From 9fd4b56066b28b30a2c87d7edb823d1868a77a1d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Jaussoin?=
 <timothee.jaussoin@belledonne-communications.com>
Date: Tue, 23 Jan 2024 16:05:47 +0000
Subject: [PATCH] Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and
 move it to a proper Middleware

---
 CHANGELOG.md                                  | 11 +++++
 flexiapi/app/Helpers/Utils.php                |  5 ---
 flexiapi/app/Http/Kernel.php                  |  1 +
 flexiapi/app/Http/Middleware/Authenticate.php |  2 +-
 .../app/Http/Middleware/IsWebPanelEnabled.php | 42 +++++++++++++++++++
 .../resources/views/account/login.blade.php   |  2 +-
 .../resources/views/layouts/main.blade.php    | 40 +++++++++---------
 .../resources/views/parts/recovery.blade.php  | 30 +++++++------
 flexiapi/routes/web.php                       | 30 ++++++-------
 9 files changed, 104 insertions(+), 59 deletions(-)
 create mode 100644 flexiapi/app/Http/Middleware/IsWebPanelEnabled.php

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ec1ce34..4ff6883 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,9 @@
 
 v1.5
 ----
+- Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and move it to a proper Middleware
+- Fix FLEXIAPI-133 Use the correct breadcrumb on create and fix a password
+- Fix #143 Ensure that the ProvisioningToken model behave likes all the other Consommable
 - Fix #141 Add a new hook system for the Account Service
 - Fix #138 Add a dictionary attached to the accounts
 - Fix #137 Migrate the icons from Material Icons to Material Symbols
@@ -11,6 +14,14 @@ v1.5
 - Fix #132 Move the provisioning_tokens and recovery_codes to dedicated table
 - Fix #130 Drop the group column in the Accounts table
 
+v1.4.4
+------
+- Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and move it to a proper Middleware
+
+v1.4.3
+------
+- Fix FLEXIAPI-133 Use the correct breadcrumb on create and fix a password update related issue on update
+
 v1.4.2
 ------
 - Fix #135 Refactor the password algorithms code
diff --git a/flexiapi/app/Helpers/Utils.php b/flexiapi/app/Helpers/Utils.php
index 20cece1..4249a8d 100644
--- a/flexiapi/app/Helpers/Utils.php
+++ b/flexiapi/app/Helpers/Utils.php
@@ -92,11 +92,6 @@ function markdownDocumentationView($view): string
     );
 }
 
-function publicRegistrationEnabled(): bool
-{
-    return (config('app.public_registration'));
-}
-
 function isRegularExpression($string): bool
 {
     set_error_handler(function () {
diff --git a/flexiapi/app/Http/Kernel.php b/flexiapi/app/Http/Kernel.php
index 9790a8f..d7a3602 100644
--- a/flexiapi/app/Http/Kernel.php
+++ b/flexiapi/app/Http/Kernel.php
@@ -72,6 +72,7 @@ class Kernel extends HttpKernel
         'auth.admin' => \App\Http\Middleware\AuthenticateAdmin::class,
         'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
         'auth.digest_or_key' => \App\Http\Middleware\AuthenticateDigestOrKey::class,
+        'web_panel_enabled' => \App\Http\Middleware\IsWebPanelEnabled::class,
         'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
         'can' => \Illuminate\Auth\Middleware\Authorize::class,
diff --git a/flexiapi/app/Http/Middleware/Authenticate.php b/flexiapi/app/Http/Middleware/Authenticate.php
index 18ed0ec..6fb8764 100644
--- a/flexiapi/app/Http/Middleware/Authenticate.php
+++ b/flexiapi/app/Http/Middleware/Authenticate.php
@@ -14,7 +14,7 @@ class Authenticate extends Middleware
      */
     protected function redirectTo($request)
     {
-        if (! $request->expectsJson()) {
+        if (!$request->expectsJson()) {
             return route('account.home');
         }
     }
diff --git a/flexiapi/app/Http/Middleware/IsWebPanelEnabled.php b/flexiapi/app/Http/Middleware/IsWebPanelEnabled.php
new file mode 100644
index 0000000..156b191
--- /dev/null
+++ b/flexiapi/app/Http/Middleware/IsWebPanelEnabled.php
@@ -0,0 +1,42 @@
+<?php
+/*
+    Flexisip Account Manager is a set of tools to manage SIP accounts.
+    Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as
+    published by the Free Software Foundation, either version 3 of the
+    License, or (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class IsWebPanelEnabled
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (!$request->expectsJson() && config('app.web_panel')) {
+            return $next($request);
+        }
+
+        return redirect()->route('about');
+    }
+}
diff --git a/flexiapi/resources/views/account/login.blade.php b/flexiapi/resources/views/account/login.blade.php
index 0014325..56bd01c 100644
--- a/flexiapi/resources/views/account/login.blade.php
+++ b/flexiapi/resources/views/account/login.blade.php
@@ -37,7 +37,7 @@
 
         @include('parts.recovery')
 
-        @if (publicRegistrationEnabled())
+        @if (config('app.public_registration'))
             <br />
             <br />
 
diff --git a/flexiapi/resources/views/layouts/main.blade.php b/flexiapi/resources/views/layouts/main.blade.php
index 511a932..ca1312a 100644
--- a/flexiapi/resources/views/layouts/main.blade.php
+++ b/flexiapi/resources/views/layouts/main.blade.php
@@ -20,30 +20,28 @@
 
 <body class="@if (isset($welcome) && $welcome) welcome @endif">
     <header>
-        @if (config('app.web_panel'))
-            <nav>
-                <a id="logo" href="{{ route('account.home') }}"><span
-                        class="on_desktop">{{ config('app.name') }}</span></a>
+        <nav>
+            <a id="logo" href="{{ route('account.home') }}"><span
+                    class="on_desktop">{{ config('app.name') }}</span></a>
 
-                @if (!isset($welcome) || $welcome == false)
-                    <a id="menu" class="on_mobile" href="#"
-                        onclick="document.body.classList.toggle('show_menu')"></a>
-                @endif
+            @if (!isset($welcome) || $welcome == false)
+                <a id="menu" class="on_mobile" href="#"
+                    onclick="document.body.classList.toggle('show_menu')"></a>
+            @endif
 
-                <a class="oppose" href="{{ route('about') }}">
-                    <i class="material-symbols-outlined">info</i><span class="on_desktop">About</span>
+            <a class="oppose" href="{{ route('about') }}">
+                <i class="material-symbols-outlined">info</i><span class="on_desktop">About</span>
+            </a>
+            @if (auth()->user())
+                <a class="oppose" href="{{ route('account.dashboard') }}">
+                    <i class="material-symbols-outlined">account_circle</i><span
+                        class="on_desktop">{{ auth()->user()->identifier }}</span>
                 </a>
-                @if (auth()->user())
-                    <a class="oppose" href="{{ route('account.dashboard') }}">
-                        <i class="material-symbols-outlined">account_circle</i><span
-                            class="on_desktop">{{ auth()->user()->identifier }}</span>
-                    </a>
-                    <a class="oppose" href="{{ route('account.logout') }}">
-                        <i class="material-symbols-outlined">logout</i>
-                    </a>
-                @endif
-            </nav>
-        @endif
+                <a class="oppose" href="{{ route('account.logout') }}">
+                    <i class="material-symbols-outlined">logout</i>
+                </a>
+            @endif
+        </nav>
     </header>
 
     <content>
diff --git a/flexiapi/resources/views/parts/recovery.blade.php b/flexiapi/resources/views/parts/recovery.blade.php
index 15ad061..8b63573 100644
--- a/flexiapi/resources/views/parts/recovery.blade.php
+++ b/flexiapi/resources/views/parts/recovery.blade.php
@@ -1,16 +1,14 @@
-@if (config('app.web_panel'))
-    <p class="text-center pt-3">
-        @if (config('app.account_email_unique'))
-            Set or recover your account
-        @else
-            Set or recover your password
-        @endif
-            using your <a href="{{ route('account.recovery.show.email') }}">Email address</a>
-        @if (config('app.phone_authentication'))
-            or your <a href="{{ route('account.recovery.show.phone') }}">Phone number</a>
-        @endif
-    </p>
-    <p class="text-center">
-        …or login using an already authenticated device <a href="{{ route('account.authenticate.auth_token') }}">by flashing a QRcode</a>.
-    </p>
-@endif
\ No newline at end of file
+<p class="text-center pt-3">
+    @if (config('app.account_email_unique'))
+        Set or recover your account
+    @else
+        Set or recover your password
+    @endif
+        using your <a href="{{ route('account.recovery.show.email') }}">Email address</a>
+    @if (config('app.phone_authentication'))
+        or your <a href="{{ route('account.recovery.show.phone') }}">Phone number</a>
+    @endif
+</p>
+<p class="text-center">
+    …or login using an already authenticated device <a href="{{ route('account.authenticate.auth_token') }}">by flashing a QRcode</a>.
+</p>
\ No newline at end of file
diff --git a/flexiapi/routes/web.php b/flexiapi/routes/web.php
index 9771e06..276040d 100644
--- a/flexiapi/routes/web.php
+++ b/flexiapi/routes/web.php
@@ -44,15 +44,15 @@ Route::redirect('/', 'login')->name('account.home');
 Route::get('documentation', 'Account\AccountController@documentation')->name('account.documentation');
 Route::get('about', 'AboutController@about')->name('about');
 
-if (config('app.web_panel')) {
+Route::middleware(['web_panel_enabled'])->group(function () {
     Route::get('login', 'Account\AuthenticateController@login')->name('account.login');
     Route::post('authenticate', 'Account\AuthenticateController@authenticate')->name('account.authenticate');
     Route::get('authenticate/qrcode/{token?}', 'Account\AuthenticateController@loginAuthToken')->name('account.authenticate.auth_token');
-}
 
-Route::prefix('creation_token')->controller(CreationRequestTokenController::class)->group(function () {
-    Route::get('check/{token}', 'check')->name('account.creation_request_token.check');
-    Route::post('validate', 'validateToken')->name('account.creation_request_token.validate');
+    Route::prefix('creation_token')->controller(CreationRequestTokenController::class)->group(function () {
+        Route::get('check/{token}', 'check')->name('account.creation_request_token.check');
+        Route::post('validate', 'validateToken')->name('account.creation_request_token.validate');
+    });
 });
 
 Route::group(['middleware' => 'auth.digest_or_key'], function () {
@@ -71,18 +71,18 @@ Route::name('provisioning.')->prefix('provisioning')->controller(ProvisioningCon
     Route::get('/', 'show')->name('show');
 });
 
-if (publicRegistrationEnabled()) {
-    Route::redirect('register', 'register/email')->name('account.register');
+Route::middleware(['web_panel_enabled'])->group(function () {
+    if (config('app.public_registration')) {
+        Route::redirect('register', 'register/email')->name('account.register');
 
-    if (config('app.phone_authentication')) {
-        Route::get('register/phone', 'Account\RegisterController@registerPhone')->name('account.register.phone');
+        if (config('app.phone_authentication')) {
+            Route::get('register/phone', 'Account\RegisterController@registerPhone')->name('account.register.phone');
+        }
+
+        Route::get('register/email', 'Account\RegisterController@registerEmail')->name('account.register.email');
+        Route::post('accounts', 'Account\AccountController@store')->name('account.store');
     }
 
-    Route::get('register/email', 'Account\RegisterController@registerEmail')->name('account.register.email');
-    Route::post('accounts', 'Account\AccountController@store')->name('account.store');
-}
-
-if (config('app.web_panel')) {
     Route::prefix('recovery')->controller(RecoveryController::class)->group(function () {
         Route::get('phone', 'showPhone')->name('account.recovery.show.phone');
         Route::get('email', 'showEmail')->name('account.recovery.show.email');
@@ -250,4 +250,4 @@ if (config('app.web_panel')) {
             });
         });
     });
-}
+});