2FAuth/app/Api/v1/Controllers/SettingController.php

122 lines
3.7 KiB
PHP
Raw Normal View History

<?php
namespace App\Api\v1\Controllers;
use App\Api\v1\Requests\SettingStoreRequest;
use App\Api\v1\Requests\SettingUpdateRequest;
2022-11-22 15:15:52 +01:00
use App\Facades\Settings;
use App\Http\Controllers\Controller;
use Illuminate\Validation\ValidationException;
class SettingController extends Controller
{
/**
* List all settings
2022-11-22 15:15:52 +01:00
*
2021-11-26 11:18:58 +01:00
* @return \Illuminate\Http\JsonResponse
*/
public function index()
{
2022-11-22 15:15:52 +01:00
$settings = Settings::all();
2022-11-21 11:16:43 +01:00
$settingsResources = collect([]);
$settings->each(function (mixed $item, string $key) use ($settingsResources) {
$settingsResources->push([
2022-11-22 15:15:52 +01:00
'key' => $key,
'value' => $item,
]);
});
return response()->json($settingsResources->all(), 200);
}
/**
2021-11-26 11:18:58 +01:00
* Display a setting
*
2022-11-22 15:15:52 +01:00
* @param string $settingName
2021-11-26 11:18:58 +01:00
* @return \Illuminate\Http\JsonResponse
*/
2021-10-03 11:35:09 +02:00
public function show($settingName)
{
2022-07-30 17:51:02 +02:00
$setting = Settings::get($settingName);
2021-11-22 01:12:37 +01:00
if (is_null($setting)) {
abort(404);
}
return response()->json([
2022-11-22 15:15:52 +01:00
'key' => $settingName,
'value' => $setting,
], 200);
}
/**
2021-11-26 11:18:58 +01:00
* Store a setting
2022-11-22 15:15:52 +01:00
*
2021-11-26 11:18:58 +01:00
* @return \Illuminate\Http\JsonResponse
*/
public function store(SettingStoreRequest $request)
{
$validated = $request->validated();
2022-07-30 17:51:02 +02:00
Settings::set($validated['key'], $validated['value']);
return response()->json([
2022-11-22 15:15:52 +01:00
'key' => $validated['key'],
'value' => $validated['value'],
], 201);
}
/**
2021-11-26 11:18:58 +01:00
* Update a setting
2022-11-22 15:15:52 +01:00
*
2021-11-26 11:18:58 +01:00
* @return \Illuminate\Http\JsonResponse
*/
public function update(SettingUpdateRequest $request, string $settingName)
{
$validated = $request->validated();
2022-07-30 17:51:02 +02:00
Settings::set($settingName, $validated['value']);
return response()->json([
2022-11-22 15:15:52 +01:00
'key' => $settingName,
'value' => $validated['value'],
], 200);
}
/**
2021-11-26 11:18:58 +01:00
* Delete a setting
2022-11-22 15:15:52 +01:00
*
2021-11-26 11:18:58 +01:00
* @return \Illuminate\Http\JsonResponse
*/
public function destroy(string $settingName)
{
2022-07-30 17:51:02 +02:00
$setting = Settings::get($settingName);
if (is_null($setting)) {
abort(404);
}
$defaultAppSettings = config('2fauth.settings');
// When deleting a setting, it may be an original or an additional one:
// - Additional settings are created by administrators to extend 2FAuth, they are not registered in the laravel config object.
// They are not nullable so empty string is not allowed.They only exist in the Options table, so it is possible to delete them.
// - Original settings are part of 2FAuth, they are registered in the laravel config object with their default value.
// When set by an admin, their custom value is stored in the Options table too. Deleting a custom value in the Options table from here
// won't delete the setting at all, so we reject all requests that ask for.
// But there is an exception with the restrictRule and restrictList settings:
// Unlike other settings, these two have to support empty strings. Because the Options table does not allow empty strings,
// the only way to set them like so is to restore their original value, an empty string.
if (array_key_exists($settingName, $defaultAppSettings) && $defaultAppSettings[$settingName] !== '') {
return response()->json(
2022-11-22 15:15:52 +01:00
['message' => 'bad request',
'reason' => [__('errors.delete_user_setting_only')],
], 400);
}
2022-07-30 17:51:02 +02:00
Settings::delete($settingName);
return response()->json(null, 204);
}
}