From e8aaa1712290bf56ad8724bd0c9209a079e7fdea Mon Sep 17 00:00:00 2001
From: Deon George <deon@dege.au>
Date: Sat, 21 Jun 2025 08:35:33 +1000
Subject: [PATCH] Change our internal template keys to be prefixed with an
 underscore for easier identification

---
 app/Http/Controllers/AjaxController.php       |  2 +-
 app/Http/Controllers/HomeController.php       | 32 ++++++++++---------
 app/Http/Requests/EntryAddRequest.php         | 16 +++++-----
 public/js/custom.js                           |  4 +--
 .../components/attribute/password.blade.php   |  2 +-
 .../views/components/attribute/rdn.blade.php  | 10 +++---
 resources/views/frames/create.blade.php       |  4 +--
 resources/views/frames/import.blade.php       |  2 +-
 tests/Feature/ImportTest.php                  |  2 +-
 9 files changed, 38 insertions(+), 36 deletions(-)

diff --git a/app/Http/Controllers/AjaxController.php b/app/Http/Controllers/AjaxController.php
index 6578443a..9c4abb14 100644
--- a/app/Http/Controllers/AjaxController.php
+++ b/app/Http/Controllers/AjaxController.php
@@ -38,7 +38,7 @@ class AjaxController extends Controller
 	 */
 	public function children(Request $request): Collection
 	{
-		$dn = Crypt::decryptString($request->query('key'));
+		$dn = Crypt::decryptString($request->query('_key'));
 
 		// Sometimes our key has a command, so we'll ignore it
 		if (str_starts_with($dn,'*') && ($x=strpos($dn,'|')))
diff --git a/app/Http/Controllers/HomeController.php b/app/Http/Controllers/HomeController.php
index 7b992b06..6878be72 100644
--- a/app/Http/Controllers/HomeController.php
+++ b/app/Http/Controllers/HomeController.php
@@ -28,6 +28,8 @@ class HomeController extends Controller
 {
 	private const LOGKEY = 'CHc';
 
+	private const INTERNAL_POST = ['_key','_rdn','_rdn_value','_step','_template','_token','_userpassword_hash'];
+
 	/**
 	 * Create a new object in the LDAP server
 	 *
@@ -37,7 +39,7 @@ class HomeController extends Controller
 	 */
 	public function entry_add(EntryAddRequest $request): \Illuminate\View\View
 	{
-		if (! old('step',$request->validated('step')))
+		if (! old('_step',$request->validated('_step')))
 			abort(404);
 
 		$key = $this->request_key($request,collect(old()));
@@ -46,7 +48,7 @@ class HomeController extends Controller
 		$o = new Entry;
 		$o->setRDNBase($key['dn']);
 
-		foreach (collect(old())->except(['_token','key','step','rdn','rdn_value','_template','userpassword_hash']) as $old => $value)
+		foreach (collect(old())->except(self::INTERNAL_POST) as $old => $value)
 			$o->{$old} = array_filter($value);
 
 		if (old('_template',$request->validated('template'))) {
@@ -69,7 +71,7 @@ class HomeController extends Controller
 				$o->{$ao->name} = [Entry::TAG_NOTAG=>''];
 		}
 
-		$step = $request->step ? $request->step+1 : old('step');
+		$step = $request->get('_step') ? $request->get('_step')+1 : old('_step');
 
 		return view('frame')
 			->with('subframe','create')
@@ -113,12 +115,12 @@ class HomeController extends Controller
 	{
 		$key = $this->request_key($request,collect(old()));
 
-		$dn = sprintf('%s=%s,%s',$request->rdn,$request->rdn_value,$key['dn']);
+		$dn = sprintf('%s=%s,%s',$request->get('_rdn'),$request->get('_rdn_value'),$key['dn']);
 
 		$o = new Entry;
 		$o->setDn($dn);
 
-		foreach ($request->except(['_token','key','step','rdn','rdn_value','_template','userpassword_hash']) as $key => $value)
+		foreach ($request->except(self::INTERNAL_POST) as $key => $value)
 			$o->{$key} = array_filter($value);
 
 		try {
@@ -214,7 +216,7 @@ class HomeController extends Controller
 	 */
 	public function entry_objectclass_add(Request $request): Collection
 	{
-		$dn = $request->key ? Crypt::decryptString($request->dn) : '';
+		$dn = $request->get('_key') ? Crypt::decryptString($request->dn) : '';
 		$oc = Factory::create($dn,'objectclass',$request->oc);
 
 		$ocs = $oc
@@ -269,7 +271,7 @@ class HomeController extends Controller
 
 		$o = config('server')->fetch($dn);
 
-		foreach ($request->except(['_token','dn','userpassword_hash','userpassword']) as $key => $value)
+		foreach ($request->except(['_token','dn','_userpassword_hash','userpassword']) as $key => $value)
 			$o->{$key} = array_filter($value,fn($item)=>! is_null($item));
 
 		// @todo Need to handle incoming attributes that were modified by MD5Updates Trait (eg: jpegphoto)
@@ -286,7 +288,7 @@ class HomeController extends Controller
 				}
 
 				if ($value) {
-					$type = Arr::get($request->userpassword_hash,$dotkey);
+					$type = Arr::get($request->get('_userpassword_hash'),$dotkey);
 					$passwords[$dotkey] = Password::hash_id($type)
 						->encode($value);
 				}
@@ -393,7 +395,7 @@ class HomeController extends Controller
 			// @todo Need to handle if DN is null, for example if the user's session expired and the ACLs dont let them retrieve $key['dn']
 			$o = config('server')->fetch($key['dn']);
 
-			foreach (collect(old())->except(['key','dn','step','_token','userpassword_hash','rdn','rdn_value']) as $attr => $value)
+			foreach (collect(old())->except(array_merge(self::INTERNAL_POST,['dn'])) as $attr => $value)
 				$o->{$attr} = $value;
 		}
 
@@ -481,8 +483,8 @@ class HomeController extends Controller
 		// Setup
 		$cmd = NULL;
 		$dn = NULL;
-		$key = $request->get('key',old('key'))
-			? Crypt::decryptString($request->get('key',old('key')))
+		$key = $request->get('_key',old('_key'))
+			? Crypt::decryptString($request->get('_key',old('_key')))
 			: NULL;
 
 		// Determine if our key has a command
@@ -494,9 +496,9 @@ class HomeController extends Controller
 				$dn = ($m[2] !== '_NOP') ? $m[2] : NULL;
 			}
 
-		} elseif (old('dn',$request->get('key'))) {
+		} elseif (old('dn',$request->get('_key'))) {
 			$cmd = 'dn';
-			$dn = Crypt::decryptString(old('dn',$request->get('key')));
+			$dn = Crypt::decryptString(old('dn',$request->get('_key')));
 		}
 
 		return ['cmd'=>$cmd,'dn'=>$dn];
@@ -513,12 +515,12 @@ class HomeController extends Controller
 	public function schema_frame(Request $request): \Illuminate\View\View
 	{
 		// If an invalid key, we'll 404
-		if ($request->type && $request->key && (! config('server')->schema($request->type)->has($request->key)))
+		if ($request->type && $request->get('_key') && (! config('server')->schema($request->type)->has($request->get('_key'))))
 			abort(404);
 
 		return view('frames.schema')
 			->with('type',$request->type)
-			->with('key',$request->key);
+			->with('key',$request->get('_key'));
 	}
 
 	/**
diff --git a/app/Http/Requests/EntryAddRequest.php b/app/Http/Requests/EntryAddRequest.php
index 433fa048..51cccdec 100644
--- a/app/Http/Requests/EntryAddRequest.php
+++ b/app/Http/Requests/EntryAddRequest.php
@@ -17,8 +17,8 @@ class EntryAddRequest extends FormRequest
 	public function messages(): array
 	{
 		return [
-			'rdn' => __('RDN is required.'),
-			'rdn_value' => __('RDN value is required.'),
+			'_rdn' => __('RDN is required.'),
+			'_rdn_value' => __('RDN value is required.'),
 		];
 	}
 
@@ -51,7 +51,7 @@ class EntryAddRequest extends FormRequest
 			->filter()
 			->flatMap(fn($item)=>$item)
 			->merge([
-				'key' => [
+				'_key' => [
 					'required',
 					new DNExists,
 					function (string $attribute,mixed $value,\Closure $fail) {
@@ -66,9 +66,9 @@ class EntryAddRequest extends FormRequest
 						}
 					},
 				],
-				'rdn' => 'required_if:step,2|string|min:1',
-				'rdn_value' => 'required_if:step,2|string|min:1',
-				'step' => 'int|min:1|max:2',
+				'_rdn' => 'required_if:_step,2|string|min:1',
+				'_rdn_value' => 'required_if:_step,2|string|min:1',
+				'_step' => 'int|min:1|max:2',
 				'objectclass'=>[
 					'required',
 					'array',
@@ -81,7 +81,7 @@ class EntryAddRequest extends FormRequest
 
 						// If this is step 1 and there is no objectclass, and no template, then fail
 						if ((! $oc->count())
-							&& (request()->post('step') == 1)
+							&& (request()->post('_step') == 1)
 							&& (! request()->post('template')))
 						{
 							$fail(__('Select an objectclass or a template'));
@@ -101,7 +101,7 @@ class EntryAddRequest extends FormRequest
 
 						// If this is step 1 and there is no objectclass, and no template, then fail
 						if ((! collect($value)->filter()->count())
-							&& (request()->post('step') == 1)
+							&& (request()->post('_step') == 1)
 							&& (! $oc->count()))
 						{
 							$fail(__('Select an objectclass or a template'));
diff --git a/public/js/custom.js b/public/js/custom.js
index 1f652ade..46080820 100644
--- a/public/js/custom.js
+++ b/public/js/custom.js
@@ -15,7 +15,7 @@ function getNode(item) {
 	$.ajax({
 		url: '/frame',
 		method: 'POST',
-		data: { key: item },
+		data: { _key: item },
 		dataType: 'html',
 		beforeSend: function() {
 			content = $('.main-content')
@@ -96,7 +96,7 @@ $(document).ready(function() {
 		lazyLoad: function(event,data) {
 			data.result = {
 				url: '/ajax/children',
-				data: {key: data.node.data.item,depth: 1}
+				data: {_key: data.node.data.item,depth: 1}
 			};
 
 			expandChildren(data.tree.rootNode);
diff --git a/resources/views/components/attribute/password.blade.php b/resources/views/components/attribute/password.blade.php
index de11ae20..77b5c103 100644
--- a/resources/views/components/attribute/password.blade.php
+++ b/resources/views/components/attribute/password.blade.php
@@ -4,7 +4,7 @@
 		@foreach(($o->tagValues($langtag)->count() ? $o->tagValues($langtag) : [$langtag => NULL]) as $key => $value)
 			@if($edit)
 				<div class="input-group has-validation">
-					<x-form.select id="userpassword_hash_{{$loop->index}}{{$template?->name ?? ''}}" name="userpassword_hash[{{ $langtag }}][]" :value="$o->hash($new ? '' : ($value ?? ''))->id()" :options="$helpers" allowclear="false" :disabled="! $new"/>
+					<x-form.select id="userpassword_hash_{{$loop->index}}{{$template?->name ?? ''}}" name="_userpassword_hash[{{ $langtag }}][]" :value="$o->hash($new ? '' : ($value ?? ''))->id()" :options="$helpers" allowclear="false" :disabled="! $new"/>
 					<input type="password" @class(['form-control','is-invalid'=>($e=$errors->get($o->name_lc.'.'.$langtag.'.'.$loop->index)),'mb-1','border-focus'=>! $o->tagValuesOld($langtag)->contains($value),'bg-success-subtle'=>$updated]) name="{{ $o->name_lc }}[{{ $langtag }}][]" value="{{ Arr::get(old($o->name_lc),$langtag.'.'.$loop->index,$value ? md5($value) : '') }}" @readonly(! $new)>
 
 					<div class="invalid-feedback pb-2">
diff --git a/resources/views/components/attribute/rdn.blade.php b/resources/views/components/attribute/rdn.blade.php
index 795d5ad1..deaae18c 100644
--- a/resources/views/components/attribute/rdn.blade.php
+++ b/resources/views/components/attribute/rdn.blade.php
@@ -3,24 +3,24 @@
 	@foreach(($o->values->count() ? $o->values : [NULL]) as $value)
 		@if($edit)
 			<div class="input-group has-validation mb-3">
-				<select class="form-select @error('rdn')is-invalid @enderror" id="rdn" name="rdn">
+				<select @class(['form-select','is-invalid'=>$errors->get('_rdn')]) id="rdn" name="_rdn">
 					<option value=""></option>
 
 					@foreach($o->attrs->map(fn($item)=>['id'=>$item,'value'=>$item]) as $option)
 						@continue(! Arr::get($option,'value'))
-						<option value="{{ strtolower(Arr::get($option,'id')) }}" @selected(Arr::get($option,'id') == old('rdn',$value ?? ''))>{{ Arr::get($option,'value') }}</option>
+						<option value="{{ strtolower(Arr::get($option,'id')) }}" @selected(Arr::get($option,'id') == old('_rdn',$value ?? ''))>{{ Arr::get($option,'value') }}</option>
 					@endforeach
 				</select>
 
 				<span class="input-group-text">=</span>
-				<input type="text" @class(['form-control','is-invalid'=>$errors->get('rdn_value')]) id="rdn_value" name="rdn_value" value="{{ old('rdn_value') }}" placeholder="rdn">
+				<input type="text" @class(['form-control','is-invalid'=>$errors->get('_rdn_value')]) id="rdn_value" name="_rdn_value" value="{{ old('_rdn_value') }}" placeholder="rdn">
 				<label class="input-group-text" for="inputGroupSelect02">,{{ $o->base }}</label>
 
 				<div class="invalid-feedback pb-2">
-					@error('rdn')
+					@error('_rdn')
 						{{ $message }}
 					@enderror
-					@error('rdn_value')
+					@error('_rdn_value')
 						{{ $message }}
 					@enderror
 				</div>
diff --git a/resources/views/frames/create.blade.php b/resources/views/frames/create.blade.php
index 41901d70..aedd76af 100644
--- a/resources/views/frames/create.blade.php
+++ b/resources/views/frames/create.blade.php
@@ -24,8 +24,8 @@
 					<form id="dn-create" method="POST" class="needs-validation" action="{{ url((int)$step === 2 ? 'entry/create' : 'entry/add') }}" enctype="multipart/form-data" novalidate>
 						@csrf
 
-						<input type="hidden" name="key" value="{{ Crypt::encryptString('*create|'.$container) }}">
-						<input type="hidden" name="step" value="{{ $step }}">
+						<input type="hidden" name="_key" value="{{ Crypt::encryptString('*create|'.$container) }}">
+						<input type="hidden" name="_step" value="{{ $step }}">
 
 						@switch($step)
 							@case(1)
diff --git a/resources/views/frames/import.blade.php b/resources/views/frames/import.blade.php
index 089539e3..6f167d50 100644
--- a/resources/views/frames/import.blade.php
+++ b/resources/views/frames/import.blade.php
@@ -15,7 +15,7 @@
 			<div class="main-card mb-3 card">
 				<form id="import-form" action="{{ url('import/process/ldif') }}" method="POST" enctype="multipart/form-data">
 					@csrf
-					<input type="hidden" name="key" value="{{ Crypt::encryptString('*import|_NOP') }}">
+					<input type="hidden" name="_key" value="{{ Crypt::encryptString('*import|_NOP') }}">
 
 					<div class="card-header">
 						@lang('LDIF Import')
diff --git a/tests/Feature/ImportTest.php b/tests/Feature/ImportTest.php
index 79caf36d..1c53b7c6 100644
--- a/tests/Feature/ImportTest.php
+++ b/tests/Feature/ImportTest.php
@@ -34,7 +34,7 @@ class ImportTest extends TestCase
 			->from('/import')
 			->post('/import/process/ldif',[
 				'_token' => csrf_token(),
-				'key'=>Crypt::encryptString('*import|_NOP'),
+				'_key'=>Crypt::encryptString('*import|_NOP'),
 				'file' => $file,
 			]);