extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2024-11-22 16:23:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Control & Promote administrator status via a method rather than a prop

Browse Source
This commit is contained in:
Bubka 2024-01-26 18:14:02 +01:00
parent d96c943927
commit 8b397750e8
8 changed files with 43 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Extensions/RemoteUserProvider.php
View File

@ -63,7 +63,7 @@ public function retrieveById($identifier)
Log::info(sprintf('Remote user %s created with email address %s', var_export($user->name, true), var_export($user->email, true)));
if (User::count() === 1) {
$user->is_admin = true;
$user->promoteToAdministrator();
$user->save();
}
} else {

13
app/Http/Controllers/Auth/LoginController.php
View File

@ -107,16 +107,21 @@ protected function sendLoginResponse(Request $request)
{
$this->clearLoginAttempts($request);
$name = $this->guard()->user()?->name;
/**
* @var \App\Models\User|null
*/
$user = $this->guard()->user();
$name = $user?->name;
$this->authenticated($request, $this->guard()->user());
return response()->json([
'message' => 'authenticated',
'id' => $user->id,
'name' => $name,
'email' => $this->guard()->user()->email,
'preferences' => $this->guard()->user()->preferences,
'is_admin' => $this->guard()->user()->is_admin,
'email' => $user->email,
'preferences' => $user->preferences,
'is_admin' => $user->isAdministrator(),
], Response::HTTP_OK);
}

10
app/Http/Controllers/Auth/RegisterController.php
View File

@ -43,13 +43,17 @@ public function register(UserStoreRequest $request)
event(new Registered($user = $this->create($validated)));
$this->guard()->login($user);
/**
* @var \App\Models\User|null
*/
$user = $this->guard()->user();
return response()->json([
'message' => 'account created',
'name' => $user->name,
'email' => $user->email,
'preferences' => $this->guard()->user()->preferences,
'is_admin' => $this->guard()->user()->is_admin,
'preferences' => $user->preferences,
'is_admin' => $user->isAdministrator(),
], 201);
}
@ -69,7 +73,7 @@ protected function create(array $data)
Log::info(sprintf('User ID #%s created', $user->id));
if (User::count() == 1) {
$user->is_admin = true;
$user->promoteToAdministrator();
$user->save();
Log::notice(sprintf('User ID #%s set as administrator', $user->id));
}

2
app/Http/Controllers/Auth/SocialiteController.php
View File

@ -56,7 +56,7 @@ public function callback(Request $request, string $driver)
if (User::where('email', $socialiteEmail)->exists()) {
return redirect('/error?err=sso_email_already_used');
} elseif (User::count() === 0) {
$user->is_admin = true;
$user->promoteToAdministrator();
} elseif (Settings::get('disableRegistration')) {
return redirect('/error?err=sso_no_register');
}

2
app/Http/Controllers/Auth/UserController.php
View File

@ -59,7 +59,7 @@ public function delete(UserDeleteRequest $request)
Log::info(sprintf('Deletion of user ID #%s requested', $user->id));
if ($user->is_admin && User::admins()->count() == 1) {
if ($user->isAdministrator() && User::admins()->count() == 1) {
return response()->json(['message' => __('errors.cannot_delete_the_only_admin')], 400);
}

2
app/Http/Controllers/SystemController.php
View File

@ -45,7 +45,7 @@ public function infos(Request $request)
$infos['common']['Trusted proxies'] = config('2fauth.config.trustedProxies') ?: 'none';
// Admin settings
if ($request->user()->is_admin == true) {
if ($request->user()->isAdministrator()) {
$infos['admin_settings']['useEncryption'] = Settings::get('useEncryption');
$infos['admin_settings']['lastRadarScan'] = Carbon::parse(Settings::get('lastRadarScan'))->format('Y-m-d H:i:s');
$infos['admin_settings']['checkForUpdate'] = Settings::get('checkForUpdate');

2
app/Http/Middleware/AdminOnly.php
View File

@ -16,7 +16,7 @@ class AdminOnly
*/
public function handle($request, Closure $next)
{
if (! Auth::user()->is_admin) {
if (! Auth::user()->isAdministrator()) {
throw new AuthorizationException;
}

22
app/Models/User.php
View File

@ -8,6 +8,7 @@
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
use Laragear\WebAuthn\WebAuthnAuthentication;
use Laravel\Passport\HasApiTokens;
@ -86,6 +87,27 @@ public function scopeAdmins($query)
return $query->where('is_admin', true);
}
/**
* Determine if the user is an administrator.
*
* @return boolean
*/
public function isAdministrator()
{
return $this->is_admin;
}
/**
* Grant administrator permissions to the user.
*
* @param bool $promote
* @return void
*/
public function promoteToAdministrator(bool $promote = true)
{
$this->is_admin = $promote;
}
/**
* Send the password reset notification.
*