Add demo mode restriction to CaptchaToken destroy method.

This commit adds a check to the `destroy` method in the `CaptchaTokenService`. It uses the `Helpers::isDemoModeAndUserDenyUpdate` function to prevent users from deleting tokens while the application is in demo mode. This was added to protect the application's state during presentations or demos.
This commit is contained in:
Leonid Nikitin 2023-12-05 21:48:02 +06:00
parent a52b148101
commit 8ccbd5000d
Signed by: kor-elf
GPG Key ID: 604A019EB118CAC4
2 changed files with 11 additions and 0 deletions

View File

@ -4,6 +4,7 @@ namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany; use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Database\Eloquent\SoftDeletes; use Illuminate\Database\Eloquent\SoftDeletes;
@ -36,4 +37,9 @@ final class CaptchaToken extends Model
{ {
return $this->hasMany(Captcha::class); return $this->hasMany(Captcha::class);
} }
public function user(): BelongsTo
{
return $this->belongsTo(User::class);
}
} }

View File

@ -5,6 +5,7 @@ namespace App\Services\Private;
use App\Dto\Builder\CaptchaToken as CaptchaTokenDto; use App\Dto\Builder\CaptchaToken as CaptchaTokenDto;
use App\Dto\QuerySettingsDto; use App\Dto\QuerySettingsDto;
use App\Dto\Request\Private\CaptchaToken\StoreUpdate; use App\Dto\Request\Private\CaptchaToken\StoreUpdate;
use App\Helpers\Helpers;
use App\Models\User; use App\Models\User;
use App\Models\CaptchaToken; use App\Models\CaptchaToken;
use App\Repositories\CaptchaTokenRepository; use App\Repositories\CaptchaTokenRepository;
@ -133,6 +134,10 @@ final class CaptchaTokenService extends Service
return $this->errFobidden(__('Access is denied')); return $this->errFobidden(__('Access is denied'));
} }
if (Helpers::isDemoModeAndUserDenyUpdate($modelCaptchaToken->user)) {
return $this->errValidate(__('Demo Mode'));
}
try { try {
DB::transaction(function () use ($modelCaptchaToken) { DB::transaction(function () use ($modelCaptchaToken) {
$this->captchaTokenHandler->handleDestroy($modelCaptchaToken); $this->captchaTokenHandler->handleDestroy($modelCaptchaToken);