2019-04-25 15:33:15 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Http\Controllers\GUI;
|
|
|
|
|
|
|
|
use App\Exceptions\HTTPException;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
|
|
use App\Http\Resources\oAuth\AccessToken;
|
|
|
|
use App\Jobs\Mails\ValidateMailAddressJob;
|
|
|
|
use App\Models\App;
|
|
|
|
use App\Models\AppAccess;
|
|
|
|
use App\Models\AppCode;
|
|
|
|
use App\Models\Invite;
|
|
|
|
use App\Models\Mail;
|
|
|
|
use App\Models\RefreshToken;
|
|
|
|
use App\Models\Setting;
|
|
|
|
use App\Models\User;
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
use Illuminate\Support\Facades\DB;
|
|
|
|
|
|
|
|
class AccessController extends Controller
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Create a new controller instance.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function __construct()
|
|
|
|
{
|
|
|
|
//
|
|
|
|
}
|
|
|
|
|
|
|
|
public function listAccess() {
|
|
|
|
if(!Auth::check()) {
|
|
|
|
abort(401);
|
|
|
|
}
|
|
|
|
|
|
|
|
$access = AppAccess::query()->where("user_id", "=", Auth::user()->id)->get();
|
2019-04-30 12:55:13 +00:00
|
|
|
$visibleAccess = [];
|
|
|
|
foreach($access as $a) {
|
|
|
|
if(!$a->getApp()->hidden_in_app_list) {
|
|
|
|
$visibleAccess[] = $a;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-04-25 15:33:15 +00:00
|
|
|
|
2019-04-30 12:55:13 +00:00
|
|
|
return view("access/list", ["access" => $visibleAccess]);
|
2019-04-25 15:33:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function removeAccess(Request $request) {
|
|
|
|
if(!Auth::check()) {
|
|
|
|
abort(401);
|
|
|
|
}
|
|
|
|
|
|
|
|
$access = AppAccess::query()->where("id", "=", $request->id)->firstOrFail();
|
|
|
|
if($access->user_id != Auth::user()->id) {
|
|
|
|
abort(401);
|
|
|
|
}
|
|
|
|
|
2019-04-30 12:59:28 +00:00
|
|
|
if($access->getApp()->user_cant_remove_app) {
|
|
|
|
abort(400, "App access cant remove for this app");
|
|
|
|
}
|
|
|
|
|
2019-04-25 15:33:15 +00:00
|
|
|
RefreshToken::query()->where("access_id", "=", $access->id)->delete();
|
|
|
|
\App\Models\AccessToken::query()->where("access_id", "=", $access->id)->delete();
|
|
|
|
AppCode::query()->where("access_id", "=", $access->id)->delete();
|
|
|
|
$access->delete();
|
|
|
|
|
|
|
|
|
|
|
|
return redirect("/gui/access");
|
|
|
|
}
|
|
|
|
}
|