From c5f001e337e8e07776ad6d2af3c3038c85c657e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timoth=C3=A9e=20Jaussoin?= Date: Tue, 2 Apr 2024 13:57:08 +0000 Subject: [PATCH] Fix FLEXIAPI-156 Disable the Phone change web form when PHONE_AUTHENTICATION is disabled --- CHANGELOG.md | 1 + flexiapi/app/Account.php | 5 ++ flexiapi/app/AccountCreationToken.php | 10 +++ flexiapi/composer.lock | 62 ++++++++++--------- .../views/account/dashboard.blade.php | 21 ++++--- .../admin/account/activity/index.blade.php | 42 +++++++++++-- flexiapi/routes/web.php | 14 +++-- 7 files changed, 105 insertions(+), 50 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8a911e3..239cf35 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ v1.5 ---- +- Fix FLEXIAPI-156 Disable the Phone change web form when PHONE_AUTHENTICATION is disabled - Fix FLEXIAPI-155 Add a new accountServiceAccountUpdatedHook and accountServiceAccountDeletedHook - Fix FLEXIAPI-153 Add phone and email to be changed in the Activity panel - Fix FLEXIAPI-151 Migrate to hCaptcha diff --git a/flexiapi/app/Account.php b/flexiapi/app/Account.php index f3f5c5e..895ff56 100644 --- a/flexiapi/app/Account.php +++ b/flexiapi/app/Account.php @@ -247,6 +247,11 @@ class Account extends Authenticatable return $this->hasMany(ProvisioningToken::class)->latest(); } + public function accountCreationToken() + { + return $this->hasOne(AccountCreationToken::class); + } + public function authTokens() { return $this->hasMany(AuthToken::class); diff --git a/flexiapi/app/AccountCreationToken.php b/flexiapi/app/AccountCreationToken.php index 840c410..89fd6ee 100644 --- a/flexiapi/app/AccountCreationToken.php +++ b/flexiapi/app/AccountCreationToken.php @@ -32,9 +32,19 @@ class AccountCreationToken extends Consommable return $this->hasOne(AccountCreationRequestToken::class, 'acc_creation_token_id'); } + public function account() + { + return $this->belongsTo(Account::class); + } + public function consume() { $this->used = true; $this->save(); } + + public function consumed(): bool + { + return $this->used == true; + } } diff --git a/flexiapi/composer.lock b/flexiapi/composer.lock index 1a6cd6b..f474f39 100644 --- a/flexiapi/composer.lock +++ b/flexiapi/composer.lock @@ -9014,23 +9014,23 @@ "packages-dev": [ { "name": "barryvdh/laravel-debugbar", - "version": "v3.12.2", + "version": "v3.13.0", "source": { "type": "git", "url": "https://github.com/barryvdh/laravel-debugbar.git", - "reference": "43555503052443964ce2c1c1f3b0378e58219eb8" + "reference": "354a42f3e0b083cdd6f9da5a9d1c0c63b074547a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/43555503052443964ce2c1c1f3b0378e58219eb8", - "reference": "43555503052443964ce2c1c1f3b0378e58219eb8", + "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/354a42f3e0b083cdd6f9da5a9d1c0c63b074547a", + "reference": "354a42f3e0b083cdd6f9da5a9d1c0c63b074547a", "shasum": "" }, "require": { "illuminate/routing": "^9|^10|^11", "illuminate/session": "^9|^10|^11", "illuminate/support": "^9|^10|^11", - "maximebf/debugbar": "~1.21.0", + "maximebf/debugbar": "~1.22.0", "php": "^8.0", "symfony/finder": "^6|^7" }, @@ -9043,7 +9043,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "3.10-dev" + "dev-master": "3.13-dev" }, "laravel": { "providers": [ @@ -9082,7 +9082,7 @@ ], "support": { "issues": "https://github.com/barryvdh/laravel-debugbar/issues", - "source": "https://github.com/barryvdh/laravel-debugbar/tree/v3.12.2" + "source": "https://github.com/barryvdh/laravel-debugbar/tree/v3.13.0" }, "funding": [ { @@ -9094,7 +9094,7 @@ "type": "github" } ], - "time": "2024-03-13T09:50:34+00:00" + "time": "2024-04-01T16:39:30+00:00" }, { "name": "composer/pcre", @@ -9169,16 +9169,16 @@ }, { "name": "composer/xdebug-handler", - "version": "3.0.3", + "version": "3.0.4", "source": { "type": "git", "url": "https://github.com/composer/xdebug-handler.git", - "reference": "ced299686f41dce890debac69273b47ffe98a40c" + "reference": "4f988f8fdf580d53bdb2d1278fe93d1ed5462255" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/ced299686f41dce890debac69273b47ffe98a40c", - "reference": "ced299686f41dce890debac69273b47ffe98a40c", + "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/4f988f8fdf580d53bdb2d1278fe93d1ed5462255", + "reference": "4f988f8fdf580d53bdb2d1278fe93d1ed5462255", "shasum": "" }, "require": { @@ -9189,7 +9189,7 @@ "require-dev": { "phpstan/phpstan": "^1.0", "phpstan/phpstan-strict-rules": "^1.1", - "symfony/phpunit-bridge": "^6.0" + "phpunit/phpunit": "^8.5 || ^9.6 || ^10.5" }, "type": "library", "autoload": { @@ -9213,9 +9213,9 @@ "performance" ], "support": { - "irc": "irc://irc.freenode.org/composer", + "irc": "ircs://irc.libera.chat:6697/composer", "issues": "https://github.com/composer/xdebug-handler/issues", - "source": "https://github.com/composer/xdebug-handler/tree/3.0.3" + "source": "https://github.com/composer/xdebug-handler/tree/3.0.4" }, "funding": [ { @@ -9231,7 +9231,7 @@ "type": "tidelift" } ], - "time": "2022-02-25T21:32:43+00:00" + "time": "2024-03-26T18:29:49+00:00" }, { "name": "filp/whoops", @@ -9357,25 +9357,27 @@ }, { "name": "maximebf/debugbar", - "version": "v1.21.3", + "version": "v1.22.1", "source": { "type": "git", "url": "https://github.com/maximebf/php-debugbar.git", - "reference": "0b407703b08ea0cf6ebc61e267cc96ff7000911b" + "reference": "d7b6e1dc2dc85c01ed63ab158b00a7f46abdebcc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/maximebf/php-debugbar/zipball/0b407703b08ea0cf6ebc61e267cc96ff7000911b", - "reference": "0b407703b08ea0cf6ebc61e267cc96ff7000911b", + "url": "https://api.github.com/repos/maximebf/php-debugbar/zipball/d7b6e1dc2dc85c01ed63ab158b00a7f46abdebcc", + "reference": "d7b6e1dc2dc85c01ed63ab158b00a7f46abdebcc", "shasum": "" }, "require": { - "php": "^7.1|^8", + "php": "^7.2|^8", "psr/log": "^1|^2|^3", "symfony/var-dumper": "^4|^5|^6|^7" }, "require-dev": { - "phpunit/phpunit": ">=7.5.20 <10.0", + "dbrekelmans/bdi": "^1", + "phpunit/phpunit": "^8|^9", + "symfony/panther": "^1|^2.1", "twig/twig": "^1.38|^2.7|^3.0" }, "suggest": { @@ -9386,7 +9388,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.21-dev" + "dev-master": "1.22-dev" } }, "autoload": { @@ -9417,9 +9419,9 @@ ], "support": { "issues": "https://github.com/maximebf/php-debugbar/issues", - "source": "https://github.com/maximebf/php-debugbar/tree/v1.21.3" + "source": "https://github.com/maximebf/php-debugbar/tree/v1.22.1" }, - "time": "2024-03-12T14:23:07+00:00" + "time": "2024-04-01T10:44:20+00:00" }, { "name": "mockery/mockery", @@ -9740,16 +9742,16 @@ }, { "name": "squizlabs/php_codesniffer", - "version": "3.9.0", + "version": "3.9.1", "source": { "type": "git", "url": "https://github.com/PHPCSStandards/PHP_CodeSniffer.git", - "reference": "d63cee4890a8afaf86a22e51ad4d97c91dd4579b" + "reference": "267a4405fff1d9c847134db3a3c92f1ab7f77909" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/d63cee4890a8afaf86a22e51ad4d97c91dd4579b", - "reference": "d63cee4890a8afaf86a22e51ad4d97c91dd4579b", + "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/267a4405fff1d9c847134db3a3c92f1ab7f77909", + "reference": "267a4405fff1d9c847134db3a3c92f1ab7f77909", "shasum": "" }, "require": { @@ -9816,7 +9818,7 @@ "type": "open_collective" } ], - "time": "2024-02-16T15:06:51+00:00" + "time": "2024-03-31T21:03:09+00:00" }, { "name": "symfony/config", diff --git a/flexiapi/resources/views/account/dashboard.blade.php b/flexiapi/resources/views/account/dashboard.blade.php index b3ea89b..d97cdb4 100644 --- a/flexiapi/resources/views/account/dashboard.blade.php +++ b/flexiapi/resources/views/account/dashboard.blade.php @@ -17,15 +17,18 @@ Change my current account email

-

- call - @if (!empty($account->phone)) - {{ $account->phone }} - @else - No phone yet - @endif - Change my current account phone -

+ @if (config('app.phone_authentication')) +

+ call + @if (!empty($account->phone)) + {{ $account->phone }} + @else + No phone yet + @endif + Change my current account phone +

+ @endif +

devices diff --git a/flexiapi/resources/views/admin/account/activity/index.blade.php b/flexiapi/resources/views/admin/account/activity/index.blade.php index 93c0c62..3cde897 100644 --- a/flexiapi/resources/views/admin/account/activity/index.blade.php +++ b/flexiapi/resources/views/admin/account/activity/index.blade.php @@ -14,11 +14,40 @@ @include('admin.account.parts.tabs') -@if ($account->recoveryCodes->isNotEmpty()) +@if ($account->accountCreationToken) +

Account Creation Token

- + + + + + + + + accountCreationToken->consumed()) class="disabled crossed" @endif> + + + + + + +
Recovery CodesCodeCreatedUsedIP
**** + {{ $account->accountCreationToken->created_at }} + + {{ $account->accountCreationToken->created_at != $account->accountCreationToken->updated_at ? $account->accountCreationToken->updated_at : '-' }} + + {{ $account->accountCreationToken->ip ? $account->accountCreationToken->ip : '-' }} +
+@endif + +@if ($account->recoveryCodes->isNotEmpty()) +

Recovery Codes

+ + + + @@ -44,10 +73,11 @@ @endif @if ($account->phoneChangeCodes->isNotEmpty()) +

Phone Change requests

Code Created Used IP
- + @@ -73,10 +103,11 @@ @endif @if ($account->emailChangeCodes->isNotEmpty()) +

Email Change requests

Phone Change requestsPhone Created Used IP
- + @@ -102,10 +133,11 @@ @endif @if ($account->provisioningTokens->isNotEmpty()) +

Provisioning tokens

Email Change requestsEmail Created Used IP
- + diff --git a/flexiapi/routes/web.php b/flexiapi/routes/web.php index 0157cef..f4b553d 100644 --- a/flexiapi/routes/web.php +++ b/flexiapi/routes/web.php @@ -106,12 +106,14 @@ Route::group(['middleware' => 'web_panel_enabled'], function () { Route::post('/', 'store')->name('email.update'); }); - Route::prefix('phone')->controller(PhoneController::class)->group(function () { - Route::get('change', 'change')->name('phone.change'); - Route::post('change', 'requestChange')->name('phone.request_change'); - Route::get('validate', 'validateChange')->name('phone.validate'); - Route::post('/', 'store')->name('phone.update'); - }); + if (config('app.phone_authentication')) { + Route::prefix('phone')->controller(PhoneController::class)->group(function () { + Route::get('change', 'change')->name('phone.change'); + Route::post('change', 'requestChange')->name('phone.request_change'); + Route::get('validate', 'validateChange')->name('phone.validate'); + Route::post('/', 'store')->name('phone.update'); + }); + } Route::name('device.')->prefix('devices')->controller(DeviceController::class)->group(function () { Route::get('/', 'index')->name('index');
Provisioning TokensToken Created Used IP