From 0638249f9cfdfb7701e023391f9b2b8c85677b7b Mon Sep 17 00:00:00 2001 From: alexp8 Date: Sun, 5 Feb 2023 21:28:18 -0500 Subject: [PATCH 1/2] super admin page --- .../app/Http/Controllers/AdminController.php | 24 ++++++++++ .../app/Http/Middleware/Authenticate.php | 8 ++++ cncnet-api/app/Http/routes.php | 2 + cncnet-api/app/User.php | 13 ++++++ .../views/admin/super_admin.blade.php | 45 +++++++++++++++++++ 5 files changed, 92 insertions(+) create mode 100644 cncnet-api/resources/views/admin/super_admin.blade.php diff --git a/cncnet-api/app/Http/Controllers/AdminController.php b/cncnet-api/app/Http/Controllers/AdminController.php index d1cd1e22..1fb91531 100755 --- a/cncnet-api/app/Http/Controllers/AdminController.php +++ b/cncnet-api/app/Http/Controllers/AdminController.php @@ -1012,8 +1012,32 @@ public function editPlayerName(Request $request) $request->session()->flash('success', "Player name has been updated to " . $player->username); return redirect()->to($url); } + + /** + * God view only. Returns users who are in group 'Moderator' or 'Admin' + */ + public function getSuperAdmin(Request $request) + { + if ($request->user() == null || !$request->user()->isGod()) + return response('Unauthorized.', 401); + + $users = \App\User::where('group', 'Moderator')->orWhere('group', 'Admin')->get(); + $groups = User::getPossibleEnumValues('group'); + + return view( + "admin.super_admin", + [ + "users" => $users, + "groups" => $groups + ] + ); + } + + } + + function ini_to_b($string) { if ($string == "Null") return null; diff --git a/cncnet-api/app/Http/Middleware/Authenticate.php b/cncnet-api/app/Http/Middleware/Authenticate.php index 6023a10d..54145b3b 100755 --- a/cncnet-api/app/Http/Middleware/Authenticate.php +++ b/cncnet-api/app/Http/Middleware/Authenticate.php @@ -54,6 +54,14 @@ public function handle($request, Closure $next) } } + if (isset($actions["isGod"])) + { + if (!$this->auth->user()->isGod()) //user must be 'god' to view this page + { + return response('Unauthorized.', 401); + } + } + if (!$this->auth->user()->isGod()) { $response = null; diff --git a/cncnet-api/app/Http/routes.php b/cncnet-api/app/Http/routes.php index a9c74e84..56b1de8c 100755 --- a/cncnet-api/app/Http/routes.php +++ b/cncnet-api/app/Http/routes.php @@ -33,6 +33,8 @@ Route::get('/admin', ['middleware' => 'auth', 'canEditAnyLadders' => true, 'uses' => 'AdminController@getAdminIndex']); +Route::get('/admin/super', ['middleware' => 'auth', 'isGod' => true, 'uses' => 'AdminController@getSuperAdmin']); + Route::group(['prefix' => 'admin/', 'middleware' => 'auth', 'canEditAnyLadders' => true], function () { Route::get('players/ratings', 'AdminController@getPlayerRatings'); diff --git a/cncnet-api/app/User.php b/cncnet-api/app/User.php index 20cf0077..a264e3ad 100755 --- a/cncnet-api/app/User.php +++ b/cncnet-api/app/User.php @@ -14,6 +14,7 @@ use Mail; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Support\Facades\Log; +use DB; class User extends Model implements AuthenticatableContract, CanResetPasswordContract, JWTSubject { @@ -323,4 +324,16 @@ public function getCachedUserTierByLadderHistoryAndPlayer($history, $player) { return $player->getCachedPlayerTierByLadderHistory($history); } + + public static function getPossibleEnumValues($name){ + $instance = new static; // create an instance of the model to be able to get the table name + $type = DB::select( DB::raw('SHOW COLUMNS FROM ' . $instance->getTable() . ' WHERE Field = "' . $name . '"') )[0]->Type; + preg_match('/^enum\((.*)\)$/', $type, $matches); + $enum = array(); + foreach(explode(',', $matches[1]) as $value){ + $v = trim( $value, "'" ); + $enum[] = $v; + } + return $enum; + } } diff --git a/cncnet-api/resources/views/admin/super_admin.blade.php b/cncnet-api/resources/views/admin/super_admin.blade.php new file mode 100644 index 00000000..35191ecf --- /dev/null +++ b/cncnet-api/resources/views/admin/super_admin.blade.php @@ -0,0 +1,45 @@ +@extends('layouts.app') +@section('title', 'Super Admin') + +@section('feature-image', '/images/feature/feature-index.jpg') + +@section('feature') +
+
+
+
+

+ CnCNet + Super Admin +

+
+
+ +
+
+@endsection + +@section('content') +
+
+ + + + + + + + + + @foreach ($users as $user) + + + + + @endforeach + +
UsernameGroup
{{ $user->name }}{{ $user->group }}
+ +
+
+@endsection From 0f804a9a54a54c891f3b6c07f12860088fe1fd8d Mon Sep 17 00:00:00 2001 From: alexp8 Date: Sun, 5 Feb 2023 21:34:21 -0500 Subject: [PATCH 2/2] display gods as well --- cncnet-api/app/Http/Controllers/AdminController.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cncnet-api/app/Http/Controllers/AdminController.php b/cncnet-api/app/Http/Controllers/AdminController.php index 1fb91531..6d8fcca1 100755 --- a/cncnet-api/app/Http/Controllers/AdminController.php +++ b/cncnet-api/app/Http/Controllers/AdminController.php @@ -1014,14 +1014,17 @@ public function editPlayerName(Request $request) } /** - * God view only. Returns users who are in group 'Moderator' or 'Admin' + * God view only. Returns users who are in group 'Moderator' or 'Admin' or 'God' */ public function getSuperAdmin(Request $request) { if ($request->user() == null || !$request->user()->isGod()) return response('Unauthorized.', 401); - $users = \App\User::where('group', 'Moderator')->orWhere('group', 'Admin')->get(); + $users = \App\User::where('group', 'Moderator') + ->orWhere('group', 'Admin') + ->orWhere('group', 'God') + ->get(); $groups = User::getPossibleEnumValues('group'); return view(