From 4add3652efbf38a7a5572df7103e43114d9593e4 Mon Sep 17 00:00:00 2001 From: Jordan Doyle Date: Sat, 18 Jun 2016 14:21:56 +0100 Subject: [PATCH] Add request line bans functionality --- app/Http/Controllers/Admin/RequestLineBanController.php | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ app/Http/Controllers/DJ/RequestController.php | 6 ++++++ app/Http/Controllers/Event/Senior/EventsTimetableController.php | 100 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ app/Http/Controllers/Management/EventsTimetableController.php | 100 ---------------------------------------------------------------------------------------------------- app/Http/routes.php | 24 ++++++++++++++++++------ app/Models/Group.php | 1 + app/Models/RequestBan.php | 6 ++++-- database/migrations/2016_06_11_112217_create_request_bans_table.php | 1 + resources/assets/sass/_misc.sass | 5 +++++ resources/assets/sass/_navigation.sass | 3 +++ resources/views/admin/request-bans-form.blade.php | 34 ++++++++++++++++++++++++++++++++++ resources/views/admin/request-bans.blade.php | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ resources/views/events/senior/events-timetable.blade.php | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ resources/views/layouts/nav.blade.php | 16 +++++++++++----- resources/views/management/events-timetable.blade.php | 50 -------------------------------------------------- 15 files changed, 350 insertions(+), 163 deletions(-) create mode 100644 app/Http/Controllers/Admin/RequestLineBanController.php create mode 100644 app/Http/Controllers/Event/Senior/EventsTimetableController.php delete mode 100644 app/Http/Controllers/Management/EventsTimetableController.php create mode 100644 resources/views/admin/request-bans-form.blade.php create mode 100644 resources/views/admin/request-bans.blade.php create mode 100644 resources/views/events/senior/events-timetable.blade.php delete mode 100644 resources/views/management/events-timetable.blade.php diff --git a/app/Http/Controllers/Admin/RequestLineBanController.php b/app/Http/Controllers/Admin/RequestLineBanController.php new file mode 100644 index 0000000..13525ea --- /dev/null +++ b/app/Http/Controllers/Admin/RequestLineBanController.php @@ -0,0 +1,69 @@ + RequestBan::orderBy('id', 'desc')->paginate(15) + ]); + } + + /** + * Show the administrator a form to ban an IP address. + * + * @return mixed + */ + public function banForm() + { + return view('admin.request-bans-form'); + } + + /** + * Ban an IP from the request line + * + * @param Request $request + * @return mixed + */ + public function ban(Request $request) + { + $this->validate($request, [ + 'ip' => 'required|ip|unique:request_bans,ip_address,NULL,id,deleted_at,NULL' + ]); + + $ban = new RequestBan; + $ban->ip_address = $request->get('ip'); + $ban->added_by = auth()->user()->userid; + $ban->save(); + + return redirect()->route('dashboard::admin::request-ban')->with('msg', [ + 'type' => 'success', + 'msg' => 'Successfully banned IP address from the request line.' + ]); + } + + /** + * Unban an IP from the request line. + * + * @param int $id id of the ip to unban + * @return mixed + */ + public function unban(int $id) + { + RequestBan::findOrFail($id)->delete(); + + return redirect()->back()->with('msg', [ + 'type' => 'success', + 'msg' => _('Successfully unbanned IP from the request line.') + ]); + } +} diff --git a/app/Http/Controllers/DJ/RequestController.php b/app/Http/Controllers/DJ/RequestController.php index 6d3f9c1..c533684 100644 --- a/app/Http/Controllers/DJ/RequestController.php +++ b/app/Http/Controllers/DJ/RequestController.php @@ -3,6 +3,7 @@ namespace App\Http\Controllers\DJ; use App\Http\Controllers\Controller; use App\Models\Request; +use App\Models\RequestBan; use Illuminate\Http\Request as HttpRequest; use Vinkla\Pusher\Facades\Pusher; @@ -49,6 +50,11 @@ class RequestController extends Controller 'request' => 'required|string|max:500' ]); + if (RequestBan::where('ip', $request->ip())->count()) { + // This IP is banned from the request line. + abort(403); + } + $r = new Request; $r->name = $request->get('name'); $r->request = $request->get('request'); diff --git a/app/Http/Controllers/Event/Senior/EventsTimetableController.php b/app/Http/Controllers/Event/Senior/EventsTimetableController.php new file mode 100644 index 0000000..094cee8 --- /dev/null +++ b/app/Http/Controllers/Event/Senior/EventsTimetableController.php @@ -0,0 +1,100 @@ + + */ +class EventsTimetableController extends Controller +{ + public function index() + { + $unapproved = Event::where('week', Carbon::now()->weekOfYear) + ->where('year', Carbon::now()->year) + ->where('approved', false) + ->orderBy('id', 'desc') + ->get(); + + return view('events.senior.events-timetable', ['unapproved' => $unapproved]); + } + + /** + * Approve an event and delete every other event for that hour. + * + * @param $id + * @return mixed + */ + public function approve($id) + { + $event = Event::findOrFail($id); + + if ($event->approved) { + return redirect()->back()->with('msg', [ + 'type' => 'success', + 'msg' => _('This event has already been approved.') + ]); + } + + $others = Event::where('week', Carbon::now()->weekOfYear) + ->where('year', Carbon::now()->year) + ->where('day', $event->day) + ->where('hour', $event->hour) + ->where('approved', true) + ->count(); + + if ($others) { + // there is already an approved event in this slot. + return redirect()->back()->with('msg', [ + 'msg' => _('There is already an approved event in this slot.'), + 'type' => 'danger' + ]); + } + + // approve this event + $event->approved = true; + $event->save(); + + // delete all the other unapproved events that wanted this slot. + Event::where('week', Carbon::now()->weekOfYear) + ->where('year', Carbon::now()->year) + ->where('day', $event->day) + ->where('hour', $event->hour) + ->where('approved', false) + ->delete(); + + return redirect()->back()->with('msg', [ + 'msg' => _('Successfully approved event and deleted other events which wanted this slot.'), + 'type' => 'success' + ]); + } + + /** + * Deny an event. + * + * @param $id + * @return mixed + */ + public function deny($id) + { + $event = Event::findOrFail($id); + + if ($event->approved) { + return redirect()->back()->with('msg', [ + 'type' => 'success', + 'msg' => _('This event has already been approved.') + ]); + } + + $event->delete(); + + return redirect()->back()->with('msg', [ + 'msg' => _('Successfully declined event.'), + 'type' => 'success' + ]); + } +} diff --git a/app/Http/Controllers/Management/EventsTimetableController.php b/app/Http/Controllers/Management/EventsTimetableController.php deleted file mode 100644 index 019f3fc..0000000 --- a/app/Http/Controllers/Management/EventsTimetableController.php +++ /dev/null @@ -1,100 +0,0 @@ - - */ -class EventsTimetableController extends Controller -{ - public function index() - { - $unapproved = Event::where('week', Carbon::now()->weekOfYear) - ->where('year', Carbon::now()->year) - ->where('approved', false) - ->orderBy('id', 'desc') - ->get(); - - return view('management.events-timetable', ['unapproved' => $unapproved]); - } - - /** - * Approve an event and delete every other event for that hour. - * - * @param $id - * @return mixed - */ - public function approve($id) - { - $event = Event::findOrFail($id); - - if ($event->approved) { - return redirect()->back()->with('msg', [ - 'type' => 'success', - 'msg' => _('This event has already been approved.') - ]); - } - - $others = Event::where('week', Carbon::now()->weekOfYear) - ->where('year', Carbon::now()->year) - ->where('day', $event->day) - ->where('hour', $event->hour) - ->where('approved', true) - ->count(); - - if ($others) { - // there is already an approved event in this slot. - return redirect()->back()->with('msg', [ - 'msg' => _('There is already an approved event in this slot.'), - 'type' => 'danger' - ]); - } - - // approve this event - $event->approved = true; - $event->save(); - - // delete all the other unapproved events that wanted this slot. - Event::where('week', Carbon::now()->weekOfYear) - ->where('year', Carbon::now()->year) - ->where('day', $event->day) - ->where('hour', $event->hour) - ->where('approved', false) - ->delete(); - - return redirect()->back()->with('msg', [ - 'msg' => _('Successfully approved event and deleted other events which wanted this slot.'), - 'type' => 'success' - ]); - } - - /** - * Deny an event. - * - * @param $id - * @return mixed - */ - public function deny($id) - { - $event = Event::findOrFail($id); - - if ($event->approved) { - return redirect()->back()->with('msg', [ - 'type' => 'success', - 'msg' => _('This event has already been approved.') - ]); - } - - $event->delete(); - - return redirect()->back()->with('msg', [ - 'msg' => _('Successfully declined event.'), - 'type' => 'success' - ]); - } -} diff --git a/app/Http/routes.php b/app/Http/routes.php index 2eaa0bf..467d109 100644 --- a/app/Http/routes.php +++ b/app/Http/routes.php @@ -75,17 +75,24 @@ Route::group(['middleware' => 'auth', 'as' => 'dashboard::'], function () { }); Route::group([ + 'as' => 'senior-events::', + 'prefix' => 'senior-events', + 'namespace' => 'Event\Senior', + 'middleware' => sprintf('is:%s', Group::SENIOR_EVENTS) + ], function () { + // Timetable routes + Route::get('awaiting-review', ['as' => 'awaiting-review', 'uses' => 'EventsTimetableController@index']); + Route::put('approve/{id}', ['as' => 'approve', 'uses' => 'EventsTimetableController@approve']); + Route::delete('deny/{id}', ['as' => 'deny', 'uses' => 'EventsTimetableController@deny']); + }); + + Route::group([ 'as' => 'management::', 'prefix' => 'management', 'namespace' => 'Management', 'middleware' => 'is:management' ], function () { - // Events routes - Route::group(['prefix' => 'events', 'as' => 'events::'], function () { - Route::get('timetable', ['as' => 'timetable', 'uses' => 'EventsTimetableController@index']); - Route::put('approve/{id}', ['as' => 'approve', 'uses' => 'EventsTimetableController@approve']); - Route::delete('deny/{id}', ['as' => 'deny', 'uses' => 'EventsTimetableController@deny']); - }); + }); Route::group([ @@ -96,6 +103,11 @@ Route::group(['middleware' => 'auth', 'as' => 'dashboard::'], function () { ], function () { Route::get('connection-info', ['as' => 'connection-info', 'uses' => 'ConnectionInfoController@getForm']); Route::post('connection-info', ['as' => 'connection-info.post', 'uses' => 'ConnectionInfoController@postForm']); + + Route::get('request-ban', ['as' => 'request-ban', 'uses' => 'RequestLineBanController@index']); + Route::get('request-ban/add', ['as' => 'request-ban.form', 'uses' => 'RequestLineBanController@banForm']); + Route::put('request-ban', ['as' => 'request-ban.ban', 'uses' => 'RequestLineBanController@ban']); + Route::delete('request-ban/{id}', ['as' => 'request-ban.unban', 'uses' => 'RequestLineBanController@unban']); }); }); diff --git a/app/Models/Group.php b/app/Models/Group.php index 1921f8c..1fc2807 100644 --- a/app/Models/Group.php +++ b/app/Models/Group.php @@ -21,6 +21,7 @@ class Group extends Model const GUEST_DJ = 'Guest DJ'; const RADIO_DJ = 'Radio DJ'; const EVENT = 'Events'; + const SENIOR_EVENTS = 'Senior Events'; const MANAGEMENT = 'Management'; const ADMINISTRATOR = 'Administrator'; const OWNERSHIP = 'Ownership'; diff --git a/app/Models/RequestBan.php b/app/Models/RequestBan.php index 0ad2e2f..a47c8c3 100644 --- a/app/Models/RequestBan.php +++ b/app/Models/RequestBan.php @@ -2,19 +2,21 @@ namespace App\Models; use Carbon\Carbon; +use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\SoftDeletes; /** * Table containing IPs of everyone that is banned from the request line. * * @property integer $id - * @property string $ip + * @property string $ip_address * @property integer $added_by * @property Carbon $created_at * @property Carbon $updated_at + * @property Carbon $deleted_at * @author Jordan Doyle */ -class RequestBan +class RequestBan extends Model { use SoftDeletes; } diff --git a/database/migrations/2016_06_11_112217_create_request_bans_table.php b/database/migrations/2016_06_11_112217_create_request_bans_table.php index 6e7970a..104dffd 100644 --- a/database/migrations/2016_06_11_112217_create_request_bans_table.php +++ b/database/migrations/2016_06_11_112217_create_request_bans_table.php @@ -17,6 +17,7 @@ class CreateRequestBansTable extends Migration $table->ipAddress('ip_address'); $table->integer('added_by'); $table->timestamps(); + $table->softDeletes(); }); } diff --git a/resources/assets/sass/_misc.sass b/resources/assets/sass/_misc.sass index 1fe741e..ad6c961 100644 --- a/resources/assets/sass/_misc.sass +++ b/resources/assets/sass/_misc.sass @@ -70,3 +70,8 @@ $alerts: map_merge($alerts, ("danger": (#f2dede, darken(adjust-hue(#fcf8e3, -10) ul columns: 4 list-style: none + +#add + position: fixed + bottom: 2rem + right: 2rem diff --git a/resources/assets/sass/_navigation.sass b/resources/assets/sass/_navigation.sass index 2e5a4ab..cbc9686 100644 --- a/resources/assets/sass/_navigation.sass +++ b/resources/assets/sass/_navigation.sass @@ -1,3 +1,6 @@ +.mdl-layout__header-row + position: relative + .pagination float: right diff --git a/resources/views/admin/request-bans-form.blade.php b/resources/views/admin/request-bans-form.blade.php new file mode 100644 index 0000000..ddf0c81 --- /dev/null +++ b/resources/views/admin/request-bans-form.blade.php @@ -0,0 +1,34 @@ +@extends(Request::ajax() ? 'layouts.ajax-main' : 'layouts.main') + +@section('title'){{ _('Add Request Line Ban') }} @endsection + +@section('content') +
+
+

{{ _('Add IP Ban') }}

+ +

{{ _('Here you can ban IP addresses from submitting requests through the request line. Please enter a well-formed IP address below (ie. 94.213.39.123) and submit.') }}

+ +
+ {{ csrf_field() }} + {{ method_field('put') }} + +
+ + + @if ($errors->has('ip')) + {{ $errors->first('ip') }} + @endif +
+ +
+ +
+
+
+
+@endsection diff --git a/resources/views/admin/request-bans.blade.php b/resources/views/admin/request-bans.blade.php new file mode 100644 index 0000000..0d502d2 --- /dev/null +++ b/resources/views/admin/request-bans.blade.php @@ -0,0 +1,48 @@ +@extends(Request::ajax() ? 'layouts.ajax-main' : 'layouts.main') + +@section('title'){{ _('Request Line Bans') }} @endsection + +@section('content') +
+ {!! $bans->links() !!} + + + + + + + + + + + + + + @foreach($bans as $ban) + + + + + + + + @endforeach + +
#IP AddressBanned ByAdded
{{ $ban->id }}{{ $ban->ip_address }}{{ App\Models\User::find($ban->added_by)->getDisplayName() }}{{ $ban->created_at->diffForHumans() }} +
+ {{ csrf_field() }} + {{ method_field('delete') }} + + +
+
+ + {!! $bans->links() !!} +
+ + + add + +@endsection diff --git a/resources/views/events/senior/events-timetable.blade.php b/resources/views/events/senior/events-timetable.blade.php new file mode 100644 index 0000000..ca3b5a7 --- /dev/null +++ b/resources/views/events/senior/events-timetable.blade.php @@ -0,0 +1,50 @@ +@extends(Request::ajax() ? 'layouts.ajax-main' : 'layouts.main') + +@section('title'){{ _('Approve Events') }} @endsection + +@section('content') + @if($unapproved->count()) + @foreach($unapproved as $event) +
+
+

{{ $event->user()->first()->getDisplayName() }}

+

+ {{ $event->user()->first()->getDisplayName() }} would like to book event {{ $event->type->name }} on {{ ['Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday', 'Sunday'][$event->day] }} at {{ sprintf('%02d:00', $event->hour) }} in room {{ $event->room_id }}. +

+

+ There are {{ App\Models\Event::where('week', $event->week)->where('year', $event->year)->where('day', $event->day)->where('hour', $event->hour)->where('id', '<>', $event->id)->count() }} other people who would like this slot. +

+
+ +
+
+ {{ csrf_field() }} + {{ method_field('put') }} + +
+ +
+ {{ csrf_field() }} + {{ method_field('delete') }} + +
+ +
+ + {{ $event->created_at->diffForHumans() }} +
+
+ @endforeach + @else +
+
+

{{ _('All Done!') }}

+

{{ _('There are no events awaiting your viewing.') }}

+
+
+ @endif +@endsection diff --git a/resources/views/layouts/nav.blade.php b/resources/views/layouts/nav.blade.php index 5fa30c1..0083803 100644 --- a/resources/views/layouts/nav.blade.php +++ b/resources/views/layouts/nav.blade.php @@ -64,17 +64,23 @@ @endif - @if(auth()->user()->isManagement()) + @if(auth()->user()->is(App\Models\Group::SENIOR_EVENTS))
- Management + Senior Events - - event_available Events Timetable + + event_available Awaiting Review ({{ App\Models\Event::where('week', Carbon\Carbon::now()->weekOfYear)->where('year', Carbon\Carbon::now()->year)->where('approved', false)->count() }}) @endif + @if(auth()->user()->isManagement()) +
+ + Management + @endif + @if(auth()->user()->isAdmin())
diff --git a/resources/views/management/events-timetable.blade.php b/resources/views/management/events-timetable.blade.php deleted file mode 100644 index 2fc5086..0000000 --- a/resources/views/management/events-timetable.blade.php +++ /dev/null @@ -1,50 +0,0 @@ -@extends(Request::ajax() ? 'layouts.ajax-main' : 'layouts.main') - -@section('title'){{ _('Approve Events') }} @endsection - -@section('content') - @if($unapproved->count()) - @foreach($unapproved as $event) -
-
-

{{ $event->user()->first()->getDisplayName() }}

-

- {{ $event->user()->first()->getDisplayName() }} would like to book event {{ $event->type->name }} on {{ ['Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday', 'Sunday'][$event->day] }} at {{ sprintf('%02d:00', $event->hour) }} in room {{ $event->room_id }}. -

-

- There are {{ App\Models\Event::where('week', $event->week)->where('year', $event->year)->where('day', $event->day)->where('hour', $event->hour)->where('id', '<>', $event->id)->count() }} other people who would like this slot. -

-
- -
-
- {{ csrf_field() }} - {{ method_field('put') }} - -
- -
- {{ csrf_field() }} - {{ method_field('delete') }} - -
- -
- - {{ $event->created_at->diffForHumans() }} -
-
- @endforeach - @else -
-
-

{{ _('All Done!') }}

-

{{ _('There are no events awaiting your viewing.') }}

-
-
- @endif -@endsection -- libgit2 1.7.2