X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/a6633642232efd164d4708967ab59e498fbff896..refs/heads/user_permissions:/app/Http/Controllers/UserApiTokenController.php diff --git a/app/Http/Controllers/UserApiTokenController.php b/app/Http/Controllers/UserApiTokenController.php index ab0e9069e..b1a043cd3 100644 --- a/app/Http/Controllers/UserApiTokenController.php +++ b/app/Http/Controllers/UserApiTokenController.php @@ -1,4 +1,6 @@ -checkPermissionOrCurrentUser('users-manage', $userId); $user = User::query()->findOrFail($userId); + return view('users.api-tokens.create', [ 'user' => $user, ]); @@ -34,18 +36,18 @@ class UserApiTokenController extends Controller $this->checkPermissionOrCurrentUser('users-manage', $userId); $this->validate($request, [ - 'name' => 'required|max:250', - 'expires_at' => 'date_format:Y-m-d', + 'name' => ['required', 'max:250'], + 'expires_at' => ['date_format:Y-m-d'], ]); $user = User::query()->findOrFail($userId); $secret = Str::random(32); $token = (new ApiToken())->forceFill([ - 'name' => $request->get('name'), - 'token_id' => Str::random(32), - 'secret' => Hash::make($secret), - 'user_id' => $user->id, + 'name' => $request->get('name'), + 'token_id' => Str::random(32), + 'secret' => Hash::make($secret), + 'user_id' => $user->id, 'expires_at' => $request->get('expires_at') ?: ApiToken::defaultExpiry(), ]); @@ -71,9 +73,9 @@ class UserApiTokenController extends Controller $secret = session()->pull('api-token-secret:' . $token->id, null); return view('users.api-tokens.edit', [ - 'user' => $user, - 'token' => $token, - 'model' => $token, + 'user' => $user, + 'token' => $token, + 'model' => $token, 'secret' => $secret, ]); } @@ -84,18 +86,19 @@ class UserApiTokenController extends Controller public function update(Request $request, int $userId, int $tokenId) { $this->validate($request, [ - 'name' => 'required|max:250', - 'expires_at' => 'date_format:Y-m-d', + 'name' => ['required', 'max:250'], + 'expires_at' => ['date_format:Y-m-d'], ]); [$user, $token] = $this->checkPermissionAndFetchUserToken($userId, $tokenId); $token->fill([ - 'name' => $request->get('name'), + 'name' => $request->get('name'), 'expires_at' => $request->get('expires_at') ?: ApiToken::defaultExpiry(), ])->save(); $this->showSuccessNotification(trans('settings.user_api_token_update_success')); $this->logActivity(ActivityType::API_TOKEN_UPDATE, $token); + return redirect($user->getEditUrl('/api-tokens/' . $token->id)); } @@ -105,8 +108,9 @@ class UserApiTokenController extends Controller public function delete(int $userId, int $tokenId) { [$user, $token] = $this->checkPermissionAndFetchUserToken($userId, $tokenId); + return view('users.api-tokens.delete', [ - 'user' => $user, + 'user' => $user, 'token' => $token, ]); } @@ -138,7 +142,7 @@ class UserApiTokenController extends Controller $user = User::query()->findOrFail($userId); $token = ApiToken::query()->where('user_id', '=', $user->id)->where('id', '=', $tokenId)->firstOrFail(); + return [$user, $token]; } - }