success', 'Comment deleted!');
return redirect()->back();
}
}

78
app/Http/Controllers/ContactController.php Executable file → Normal file
View File

@ -1,63 +1,65 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Exceptions\FailedCaptchaException;
use App\Notifications\NewContact;
use App\Services\ContactService;
use App\User;
use Illuminate\Http\Request;
use GuzzleHttp;
use App\Notifications\NewContact;
use Illuminate\Support\Facades\Http;
use App\User;
class ContactController extends Controller
{
protected $users;
private $contactService;
public function __construct(User $users, ContactService $contactService)
public function __construct(User $users)
{
$this->contactService = $contactService;
$this->users = $users;
}
public function create(Request $request)
{
try {
$name = $request->name;
$email = $request->email;
$subject = $request->subject;
$msg = $request->msg;
$email = $request->email;
$msg = $request->msg;
$challenge = $request->input('captcha');
$challenge = $request->input('captcha');
$this->contactService->sendMessage($request->ip(), $msg, $email, $challenge);
// TODO: now: add middleware for this verification, move to invisible captcha
$verifyrequest = Http::asForm()->post(config('recaptcha.verify.apiurl'), [
'secret' => config('recaptcha.keys.secret'),
'response' => $challenge,
'remoteip' => $request->ip()
]);
return redirect()
->back()
->with('success',__('Message sent successfully! We usually respond within 48 hours.'));
} catch (FailedCaptchaException $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
$response = json_decode($verifyrequest->getBody(), true);
if (!$response['success'])
{
$request->session()->flash('error', 'Beep beep boop... Robot? Submission failed.');
return redirect()->back();
}
foreach(User::all() as $user)
{
if ($user->hasRole('admin'))
{
$user->notify(new NewContact(collect([
'message' => $msg,
'ip' => $request->ip(),
'email' => $email
])));
}
}
$request->session()->flash('success', 'Message sent successfully! We usually respond within 48 hours.');
return redirect()->back();
}
}

19
app/Http/Controllers/Controller.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;

52
app/Http/Controllers/DashboardController.php Executable file → Normal file
View File

@ -1,61 +1,31 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\User;
use Illuminate\Http\Request;
use App\Vacancy;
use Illuminate\Support\Facades\Auth;
use App\User;
use App\Ban;
use App\Application;
class DashboardController extends Controller
{
// Note: The dashboard doesn't need a service because it doesn't contain any significant business logic
public function index()
{
$totalPeerReview = Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get()->count();
$totalNewApplications = Application::where('applicationStatus', 'STAGE_SUBMITTED')->get()->count();
$totalDenied = Application::where('applicationStatus', 'DENIED')->get()->count();
$vacancies = Vacancy::where('vacancyStatus', '<>', 'CLOSED')->get();
$totalDeniedSingle = Application::where([
['applicationStatus', '=', 'DENIED'],
['applicantUserID', '=', Auth::user()->id]
])->get();
$totalNewSingle = Application::where([
['applicationStatus', '=', 'STAGE_SUBMITTED'],
['applicantUserID', '=', Auth::user()->id]
])->get();
return view('dashboard.dashboard')
->with([
'vacancies' => $vacancies,
'totalUserCount' => User::all()->count(),
'totalDenied' => $totalDenied,
'totalPeerReview' => $totalPeerReview,
'totalNewApplications' => $totalNewApplications,
'totalNewSingle' => $totalNewSingle->count(),
'totalDeniedSingle' => $totalDeniedSingle->count()
'vacancies' => Vacancy::all(),
'totalUserCount' => User::all()->count(),
'totalDenied' => $totalDenied,
'totalPeerReview' => $totalPeerReview,
'totalNewApplications' => $totalNewApplications
]);
}
}

40
app/Http/Controllers/DevToolsController.php Executable file → Normal file
View File

@ -1,45 +1,28 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Events\ApplicationApprovedEvent;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class DevToolsController extends Controller
{
// The use case for Laravel's gate and/or validation Requests is so tiny here that a full-blown policy would be overkill.
protected function isolatedAuthorise()
{
if (! Auth::user()->can('admin.developertools.use')) {
abort(403, __('You\'re not authorized to access this page.'));
}
if (!Auth::user()->can('admin.developertools.use'))
{
abort(403, 'You\'re not authorized to access this page.');
}
}
public function index()
{
$this->isolatedAuthorise();
return view('dashboard.administration.devtools')
->with('applications', Application::where('applicationStatus', 'STAGE_PEERAPPROVAL')->get());
}
@ -49,12 +32,15 @@ class DevToolsController extends Controller
$this->isolatedAuthorise();
$application = Application::find($request->application);
if (! is_null($application)) {
if (!is_null($application))
{
event(new ApplicationApprovedEvent($application));
$request->session()->flash('success', __('Event dispatched! Please check the debug logs for more info'));
} else {
$request->session()->flash('error', __('Application doesn\'t exist!'));
$request->session()->flash('success', 'Event dispatched! Please check the debug logs for more info');
}
else
{
$request->session()->flash('error', 'Application doesn\'t exist!');
}
return redirect()->back();

136
app/Http/Controllers/FormController.php Executable file → Normal file
View File

@ -1,40 +1,16 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Exceptions\EmptyFormException;
use App\Exceptions\FormHasConstraintsException;
use App\Form;
use App\Services\FormManagementService;
use ContextAwareValidator;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Auth;
use ContextAwareValidator;
class FormController extends Controller
{
private $formService;
public function __construct(FormManagementService $formService) {
$this->formService = $formService;
}
public function index()
{
@ -48,52 +24,61 @@ class FormController extends Controller
public function showFormBuilder()
{
$this->authorize('viewFormbuilder', Form::class);
return view('dashboard.administration.formbuilder');
}
public function saveForm(Request $request)
{
try {
$form = $this->formService->addForm($request->all());
}
catch (EmptyFormException $ex)
$this->authorize('create', Form::class);
$fields = $request->all();
$contextValidation = ContextAwareValidator::getValidator($fields, true, true);
if (!$contextValidation->get('validator')->fails())
{
return redirect()
->back()
->with('exception', $ex->getMessage());
$storableFormStructure = $contextValidation->get('structure');
Form::create(
[
'formName' => $fields['formName'],
'formStructure' => $storableFormStructure,
'formStatus' => 'ACTIVE'
]
);
$request->session()->flash('success', 'Form created! You can now link this form to a vacancy.');
return redirect()->to(route('showForms'));
}
// Form is boolean or array
if ($form)
{
return redirect()
->back()
->with('success', __('Form created!'));
}
return redirect()
->back()
->with('errors', $form);
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
return redirect()->back();
}
public function destroy(Request $request, Form $form)
{
$this->authorize('delete', $form);
try {
$deletable = true;
$this->formService->deleteForm($form);
return redirect()
->back()
->with('success', __('Form deleted successfuly'));
} catch (FormHasConstraintsException $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
if (!is_null($form) && !is_null($form->vacancies) && $form->vacancies->count() !== 0 || !is_null($form->responses))
{
$deletable = false;
}
if ($deletable)
{
$form->delete();
$request->session()->flash('success', 'Form deleted successfully.');
}
else
{
$request->session()->flash('error', 'You cannot delete this form because it\'s tied to one or more applications and ranks, or because it doesn\'t exist.');
}
return redirect()->back();
}
public function preview(Request $request, Form $form)
@ -108,9 +93,9 @@ class FormController extends Controller
public function edit(Request $request, Form $form)
{
$this->authorize('update', $form);
$this->authorize('update', $form);
return view('dashboard.administration.editform')
return view('dashboard.administration.editform')
->with('formStructure', json_decode($form->formStructure, true))
->with('title', $form->formName)
->with('formID', $form->id);
@ -118,16 +103,29 @@ class FormController extends Controller
public function update(Request $request, Form $form)
{
$this->authorize('update', $form);
$updatedForm = $this->formService->updateForm($form, $request->all());
$this->authorize('update', $form);
if ($updatedForm instanceof Form) {
return redirect()->to(route('previewForm', ['form' => $updatedForm->id]));
}
$contextValidation = ContextAwareValidator::getValidator($request->all(), true);
$this->authorize('update', $form);
if (!$contextValidation->get('validator')->fails())
{
// Add the new structure into the form. New, subsquent fields will be identified by the "new" prefix
// This prefix doesn't actually change the app's behavior when it receives applications.
// Additionally, old applications won't of course display new and updated fields, because we can't travel into the past and get data for them
$form->formStructure = $contextValidation->get('structure');
$form->save();
$request->session()->flash('success', 'Hooray! Your form was updated. New applications for it\'s vacancy will use it.');
}
else
{
$request->session()->flash('errors', $contextValidation->get('validator')->errors()->getMessages());
}
return redirect()->to(route('previewForm', ['form' => $form->id]));
// array of errors
return redirect()
->back()
->with('errors', $updatedForm);
}
}

25
app/Http/Controllers/HomeController.php Executable file → Normal file
View File

@ -1,32 +1,13 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Vacancy;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class HomeController extends Controller
{
// doesn't need a service, because it doesn't contain major logic.
/**
* Show the application dashboard.
*
@ -34,10 +15,12 @@ class HomeController extends Controller
*/
public function index()
{
$positions = Vacancy::where('vacancyStatus', 'OPEN')
->where('vacancyCount', '<>', 0)
->get();
return view('home')
->with('positions', $positions);
}

130
app/Http/Controllers/OptionsController.php Executable file → Normal file
View File

@ -1,45 +1,16 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Exceptions\InvalidGamePreferenceException;
use App\Exceptions\OptionNotFoundException;
use App\Facades\Options;
use App\Options as Option;
use App\Services\ConfigurationService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class OptionsController extends Controller
{
private $configurationService;
public function __construct(ConfigurationService $configurationService) {
$this->configurationService = $configurationService;
}
/**
* Display a listing of the resource.
*
@ -47,59 +18,60 @@ class OptionsController extends Controller
*/
public function index()
{
// TODO: Replace with settings package
// TODO: Obtain this from the facade
$options = Option::all();
return view('dashboard.administration.settings')
->with([
'options' => Options::getCategory('notifications'),
'security' => [ // We could use the method above, but we need to set these names here for greater control in the template. This would nto be feasible for many options, we'd need to use a loop and the category method.
'secPolicy' => Options::getOption('pw_security_policy'),
'graceperiod' => Options::getOption('graceperiod'),
'pwExpiry' => Options::getOption('password_expiry'),
'requiresPMC' => Options::getOption('requireGameLicense'),
'enforce2fa' => Options::getOption('force2fa')
],
'currentGame' => Options::getOption('currentGame')
]);
->with('options', $options);
}
public function saveSettings(Request $request): \Illuminate\Http\RedirectResponse
{
try {
public function saveSettings(Request $request)
{
if (Auth::user()->can('admin.settings.edit'))
{
Log::debug('Updating application options', [
'ip' => $request->ip(),
'ua' => $request->userAgent(),
'username' => Auth::user()->username
]);
foreach($request->all() as $optionName => $option)
{
try
{
Log::debug('Going through option ' . $optionName);
if (Options::optionExists($optionName))
{
Log::debug('Option exists, updating to new values', [
'opt' => $optionName,
'new_value' => $option
]);
Options::changeOption($optionName, $option);
}
}
catch(\Exception $ex)
{
Log::error('Unable to update options!', [
'msg' => $ex->getMessage(),
'trace' => $ex->getTraceAsString()
]);
report($ex);
if (Auth::user()->can('admin.settings.edit')) {
$this->configurationService->saveConfiguration($request->all());
$errorCond = true;
$request->session()->flash('error', 'An error occurred while trying to save settings: ' . $ex->getMessage());
}
}
return redirect()
->back()
->with('success', __('Options updated successfully!'));
}
if (!isset($errorCond))
{
$request->session()->flash('success', 'Settings saved successfully!');
}
}
else
{
$request->session()->flash('error', 'You do not have permission to update this resource.');
}
} catch (OptionNotFoundException | \Exception $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
}
return redirect()
->back()
->with('error', __('You do not have permission to update this resource.'));
}
public function saveGameIntegration(Request $request)
{
try {
$this->configurationService->saveGameIntegration($request->gamePref);
return redirect()
->back()
->with('success', __('Game preference updated.'));
} catch (InvalidGamePreferenceException $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
}
}
return redirect()->back();
}
}

124
app/Http/Controllers/ProfileController.php Executable file → Normal file
View File

@ -1,30 +1,12 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Facades\IP;
use App\Http\Requests\ProfileSave;
use App\Services\ProfileService;
use Illuminate\Support\Facades\Log;
use App\Profile;
use App\User;
use App\Facades\IP;
use Carbon\Carbon;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
@ -32,22 +14,18 @@ use Spatie\Permission\Models\Role;
class ProfileController extends Controller
{
private $profileService;
public function __construct(ProfileService $profileService) {
$this->profileService = $profileService;
}
public function index()
{
public function index()
{
return view('dashboard.user.directory')
return view('dashboard.user.directory')
->with('users', User::with('profile', 'bans')->paginate(9));
}
}
public function showProfile()
{
// TODO: Come up with cleaner social media solution, e.g. social media object
$socialLinks = Auth::user()->profile->socialLinks ?? '[]';
$socialLinks = Auth::user()->profile->socialLinks ?? "[]";
$socialMediaProfiles = json_decode($socialLinks, true);
return view('dashboard.user.profile.userprofile')
@ -58,10 +36,13 @@ class ProfileController extends Controller
'insta' => $socialMediaProfiles['links']['insta'] ?? 'UpdateMe',
'discord' => $socialMediaProfiles['links']['discord'] ?? 'UpdateMe#12345',
]);
}
public function showSingleProfile(User $user)
// Route model binding
public function showSingleProfile(Request $request, User $user)
{
$socialMediaProfiles = json_decode($user->profile->socialLinks, true);
$createdDate = Carbon::parse($user->created_at);
@ -70,26 +51,21 @@ class ProfileController extends Controller
$roleList = [];
foreach ($systemRoles as $role) {
if (in_array($role, $userRoles)) {
$roleList[$role] = true;
} else {
$roleList[$role] = false;
}
}
$suspensionInfo = null;
if ($user->isBanned())
foreach($systemRoles as $role)
{
$suspensionInfo = [
'isPermanent' => $user->bans->isPermanent,
'reason' => $user->bans->reason,
'bannedUntil' => $user->bans->bannedUntil
];
if (in_array($role, $userRoles))
{
$roleList[$role] = true;
}
else
{
$roleList[$role] = false;
}
}
if (Auth::user()->is($user) || Auth::user()->can('profiles.view.others')) {
if (Auth::user()->is($user) || Auth::user()->can('profiles.view.others'))
{
return view('dashboard.user.profile.displayprofile')
->with([
'profile' => $user->profile,
@ -97,21 +73,55 @@ class ProfileController extends Controller
'twitter' => $socialMediaProfiles['links']['twitter'] ?? 'UpdateMe',
'insta' => $socialMediaProfiles['links']['insta'] ?? 'UpdateMe',
'discord' => $socialMediaProfiles['links']['discord'] ?? 'UpdateMe#12345',
'since' => $createdDate->englishMonth.' '.$createdDate->year,
'since' => $createdDate->englishMonth . " " . $createdDate->year,
'ipInfo' => IP::lookup($user->originalIP),
'roles' => $roleList,
'suspensionInfo' => $suspensionInfo
'roles' => $roleList
]);
} else {
abort(403, __('You cannot view someone else\'s profile.'));
}
else
{
abort(403, 'You cannot view someone else\'s profile.');
}
}
public function saveProfile(ProfileSave $request)
{
$this->profileService->updateProfile(Auth::user()->id, $request);
return redirect()
->back()
->with('success', __('Profile updated.'));
$profile = User::find(Auth::user()->id)->profile;
$social = [];
if (!is_null($profile))
{
switch ($request->avatarPref)
{
case 'MOJANG':
$avatarPref = 'crafatar';
break;
case 'GRAVATAR':
$avatarPref = strtolower($request->avatarPref);
break;
}
$social['links']['github'] = $request->socialGithub;
$social['links']['twitter'] = $request->socialTwitter;
$social['links']['insta'] = $request->socialInsta;
$social['links']['discord'] = $request->socialDiscord;
$profile->profileShortBio = $request->shortBio;
$profile->profileAboutMe = $request->aboutMe;
$profile->avatarPreference = $avatarPref;
$profile->socialLinks = json_encode($social);
$newProfile = $profile->save();
$request->session()->flash('success', 'Profile settings saved successfully.');
}
return redirect()->back();
}
}

View File

@ -0,0 +1,10 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class ResponseController extends Controller
{
//
}

View File

@ -1,35 +0,0 @@
<?php
namespace App\Http\Controllers;
use App\Facades\Options;
use App\Http\Requests\SaveSecuritySettings;
use App\Services\SecuritySettingsService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use function PHPSTORM_META\map;
class SecuritySettingsController extends Controller
{
private $securityService;
public function __construct(SecuritySettingsService $securityService) {
$this->securityService = $securityService;
}
public function save(SaveSecuritySettings $request)
{
$this->securityService->save($request->secPolicy, [
'graceperiod' => $request->graceperiod,
'pwExpiry' => $request->pwExpiry,
'enforce2fa' => $request->enforce2fa,
'requirePMC' => $request->requirePMC
]);
return redirect()
->back()
->with('success', __('Settings saved.'));
}
}

View File

@ -0,0 +1,10 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class StaffProfileController extends Controller
{
//
}

View File

@ -1,199 +0,0 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Exceptions\InvalidInviteException;
use App\Exceptions\PublicTeamInviteException;
use App\Exceptions\UserAlreadyInvitedException;
use App\Http\Requests\EditTeamRequest;
use App\Http\Requests\NewTeamRequest;
use App\Http\Requests\SendInviteRequest;
use App\Mail\InviteToTeam;
use App\Services\TeamService;
use App\Team;
use App\User;
use App\Vacancy;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Mail;
use Mpociot\Teamwork\Exceptions\UserNotInTeamException;
use Mpociot\Teamwork\Facades\Teamwork;
use Mpociot\Teamwork\TeamInvite;
class TeamController extends Controller
{
private $teamService;
public function __construct(TeamService $teamService) {
$this->teamService = $teamService;
}
/**
* Display a listing of the resource.
*
*/
public function index()
{
$this->authorize('index', Team::class);
$teams = Team::with('users.roles')->get();
return view('dashboard.teams.teams')
->with('teams', $teams);
}
/**
* Store a newly created resource in storage.
*
* @param NewTeamRequest $request
* @return RedirectResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
public function store(NewTeamRequest $request)
{
$this->authorize('create', Team::class);
$this->teamService->createTeam($request->teamName, Auth::user()->id);
return redirect()
->back()
->with('success', __('Team successfully created.'));
}
/**
* Show the form for editing the specified resource.
*
* @param Team $team
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View|\Illuminate\Http\Response
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
public function edit(Team $team)
{
$this->authorize('update', $team);
return view('dashboard.teams.edit-team')
->with([
'team' => $team,
'users' => User::all(),
'vacancies' => Vacancy::with('teams')->get()->all()
]);
}
/**
* Update the specified resource in storage.
*
* @param EditTeamRequest $request
* @param Team $team
* @return RedirectResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
public function update(EditTeamRequest $request, Team $team): RedirectResponse
{
$this->authorize('update', $team);
$team = $this->teamService->updateTeam($team, $request->teamDescription, $request->joinType);
if ($team) {
return redirect()
->to(route('teams.index'))
->with('success', __('Team updated.'));
}
return redirect()
->back()
->with('error', __('An error ocurred while trying to update this team.'));
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
// wip
}
public function invite(SendInviteRequest $request, Team $team): RedirectResponse
{
$this->authorize('invite', $team);
try {
$this->teamService->inviteUser($team, $request->user);
return redirect()
->back()
->with('success', __('User invited successfully!'));
} catch (UserAlreadyInvitedException | PublicTeamInviteException $ex) {
return redirect()
->back()
->with('error', $ex->getMessage());
}
}
public function processInviteAction(Request $request, $action, $token): RedirectResponse
{
try {
$this->teamService->processInvite(Auth::user(), $action, $token);
return redirect()
->to(route('teams.index'))
->with('success', __('Invite processed successfully!'));
} catch (InvalidInviteException $e) {
return redirect()
->back()
->with('error', $e->getMessage());
}
}
public function switchTeam(Request $request, Team $team): RedirectResponse
{
$this->authorize('switchTeam', $team);
try {
Auth::user()->switchTeam($team);
$request->session()->flash('success', __('Switched teams! Your team dashboard will now use this context.'));
} catch (UserNotInTeamException $ex) {
$request->session()->flash('error', __('You can\'t switch to a team you don\'t belong to.'));
}
return redirect()->back();
}
// Since it's a separate form, we shouldn't use the same update method
public function assignVacancies(Request $request, Team $team): RedirectResponse
{
$this->authorize('update', $team);
$message = $this->teamService->updateVacancies($team, $request->assocVacancies);
return redirect()
->back()
->with('success', $message);
}
}

View File

@ -1,141 +0,0 @@
<?php
namespace App\Http\Controllers;
// Most of these namespaces have no effect on the code, however, they're used by IDEs so they can resolve return types and for PHPDocumentor as well
use App\Exceptions\FileUploadException;
use App\Services\TeamFileService;
use App\TeamFile;
use App\Http\Requests\UploadFileRequest;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Storage;
use League\Flysystem\FileNotFoundException;
// Documentation-purpose namespaces
use Illuminate\Contracts\Foundation\Application;
use Illuminate\Contts\View\Factory;
use Illuminate\Contracts\View\View;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
class TeamFileController extends Controller
{
private $fileService;
public function __construct(TeamFileService $fileService) {
$this->fileService = $fileService;
}
/**
* Display a listing of the resource.
*
* @param Request $request
*/
public function index(Request $request)
{
$this->authorize('index', TeamFile::class);
if (is_null(Auth::user()->currentTeam))
{
$request->session()->flash('error', 'Please choose a team before viewing it\'s files.');
return redirect()->to(route('teams.index'));
}
return view('dashboard.teams.team-files')
->with('files', TeamFile::with('team', 'uploader')->paginate(6));
}
/**
* Store a newly created resource in storage.
*
* @param UploadFileRequest $request
* @return RedirectResponse
*/
public function store(UploadFileRequest $request)
{
$this->authorize('store', TeamFile::class);
if (config('demo.is_enabled'))
{
return redirect()
->back()
->with('error', 'This feature is disabled');
}
try {
$caption = $request->caption;
$description = $request->description;
$this->fileService->addFile($request->file('file'), Auth::user()->id, Auth::user()->currentTeam->id, $caption, $description);
return redirect()
->back()
->with('success', __('File uploaded successfully.'));
} catch (FileUploadException $uploadException) {
return redirect()
->back()
->with('error', $uploadException->getMessage());
}
}
public function download(Request $request, TeamFile $teamFile)
{
$this->authorize('download', TeamFile::class);
try
{
return Storage::download($teamFile->fs_location, $teamFile->name);
}
catch (FileNotFoundException $ex)
{
$request->session()->flash('error', 'Sorry, but the requested file could not be found in storage. Sometimes, files may be physically deleted by admins, but not from the app\'s database.');
return redirect()->back();
}
}
/**
* Remove the specified resource from storage.
*
* @param Request $request
* @param \App\TeamFile $teamFile
* @return RedirectResponse
*/
public function destroy(Request $request, TeamFile $teamFile)
{
$this->authorize('delete', $teamFile);
if (config('demo.is_enabled'))
{
return redirect()
->back()
->with('error', 'This feature is disabled');
}
try
{
Storage::delete($teamFile->fs_location);
$teamFile->delete();
$request->session()->flash('success', __('File deleted successfully.'));
}
catch (\Exception $ex)
{
$request->session()->flash('error', __('There was an error deleting the file: :msg', ['msg' => $ex->getMessage()]));
}
return redirect()->back();
}
}

302
app/Http/Controllers/UserController.php Executable file → Normal file
View File

@ -1,50 +1,33 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Ban;
use App\Http\Requests\Add2FASecretRequest;
use App\Http\Requests\ChangeEmailRequest;
use App\Http\Requests\ChangePasswordRequest;
use App\Http\Requests\DeleteUserRequest;
use App\Http\Requests\FlushSessionsRequest;
use App\Http\Requests\Remove2FASecretRequest;
use App\Http\Requests\DeleteUserRequest;
use App\Http\Requests\SearchPlayerRequest;
use App\Http\Requests\UpdateUserRequest;
use App\Notifications\ChangedPassword;
use App\Notifications\EmailChanged;
use App\Traits\DisablesFeatures;
use App\Traits\ReceivesAccountTokens;
use App\Http\Requests\Add2FASecretRequest;
use App\Http\Requests\Remove2FASecretRequest;
use App\User;
use Google2FA;
use App\Ban;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;
use App\Facades\UUID;
use App\Notifications\EmailChanged;
use App\Notifications\ChangedPassword;
use Spatie\Permission\Models\Role;
use Google2FA;
class UserController extends Controller
{
use ReceivesAccountTokens;
public function showStaffMembers()
{
@ -53,20 +36,24 @@ class UserController extends Controller
$staffRoles = [
'reviewer',
'hiringManager',
'admin',
'admin'
]; // TODO: Un-hardcode this, move to config/roles.php
$users = User::with('roles')->get();
$staffMembers = collect([]);
foreach ($users as $user) {
if (empty($user->roles)) {
foreach($users as $user)
{
if (empty($user->roles))
{
Log::debug($user->role->name);
Log::debug('Staff list: User without role detected; Ignoring');
continue;
}
foreach ($user->roles as $role) {
if (in_array($role->name, $staffRoles)) {
foreach($user->roles as $role)
{
if (in_array($role->name, $staffRoles))
{
$staffMembers->push($user);
continue 2; // Skip directly to the next user instead of comparing more roles for the current user
}
@ -75,7 +62,7 @@ class UserController extends Controller
return view('dashboard.administration.staff-members')
->with([
'users' => $staffMembers,
'users' => $staffMembers
]);
}
@ -86,9 +73,11 @@ class UserController extends Controller
$users = User::with('roles')->get();
$players = collect([]);
foreach ($users as $user) {
foreach($users as $user)
{
// TODO: Might be problematic if we don't check if the role is user
if (count($user->roles) == 1) {
if (count($user->roles) == 1)
{
$players->push($user);
}
}
@ -96,10 +85,11 @@ class UserController extends Controller
return view('dashboard.administration.players')
->with([
'users' => $players,
'bannedUserCount' => Ban::all()->count(),
'bannedUserCount' => Ban::all()->count()
]);
}
public function showPlayersLike(SearchPlayerRequest $request)
{
$this->authorize('viewPlayers', User::class);
@ -110,17 +100,18 @@ class UserController extends Controller
->orWhere('email', 'LIKE', "%{$searchTerm}%")
->get();
if (! $matchingUsers->isEmpty()) {
$request->session()->flash('success', __('There were :usersCount user(s) matching your search.', ['usersCount' => $matchingUsers->count()]));
if (!$matchingUsers->isEmpty())
{ $request->session()->flash('success', 'There were ' . $matchingUsers->count() . ' user(s) matching your search.');
return view('dashboard.administration.players')
->with([
'users' => $matchingUsers,
'bannedUserCount' => Ban::all()->count(),
'bannedUserCount' => Ban::all()->count()
]);
} else {
$request->session()->flash('error', __('Your search term did not return any results.'));
}
else
{
$request->session()->flash('error', 'Your search term did not return any results.');
return redirect(route('registeredPlayerList'));
}
}
@ -129,10 +120,14 @@ class UserController extends Controller
{
$QRCode = null;
if (! $request->user()->has2FA()) {
if ($request->session()->has('twofaAttemptFailed')) {
if (!$request->user()->has2FA())
{
if ($request->session()->has('twofaAttemptFailed'))
{
$twoFactorSecret = $request->session()->get('current2FA');
} else {
}
else
{
$twoFactorSecret = Google2FA::generateSecretKey(32, '');
$request->session()->put('current2FA', $twoFactorSecret);
}
@ -149,177 +144,169 @@ class UserController extends Controller
->with('twofaQRCode', $QRCode);
}
public function flushSessions(FlushSessionsRequest $request)
{
// TODO: Move all log calls to a listener, which binds to an event fired by each significant event, such as this one
// This will allow for other actions to be performed on certain events (like login failed event)
Auth::logoutOtherDevices($request->currentPasswordFlush);
Log::notice('User '.Auth::user()->name.' has logged out other devices in their account',
Log::notice('User ' . Auth::user()->name . ' has logged out other devices in their account',
[
'originIPAddress' => $request->ip(),
'userID' => Auth::user()->id,
'timestamp' => now(),
'timestamp' => now()
]);
$request->session()->flash('success', __('Successfully logged out other devices. Remember to change your password if you think you\'ve been compromised.'));
$request->session()->flash('success', 'Successfully logged out other devices. Remember to change your password if you think you\'ve been compromised.');
return redirect()->back();
}
public function changePassword(ChangePasswordRequest $request)
{
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
}
$user = User::find(Auth::user()->id);
if (! is_null($user)) {
if (!is_null($user))
{
$user->password = Hash::make($request->newPassword);
$user->password_last_updated = now();
$user->save();
Log::info('User '.$user->name.' has changed their password', [
Log::info('User ' . $user->name . ' has changed their password', [
'originIPAddress' => $request->ip(),
'userID' => $user->id,
'timestamp' => now(),
'timestamp' => now()
]);
$user->notify(new ChangedPassword());
Auth::logout();
return redirect()->back();
}
}
public function changeEmail(ChangeEmailRequest $request)
{
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
}
$user = User::find(Auth::user()->id);
if (! is_null($user)) {
if (!is_null($user))
{
$user->email = $request->newEmail;
$user->save();
Log::notice('User '.$user->name.' has just changed their contact email address', [
Log::notice('User ' . $user->name . ' has just changed their contact email address', [
'originIPAddress' => $request->ip(),
'userID' => $user->id,
'timestamp' => now(),
'timestamp' => now()
]);
$user->notify(new EmailChanged());
$request->session()->flash('success', __('Your email address has been changed!'));
} else {
$request->session()->flash('error', __('There has been an error whilst trying to update your account. Please contact administrators.'));
$request->session()->flash('success', 'Your email address has been changed!');
}
else
{
$request->session()->flash('error', 'There has been an error whilst trying to update your account. Please contact administrators.');
}
return redirect()->back();
}
public function delete(DeleteUserRequest $request, User $user)
{
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
}
$this->authorize('delete', $user);
if ($request->confirmPrompt == 'DELETE ACCOUNT') {
$user->forceDelete();
$request->session()->flash('success', __('User deleted successfully.'));
} else {
$request->session()->flash('error', __('Wrong confirmation text! Try again.'));
if ($request->confirmPrompt == 'DELETE ACCOUNT')
{
$user->delete();
$request->session()->flash('success','User deleted successfully. PII has been erased.');
}
else
{
$request->session()->flash('error', 'Wrong confirmation text! Try again.');
}
return redirect()->route('registeredPlayerList');
}
public function update(UpdateUserRequest $request, User $user)
{
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
$this->authorize('adminEdit', $user);
// Mass update would not be possible here without extra code, making route model binding useless
$user->email = $request->email;
$user->name = $request->name;
$user->uuid = $request->uuid;
$existingRoles = Role::all()
->pluck('name')
->all();
$roleDiff = array_diff($existingRoles, $request->roles);
// Adds roles that were selected. Removes roles that aren't selected if the user has them.
foreach($roleDiff as $deselectedRole)
{
if ($user->hasRole($deselectedRole) && $deselectedRole !== 'user')
{
$user->removeRole($deselectedRole);
}
$this->authorize('adminEdit', $user);
}
// Mass update would not be possible here without extra code, making route model binding useless
$user->email = $request->email;
$user->name = $request->name;
$user->uuid = $request->uuid;
$existingRoles = Role::all()
->pluck('name')
->all();
$roleDiff = array_diff($existingRoles, $request->roles);
// Adds roles that were selected. Removes roles that aren't selected if the user has them.
foreach ($roleDiff as $deselectedRole) {
if ($user->hasRole($deselectedRole) && $deselectedRole !== 'user') {
$user->removeRole($deselectedRole);
}
foreach($request->roles as $role)
{
if (!$user->hasRole($role))
{
$user->assignRole($role);
}
foreach ($request->roles as $role) {
if (! $user->hasRole($role)) {
$user->assignRole($role);
}
}
}
$user->save();
$request->session()->flash('success', __('User updated successfully!'));
$user->save();
$request->session()->flash('success', 'User updated successfully!');
return redirect()->back();
return redirect()->back();
}
public function add2FASecret(Add2FASecretRequest $request)
{
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
}
$currentSecret = $request->session()->get('current2FA');
$isValid = Google2FA::verifyKey($currentSecret, $request->otp);
if ($isValid) {
$request->user()->twofa_secret = $currentSecret;
$request->user()->save();
if ($isValid)
{
$request->user()->twofa_secret = $currentSecret;
$request->user()->save();
Log::warning('SECURITY: User activated two-factor authentication', [
'initiator' => $request->user()->email,
'ip' => $request->ip(),
]);
Log::warning('SECURITY: User activated two-factor authentication', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
Google2FA::login();
Google2FA::login();
Log::warning('SECURITY: Started two factor session automatically', [
'initiator' => $request->user()->email,
'ip' => $request->ip(),
]);
Log::warning('SECURITY: Started two factor session automatically', [
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->session()->forget('current2FA');
$request->session()->forget('current2FA');
if ($request->session()->has('twofaAttemptFailed')) {
$request->session()->forget('twofaAttemptFailed');
}
if ($request->session()->has('twofaAttemptFailed'))
$request->session()->forget('twofaAttemptFailed');
$request->session()->flash('success', __('2FA succesfully enabled! You\'ll now be prompted for an OTP each time you log in.'));
} else {
$request->session()->flash('error', __('Incorrect code. Please reopen the 2FA settings panel and try again.'));
$request->session()->put('twofaAttemptFailed', true);
$request->session()->flash('success', '2FA succesfully enabled! You\'ll now be prompted for an OTP each time you log in.');
}
else
{
$request->session()->flash('error', 'Incorrect code. Please reopen the 2FA settings panel and try again.');
$request->session()->put('twofaAttemptFailed', true);
}
return redirect()->back();
@ -328,44 +315,43 @@ class UserController extends Controller
public function remove2FASecret(Remove2FASecretRequest $request)
{
Log::warning('SECURITY: Disabling two factor authentication (user initiated)', [
'initiator' => $request->user()->email,
'ip' => $request->ip(),
'initiator' => $request->user()->email,
'ip' => $request->ip()
]);
$request->user()->twofa_secret = null;
$request->user()->save();
$request->session()->flash('success', __('Two-factor authentication disabled.'));
$request->session()->flash('success', 'Two-factor authentication disabled.');
return redirect()->back();
}
public function terminate(Request $request, User $user)
{
$this->authorize('terminate', User::class);
if (config('demo.is_enabled')) {
return redirect()
->back()
->with('error', 'This feature is disabled');
}
// TODO: move logic to policy
if (! $user->isStaffMember() || $user->is(Auth::user())) {
$request->session()->flash('error', __('You cannot terminate this user.'));
if (!$user->isStaffMember() || $user->is(Auth::user()))
{
$request->session()->flash('error', 'You cannot terminate this user.');
return redirect()->back();
}
foreach ($user->roles as $role) {
if ($role->name == 'user') {
continue;
}
foreach ($user->roles as $role)
{
if ($role->name == 'user')
{
continue;
}
$user->removeRole($role->name);
$user->removeRole($role->name);
}
Log::info('User '.$user->name.' has just been demoted.');
$request->session()->flash('success', __('User terminated successfully.'));
Log::info('User ' . $user->name . ' has just been demoted.');
$request->session()->flash('success', 'User terminated successfully.');
//TODO: Dispatch event
return redirect()->back();

132
app/Http/Controllers/VacancyController.php Executable file → Normal file
View File

@ -1,64 +1,45 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Facades\JSON;
use App\Form;
use App\Http\Requests\VacancyEditRequest;
use App\Http\Requests\VacancyRequest;
use App\Notifications\VacancyClosed;
use App\User;
use App\Http\Requests\VacancyEditRequest;
use App\Vacancy;
use App\User;
use App\Form;
use App\Notifications\VacancyClosed;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Auth;
class VacancyController extends Controller
{
public function index()
{
$this->authorize('viewAny', Vacancy::class);
$this->authorize('viewAny', Vacancy::class);
return view('dashboard.administration.positions')
->with([
'forms' => Form::all(),
'vacancies' => Vacancy::all(),
'vacancies' => Vacancy::all()
]);
}
public function store(VacancyRequest $request)
{
$messageIsError = false;
$this->authorize('create', Vacancy::class);
$form = Form::find($request->vacancyFormID);
if (! is_null($form)) {
/* note: since we can't convert HTML back to Markdown, we'll have to do the converting when the user requests a page,
* and leave the database with Markdown only so it can be used and edited everywhere.
* for several vacancies, this would require looping through all of them and replacing MD with HTML, which is obviously not the most clean solution;
* however, the Model can be configured to return MD instead of HTML on that specific field saving us from looping.
*/
if (!is_null($form))
{
/* note: since we can't convert HTML back to Markdown, we'll have to do the converting when the user requests a page,
* and leave the database with Markdown only so it can be used and edited everywhere.
* for several vacancies, this would require looping through all of them and replacing MD with HTML, which is obviously not the most clean solution;
* however, the Model can be configured to return MD instead of HTML on that specific field saving us from looping.
*/
Vacancy::create([
'vacancyName' => $request->vacancyName,
@ -68,83 +49,90 @@ class VacancyController extends Controller
'permissionGroupName' => $request->permissionGroup,
'discordRoleID' => $request->discordRole,
'vacancyFormID' => $request->vacancyFormID,
'vacancyCount' => $request->vacancyCount,
'vacancyCount' => $request->vacancyCount
]);
$message = __('Vacancy successfully opened. It will now show in the home page.');
} else {
$message = __('You cannot create a vacancy without a valid form.');
$messageIsError = true;
$request->session()->flash('success', 'Vacancy successfully opened. It will now show in the home page.');
}
else
{
$request->session()->flash('error', 'You cannot create a vacancy without a valid form.');
}
return redirect()
->back()
->with(($messageIsError) ? 'error' : 'success', $message);
return redirect()->back();
}
public function updatePositionAvailability(Request $request, $status, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
if (! is_null($vacancy)) {
if (!is_null($vacancy))
{
$type = 'success';
switch ($status) {
switch ($status)
{
case 'open':
$vacancy->open();
$message = __('Position successfully opened!');
$message = "Position successfully opened!";
break;
case 'close':
$vacancy->close();
$message = __('Position successfully closed!');
$message = "Position successfully closed!";
foreach (User::all() as $user) {
if ($user->isStaffMember()) {
$user->notify(new VacancyClosed($vacancy));
}
foreach(User::all() as $user)
{
if ($user->isStaffMember())
{
$user->notify(new VacancyClosed($vacancy));
}
}
break;
default:
$message = __("Please do not tamper with the URLs. To report a bug, please contact an administrator.");
$message = "Please do not tamper with the button's URLs. To report a bug, please contact an administrator.";
$type = 'error';
}
} else {
$message = __("The position you're trying to update doesn't exist!");
$type = 'error';
}
else
{
$message = "The position you're trying to update doesn't exist!";
$type = "error";
}
return redirect()
->back()
->with($type, $message);
$request->session()->flash($type, $message);
return redirect()->back();
}
public function edit(Request $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
$this->authorize('update', $vacancy);
return view('dashboard.administration.editposition')
->with('vacancy', $vacancy);
}
public function update(VacancyEditRequest $request, Vacancy $vacancy)
{
$this->authorize('update', $vacancy);
$this->authorize('update', $vacancy);
$vacancy->vacancyFullDescription = $request->vacancyFullDescription;
$vacancy->vacancyDescription = $request->vacancyDescription;
$vacancy->vacancyCount = $request->vacancyCount;
$vacancy->vacancyFullDescription = $request->vacancyFullDescription;
$vacancy->vacancyDescription = $request->vacancyDescription;
$vacancy->vacancyCount = $request->vacancyCount;
$vacancy->save();
$vacancy->save();
$request->session()->flash('success', 'Vacancy successfully updated.');
return redirect()->back();
return redirect()
->back()
->with('success', __('Vacancy successfully updated.'));
}
}

29
app/Http/Controllers/VoteController.php Executable file → Normal file
View File

@ -1,34 +1,18 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers;
use App\Application;
use App\Http\Requests\VoteRequest;
use App\Jobs\ProcessVoteList;
use App\Vote;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class VoteController extends Controller
{
public function vote(VoteRequest $voteRequest, Application $application)
{
$this->authorize('create', Vote::class);
@ -39,10 +23,11 @@ class VoteController extends Controller
]);
$vote->application()->attach($application->id);
Log::info('User '.Auth::user()->name.' has voted in applicant '.$application->user->name.'\'s application', [
'voteType' => $voteRequest->voteType,
Log::info('User ' . Auth::user()->name . ' has voted in applicant ' . $application->user->name . '\'s application', [
'voteType' => $voteRequest->voteType
]);
$voteRequest->session()->flash('success', __('Your vote has been counted!'));
$voteRequest->session()->flash('success', 'Your vote has been registered!');
// Cron job will run command that processes votes
return redirect()->back();

25
app/Http/Kernel.php Executable file → Normal file
View File

@ -1,27 +1,7 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http;
use App\Http\Middleware\APIAuthenticationMiddleware;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
@ -61,7 +41,6 @@ class Kernel extends HttpKernel
'api' => [
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
APIAuthenticationMiddleware::class
],
];
@ -87,12 +66,10 @@ class Kernel extends HttpKernel
'usernameUUID' => \App\Http\Middleware\UsernameUUID::class,
'forcelogout' => \App\Http\Middleware\ForceLogoutMiddleware::class,
'2fa' => \PragmaRX\Google2FALaravel\Middleware::class,
'passwordexpiration' => \App\Http\Middleware\PasswordExpirationMiddleware::class,
'passwordredirect' => \App\Http\Middleware\PasswordExpirationRedirectMiddleware::class,
'localize' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRoutes::class,
'localizationRedirect' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationRedirectFilter::class,
'localeSessionRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleSessionRedirect::class,
'localeCookieRedirect' => \Mcamara\LaravelLocalization\Middleware\LocaleCookieRedirect::class,
'localeViewPath' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationViewPath::class,
'localeViewPath' => \Mcamara\LaravelLocalization\Middleware\LaravelLocalizationViewPath::class
];
}

View File

@ -1,65 +0,0 @@
<?php
namespace App\Http\Middleware;
use App\ApiKey;
use App\Facades\JSON;
use Carbon\Carbon;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Str;
class APIAuthenticationMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
$key = $request->bearerToken();
if (!is_null($key))
{
// we have a valid discriminator
$discriminator = Str::before($key, '.');
$loneKey = Str::after($key, '.');
$keyRecord = ApiKey::where('discriminator', $discriminator)->first();
if ($keyRecord && Hash::check($loneKey, $keyRecord->secret) && $keyRecord->status == 'active')
{
$keyRecord->last_used = Carbon::now();
$keyRecord->save();
Log::info('Recording API call, see context', [
'uri' => $request->url(),
'name' => Route::currentRouteName(),
'discriminator' => $discriminator,
'ip' => $request->ip()
]);
return $next($request);
}
return JSON::setResponseType('error')
->setStatus('authfail')
->setMessage('Invalid / Revoked API key.')
->setCode(401)
->build();
}
return JSON::setResponseType('error')
->setStatus('malformed_key')
->setMessage('Missing or malformed API key.')
->setCode(400)
->build();
}
}

39
app/Http/Middleware/ApplicationEligibility.php Executable file → Normal file
View File

@ -1,31 +1,12 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use App\Application;
use Illuminate\Support\Facades\Log;
use Carbon\Carbon;
use Closure;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\View;
class ApplicationEligibility
@ -42,29 +23,37 @@ class ApplicationEligibility
{
$curtime = new Carbon(now());
if (Auth::check()) {
if (Auth::check())
{
$applications = Application::where('applicantUserID', Auth::user()->id)->get();
$eligible = true;
$daysRemaining = 0;
if (! $applications->isEmpty()) {
foreach ($applications as $application) {
if (!$applications->isEmpty())
{
foreach ($applications as $application)
{
$appTime = Carbon::parse($application->created_at);
if ($appTime->isSameMonth($curtime)) {
Log::warning('Notice: Application ID '.$application->id.' was found to be in the same month as today\'s time, making the user '.Auth::user()->name.' ineligible for application');
if ($appTime->isSameMonth($curtime))
{
Log::warning('Notice: Application ID ' . $application->id . ' was found to be in the same month as today\'s time, making the user ' . Auth::user()->name . ' ineligible for application');
$eligible = false;
}
}
$allowedTime = Carbon::parse($applications->last()->created_at)->addMonth();
$daysRemaining = $allowedTime->diffInDays(now());
}
View::share('isEligibleForApplication', $eligible);
View::share('eligibilityDaysRemaining', $daysRemaining);
}
return $next($request);
}
}

19
app/Http/Middleware/Authenticate.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;

31
app/Http/Middleware/Bancheck.php Executable file → Normal file
View File

@ -1,24 +1,5 @@
<?php
/*
* Copyright © 2020 Miguel Nogueira
*
* This file is part of Raspberry Staff Manager.
*
* Raspberry Staff Manager is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Raspberry Staff Manager is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Raspberry Staff Manager. If not, see <https://www.gnu.org/licenses/>.
*/
namespace App\Http\Middleware;
use Closure;
@ -39,11 +20,17 @@ class Bancheck
$userIP = $request->ip();
$anonymousUser = User::where('ipAddress', $userIP)->get();
if (Auth::check() && Auth::user()->isBanned()) {
if (Auth::check() && Auth::user()->isBanned())
{
View::share('isBanned', true);
} elseif (! $anonymousUser->isEmpty() && User::find($anonymousUser->id)->isBanned()) {
}
elseif(!$anonymousUser->isEmpty() && User::find($anonymousUser->id)->isBanned())
{
View::share('isBanned', true);
} else {
}
else
{
View::share('isBanned', false);
}

Some files were not shown because too many files have changed in this diff Show More