Skip to content

Commit

Permalink
code quality
Browse files Browse the repository at this point in the history
  • Loading branch information
@dbarzin
dbarzin committed Nov 21, 2023
1 parent 3183b2d commit 4e0a0fe
Show file tree
Hide file tree
Showing 6 changed files with 181 additions and 120 deletions.
2 changes: 1 addition & 1 deletion app/Console/Commands/SendNotifications.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@
use App\Models\User;
use Carbon\Carbon;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Log;

class SendNotifications extends Command
{
Expand Down
128 changes: 74 additions & 54 deletions app/Http/Controllers/ControlController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,10 +60,11 @@ public function index(Request $request)
->select('scope')
->whereNotNull('scope')
->where('scope', '<>', '');
if (Auth::User()->role === 5)
if (Auth::User()->role === 5) {
$scopes = $scopes
->leftjoin('control_user', 'controls.id', '=', 'control_user.control_id')
->where('control_user.user_id','=',Auth::User()->id);
->where('control_user.user_id', '=', Auth::User()->id);
}
$scopes = $scopes
->whereNull('realisation_date')
->distinct()
Expand Down Expand Up @@ -151,10 +152,11 @@ public function index(Request $request)
->leftjoin('domains', 'c1.domain_id', '=', 'domains.id');

// filter on auditee controls
if (Auth::User()->role === 5)
if (Auth::User()->role === 5) {
$controls = $controls
->leftjoin('control_user', 'c1.id', '=', 'control_user.control_id')
->where('control_user.user_id','=',Auth::User()->id);
->where('control_user.user_id', '=', Auth::User()->id);
}

// Filter on domain
if (($domain !== null) && ($domain !== 0)) {
Expand Down Expand Up @@ -212,7 +214,7 @@ public function index(Request $request)
'domains.title',
]
)
->orderBy('c1.id')->get();
->orderBy('c1.id')->get();

// return view
return view('controls.index')
Expand Down Expand Up @@ -260,13 +262,14 @@ public function show(int $id)

// for aditee only if he is assigne to that control
abort_if(
(
(Auth::User()->role === 5)&&
!DB::table('control_user')
((Auth::User()->role === 5) &&
! DB::table('control_user')
->where('control_id', $id)
->where('user_id', Auth::User()->id)
->exists()
), Response::HTTP_FORBIDDEN, '403 Forbidden');
->exists()),
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

// Get control
$control = Control::find($id);
Expand Down Expand Up @@ -400,9 +403,11 @@ public function history()
{
// Not API and auditee
abort_if(
(Auth::User()->role === 4)||
(Auth::User()->role === 4) ||
(Auth::User()->role === 5),
Response::HTTP_FORBIDDEN, '403 Forbidden');
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

// Get all controls
$controls = DB::table('controls')
Expand All @@ -418,9 +423,11 @@ public function domains(Request $request)
{
// Not API and auditee
abort_if(
(Auth::User()->role === 4)||
(Auth::User()->role === 4) ||
(Auth::User()->role === 5),
Response::HTTP_FORBIDDEN, '403 Forbidden');
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

// get all active domains
$domains = DB::table('domains')
Expand Down Expand Up @@ -562,9 +569,11 @@ public function attributes(Request $request)
{
// Not API and auditee
abort_if(
(Auth::User()->role === 4)||
(Auth::User()->role === 4) ||
(Auth::User()->role === 5),
Response::HTTP_FORBIDDEN, '403 Forbidden');
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

// get all attributes
$attributes = DB::table('attributes')
Expand Down Expand Up @@ -726,21 +735,24 @@ public function make(Request $request)
{
// Not for auditor and API
abort_if(
(Auth::User()->role === 3)||
(Auth::User()->role === 3) ||
(Auth::User()->role === 4),
Response::HTTP_FORBIDDEN, '403 Forbidden');
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

$id = (int) request('id');

// for aditee only if he is assigne to that control
abort_if(
(
(Auth::User()->role === 5)&&
!DB::table('control_user')
((Auth::User()->role === 5) &&
! DB::table('control_user')
->where('user_id', Auth::User()->id)
->where('control_id', $id)
->exists()
), Response::HTTP_FORBIDDEN, '403 Forbidden');
->exists()),
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

// Get control
$control = Control::find($id);
Expand All @@ -760,11 +772,11 @@ public function make(Request $request)
$request->session()->put('control', $id);

// compute next control date
$next_date=date('Y-m-d', strtotime($control->periodicity." months", strtotime($control->plan_date)));
$next_date = date('Y-m-d', strtotime($control->periodicity.' months', strtotime($control->plan_date)));

// compute next control date
$next_date = $control->next_date==null ?
\Carbon\Carbon::createFromFormat('Y-m-d',$control->plan_date)
$next_date = $control->next_date === null ?
\Carbon\Carbon::createFromFormat('Y-m-d', $control->plan_date)
->addMonths($control->periodicity)
->format('Y-m-d')
: $control->next_date->format('Y-m-d');
Expand All @@ -788,19 +800,22 @@ public function doMake()
// Not API and auditee
abort_if(
(Auth::User()->role === 4),
Response::HTTP_FORBIDDEN, '403 Forbidden');
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

$id = (int) request('id');

// for aditee only if he is assigne to that control
abort_if(
(
(Auth::User()->role === 5)&&
!DB::table('control_user')
->where('user_id',Auth::User()->id)
->where('control_id',$id)
->exists()
), Response::HTTP_FORBIDDEN, '403 Forbidden');
((Auth::User()->role === 5) &&
! DB::table('control_user')
->where('user_id', Auth::User()->id)
->where('control_id', $id)
->exists()),
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

// check :
// plan date not in the past
Expand All @@ -827,14 +842,13 @@ public function doMake()
$control->realisation_date = request('realisation_date');
// only admin and user can update the plan_date and action_plan
if (
(Auth::User()->role === 1)||
(Auth::User()->role === 1) ||
(Auth::User()->role === 2)
) {
) {
$control->plan_date = request('plan_date');
$control->action_plan = request('action_plan');
}
else {
$control->realisation_date = date("Y-m-d", strtotime('today'));
} else {
$control->realisation_date = date('Y-m-d', strtotime('today'));
}
// Log::Alert("doMake realisation_date=".request("realisation_date"));

Expand All @@ -848,12 +862,13 @@ public function doMake()
$new_control->score = null;
// only admin and user can update the plan_date, realisation_date and action_plan
if (
(Auth::User()->role === 1)||
(Auth::User()->role === 1) ||
(Auth::User()->role === 2)
)
) {
$new_control->plan_date = request('next_date');
else
$new_control->plan_date=date('Y-m-d', strtotime($control->periodicity." months", strtotime($control->plan_date)));
} else {
$new_control->plan_date = date('Y-m-d', strtotime($control->periodicity.' months', strtotime($control->plan_date)));
}

$new_control->save();

Expand Down Expand Up @@ -918,21 +933,24 @@ public function draft(Request $request)
{
// Not for API and Auditor
abort_if(
(Auth::User()->role === 3)||
(Auth::User()->role === 3) ||
(Auth::User()->role === 4),
Response::HTTP_FORBIDDEN, '403 Forbidden');
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

$id = (int) $request->get('id');

// for aditee only if he is assigned to that control
abort_if(
(
(Auth::User()->role === 5)&&
!DB::table('control_user')
((Auth::User()->role === 5) &&
! DB::table('control_user')
->where('user_id', Auth::User()->id)
->where('control_id', $id)
->exists()
), Response::HTTP_FORBIDDEN, '403 Forbidden');
->exists()),
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

// Get the control
$control = Control::find($id);
Expand All @@ -946,9 +964,9 @@ public function draft(Request $request)

// only admin and user can update the plan_date and action_plan
if (
(Auth::User()->role === 1)||
(Auth::User()->role === 1) ||
(Auth::User()->role === 2)
) {
) {
$control->plan_date = request('plan_date');
$control->action_plan = request('action_plan');
// do not save the realisation date as it is in draft
Expand All @@ -970,10 +988,12 @@ public function template()
{
// For administrators and users only
abort_if(
(Auth::User()->role !== 1) &&
(Auth::User()->role !== 1) &&
(Auth::User()->rol !== 2) &&
(Auth::User()->role !== 5),
Response::HTTP_FORBIDDEN, '403 Forbidden');
Response::HTTP_FORBIDDEN,
'403 Forbidden'
);

$id = (int) request('id');

Expand Down
Loading

0 comments on commit 4e0a0fe

Please sign in to comment.