From f98df3f830e33597ed01dffa8d496e7d1dee7b23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Jaussoin?=
 <timothee.jaussoin@belledonne-communications.com>
Date: Wed, 29 Apr 2020 16:42:11 +0200
Subject: [PATCH] Add admin panel system Add two commands
 RemoveUnconfirmedAccount and SetAccountAdmin

---
 flexiapi/app/Account.php                      | 12 +++-
 flexiapi/app/Admin.php                        | 16 +++++
 .../Commands/RemoveUnconfirmedAccounts.php    | 54 +++++++++++++++
 .../app/Console/Commands/SetAccountAdmin.php  | 51 ++++++++++++++
 .../Controllers/Admin/AccountController.php   | 67 +++++++++++++++++++
 flexiapi/app/Http/Kernel.php                  |  1 +
 .../app/Http/Middleware/AuthenticateAdmin.php | 24 +++++++
 .../2014_10_12_000000_create_users_table.php  |  4 +-
 ...12_100000_create_password_resets_table.php |  4 +-
 ..._08_19_000000_create_failed_jobs_table.php |  4 +-
 ...25119_create_accounts_passwords_tables.php |  4 +-
 .../2020_04_29_131330_create_admins_table.php | 22 ++++++
 .../resources/views/account/index.blade.php   | 18 ++++-
 .../views/admin/account/index.blade.php       | 48 +++++++++++++
 .../views/admin/account/show.blade.php        | 42 ++++++++++++
 .../resources/views/layouts/account.blade.php |  1 +
 .../views/parts/breadcrumb.blade.php          |  8 +++
 flexiapi/routes/web.php                       |  9 +++
 18 files changed, 379 insertions(+), 10 deletions(-)
 create mode 100644 flexiapi/app/Admin.php
 create mode 100644 flexiapi/app/Console/Commands/RemoveUnconfirmedAccounts.php
 create mode 100644 flexiapi/app/Console/Commands/SetAccountAdmin.php
 create mode 100644 flexiapi/app/Http/Controllers/Admin/AccountController.php
 create mode 100644 flexiapi/app/Http/Middleware/AuthenticateAdmin.php
 create mode 100644 flexiapi/database/migrations/2020_04_29_131330_create_admins_table.php
 create mode 100644 flexiapi/resources/views/admin/account/index.blade.php
 create mode 100644 flexiapi/resources/views/admin/account/show.blade.php
 create mode 100644 flexiapi/resources/views/parts/breadcrumb.blade.php

diff --git a/flexiapi/app/Account.php b/flexiapi/app/Account.php
index 1a731c0..2b8f3af 100644
--- a/flexiapi/app/Account.php
+++ b/flexiapi/app/Account.php
@@ -25,7 +25,7 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
 class Account extends Authenticatable
 {
     protected $connection = 'external';
-    protected $with = ['passwords'];
+    protected $with = ['passwords', 'admin'];
     protected $dates = ['creation_time'];
     public $timestamps = false;
 
@@ -44,8 +44,18 @@ class Account extends Authenticatable
         return $this->hasMany('App\DigestNonce');
     }
 
+    public function admin()
+    {
+        return $this->hasOne('App\Admin');
+    }
+
     public function getIdentifierAttribute()
     {
         return $this->attributes['username'].'@'.$this->attributes['domain'];
     }
+
+    public function isAdmin()
+    {
+        return ($this->admin);
+    }
 }
diff --git a/flexiapi/app/Admin.php b/flexiapi/app/Admin.php
new file mode 100644
index 0000000..4fe35ce
--- /dev/null
+++ b/flexiapi/app/Admin.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace App;
+
+use Illuminate\Database\Eloquent\Model;
+
+class Admin extends Model
+{
+    protected $connection = 'local';
+    protected $table = 'admins';
+
+    public function account()
+    {
+        return $this->belongsTo('App\Account');
+    }
+}
diff --git a/flexiapi/app/Console/Commands/RemoveUnconfirmedAccounts.php b/flexiapi/app/Console/Commands/RemoveUnconfirmedAccounts.php
new file mode 100644
index 0000000..5c43e31
--- /dev/null
+++ b/flexiapi/app/Console/Commands/RemoveUnconfirmedAccounts.php
@@ -0,0 +1,54 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+use Carbon\Carbon;
+use App\Account;
+
+class RemoveUnconfirmedAccounts extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'accounts:clear-unconfirmed {days} {--apply}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Clear unconfirmed accounts after n days';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $accounts = Account::where('activated', false)->where('creation_time', '<',
+            Carbon::now()->subDays($this->argument('days'))->toDateTimeString()
+        )->get();
+
+        if ($this->option('apply')) {
+            $this->info($accounts->count() . ' accounts deleted');
+            $accounts->delete();
+        } else {
+            $this->info($accounts->count() . ' accounts to delete');
+        }
+    }
+}
diff --git a/flexiapi/app/Console/Commands/SetAccountAdmin.php b/flexiapi/app/Console/Commands/SetAccountAdmin.php
new file mode 100644
index 0000000..91bdc84
--- /dev/null
+++ b/flexiapi/app/Console/Commands/SetAccountAdmin.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+use App\Account;
+use App\Admin;
+
+class SetAccountAdmin extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'accounts:set-admin {id}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Give the admin role to an account';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $account = Account::where('id', $this->argument('id'))->first();
+
+        if (!$account) $this->error('Account not found, please use an existing ID');
+
+        $admin = new Admin;
+        $admin->account_id = $account->id;
+        $admin->save();
+    }
+}
diff --git a/flexiapi/app/Http/Controllers/Admin/AccountController.php b/flexiapi/app/Http/Controllers/Admin/AccountController.php
new file mode 100644
index 0000000..36319d8
--- /dev/null
+++ b/flexiapi/app/Http/Controllers/Admin/AccountController.php
@@ -0,0 +1,67 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+
+use App\Account;
+use App\Admin;
+
+class AccountController extends Controller
+{
+    public function index(Request $request)
+    {
+        return view('admin.account.index', [
+            'accounts' => Account::orderBy('creation_time', 'desc')->paginate(30)
+        ]);
+    }
+
+    public function show(Request $request, $id)
+    {
+        return view('admin.account.show', [
+            'account' => Account::findOrFail($id)
+        ]);
+    }
+
+    public function activate(Request $request, $id)
+    {
+        $account = Account::findOrFail($id);
+        $account->activated = true;
+        $account->save();
+
+        return redirect()->back();
+    }
+
+    public function deactivate(Request $request, $id)
+    {
+        $account = Account::findOrFail($id);
+        $account->activated = false;
+        $account->save();
+
+        return redirect()->back();
+    }
+
+    public function admin(Request $request, $id)
+    {
+        $account = Account::findOrFail($id);
+
+        $admin = new Admin;
+        $admin->account_id = $account->id;
+        $admin->save();
+
+        return redirect()->back();
+    }
+
+    public function unadmin(Request $request, $id)
+    {
+        $account = Account::findOrFail($id);
+
+        // An admin cannot remove it's own permission
+        if ($account->id == $request->user()->id) abort(403);
+
+        if ($account->admin) $account->admin->delete();
+
+        return redirect()->back();
+    }
+}
diff --git a/flexiapi/app/Http/Kernel.php b/flexiapi/app/Http/Kernel.php
index 2423352..f850220 100644
--- a/flexiapi/app/Http/Kernel.php
+++ b/flexiapi/app/Http/Kernel.php
@@ -69,6 +69,7 @@ class Kernel extends HttpKernel
      */
     protected $routeMiddleware = [
         'auth' => \App\Http\Middleware\Authenticate::class,
+        'auth.admin' => \App\Http\Middleware\AuthenticateAdmin::class,
         'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
         'auth.digest' => \App\Http\Middleware\AuthenticateDigest::class,
         'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
diff --git a/flexiapi/app/Http/Middleware/AuthenticateAdmin.php b/flexiapi/app/Http/Middleware/AuthenticateAdmin.php
new file mode 100644
index 0000000..624f5c4
--- /dev/null
+++ b/flexiapi/app/Http/Middleware/AuthenticateAdmin.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class AuthenticateAdmin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (!$request->user()->isAdmin()) {
+            return abort(403, 'Unauthorized area');
+        }
+
+        return $next($request);
+    }
+}
diff --git a/flexiapi/database/migrations/2014_10_12_000000_create_users_table.php b/flexiapi/database/migrations/2014_10_12_000000_create_users_table.php
index a91e1d3..66c62da 100644
--- a/flexiapi/database/migrations/2014_10_12_000000_create_users_table.php
+++ b/flexiapi/database/migrations/2014_10_12_000000_create_users_table.php
@@ -13,7 +13,7 @@ class CreateUsersTable extends Migration
      */
     public function up()
     {
-        Schema::create('users', function (Blueprint $table) {
+        Schema::connection('local')->create('users', function (Blueprint $table) {
             $table->bigIncrements('id');
             $table->string('name');
             $table->string('email')->unique();
@@ -31,6 +31,6 @@ class CreateUsersTable extends Migration
      */
     public function down()
     {
-        Schema::dropIfExists('users');
+        Schema::connection('local')->dropIfExists('users');
     }
 }
diff --git a/flexiapi/database/migrations/2014_10_12_100000_create_password_resets_table.php b/flexiapi/database/migrations/2014_10_12_100000_create_password_resets_table.php
index 0ee0a36..d9fe4be 100644
--- a/flexiapi/database/migrations/2014_10_12_100000_create_password_resets_table.php
+++ b/flexiapi/database/migrations/2014_10_12_100000_create_password_resets_table.php
@@ -13,7 +13,7 @@ class CreatePasswordResetsTable extends Migration
      */
     public function up()
     {
-        Schema::create('password_resets', function (Blueprint $table) {
+        Schema::connection('local')->create('password_resets', function (Blueprint $table) {
             $table->string('email')->index();
             $table->string('token');
             $table->timestamp('created_at')->nullable();
@@ -27,6 +27,6 @@ class CreatePasswordResetsTable extends Migration
      */
     public function down()
     {
-        Schema::dropIfExists('password_resets');
+        Schema::connection('local')->dropIfExists('password_resets');
     }
 }
diff --git a/flexiapi/database/migrations/2019_08_19_000000_create_failed_jobs_table.php b/flexiapi/database/migrations/2019_08_19_000000_create_failed_jobs_table.php
index 389bdf7..abd81c3 100644
--- a/flexiapi/database/migrations/2019_08_19_000000_create_failed_jobs_table.php
+++ b/flexiapi/database/migrations/2019_08_19_000000_create_failed_jobs_table.php
@@ -13,7 +13,7 @@ class CreateFailedJobsTable extends Migration
      */
     public function up()
     {
-        Schema::create('failed_jobs', function (Blueprint $table) {
+        Schema::connection('local')->create('failed_jobs', function (Blueprint $table) {
             $table->bigIncrements('id');
             $table->text('connection');
             $table->text('queue');
@@ -30,6 +30,6 @@ class CreateFailedJobsTable extends Migration
      */
     public function down()
     {
-        Schema::dropIfExists('failed_jobs');
+        Schema::connection('local')->dropIfExists('failed_jobs');
     }
 }
diff --git a/flexiapi/database/migrations/2020_01_23_125119_create_accounts_passwords_tables.php b/flexiapi/database/migrations/2020_01_23_125119_create_accounts_passwords_tables.php
index e4f3e62..6a3b97d 100644
--- a/flexiapi/database/migrations/2020_01_23_125119_create_accounts_passwords_tables.php
+++ b/flexiapi/database/migrations/2020_01_23_125119_create_accounts_passwords_tables.php
@@ -68,7 +68,7 @@ class CreateAccountsPasswordsTables extends Migration
      */
     public function down()
     {
-        Schema::connection('external')->dropIfExists('passwords');
-        Schema::connection('external')->dropIfExists('accounts');
+        //Schema::connection('external')->dropIfExists('passwords');
+        //Schema::connection('external')->dropIfExists('accounts');
     }
 }
diff --git a/flexiapi/database/migrations/2020_04_29_131330_create_admins_table.php b/flexiapi/database/migrations/2020_04_29_131330_create_admins_table.php
new file mode 100644
index 0000000..2da2168
--- /dev/null
+++ b/flexiapi/database/migrations/2020_04_29_131330_create_admins_table.php
@@ -0,0 +1,22 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class CreateAdminsTable extends Migration
+{
+    public function up()
+    {
+        Schema::connection('local')->create('admins', function (Blueprint $table) {
+            $table->bigIncrements('id');
+            $table->integer('account_id')->unsigned();
+            $table->timestamps();
+        });
+    }
+
+    public function down()
+    {
+        Schema::connection('local')->dropIfExists('admins');
+    }
+}
diff --git a/flexiapi/resources/views/account/index.blade.php b/flexiapi/resources/views/account/index.blade.php
index 51364cc..b441910 100644
--- a/flexiapi/resources/views/account/index.blade.php
+++ b/flexiapi/resources/views/account/index.blade.php
@@ -2,7 +2,7 @@
 
 @section('content')
 
-<div class="list-group">
+<div class="list-group mb-3">
     <a href="{{ route('account.email') }}" class="list-group-item list-group-item-action">
         <div class="d-flex w-100 justify-content-between">
             <h5 class="mb-1">Change my current account email</h5>
@@ -31,4 +31,20 @@
     </a>
 </div>
 
+@if($account->isAdmin())
+    <h3>Admin area</h3>
+    <div class="list-group">
+        <a href="{{ route('admin.account.index') }}" class="list-group-item list-group-item-action">
+            <div class="d-flex w-100 justify-content-between">
+                <h5 class="mb-1">Change my current account email</h5>
+            </div>
+            @if (!empty($account->email))
+                <p class="mb-1">{{ $account->email }}</p>
+            @else
+                <p class="mb-1">No email yet</p>
+            @endif
+        </a>
+    </div>
+@endif
+
 @endsection
\ No newline at end of file
diff --git a/flexiapi/resources/views/admin/account/index.blade.php b/flexiapi/resources/views/admin/account/index.blade.php
new file mode 100644
index 0000000..d127cec
--- /dev/null
+++ b/flexiapi/resources/views/admin/account/index.blade.php
@@ -0,0 +1,48 @@
+@extends('layouts.account')
+
+@section('breadcrumb')
+<li class="breadcrumb-item active" aria-current="page">Accounts</li>
+@endsection
+
+@section('content')
+
+<h2>Accounts</h2>
+
+<table class="table">
+    <thead>
+        <tr>
+            <th scope="col">#</th>
+            <th scope="col">Identifier</th>
+            <th scope="col">Email</th>
+            <th scope="col">Created</th>
+            <th scope="col">Tags</th>
+        </tr>
+    </thead>
+    <tbody>
+        @foreach ($accounts as $account)
+            <tr>
+                <th scope="row">
+                <a href="{{ route('admin.account.show', $account->id) }}">{{ $account->id }}</a>
+                </th>
+                <td>{{ $account->identifier }}</td>
+                <td>{{ $account->email }}</td>
+                <td>{{ $account->creation_time}}</td>
+                <td>
+                    @if ($account->activated)
+                        <span class="badge badge-success">Activated</span>
+                    @else
+                        <span class="badge badge-danger">Unactivated</span>
+                    @endif
+                    @if ($account->admin)
+                        <span class="badge badge-primary">Admin</span>
+                    @endif
+                </td>
+            </tr>
+        @endforeach
+
+    </tbody>
+</table>
+
+{{ $accounts->links() }}
+
+@endsection
\ No newline at end of file
diff --git a/flexiapi/resources/views/admin/account/show.blade.php b/flexiapi/resources/views/admin/account/show.blade.php
new file mode 100644
index 0000000..46a8b0b
--- /dev/null
+++ b/flexiapi/resources/views/admin/account/show.blade.php
@@ -0,0 +1,42 @@
+@extends('layouts.account')
+
+@section('breadcrumb')
+<li class="breadcrumb-item" aria-current="page">
+    <a href="{{ route('admin.account.index') }}">Accounts</a>
+</li>
+<li class="breadcrumb-item active" aria-current="page">Show</li>
+@endsection
+
+@section('content')
+
+<h2>Account</h2>
+
+<p>
+    <b>Id:</b> {{ $account->id }}<br />
+    <b>Identifier:</b> {{ $account->identifier }}<br />
+    <b>Email:</b> {{ $account->email }}</p>
+</p>
+
+@if ($account->alias)
+    <p><b>Alias:</b> {{ $account->alias->alias }}</p>
+@else
+    <p>No alias</p>
+@endif
+
+<p>
+    @if ($account->activated)
+        <span class="badge badge-success">Activated</span> <a href="{{ route('admin.account.deactivate', $account->id) }}">Deactivate</a>
+    @else
+        <span class="badge badge-danger">Unactivated</span> <a href="{{ route('admin.account.activate', $account->id) }}">Activate</a>
+    @endif
+</p>
+
+<p>
+    @if ($account->admin)
+        <span class="badge badge-success">Activated</span> <a href="{{ route('admin.account.unadmin', $account->id) }}">Remove admin role</a>
+    @else
+        <span class="badge badge-danger">Unactivated</span> <a href="{{ route('admin.account.admin', $account->id) }}">Add admin role</a>
+    @endif
+</p>
+
+@endsection
\ No newline at end of file
diff --git a/flexiapi/resources/views/layouts/account.blade.php b/flexiapi/resources/views/layouts/account.blade.php
index 628cd85..6320030 100644
--- a/flexiapi/resources/views/layouts/account.blade.php
+++ b/flexiapi/resources/views/layouts/account.blade.php
@@ -19,6 +19,7 @@
     </nav>
     <div class="container-lg pt-3">
         @include('parts.errors')
+        @include('parts.breadcrumb')
         @yield('content')
     </div>
 @endsection
\ No newline at end of file
diff --git a/flexiapi/resources/views/parts/breadcrumb.blade.php b/flexiapi/resources/views/parts/breadcrumb.blade.php
new file mode 100644
index 0000000..582f93f
--- /dev/null
+++ b/flexiapi/resources/views/parts/breadcrumb.blade.php
@@ -0,0 +1,8 @@
+@hasSection('breadcrumb')
+    <nav aria-label="breadcrumb">
+        <ol class="breadcrumb">
+            <li class="breadcrumb-item"><a href="/">Home</a></li>
+            @yield('breadcrumb')
+        </ol>
+    </nav>
+@endif
\ No newline at end of file
diff --git a/flexiapi/routes/web.php b/flexiapi/routes/web.php
index e2b2fd6..fcf8ac9 100644
--- a/flexiapi/routes/web.php
+++ b/flexiapi/routes/web.php
@@ -45,4 +45,13 @@ Route::group(['middleware' => 'auth'], function () {
     Route::post('email', 'AccountEmailController@update')->name('account.email.update');
     Route::get('password', 'AccountPasswordController@show')->name('account.password');
     Route::post('password', 'AccountPasswordController@update')->name('account.password.update');
+});
+
+Route::group(['middleware' => 'auth.admin'], function () {
+    Route::get('admin/accounts', 'Admin\AccountController@index')->name('admin.account.index');
+    Route::get('admin/accounts/{id}', 'Admin\AccountController@show')->name('admin.account.show');
+    Route::get('admin/accounts/{id}/activate', 'Admin\AccountController@activate')->name('admin.account.activate');
+    Route::get('admin/accounts/{id}/deactivate', 'Admin\AccountController@deactivate')->name('admin.account.deactivate');
+    Route::get('admin/accounts/{id}/admin', 'Admin\AccountController@admin')->name('admin.account.admin');
+    Route::get('admin/accounts/{id}/unadmin', 'Admin\AccountController@unadmin')->name('admin.account.unadmin');
 });
\ No newline at end of file