Add demo mode restrictions to user operations.
Added functionalities to restrict certain user operations like update, password change, and deletion in demo mode. This is done to prevent demo users from modifying crucial data. Helper methods are created for standard re-usable checks. Also, Blade directive is added for frontend UI demo checks.
This commit is contained in:
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Helpers;
|
||||
|
||||
use App\Models\User;
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
use Illuminate\Support\Collection;
|
||||
|
||||
@@ -21,4 +22,18 @@ final readonly class Helpers
|
||||
public static function getUserTimeZone() {
|
||||
return auth()->user()?->timezone ?? config('app.user_timezone');
|
||||
}
|
||||
|
||||
public static function isDemoMode(): bool
|
||||
{
|
||||
return config('app.demo_mode', false);
|
||||
}
|
||||
|
||||
public static function isDemoModeAndUserDenyUpdate(User $user): bool
|
||||
{
|
||||
if (self::isDemoMode() !== true) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $user->email === config('app.demo_email');
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ use App\Captcha\Images\Head;
|
||||
use App\Captcha\Images\ImageManager;
|
||||
use App\Captcha\Images\Lines;
|
||||
use App\Contracts\CryptographyContract;
|
||||
use App\Helpers\Helpers;
|
||||
use App\Services\Api\V1\CaptchaGenerateService;
|
||||
use App\Services\CaptchaToken\CaptchaTokenHandler;
|
||||
use App\Services\CryptographyString;
|
||||
@@ -20,6 +21,7 @@ use App\Services\Search\CreateSearchInstanceCommand;
|
||||
use App\Services\Search\Search;
|
||||
use Illuminate\Contracts\Foundation\Application;
|
||||
use Illuminate\Pagination\Paginator;
|
||||
use Illuminate\Support\Facades\Blade;
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use Illuminate\Validation\Rules\Password;
|
||||
|
||||
@@ -64,6 +66,10 @@ final class AppServiceProvider extends ServiceProvider
|
||||
*/
|
||||
public function boot(): void
|
||||
{
|
||||
Blade::if('demo', function () {
|
||||
return Helpers::isDemoMode();
|
||||
});
|
||||
|
||||
Password::defaults(function () {
|
||||
$rule = Password::min(8);
|
||||
|
||||
|
||||
@@ -5,6 +5,7 @@ namespace App\Services\Private;
|
||||
use App\Dto\Request\Private\Profile\Update;
|
||||
use App\Dto\Request\Private\Profile\UpdateSettings;
|
||||
use App\Dto\Request\Private\User\UpdatePassword;
|
||||
use App\Helpers\Helpers;
|
||||
use App\Models\User;
|
||||
use App\ServiceResults\ServiceResultError;
|
||||
use App\ServiceResults\ServiceResultSuccess;
|
||||
@@ -19,6 +20,10 @@ final class ProfileService extends Service
|
||||
|
||||
public function update(Update $update, User $user): ServiceResultError | ServiceResultSuccess
|
||||
{
|
||||
if (Helpers::isDemoModeAndUserDenyUpdate($user)) {
|
||||
return $this->errValidate(__('Demo Mode'));
|
||||
}
|
||||
|
||||
try {
|
||||
$data = [
|
||||
'name' => $update->getName()
|
||||
@@ -33,6 +38,10 @@ final class ProfileService extends Service
|
||||
|
||||
public function updatePassword(UpdatePassword $update, User $user): ServiceResultError | ServiceResultSuccess
|
||||
{
|
||||
if (Helpers::isDemoModeAndUserDenyUpdate($user)) {
|
||||
return $this->errValidate(__('Demo Mode'));
|
||||
}
|
||||
|
||||
try {
|
||||
$this->userCommandHandler->handleUpdatePassword($user, $update->getPassword());
|
||||
} catch (\Throwable $e) {
|
||||
|
||||
@@ -5,6 +5,7 @@ namespace App\Services\Private;
|
||||
use App\Dto\Builder\User as UserBuilderDto;
|
||||
use App\Dto\Request\Private\User\StoreUpdate;
|
||||
use App\Dto\Request\Private\User\UpdatePassword;
|
||||
use App\Helpers\Helpers;
|
||||
use App\Models\User;
|
||||
use App\Dto\QuerySettingsDto;
|
||||
use App\Repositories\RoleRepository;
|
||||
@@ -120,6 +121,10 @@ final class UserService extends Service
|
||||
return $this->errFobidden(__('Access is denied'));
|
||||
}
|
||||
|
||||
if (Helpers::isDemoModeAndUserDenyUpdate($modelUser)) {
|
||||
return $this->errValidate(__('Demo Mode'));
|
||||
}
|
||||
|
||||
if ($this->userRepository->isExistsEmail($data->getEmail(), $modelUser->id)) {
|
||||
return $this->errValidate(
|
||||
__('validation.unique', ['attribute' => __('validation.attributes.email')]),
|
||||
@@ -156,6 +161,10 @@ final class UserService extends Service
|
||||
return $this->errFobidden(__('Access is denied'));
|
||||
}
|
||||
|
||||
if (Helpers::isDemoModeAndUserDenyUpdate($modelUser)) {
|
||||
return $this->errValidate(__('Demo Mode'));
|
||||
}
|
||||
|
||||
try {
|
||||
$this->userCommandHandler->handleUpdatePassword($modelUser, $data->getPassword());
|
||||
} catch (\Throwable $e) {
|
||||
@@ -178,6 +187,10 @@ final class UserService extends Service
|
||||
return $this->errFobidden(__('Access is denied'));
|
||||
}
|
||||
|
||||
if (Helpers::isDemoModeAndUserDenyUpdate($modelUser)) {
|
||||
return $this->errValidate(__('Demo Mode'));
|
||||
}
|
||||
|
||||
try {
|
||||
DB::transaction(function () use ($modelUser) {
|
||||
$this->userCommandHandler->handleDestroy($modelUser);
|
||||
|
||||
Reference in New Issue
Block a user