diff --git a/.env.example b/.env.example index a0a4c769a..a56a3778f 100644 --- a/.env.example +++ b/.env.example @@ -95,7 +95,6 @@ ELASTIC_SCOUT_DRIVER_REFRESH_DOCUMENTS=false ELASTIC_MIGRATIONS_TABLE=elastic_migrations # external profile -PROFILE_MAX_ENTRIES=1000 USER_MAX_PROFILES=5 # ffmpeg diff --git a/app/Constants/Config/ExternalProfileConstants.php b/app/Constants/Config/ExternalProfileConstants.php index d9104ae08..576d12925 100644 --- a/app/Constants/Config/ExternalProfileConstants.php +++ b/app/Constants/Config/ExternalProfileConstants.php @@ -10,6 +10,4 @@ namespace App\Constants\Config; class ExternalProfileConstants { final public const MAX_PROFILES_QUALIFIED = 'externalprofile.user_max_profiles'; - - final public const MAX_ENTRIES_QUALIFIED = 'externalprofile.profile_max_entries'; } diff --git a/app/Filament/Resources/List/External/ExternalEntry.php b/app/Filament/Resources/List/External/ExternalEntry.php index a3210bb53..17cd9fc74 100644 --- a/app/Filament/Resources/List/External/ExternalEntry.php +++ b/app/Filament/Resources/List/External/ExternalEntry.php @@ -11,8 +11,6 @@ use App\Filament\Components\Fields\BelongsTo; use App\Filament\Components\Fields\Select; use App\Filament\Components\Infolist\TextEntry; use App\Filament\Resources\BaseResource; -use App\Filament\Resources\List\External\ExternalEntry\Pages\CreateExternalEntry; -use App\Filament\Resources\List\External\ExternalEntry\Pages\EditExternalEntry; use App\Filament\Resources\List\External\ExternalEntry\Pages\ListExternalEntries; use App\Filament\Resources\List\External\ExternalEntry\Pages\ViewExternalEntry; use App\Filament\Resources\List\External\RelationManagers\ExternalEntryExternalProfileRelationManager; @@ -327,9 +325,7 @@ class ExternalEntry extends BaseResource { return [ 'index' => ListExternalEntries::route('/'), - 'create' => CreateExternalEntry::route('/create'), 'view' => ViewExternalEntry::route('/{record:entry_id}'), - 'edit' => EditExternalEntry::route('/{record:entry_id}/edit'), ]; } } diff --git a/app/Filament/Resources/List/External/ExternalEntry/Pages/CreateExternalEntry.php b/app/Filament/Resources/List/External/ExternalEntry/Pages/CreateExternalEntry.php deleted file mode 100644 index 4aa4b273e..000000000 --- a/app/Filament/Resources/List/External/ExternalEntry/Pages/CreateExternalEntry.php +++ /dev/null @@ -1,16 +0,0 @@ -append(':') - ->append(AllowExternalProfileManagement::class) - ->__toString(); - $this->middleware(EnabledOnlyOnLocalhost::class); - $this->middleware($isExternalProfileManagementAllowed)->except(['index', 'show']); - $this->middleware(ExternalProfileExceedsEntryLimit::class)->only(['store', 'restore']); } /** @@ -69,26 +50,6 @@ class ExternalEntryController extends BaseController return new ExternalEntryCollection($resources, $query); } - /** - * Store a newly created resource. - * - * @param StoreRequest $request - * @param ExternalProfile $externalprofile - * @param StoreAction $action - * @return ExternalEntryResource - */ - public function store(StoreRequest $request, ExternalProfile $externalprofile, StoreAction $action): ExternalEntryResource - { - $validated = array_merge( - $request->validated(), - [ExternalEntry::ATTRIBUTE_PROFILE => $externalprofile->getKey()] - ); - - $externalentry = $action->store(ExternalEntry::query(), $validated); - - return new ExternalEntryResource($externalentry, new Query()); - } - /** * Display the specified resource. * @@ -106,67 +67,4 @@ class ExternalEntryController extends BaseController return new ExternalEntryResource($show, $query); } - - /** - * Update the specified resource. - * - * @param UpdateRequest $request - * @param ExternalProfile $externalprofile - * @param ExternalEntry $externalentry - * @param UpdateAction $action - * @return ExternalEntryResource - */ - public function update(UpdateRequest $request, ExternalProfile $externalprofile, ExternalEntry $externalentry, UpdateAction $action): ExternalEntryResource - { - $updated = $action->update($externalentry, $request->validated()); - - return new ExternalEntryResource($updated, new Query()); - } - - /** - * Remove the specified resource. - * - * @param ExternalProfile $externalprofile - * @param ExternalEntry $externalentry - * @param DestroyAction $action - * @return ExternalEntryResource - */ - public function destroy(ExternalProfile $externalprofile, ExternalEntry $externalentry, DestroyAction $action): ExternalEntryResource - { - $deleted = $action->destroy($externalentry); - - return new ExternalEntryResource($deleted, new Query()); - } - - /** - * Restore the specified resource. - * - * @param ExternalProfile $externalprofile - * @param ExternalEntry $externalentry - * @param RestoreAction $action - * @return ExternalEntryResource - */ - public function restore(ExternalProfile $externalprofile, ExternalEntry $externalentry, RestoreAction $action): ExternalEntryResource - { - $restored = $action->restore($externalentry); - - return new ExternalEntryResource($restored, new Query()); - } - - /** - * Hard-delete the specified resource. - * - * @param ExternalProfile $externalprofile - * @param ExternalEntry $externalentry - * @param ForceDeleteAction $action - * @return JsonResponse - */ - public function forceDelete(ExternalProfile $externalprofile, ExternalEntry $externalentry, ForceDeleteAction $action): JsonResponse - { - $message = $action->forceDelete($externalentry); - - return new JsonResponse([ - 'message' => $message, - ]); - } } \ No newline at end of file diff --git a/app/Http/Middleware/Models/List/ExternalProfileExceedsEntryLimit.php b/app/Http/Middleware/Models/List/ExternalProfileExceedsEntryLimit.php deleted file mode 100644 index 5c8b7c680..000000000 --- a/app/Http/Middleware/Models/List/ExternalProfileExceedsEntryLimit.php +++ /dev/null @@ -1,46 +0,0 @@ -route('externalprofile'); - - /** @var User|null $user */ - $user = $request->user('sanctum'); - - if ( - intval($profile?->externalentries()?->count()) >= $entryLimit - && empty($user?->can(SpecialPermission::BYPASS_FEATURE_FLAGS->value)) - ) { - abort(403, "External profiles cannot contain more than '$entryLimit' entries."); - } - - return $next($request); - } -} diff --git a/app/Policies/List/External/ExternalEntryPolicy.php b/app/Policies/List/External/ExternalEntryPolicy.php index 997172fca..f759646a2 100644 --- a/app/Policies/List/External/ExternalEntryPolicy.php +++ b/app/Policies/List/External/ExternalEntryPolicy.php @@ -5,7 +5,6 @@ declare(strict_types=1); namespace App\Policies\List\External; use App\Enums\Auth\CrudPermission; -use App\Enums\Auth\ExtendedCrudPermission; use App\Enums\Models\List\ExternalProfileVisibility; use App\Models\Auth\User; use App\Models\BaseModel; @@ -78,7 +77,7 @@ class ExternalEntryPolicy extends BasePolicy /** @var ExternalProfile|null $profile */ $profile = request()->route('externalprofile'); - return $user->getKey() === $profile?->user_id; + return parent::create($user) && $user->getKey() === $profile?->user_id; } /** @@ -99,7 +98,7 @@ class ExternalEntryPolicy extends BasePolicy /** @var ExternalProfile|null $profile */ $profile = request()->route('externalprofile'); - return !$entry->trashed() && $user->getKey() === $profile?->user_id && $user->can(CrudPermission::UPDATE->format(ExternalEntry::class)); + return parent::update($user, $entry) && $user->getKey() === $profile?->user_id; } /** @@ -120,7 +119,7 @@ class ExternalEntryPolicy extends BasePolicy /** @var ExternalProfile|null $profile */ $profile = request()->route('externalprofile'); - return !$entry->trashed() && $user->getKey() === $profile?->user_id && $user->can(CrudPermission::DELETE->format(ExternalEntry::class)); + return parent::delete($user, $entry) && $user->getKey() === $profile?->user_id; } /** @@ -141,6 +140,6 @@ class ExternalEntryPolicy extends BasePolicy /** @var ExternalProfile|null $profile */ $profile = request()->route('externalprofile'); - return $entry->trashed() && $user->getKey() === $profile?->user_id && $user->can(ExtendedCrudPermission::RESTORE->format(ExternalEntry::class)); + return parent::restore($user, $entry) && $user->getKey() === $profile?->user_id; } } diff --git a/config/externalprofile.php b/config/externalprofile.php index 5d60615ca..a031124c5 100644 --- a/config/externalprofile.php +++ b/config/externalprofile.php @@ -10,12 +10,8 @@ return [ |-------------------------------------------------------------------------- | | These values represent caps on external profiles to prevent spam. By default, - | an individual external profile is permitted 1000 entries, and a user - | is permitted 5 external profiles. - | + | a user is permitted 5 external profiles. */ - 'profile_max_entries' => (int) env('PROFILE_MAX_ENTRIES', 1000), - 'user_max_profiles' => (int) env('USER_MAX_PROFILES', 5), ]; diff --git a/database/seeders/Auth/Permission/PermissionSeeder.php b/database/seeders/Auth/Permission/PermissionSeeder.php index 7a7b3da6b..ebd255f85 100644 --- a/database/seeders/Auth/Permission/PermissionSeeder.php +++ b/database/seeders/Auth/Permission/PermissionSeeder.php @@ -68,7 +68,7 @@ class PermissionSeeder extends Seeder $this->registerResource(DiscordThread::class, CrudPermission::cases()); // List Resources - $this->registerResource(ExternalEntry::class, $extendedCrudPermissions); + $this->registerResource(ExternalEntry::class, [CrudPermission::VIEW]); $this->registerResource(ExternalProfile::class, $extendedCrudPermissions); $this->registerResource(Playlist::class, $extendedCrudPermissions); $this->registerResource(PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/Auth/Role/AdminSeeder.php b/database/seeders/Auth/Role/AdminSeeder.php index e873f1b00..276be6480 100644 --- a/database/seeders/Auth/Role/AdminSeeder.php +++ b/database/seeders/Auth/Role/AdminSeeder.php @@ -75,7 +75,7 @@ class AdminSeeder extends RoleSeeder $this->configureResource($role, DiscordThread::class, CrudPermission::cases()); // List Resources - $this->configureResource($role, ExternalEntry::class, $extendedCrudPermissions); + $this->configureResource($role, ExternalEntry::class, [CrudPermission::VIEW]); $this->configureResource($role, ExternalProfile::class, $extendedCrudPermissions); $this->configureResource($role, Playlist::class, $extendedCrudPermissions); $this->configureResource($role, PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/Auth/Role/DeveloperRoleSeeder.php b/database/seeders/Auth/Role/DeveloperRoleSeeder.php index 7d7df5dab..50123d161 100644 --- a/database/seeders/Auth/Role/DeveloperRoleSeeder.php +++ b/database/seeders/Auth/Role/DeveloperRoleSeeder.php @@ -58,7 +58,7 @@ class DeveloperRoleSeeder extends RoleSeeder $this->configureResource($role, DiscordThread::class, [CrudPermission::VIEW]); // List Resources - $this->configureResource($role, ExternalEntry::class, $extendedCrudPermissions); + $this->configureResource($role, ExternalEntry::class, [CrudPermission::VIEW]); $this->configureResource($role, ExternalProfile::class, $extendedCrudPermissions); $this->configureResource($role, Playlist::class, $extendedCrudPermissions); $this->configureResource($role, PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/Auth/Role/EncoderRoleSeeder.php b/database/seeders/Auth/Role/EncoderRoleSeeder.php index 44409053c..a79f3fcca 100644 --- a/database/seeders/Auth/Role/EncoderRoleSeeder.php +++ b/database/seeders/Auth/Role/EncoderRoleSeeder.php @@ -58,7 +58,7 @@ class EncoderRoleSeeder extends RoleSeeder $this->configureResource($role, DiscordThread::class, [CrudPermission::CREATE, CrudPermission::UPDATE, CrudPermission::VIEW]); // List Resources - $this->configureResource($role, ExternalEntry::class, $extendedCrudPermissions); + $this->configureResource($role, ExternalEntry::class, [CrudPermission::VIEW]); $this->configureResource($role, ExternalProfile::class, $extendedCrudPermissions); $this->configureResource($role, Playlist::class, $extendedCrudPermissions); $this->configureResource($role, PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/Auth/Role/PatronRoleSeeder.php b/database/seeders/Auth/Role/PatronRoleSeeder.php index f43dc59c4..dfb905417 100644 --- a/database/seeders/Auth/Role/PatronRoleSeeder.php +++ b/database/seeders/Auth/Role/PatronRoleSeeder.php @@ -58,7 +58,7 @@ class PatronRoleSeeder extends RoleSeeder $this->configureResource($role, DiscordThread::class, [CrudPermission::VIEW]); // List Resources - $this->configureResource($role, ExternalEntry::class, $extendedCrudPermissions); + $this->configureResource($role, ExternalEntry::class, [CrudPermission::VIEW]); $this->configureResource($role, ExternalProfile::class, $extendedCrudPermissions); $this->configureResource($role, Playlist::class, $extendedCrudPermissions); $this->configureResource($role, PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/Auth/Role/PlaylistUserRoleSeeder.php b/database/seeders/Auth/Role/PlaylistUserRoleSeeder.php index d633cd6c5..5b4ace820 100644 --- a/database/seeders/Auth/Role/PlaylistUserRoleSeeder.php +++ b/database/seeders/Auth/Role/PlaylistUserRoleSeeder.php @@ -38,7 +38,7 @@ class PlaylistUserRoleSeeder extends RoleSeeder ); // List Resources - $this->configureResource($role, ExternalEntry::class, $extendedCrudPermissions); + $this->configureResource($role, ExternalEntry::class, [CrudPermission::VIEW]); $this->configureResource($role, ExternalProfile::class, $extendedCrudPermissions); $this->configureResource($role, Playlist::class, $extendedCrudPermissions); $this->configureResource($role, PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/Auth/Role/WikiEditorRoleSeeder.php b/database/seeders/Auth/Role/WikiEditorRoleSeeder.php index 7e0e10d20..d0aecdd64 100644 --- a/database/seeders/Auth/Role/WikiEditorRoleSeeder.php +++ b/database/seeders/Auth/Role/WikiEditorRoleSeeder.php @@ -58,7 +58,7 @@ class WikiEditorRoleSeeder extends RoleSeeder $this->configureResource($role, DiscordThread::class, [CrudPermission::VIEW]); // List Resources - $this->configureResource($role, ExternalEntry::class, $extendedCrudPermissions); + $this->configureResource($role, ExternalEntry::class, [CrudPermission::VIEW]); $this->configureResource($role, ExternalProfile::class, $extendedCrudPermissions); $this->configureResource($role, Playlist::class, $extendedCrudPermissions); $this->configureResource($role, PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/Auth/Role/WikiViewerRoleSeeder.php b/database/seeders/Auth/Role/WikiViewerRoleSeeder.php index 7c17ece23..7b9359966 100644 --- a/database/seeders/Auth/Role/WikiViewerRoleSeeder.php +++ b/database/seeders/Auth/Role/WikiViewerRoleSeeder.php @@ -58,7 +58,7 @@ class WikiViewerRoleSeeder extends RoleSeeder $this->configureResource($role, DiscordThread::class, [CrudPermission::VIEW]); // List Resources - $this->configureResource($role, ExternalEntry::class, $extendedCrudPermissions); + $this->configureResource($role, ExternalEntry::class, [CrudPermission::VIEW]); $this->configureResource($role, ExternalProfile::class, $extendedCrudPermissions); $this->configureResource($role, Playlist::class, $extendedCrudPermissions); $this->configureResource($role, PlaylistTrack::class, $extendedCrudPermissions); diff --git a/database/seeders/DeletePermissionsSeeder.php b/database/seeders/DeletePermissionsSeeder.php new file mode 100644 index 000000000..3473c6666 --- /dev/null +++ b/database/seeders/DeletePermissionsSeeder.php @@ -0,0 +1,30 @@ +orWhere(Permission::ATTRIBUTE_NAME, 'create external entry') + ->orWhere(Permission::ATTRIBUTE_NAME, 'update external entry') + ->orWhere(Permission::ATTRIBUTE_NAME, 'delete external entry') + ->orWhere(Permission::ATTRIBUTE_NAME, 'force delete external entry') + ->orWhere(Permission::ATTRIBUTE_NAME, 'restore external entry') + ->delete(); + } +}