132 lines
3.9 KiB
PHP
132 lines
3.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\User;
|
|
use App\Models\App;
|
|
use App\Models\AppRestriction;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
class AdminController extends Controller
|
|
{
|
|
/**
|
|
* Show the administrator control panel.
|
|
*/
|
|
public function index()
|
|
{
|
|
$admin = Auth::user();
|
|
|
|
// Fetch all users to display on the dashboard for administration
|
|
$users = User::orderBy('created_at', 'desc')->get();
|
|
|
|
// Fetch all apps and active restrictions
|
|
$apps = App::orderBy('name', 'asc')->get();
|
|
$restrictions = AppRestriction::with('app')->orderBy('created_at', 'desc')->get();
|
|
|
|
// Calculate statistics
|
|
$stats = [
|
|
'total_users' => User::count(),
|
|
'admins_count' => User::where('role', 'admin')->count(),
|
|
'blocked_count' => User::where('is_blocked', true)->count(),
|
|
'apps_count' => App::count(),
|
|
];
|
|
|
|
return view('admin.dashboard', compact('admin', 'users', 'apps', 'restrictions', 'stats'));
|
|
}
|
|
|
|
/**
|
|
* Store a new app / service.
|
|
*/
|
|
public function storeApp(Request $request)
|
|
{
|
|
$request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'url' => 'required|url|max:255',
|
|
'icon_svg' => 'nullable|string',
|
|
'color' => 'nullable|string|max:20',
|
|
'desc' => 'nullable|string',
|
|
'tag' => 'nullable|string|max:255',
|
|
]);
|
|
|
|
App::create([
|
|
'name' => $request->name,
|
|
'url' => $request->url,
|
|
'icon_svg' => $request->icon_svg,
|
|
'color' => $request->color ?? '#4f46e5',
|
|
'desc' => $request->desc,
|
|
'tag' => $request->tag ?? 'General',
|
|
]);
|
|
|
|
return redirect()->route('admin.dashboard')->with('success', 'Service app registered successfully.');
|
|
}
|
|
|
|
/**
|
|
* Delete an app / service.
|
|
*/
|
|
public function destroyApp($id)
|
|
{
|
|
$app = App::findOrFail($id);
|
|
$app->delete();
|
|
|
|
return redirect()->route('admin.dashboard')->with('success', 'Service app deleted successfully.');
|
|
}
|
|
|
|
/**
|
|
* Restrict an app for a specific user email.
|
|
*/
|
|
public function storeRestriction(Request $request)
|
|
{
|
|
$request->validate([
|
|
'email' => 'required|email|max:255',
|
|
'app_id' => 'required|exists:apps,id',
|
|
]);
|
|
|
|
// Prevent duplicate restrictions
|
|
$exists = AppRestriction::where('email', $request->email)
|
|
->where('app_id', $request->app_id)
|
|
->exists();
|
|
|
|
if ($exists) {
|
|
return redirect()->route('admin.dashboard')->with('error', 'This user is already restricted from accessing this service.');
|
|
}
|
|
|
|
AppRestriction::create([
|
|
'email' => $request->email,
|
|
'app_id' => $request->app_id,
|
|
]);
|
|
|
|
return redirect()->route('admin.dashboard')->with('success', 'Access restriction created successfully.');
|
|
}
|
|
|
|
/**
|
|
* Remove an app restriction.
|
|
*/
|
|
public function destroyRestriction($id)
|
|
{
|
|
$restriction = AppRestriction::findOrFail($id);
|
|
$restriction->delete();
|
|
|
|
return redirect()->route('admin.dashboard')->with('success', 'Access restriction removed successfully.');
|
|
}
|
|
|
|
/**
|
|
* Toggle the blocked status of a user.
|
|
*/
|
|
public function toggleBlockUser(Request $request, $id)
|
|
{
|
|
$user = User::findOrFail($id);
|
|
|
|
// Security: Prevent blocking oneself
|
|
if ($user->id === Auth::id()) {
|
|
return redirect()->route('admin.dashboard')->with('error', 'Security violation: You cannot block your own administrator account.');
|
|
}
|
|
|
|
$user->is_blocked = !$user->is_blocked;
|
|
$user->save();
|
|
|
|
$status = $user->is_blocked ? 'blocked' : 'unblocked';
|
|
return redirect()->route('admin.dashboard')->with('success', "User account has been {$status} successfully.");
|
|
}
|
|
}
|