You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
156 lines
5.5 KiB
156 lines
5.5 KiB
<?php |
|
|
|
namespace App\Http\Controllers; |
|
|
|
use App\Services\AuditLogService; |
|
use App\Services\LdapAuthService; |
|
use App\Services\LdapMetadataService; |
|
use App\Services\LdapPasswordResetService; |
|
use App\Services\LdapUserService; |
|
use App\Services\MailDeliveryService; |
|
use Illuminate\Http\RedirectResponse; |
|
use Illuminate\Http\Request; |
|
use Illuminate\View\View; |
|
use InvalidArgumentException; |
|
use RuntimeException; |
|
use Throwable; |
|
|
|
class ProfileController extends Controller |
|
{ |
|
public function __construct( |
|
private readonly LdapAuthService $ldapAuth, |
|
private readonly LdapUserService $ldapUsers, |
|
private readonly LdapPasswordResetService $passwordReset, |
|
private readonly LdapMetadataService $metadata, |
|
private readonly AuditLogService $audit, |
|
private readonly MailDeliveryService $mailDelivery |
|
) { |
|
} |
|
|
|
public function show(Request $request): View|RedirectResponse |
|
{ |
|
$username = $request->session()->get('ldap_username'); |
|
|
|
if (! is_string($username) || $username === '') { |
|
return redirect()->route('login'); |
|
} |
|
|
|
$profile = $this->ldapAuth->getProfile($username); |
|
|
|
if ($profile === null) { |
|
return redirect()->route('login')->with('error', 'Unable to load profile.'); |
|
} |
|
|
|
$meta = $this->metadata->getUserMeta($username); |
|
$activity = $this->audit->listForUser($username, 50); |
|
|
|
return view('profile.show', [ |
|
'profile' => $profile, |
|
'meta' => $meta, |
|
'is_admin' => (bool) $request->session()->get('ldap_is_admin'), |
|
'activityLogs' => $activity['rows'], |
|
'activityError' => $activity['error'], |
|
]); |
|
} |
|
|
|
public function update(Request $request): RedirectResponse |
|
{ |
|
$username = $request->session()->get('ldap_username'); |
|
|
|
if (! is_string($username) || $username === '') { |
|
return redirect()->route('login'); |
|
} |
|
|
|
$data = $request->validate([ |
|
'display_name' => ['required', 'string', 'max:255'], |
|
'email' => ['nullable', 'email', 'max:255'], |
|
'other_email' => ['nullable', 'email', 'max:255'], |
|
'phone' => ['nullable', 'string', 'max:32'], |
|
]); |
|
|
|
try { |
|
$this->ldapUsers->updateProfile($username, $data['display_name'], $data['email'] ?? null); |
|
$this->metadata->saveUserSelfMeta( |
|
$username, |
|
$data['other_email'] ?? null, |
|
$data['phone'] ?? null |
|
); |
|
$request->session()->put('ldap_display_name', $data['display_name']); |
|
$request->attributes->set('audit_metadata', [ |
|
'display_name' => $data['display_name'], |
|
'other_email' => $data['other_email'] ?? null, |
|
'phone' => $data['phone'] ?? null, |
|
]); |
|
|
|
return redirect()->route('profile.show')->with('success', 'Profile updated.'); |
|
} catch (InvalidArgumentException|RuntimeException $e) { |
|
return back()->withInput()->with('error', $e->getMessage()); |
|
} catch (Throwable) { |
|
return back()->withInput()->with('error', 'Failed to update profile.'); |
|
} |
|
} |
|
|
|
public function testEmail(Request $request): RedirectResponse |
|
{ |
|
$username = $request->session()->get('ldap_username'); |
|
|
|
if (! is_string($username) || $username === '') { |
|
return redirect()->route('login'); |
|
} |
|
|
|
$profile = $this->ldapAuth->getProfile($username); |
|
|
|
if ($profile === null) { |
|
return redirect()->route('login')->with('error', 'Unable to load profile.'); |
|
} |
|
|
|
$meta = $this->metadata->getUserMeta($username); |
|
$recipients = array_filter([ |
|
$profile['email'] !== '' ? $profile['email'] : null, |
|
($meta['other_email'] ?? '') !== '' ? $meta['other_email'] : null, |
|
]); |
|
|
|
if ($recipients === []) { |
|
return back()->with('error', 'Tambahkan email LDAP atau other email terlebih dahulu, lalu simpan profil.'); |
|
} |
|
|
|
try { |
|
$sent = $this->mailDelivery->sendTestToMany(array_values($recipients)); |
|
$request->attributes->set('audit_metadata', [ |
|
'recipients' => $sent, |
|
]); |
|
|
|
return back()->with('success', 'Test email terkirim ke: '.implode(', ', $sent).'.'); |
|
} catch (Throwable) { |
|
return back()->with('error', 'Gagal mengirim test email. Periksa konfigurasi SMTP oleh admin.'); |
|
} |
|
} |
|
|
|
public function sendPasswordReset(Request $request): RedirectResponse |
|
{ |
|
$username = $request->session()->get('ldap_username'); |
|
|
|
if (! is_string($username) || $username === '') { |
|
return redirect()->route('login'); |
|
} |
|
|
|
$profile = $this->ldapAuth->getProfile($username); |
|
$meta = $this->metadata->getUserMeta($username); |
|
$targetEmail = $profile['email'] !== '' ? $profile['email'] : $meta['other_email']; |
|
|
|
if ($profile === null || $targetEmail === '') { |
|
return back()->with('error', 'No email address on file. Contact your administrator.'); |
|
} |
|
|
|
try { |
|
$this->passwordReset->sendResetLink($username); |
|
$request->attributes->set('audit_metadata', [ |
|
'email' => $targetEmail, |
|
]); |
|
|
|
return back()->with('success', "Password reset link sent to {$targetEmail}."); |
|
} catch (Throwable) { |
|
return back()->with('error', 'Failed to send password reset email.'); |
|
} |
|
} |
|
}
|
|
|