sls/app/Http/Controllers/AdminController.php
2026-06-23 15:46:07 +05:30

132 lines
3.9 KiB
PHP

<?php
namespace App\Http\Controllers;
use App\Models\User;
use App\Models\App;
use App\Models\AppRestriction;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class AdminController extends Controller
{
/**
* Show the administrator control panel.
*/
public function index()
{
$admin = Auth::user();
// Fetch all users to display on the dashboard for administration
$users = User::orderBy('created_at', 'desc')->get();
// Fetch all apps and active restrictions
$apps = App::orderBy('name', 'asc')->get();
$restrictions = AppRestriction::with('app')->orderBy('created_at', 'desc')->get();
// Calculate statistics
$stats = [
'total_users' => User::count(),
'admins_count' => User::where('role', 'admin')->count(),
'blocked_count' => User::where('is_blocked', true)->count(),
'apps_count' => App::count(),
];
return view('admin.dashboard', compact('admin', 'users', 'apps', 'restrictions', 'stats'));
}
/**
* Store a new app / service.
*/
public function storeApp(Request $request)
{
$request->validate([
'name' => 'required|string|max:255',
'url' => 'required|url|max:255',
'icon_svg' => 'nullable|string',
'color' => 'nullable|string|max:20',
'desc' => 'nullable|string',
'tag' => 'nullable|string|max:255',
]);
App::create([
'name' => $request->name,
'url' => $request->url,
'icon_svg' => $request->icon_svg,
'color' => $request->color ?? '#4f46e5',
'desc' => $request->desc,
'tag' => $request->tag ?? 'General',
]);
return redirect()->route('admin.dashboard')->with('success', 'Service app registered successfully.');
}
/**
* Delete an app / service.
*/
public function destroyApp($id)
{
$app = App::findOrFail($id);
$app->delete();
return redirect()->route('admin.dashboard')->with('success', 'Service app deleted successfully.');
}
/**
* Restrict an app for a specific user email.
*/
public function storeRestriction(Request $request)
{
$request->validate([
'email' => 'required|email|max:255',
'app_id' => 'required|exists:apps,id',
]);
// Prevent duplicate restrictions
$exists = AppRestriction::where('email', $request->email)
->where('app_id', $request->app_id)
->exists();
if ($exists) {
return redirect()->route('admin.dashboard')->with('error', 'This user is already restricted from accessing this service.');
}
AppRestriction::create([
'email' => $request->email,
'app_id' => $request->app_id,
]);
return redirect()->route('admin.dashboard')->with('success', 'Access restriction created successfully.');
}
/**
* Remove an app restriction.
*/
public function destroyRestriction($id)
{
$restriction = AppRestriction::findOrFail($id);
$restriction->delete();
return redirect()->route('admin.dashboard')->with('success', 'Access restriction removed successfully.');
}
/**
* Toggle the blocked status of a user.
*/
public function toggleBlockUser(Request $request, $id)
{
$user = User::findOrFail($id);
// Security: Prevent blocking oneself
if ($user->id === Auth::id()) {
return redirect()->route('admin.dashboard')->with('error', 'Security violation: You cannot block your own administrator account.');
}
$user->is_blocked = !$user->is_blocked;
$user->save();
$status = $user->is_blocked ? 'blocked' : 'unblocked';
return redirect()->route('admin.dashboard')->with('success', "User account has been {$status} successfully.");
}
}