bbs/clrghouz
1
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: bbs:32d31cea90c18f4b1baff41fa82577ffee8ee23d
Branches Tags
bbs:master
bbs:bbs
...
compare: bbs:f4f8e9fa94f7089c3d1c03bd724ade5afc798a47
Branches Tags
bbs:master
bbs:bbs

2 Commits
32d31cea90 ... f4f8e9fa94

Author SHA1 Message Date
Deon George
f4f8e9fa94 Fix some user permissions, when viewing netmails and other systems
All checks were successful
Create Docker Image / Build Docker Image (x86_64) (push) Successful in 37s
Details
Create Docker Image / Build Docker Image (arm64) (push) Successful in 1m50s
Details
Create Docker Image / Final Docker Image Manifest (push) Successful in 9s
Details
2024-10-16 08:44:46 +11:00
Deon George
38fd1539a6 Dont let users increase pkt_msgs above 100 2024-10-16 08:19:36 +11:00
3 changed files with 36 additions and 22 deletions
Show Stats Expand all files Collapse all files

21
app/Http/Requests/SystemRegisterRequest.php
View File

@ -23,7 +23,12 @@ class SystemRegisterRequest extends FormRequest
// @todo Also disallow claiming this hosts system
return Gate::allows($this->route('o')->users->count() ? 'update_nn' : 'register',$this->route('o'));
return Gate::allows(
$this->route('o')->users->count()
? 'update_nn'
: 'register',
$this->route('o')
);
}
public function messages(): array
@ -31,6 +36,7 @@ class SystemRegisterRequest extends FormRequest
return [
'hold' => 'Must be Yes or No',
'pollmode' => 'Must be Hold, Normal or Crash',
'pkt_msgs' => 'Sorry, only an admin can increase this above 100',
];
}
@ -39,7 +45,7 @@ class SystemRegisterRequest extends FormRequest
*
* If the system exists (POST & action="register" & system_id=<value>), then no validation required
* If the system doesnt exist (POST & action="register" & system_id undefined) then we need just a name to start the process (action="create")
* Then, full validation
* Then, full validation
* @return array
*/
public function rules(Request $request)
@ -70,7 +76,16 @@ class SystemRegisterRequest extends FormRequest
'hold' => 'sometimes|boolean',
'pollmode' => 'required|integer|min:0|max:2',
'heartbeat' => 'nullable|integer|min:0|max:48',
'pkt_msgs' => 'nullable|integer|min:5',
'pkt_msgs' => [
'nullable',
function ($attribute,$value,$fail) {
if (($value > 100) && (! Gate::allows('admin')))
$fail(true);
},
'integer',
'min:5',
'max:65535',
],
] : []));
}
}

11
app/Policies/NetmailPolicy.php
View File

@ -19,17 +19,14 @@ class NetmailPolicy
*/
public function view(User $user, Netmail $o): bool
{
$zones = $user->zc()->pluck('zone')
//->merge($user->rc()->pluck('zone'))
//->merge($user->nc()->pluck('zone'))
//->merge($user->hub()->pluck('zone'))
->merge($user->points()->pluck('zone'));
$addresses = $user->addresses()->pluck('id');
// Site Admins can always view
return (
$user->isAdmin()
|| ($zones->contains($o->fftn->zone))
|| ($zones->contains($o->tftn->zone))
|| $user->isZC()
|| ($addresses->contains($o->fftn_id))
|| ($addresses->contains($o->tftn_id))
);
}
}

26
resources/views/system/widget/system.blade.php
View File

@ -159,7 +159,7 @@ use App\Models\{Mailer,User};
<span class="input-group-text"><i class="bi bi-modem-fill"></i></span>
<input type="text" class="form-control text-end @error('mailer_details.'.$mo->id.'.port') is-invalid @enderror" id="mailer_port_{{ $mo->id }}" placeholder="Port" name="mailer_details[{{ $mo->id }}][port]" value="{{ old('mailer_details.'.$mo->id.'.port',$x?->pivot->port) }}" @cannot($action,$o)readonly @endcannot>
<div class="input-group-text">
<input type="checkbox" class="form-control-input" name="mailer_details[{{ $mo->id }}][active]" value="1" title="Active" @if(old('mailer_details.'.$mo->id.'.active',$x?->pivot->active))checked @endif>
<input type="checkbox" class="form-control-input" name="mailer_details[{{ $mo->id }}][active]" value="1" title="Active" @if(old('mailer_details.'.$mo->id.'.active',$x?->pivot->active))checked @endif @cannot($action,$o)disabled @endcannot>
</div>
<span class="invalid-feedback" role="alert">
@error('mailer_details.'.$mo->id.'.port')
@ -177,7 +177,7 @@ use App\Models\{Mailer,User};
<label for="pkt_type" class="form-label">Mail Packet</label>
<div class="input-group">
<span class="input-group-text"><i class="bi bi-ui-radios"></i></span>
<select class="form-select @error('pkt_type') is-invalid @enderror" id="pkt_type" name="pkt_type" @cannot($action,$o)readonly @endcannot>
<select class="form-select @error('pkt_type') is-invalid @enderror" id="pkt_type" name="pkt_type" @cannot($action,$o)disabled @endcannot>
@foreach (Packet::PACKET_TYPES as $type => $class)
<option value="{{ $type }}" @if(old('pkt_type',$o->pkt_type ?: config('fido.packet_default')) === $type)selected @endif>{{ $type }}</option>
@endforeach
@ -217,7 +217,7 @@ use App\Models\{Mailer,User};
<label for="method" class="form-label">Connection Method</label>
<div class="input-group">
<span class="input-group-text"><i class="bi bi-wifi"></i></span>
<select class="form-select @error('method') is-invalid @enderror" id="method" name="method" @cannot($action,$o)readonly @endcannot>
<select class="form-select @error('method') is-invalid @enderror" id="method" name="method" @cannot($action,$o)disabled @endcannot>
<option></option>
<option value="23" @if(old('method',$o->method) == 23)selected @endif>Telnet</option>
<option value="22" @if(old('method',$o->method) == 22)selected @endif>SSH</option>
@ -303,15 +303,15 @@ use App\Models\{Mailer,User};
<div class="row">
<div class="col-12">
<div class="row p-0">
<div class="col-6">
<label for="autohold" class="form-label">Auto Hold</label>
<div class="input-group">
<button id="autohold" @class(['btn','btn-warning'=>$o->autohold,'btn-outline-success'=>(! $o->autohold)])><i @class(['bi-toggle-on'=>$o->autohold,'bi-toggle-off'=>(! $o->autohold)])></i></button>
</div>
</div>
<!-- @todo This is only relevant for uplinks, so hide it if this system isnt an uplink -->
@can('admin',$o)
<div class="col-6">
<label for="autohold" class="form-label">Auto Hold</label>
<div class="input-group">
<button id="autohold" @class(['btn','btn-warning'=>$o->autohold,'btn-outline-success'=>(! $o->autohold)])><i @class(['bi-toggle-on'=>$o->autohold,'bi-toggle-off'=>(! $o->autohold)])></i></button>
</div>
</div>
<!-- @todo This is only relevant for uplinks, so hide it if this system isnt an uplink -->
<div class="col-6 @if((old('pollmode') === "0") || is_null($o->pollmode))d-none @endif" id="heartbeat_option">
<label for="heartbeat" class="form-label">Heartbeat <i class="bi bi-info-circle" title="Attempt contact after last seen"></i></label>
<div class="input-group has-validation">
@ -438,7 +438,9 @@ use App\Models\{Mailer,User};
@else
<input type="hidden" name="system_id" value="{{ $o->id }}">
<span><small><strong>NOTE:</strong> You'll be able to update these details after registration is completed.</small></span>
<button type="submit" class="btn btn-success float-end" name="submit" value="register">Register</button>
{{--
<button type="submit" class="btn btn-success float-end" name="submit" value="register">Register</button>
--}}
@endcan
@else
<button type="submit" class="btn btn-success float-end" name="submit" value="create">Register</button>