diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index b9026aaece..dda951377d 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -7,6 +7,11 @@ use App\Helpers\StorageHelper; use App\Http\Requests\ImageUploadRequest; use App\Http\Requests\SettingsSamlRequest; use App\Http\Requests\SetupUserRequest; +use App\Http\Requests\StoreLdapSettings; +use App\Http\Requests\StoreLocalizationSettings; +use App\Http\Requests\StoreNotificationSettings; +use App\Http\Requests\StoreLabelSettings; +use App\Http\Requests\StoreSecuritySettings; use App\Models\CustomField; use App\Models\Group; use App\Models\Setting; @@ -486,7 +491,7 @@ class SettingsController extends Controller * * @since [v1.0] */ - public function postSecurity(Request $request) : RedirectResponse + public function postSecurity(StoreSecuritySettings $request) : RedirectResponse { $this->validate($request, [ 'pwd_secure_complexity' => 'array', @@ -556,7 +561,7 @@ class SettingsController extends Controller * * @since [v1.0] */ - public function postLocalization(Request $request) : RedirectResponse + public function postLocalization(StoreLocalizationSettings $request) : RedirectResponse { if (is_null($setting = Setting::getSettings())) { return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error')); @@ -599,7 +604,7 @@ class SettingsController extends Controller * @author [A. Gianotto] [] * @since [v1.0] */ - public function postAlerts(Request $request) : RedirectResponse + public function postAlerts(StoreNotificationSettings $request) : RedirectResponse { if (is_null($setting = Setting::getSettings())) { return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error')); @@ -780,7 +785,7 @@ class SettingsController extends Controller * @author [A. Gianotto] [] * @since [v4.0] */ - public function postLabels(Request $request) : RedirectResponse + public function postLabels(StoreLabelSettings $request) : RedirectResponse { if (is_null($setting = Setting::getSettings())) { return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error')); @@ -855,30 +860,11 @@ class SettingsController extends Controller * * @since [v4.0] */ - public function getLdapSettings() : View + public function getLdapSettings(StoreLdapSettings $request) : View { $setting = Setting::getSettings(); $groups = Group::pluck('name', 'id'); - - - /** - * This validator is only temporary (famous last words.) - @snipe - */ - $messages = [ - 'ldap_username_field.not_in' => 'sAMAccountName (mixed case) will likely not work. You should use samaccountname (lowercase) instead. ', - 'ldap_auth_filter_query.not_in' => 'uid=samaccountname is probably not a valid auth filter. You probably want uid= ', - 'ldap_filter.regex' => 'This value should probably not be wrapped in parentheses.', - ]; - - $validator = Validator::make($setting->toArray(), [ - 'ldap_username_field' => 'not_in:sAMAccountName', - 'ldap_auth_filter_query' => 'not_in:uid=samaccountname|required_if:ldap_enabled,1', - 'ldap_filter' => 'nullable|regex:"^[^(]"|required_if:ldap_enabled,1', - ], $messages); - - - - return view('settings.ldap', compact('setting', 'groups'))->withErrors($validator); + return view('settings.ldap', compact('setting', 'groups'))->withErrors($setting->getErrors()); } /** @@ -887,7 +873,7 @@ class SettingsController extends Controller * @author [A. Gianotto] [] * @since [v4.0] */ - public function postLdapSettings(Request $request) : RedirectResponse + public function postLdapSettings(StoreLdapSettings $request) : RedirectResponse { if (is_null($setting = Setting::getSettings())) { return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error')); diff --git a/app/Http/Requests/StoreLabelSettings.php b/app/Http/Requests/StoreLabelSettings.php new file mode 100644 index 0000000000..a203d2702d --- /dev/null +++ b/app/Http/Requests/StoreLabelSettings.php @@ -0,0 +1,41 @@ +|string> + */ + public function rules(): array + { + return [ + 'labels_per_page' => 'numeric', + 'labels_width' => 'numeric', + 'labels_height' => 'numeric', + 'labels_pmargin_left' => 'numeric|nullable', + 'labels_pmargin_right' => 'numeric|nullable', + 'labels_pmargin_top' => 'numeric|nullable', + 'labels_pmargin_bottom' => 'numeric|nullable', + 'labels_display_bgutter' => 'numeric|nullable', + 'labels_display_sgutter' => 'numeric|nullable', + 'labels_fontsize' => 'numeric|min:5', + 'labels_pagewidth' => 'numeric|nullable', + 'labels_pageheight' => 'numeric|nullable', + 'qr_text' => 'max:31|nullable', + ]; + } +} diff --git a/app/Http/Requests/StoreLdapSettings.php b/app/Http/Requests/StoreLdapSettings.php new file mode 100644 index 0000000000..50a066f134 --- /dev/null +++ b/app/Http/Requests/StoreLdapSettings.php @@ -0,0 +1,40 @@ +|string> + */ + public function rules(): array + { + return [ + 'ldap_username_field' => 'not_in:sAMAccountName', + 'ldap_auth_filter_query' => 'not_in:uid=samaccountname|required_if:ldap_enabled,1', + 'ldap_filter' => 'nullable|regex:"^[^(]"|required_if:ldap_enabled,1', + ]; + } + + public function messages() : array + { + return [ + 'ldap_username_field.not_in' => 'sAMAccountName (mixed case) will likely not work. You should use samaccountname (lowercase) instead. ', + 'ldap_auth_filter_query.not_in' => 'uid=samaccountname is probably not a valid auth filter. You probably want uid= ', + 'ldap_filter.regex' => 'This value should probably not be wrapped in parentheses.', + ]; + } +} diff --git a/app/Http/Requests/StoreLocalizationSettings.php b/app/Http/Requests/StoreLocalizationSettings.php new file mode 100644 index 0000000000..4cea8826e8 --- /dev/null +++ b/app/Http/Requests/StoreLocalizationSettings.php @@ -0,0 +1,30 @@ +|string> + */ + public function rules(): array + { + return [ + 'default_currency' => 'required', + 'locale' => 'required', + ]; + } +} diff --git a/app/Http/Requests/StoreNotificationSettings.php b/app/Http/Requests/StoreNotificationSettings.php new file mode 100644 index 0000000000..37034732f8 --- /dev/null +++ b/app/Http/Requests/StoreNotificationSettings.php @@ -0,0 +1,36 @@ +|string> + */ + public function rules(): array + { + return [ + 'alert_email' => 'email_array|nullable', + 'admin_cc_email' => 'email|nullable', + 'alert_threshold' => 'numeric|nullable', + 'alert_interval' => 'numeric|nullable', + 'audit_warning_days' => 'numeric|nullable', + 'due_checkin_days' => 'numeric|nullable', + 'audit_interval' => 'numeric|nullable', + ]; + } +} diff --git a/app/Http/Requests/StoreSecuritySettings.php b/app/Http/Requests/StoreSecuritySettings.php new file mode 100644 index 0000000000..42a529aa57 --- /dev/null +++ b/app/Http/Requests/StoreSecuritySettings.php @@ -0,0 +1,35 @@ +|string> + */ + public function rules(): array + { + return [ + 'pwd_secure_min' => 'numeric|required|min:8', + 'custom_forgot_pass_url' => 'url|nullable', + 'privacy_policy_link' => 'nullable|url', + 'login_remote_user_enabled' => 'numeric|nullable', + 'login_common_disabled' => 'numeric|nullable', + 'login_remote_user_custom_logout_url' => 'string|nullable', + 'login_remote_user_header_name' => 'string|nullable', + ]; + } +} diff --git a/app/Models/Setting.php b/app/Models/Setting.php index d775be81c5..6f585b95f8 100755 --- a/app/Models/Setting.php +++ b/app/Models/Setting.php @@ -51,36 +51,7 @@ class Setting extends Model */ protected $rules = [ 'brand' => 'required|min:1|numeric', - 'qr_text' => 'max:31|nullable', - 'alert_email' => 'email_array|nullable', - 'admin_cc_email' => 'email|nullable', - 'default_currency' => 'required', - 'locale' => 'required', - 'labels_per_page' => 'numeric', - 'labels_width' => 'numeric', - 'labels_height' => 'numeric', - 'labels_pmargin_left' => 'numeric|nullable', - 'labels_pmargin_right' => 'numeric|nullable', - 'labels_pmargin_top' => 'numeric|nullable', - 'labels_pmargin_bottom' => 'numeric|nullable', - 'labels_display_bgutter' => 'numeric|nullable', - 'labels_display_sgutter' => 'numeric|nullable', - 'labels_fontsize' => 'numeric|min:5', - 'labels_pagewidth' => 'numeric|nullable', - 'labels_pageheight' => 'numeric|nullable', - 'login_remote_user_enabled' => 'numeric|nullable', - 'login_common_disabled' => 'numeric|nullable', - 'login_remote_user_custom_logout_url' => 'string|nullable', - 'login_remote_user_header_name' => 'string|nullable', 'thumbnail_max_h' => 'numeric|max:500|min:25', - 'pwd_secure_min' => 'numeric|required|min:8', - 'alert_threshold' => 'numeric|nullable', - 'alert_interval' => 'numeric|nullable', - 'audit_warning_days' => 'numeric|nullable', - 'due_checkin_days' => 'numeric|nullable', - 'audit_interval' => 'numeric|nullable', - 'custom_forgot_pass_url' => 'url|nullable', - 'privacy_policy_link' => 'nullable|url', 'google_client_id' => 'nullable|ends_with:apps.googleusercontent.com' ]; diff --git a/resources/views/settings/alerts.blade.php b/resources/views/settings/alerts.blade.php index edbf1be839..8a76d5b315 100644 --- a/resources/views/settings/alerts.blade.php +++ b/resources/views/settings/alerts.blade.php @@ -21,9 +21,10 @@ - {{ Form::open(['method' => 'POST', 'files' => false, 'autocomplete' => 'off', 'class' => 'form-horizontal', 'role' => 'form' ]) }} +
+ - {{csrf_field()}} + {{ csrf_field() }}
@@ -68,12 +69,10 @@ {{ Form::label('alert_email', trans('admin/settings/general.alert_email')) }}
- {{ Form::text('alert_email', old('alert_email', $setting->alert_email), array('class' => 'form-control','placeholder' => 'admin@yourcompany.com')) }} + {!! $errors->first('alert_email', '
') !!} -

{{ trans('admin/settings/general.alert_email_help') }}

-
@@ -84,7 +83,7 @@ {{ Form::label('admin_cc_email', trans('admin/settings/general.admin_cc_email')) }}
- {{ Form::text('admin_cc_email', old('admin_cc_email', $setting->admin_cc_email), array('class' => 'form-control','placeholder' => 'admin@yourcompany.com')) }} + {!! $errors->first('admin_cc_email', '
') !!}

{{ trans('admin/settings/general.admin_cc_email_help') }}

@@ -154,10 +153,6 @@
{{ Form::text('due_checkin_days', old('due_checkin_days', $setting->due_checkin_days), array('class' => 'form-control','placeholder' => '14', 'maxlength'=>'3', 'style'=>'width: 60px;')) }} {{ trans('general.days') }} - - - -
{!! $errors->first('due_checkin_days', '') !!} diff --git a/resources/views/settings/general.blade.php b/resources/views/settings/general.blade.php index c800b26ac9..17c0a8ec81 100644 --- a/resources/views/settings/general.blade.php +++ b/resources/views/settings/general.blade.php @@ -18,7 +18,7 @@ - {{ Form::open(['method' => 'POST', 'files' => false, 'autocomplete' => 'off', 'class' => 'form-horizontal', 'role' => 'form' ]) }} + {{csrf_field()}} diff --git a/resources/views/settings/ldap.blade.php b/resources/views/settings/ldap.blade.php index 0c9faf8c2e..30f928ed7c 100644 --- a/resources/views/settings/ldap.blade.php +++ b/resources/views/settings/ldap.blade.php @@ -43,7 +43,7 @@ @endif - {{ Form::open(['method' => 'POST', 'files' => false, 'autocomplete' => 'off', 'class' => 'form-horizontal', 'role' => 'form']) }} + {{csrf_field()}} @@ -314,7 +314,10 @@ {{ Form::text('ldap_lname_field', old('ldap_lname_field', $setting->ldap_lname_field), ['class' => 'form-control','placeholder' => trans('general.example') .'sn', $setting->demoMode]) }} {!! $errors->first('ldap_lname_field', '') !!} @if (config('app.lock_passwords')===true) -

{{ trans('general.feature_disabled') }}

+

+ + {{ trans('general.feature_disabled') }} +

@endif
diff --git a/resources/views/settings/security.blade.php b/resources/views/settings/security.blade.php index 1b04f7d58a..a51c86fccb 100644 --- a/resources/views/settings/security.blade.php +++ b/resources/views/settings/security.blade.php @@ -16,9 +16,10 @@ - {{ Form::open(['method' => 'POST', 'files' => false, 'autocomplete' => 'off', 'class' => 'form-horizontal', 'role' => 'form' ]) }} + + - {{csrf_field()}} + {{ csrf_field() }}