mirror of
https://github.com/librenms/librenms.git
synced 2024-10-07 16:52:45 +00:00
2b3575a5e9
* Apply code style * Remove explicit call to register policies * Shift core files * Shift config files * Default config files In an effort to make upgrading the constantly changing config files easier, Shift defaulted them and merged your true customizations - where ENV variables may not be used. * Bump Laravel dependencies * Add type hints for Laravel 10 * Shift cleanup * wip * wip * sync translation * Sync back config * Public Path Binding * QueryException * monolog * db::raw * monolog * db::raw * fix larastan collections * fix phpstan bug looping forever * larastan errors * larastan: fix column type * styleci * initialize array * fixes * fixes --------- Co-authored-by: Shift <shift@laravelshift.com>
91 lines
2.9 KiB
PHP
91 lines
2.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Requests;
|
|
|
|
use Hash;
|
|
use Illuminate\Foundation\Http\FormRequest;
|
|
use Illuminate\Validation\Validator;
|
|
use LibreNMS\Config;
|
|
|
|
class UpdateUserRequest extends FormRequest
|
|
{
|
|
/**
|
|
* Determine if the user is authorized to make this request.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function authorize(): bool
|
|
{
|
|
if ($this->user()->isAdmin()) {
|
|
return true;
|
|
}
|
|
|
|
$user = $this->route('user');
|
|
if ($user && $this->user()->can('update', $user)) {
|
|
// normal users cannot edit their level or ability to modify a password
|
|
unset($this['level'], $this['can_modify_passwd']);
|
|
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Get the validation rules that apply to the request.
|
|
*
|
|
* @return array
|
|
*/
|
|
public function rules(): array
|
|
{
|
|
if ($this->user()->isAdmin()) {
|
|
return [
|
|
'realname' => 'nullable|max:64|alpha_space',
|
|
'email' => 'nullable|email|max:64',
|
|
'descr' => 'nullable|max:30|alpha_space',
|
|
'new_password' => 'nullable|confirmed|min:' . Config::get('password.min_length', 8),
|
|
'new_password_confirmation' => 'nullable|same:new_password',
|
|
'dashboard' => 'int',
|
|
'level' => 'int',
|
|
'enabled' => 'nullable',
|
|
'can_modify_passwd' => 'nullable',
|
|
];
|
|
}
|
|
|
|
return [
|
|
'realname' => 'nullable|max:64|alpha_space',
|
|
'email' => 'nullable|email|max:64',
|
|
'descr' => 'nullable|max:30|alpha_space',
|
|
'old_password' => 'nullable|string',
|
|
'new_password' => 'nullable|confirmed|min:' . Config::get('password.min_length', 8),
|
|
'new_password_confirmation' => 'nullable|same:new_password',
|
|
'dashboard' => 'int',
|
|
];
|
|
}
|
|
|
|
/**
|
|
* Configure the validator instance.
|
|
*
|
|
* @param \Illuminate\Validation\Validator $validator
|
|
* @return void
|
|
*/
|
|
public function withValidator($validator)
|
|
{
|
|
$validator->after(function ($validator) {
|
|
// if not an admin and new_password is set, check old password matches
|
|
if (! $this->user()->isAdmin()) {
|
|
if ($this->has('new_password')) {
|
|
if ($this->has('old_password')) {
|
|
$user = $this->route('user');
|
|
if ($user && ! Hash::check($this->old_password, $user->password)) {
|
|
$validator->errors()->add('old_password', __('Existing password did not match'));
|
|
}
|
|
} else {
|
|
$validator->errors()->add('old_password', __('The :attribute field is required.', ['attribute' => 'old_password']));
|
|
}
|
|
}
|
|
}
|
|
});
|
|
}
|
|
}
|