Fixes for API calls for password complexity stuff

2025-02-21 03:15:45 -08:00 · 2017-08-22 21:15:35 -07:00 · 2017-08-22 21:15:35 -07:00 · a0cbca85bf
parent 9bda62d295
commit a0cbca85bf
3 changed files with 42 additions and 39 deletions
--- a/app/Http/Requests/SaveUserRequest.php
+++ b/app/Http/Requests/SaveUserRequest.php
@ -25,29 +25,32 @@ class SaveUserRequest extends Request
    public function rules()
    {

-        $settings = Setting::getSettings();
-
        $rules = [];
-        $security_rules = '';

-        $rules['first_name'] = 'required|string|min:1';
-        $rules['username'] = 'required|string|min:1|unique_undeleted';
+        switch($this->method())
+        {

-        // Check if they have uncommon password enforcement selected in settings
-        if ($settings->pwd_secure_uncommon == 1) {
-            $security_rules .= '|dumbpwd';
-        }
+            // Brand new asset
+            case 'POST':
+            {
+                $rules['first_name'] = 'required|string|min:1';
+                $rules['username'] = 'required|string|min:1';
+                $rules['password'] = Setting::passwordComplexityRulesSaving('store');
+            }

-        // Check for any secure password complexity rules that may have been selected
-        if ($settings->pwd_secure_complexity!='') {
-            $security_rules  .= '|'.$settings->pwd_secure_complexity;
-        }
+            // Save all fields
+            case 'PUT':
+                $rules['first_name'] = 'required|string|min:1';
+                $rules['username'] = 'required|string|min:1';
+                $rules['password'] = Setting::passwordComplexityRulesSaving('update');

+            // Save only what's passed
+            case 'PATCH':
+            {
+                $rules['password'] = Setting::passwordComplexityRulesSaving('update');
+            }

-        if ((\Route::currentRouteName()=='api.users.update') || (\Route::currentRouteName()=='users.update')) {
-            $rules['password'] = 'nullable|min:'.$settings->pwd_secure_min.$security_rules;
-        } else {
-            $rules['password'] = 'required|min:'.$settings->pwd_secure_min.$security_rules;
+            default:break;
        }

        $rules['password_confirm'] = 'sometimes|required_with:password';
--- a/app/Models/Setting.php
+++ b/app/Models/Setting.php
@ -160,33 +160,29 @@ class Setting extends Model
        return $this->slack_endpoint;
    }

-    public function passwordComplexityStringToArray()
+    public static function passwordComplexityRulesSaving($action = 'update')
    {
-        
-        $this->pwd_secure_complexity = 'numbers|letters|case_diff';
-        $complexity_array_split = array();
-        $complexity_array = array();
+        $security_rules = '';
+        $settings = Setting::getSettings();

-        if (($this->pwd_secure_complexity) && ($this->pwd_secure_complexity!='')) {
-            $complexity_array_split = explode('|',$this->pwd_secure_complexity);
+        // Check if they have uncommon password enforcement selected in settings
+        if ($settings->pwd_secure_uncommon == 1) {
+            $security_rules .= '|dumbpwd';
        }

-        for ($x = 0; $x < count($complexity_array_split); $x++) {
-            $complexity_array[$complexity_array_split[$x]] = 1;
+        // Check for any secure password complexity rules that may have been selected
+        if ($settings->pwd_secure_complexity!='') {
+            $security_rules  .= '|'.$settings->pwd_secure_complexity;
        }

-        return $complexity_array;
+        if ($action == 'update') {
+            return 'nullable|min:'.$settings->pwd_secure_min.$security_rules;
+        }
+
+        return 'required|min:'.$settings->pwd_secure_min.$security_rules;

    }

-    public static function passwordComplexityToFormattedString($array) {
-       // $array = array();
-        $string = '';
-        for ($x = 0; $x <= count($array); $x++) {
-            $string .= '|'.$array[$x];
-        }
-        
-        return $string;
-    }
+

 }
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@ -67,11 +67,15 @@ class AppServiceProvider extends ServiceProvider
        // This works around the use case where multiple deleted items have the same unique attribute.
        // (I think this is a bug in Laravel's validator?)
        Validator::extend('unique_undeleted', function ($attribute, $value, $parameters, $validator) {
-            $count = DB::table($parameters[0])->select('id')->where($attribute, '=', $value)->whereNull('deleted_at')->where('id', '!=', $parameters[1])->count();
-            return $count < 1;
+
+            if (count($parameters)) {
+                $count = DB::table($parameters[0])->select('id')->where($attribute, '=', $value)->whereNull('deleted_at')->where('id', '!=', $parameters[1])->count();
+                return $count < 1;
+            }
+
        });

-        // Share common variables with all views.
+        // Share common setting variables with all views.
        view()->composer('*', function ($view) {
            $view->with('snipeSettings', \App\Models\Setting::getSettings());
        });