. */ namespace App\Http\Controllers\Admin\Account; use App\Account; use App\AccountCardDavCredentials; use App\Http\Controllers\Controller; use Illuminate\Database\Query\Builder; use Illuminate\Http\Request; use Illuminate\Validation\Rule; use App\Http\Requests\Account\CardDavCredentials; class CardDavCredentialsController extends Controller { public function create(int $accountId) { $account = Account::findOrFail($accountId); $this->checkFeatureEnabled($account); return view('admin.account.carddav.create', [ 'account' => $account, 'carddavServers' => $account->remainingCardDavCredentialsCreatable ]); } public function store(CardDavCredentials $request, int $accountId) { $account = Account::findOrFail($accountId); $this->checkFeatureEnabled($account); $request->validate([ 'carddav_id' => ['required', Rule::exists('space_carddav_servers', 'id')->where(function (Builder $query) use ($account) { return $query->where('space_id', $account->space->id); })] ]); $accountCarddavCredentials = new AccountCardDavCredentials; $accountCarddavCredentials->space_carddav_server_id = $request->get('carddav_id'); $accountCarddavCredentials->account_id = $account->id; $accountCarddavCredentials->username = $request->get('username'); $accountCarddavCredentials->realm = $request->get('realm'); $accountCarddavCredentials->password = bchash( $request->get('username'), $request->get('realm'), $request->get('password'), $request->get('algorithm') ); $accountCarddavCredentials->algorithm = $request->get('algorithm'); $accountCarddavCredentials->save(); return redirect()->route('admin.account.show', $account); } public function delete(int $accountId, int $cardDavId) { $account = Account::findOrFail($accountId); $this->checkFeatureEnabled($account); $accountCarddavCredentials = AccountCardDavCredentials::where('space_carddav_server_id', $cardDavId) ->where('account_id', $account->id) ->firstOrFail(); return view('admin.account.carddav.delete', [ 'account' => $account, 'carddavCredentials' => $accountCarddavCredentials, ]); } public function destroy(Request $request, int $accountId) { $account = Account::findOrFail($accountId); $this->checkFeatureEnabled($account); $accountCarddavCredentials = AccountCardDavCredentials::where('space_carddav_server_id', $request->carddav_id) ->where('account_id', $account->id) ->delete(); return redirect()->route('admin.account.show', $account); } private function checkFeatureEnabled(Account $account) { if (!$account->space->carddav_user_credentials) { abort(403, 'CardDav Credentials features disabled'); } } }