mirror of
https://github.com/Bubka/2FAuth.git
synced 2024-12-04 22:31:58 +01:00
122 lines
3.7 KiB
PHP
122 lines
3.7 KiB
PHP
<?php
|
|
|
|
namespace App\Api\v1\Controllers;
|
|
|
|
use App\Api\v1\Requests\SettingStoreRequest;
|
|
use App\Api\v1\Requests\SettingUpdateRequest;
|
|
use App\Facades\Settings;
|
|
use App\Http\Controllers\Controller;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
class SettingController extends Controller
|
|
{
|
|
/**
|
|
* List all settings
|
|
*
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function index()
|
|
{
|
|
$settings = Settings::all();
|
|
$settingsResources = collect([]);
|
|
$settings->each(function (mixed $item, string $key) use ($settingsResources) {
|
|
$settingsResources->push([
|
|
'key' => $key,
|
|
'value' => $item,
|
|
]);
|
|
});
|
|
|
|
return response()->json($settingsResources->all(), 200);
|
|
}
|
|
|
|
/**
|
|
* Display a setting
|
|
*
|
|
* @param string $settingName
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function show($settingName)
|
|
{
|
|
$setting = Settings::get($settingName);
|
|
|
|
if (is_null($setting)) {
|
|
abort(404);
|
|
}
|
|
|
|
return response()->json([
|
|
'key' => $settingName,
|
|
'value' => $setting,
|
|
], 200);
|
|
}
|
|
|
|
/**
|
|
* Store a setting
|
|
*
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function store(SettingStoreRequest $request)
|
|
{
|
|
$validated = $request->validated();
|
|
|
|
Settings::set($validated['key'], $validated['value']);
|
|
|
|
return response()->json([
|
|
'key' => $validated['key'],
|
|
'value' => $validated['value'],
|
|
], 201);
|
|
}
|
|
|
|
/**
|
|
* Update a setting
|
|
*
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function update(SettingUpdateRequest $request, string $settingName)
|
|
{
|
|
$validated = $request->validated();
|
|
|
|
Settings::set($settingName, $validated['value']);
|
|
|
|
return response()->json([
|
|
'key' => $settingName,
|
|
'value' => $validated['value'],
|
|
], 200);
|
|
}
|
|
|
|
/**
|
|
* Delete a setting
|
|
*
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function destroy(string $settingName)
|
|
{
|
|
$setting = Settings::get($settingName);
|
|
|
|
if (is_null($setting)) {
|
|
abort(404);
|
|
}
|
|
|
|
$defaultAppSettings = config('2fauth.settings');
|
|
|
|
// When deleting a setting, it may be an original or an additional one:
|
|
// - Additional settings are created by administrators to extend 2FAuth, they are not registered in the laravel config object.
|
|
// They are not nullable so empty string is not allowed.They only exist in the Options table, so it is possible to delete them.
|
|
// - Original settings are part of 2FAuth, they are registered in the laravel config object with their default value.
|
|
// When set by an admin, their custom value is stored in the Options table too. Deleting a custom value in the Options table from here
|
|
// won't delete the setting at all, so we reject all requests that ask for.
|
|
// But there is an exception with the restrictRule and restrictList settings:
|
|
// Unlike other settings, these two have to support empty strings. Because the Options table does not allow empty strings,
|
|
// the only way to set them like so is to restore their original value, an empty string.
|
|
if (array_key_exists($settingName, $defaultAppSettings) && $defaultAppSettings[$settingName] !== '') {
|
|
return response()->json(
|
|
['message' => 'bad request',
|
|
'reason' => [__('errors.delete_user_setting_only')],
|
|
], 400);
|
|
}
|
|
|
|
Settings::delete($settingName);
|
|
|
|
return response()->json(null, 204);
|
|
}
|
|
}
|