GeoNetAgent, LDAPWeb, server-audit, server-connection
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

156 lines
5.5 KiB

<?php
namespace App\Http\Controllers;
use App\Services\AuditLogService;
use App\Services\LdapAuthService;
use App\Services\LdapMetadataService;
use App\Services\LdapPasswordResetService;
use App\Services\LdapUserService;
use App\Services\MailDeliveryService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\View\View;
use InvalidArgumentException;
use RuntimeException;
use Throwable;
class ProfileController extends Controller
{
public function __construct(
private readonly LdapAuthService $ldapAuth,
private readonly LdapUserService $ldapUsers,
private readonly LdapPasswordResetService $passwordReset,
private readonly LdapMetadataService $metadata,
private readonly AuditLogService $audit,
private readonly MailDeliveryService $mailDelivery
) {
}
public function show(Request $request): View|RedirectResponse
{
$username = $request->session()->get('ldap_username');
if (! is_string($username) || $username === '') {
return redirect()->route('login');
}
$profile = $this->ldapAuth->getProfile($username);
if ($profile === null) {
return redirect()->route('login')->with('error', 'Unable to load profile.');
}
$meta = $this->metadata->getUserMeta($username);
$activity = $this->audit->listForUser($username, 50);
return view('profile.show', [
'profile' => $profile,
'meta' => $meta,
'is_admin' => (bool) $request->session()->get('ldap_is_admin'),
'activityLogs' => $activity['rows'],
'activityError' => $activity['error'],
]);
}
public function update(Request $request): RedirectResponse
{
$username = $request->session()->get('ldap_username');
if (! is_string($username) || $username === '') {
return redirect()->route('login');
}
$data = $request->validate([
'display_name' => ['required', 'string', 'max:255'],
'email' => ['nullable', 'email', 'max:255'],
'other_email' => ['nullable', 'email', 'max:255'],
'phone' => ['nullable', 'string', 'max:32'],
]);
try {
$this->ldapUsers->updateProfile($username, $data['display_name'], $data['email'] ?? null);
$this->metadata->saveUserSelfMeta(
$username,
$data['other_email'] ?? null,
$data['phone'] ?? null
);
$request->session()->put('ldap_display_name', $data['display_name']);
$request->attributes->set('audit_metadata', [
'display_name' => $data['display_name'],
'other_email' => $data['other_email'] ?? null,
'phone' => $data['phone'] ?? null,
]);
return redirect()->route('profile.show')->with('success', 'Profile updated.');
} catch (InvalidArgumentException|RuntimeException $e) {
return back()->withInput()->with('error', $e->getMessage());
} catch (Throwable) {
return back()->withInput()->with('error', 'Failed to update profile.');
}
}
public function testEmail(Request $request): RedirectResponse
{
$username = $request->session()->get('ldap_username');
if (! is_string($username) || $username === '') {
return redirect()->route('login');
}
$profile = $this->ldapAuth->getProfile($username);
if ($profile === null) {
return redirect()->route('login')->with('error', 'Unable to load profile.');
}
$meta = $this->metadata->getUserMeta($username);
$recipients = array_filter([
$profile['email'] !== '' ? $profile['email'] : null,
($meta['other_email'] ?? '') !== '' ? $meta['other_email'] : null,
]);
if ($recipients === []) {
return back()->with('error', 'Tambahkan email LDAP atau other email terlebih dahulu, lalu simpan profil.');
}
try {
$sent = $this->mailDelivery->sendTestToMany(array_values($recipients));
$request->attributes->set('audit_metadata', [
'recipients' => $sent,
]);
return back()->with('success', 'Test email terkirim ke: '.implode(', ', $sent).'.');
} catch (Throwable) {
return back()->with('error', 'Gagal mengirim test email. Periksa konfigurasi SMTP oleh admin.');
}
}
public function sendPasswordReset(Request $request): RedirectResponse
{
$username = $request->session()->get('ldap_username');
if (! is_string($username) || $username === '') {
return redirect()->route('login');
}
$profile = $this->ldapAuth->getProfile($username);
$meta = $this->metadata->getUserMeta($username);
$targetEmail = $profile['email'] !== '' ? $profile['email'] : $meta['other_email'];
if ($profile === null || $targetEmail === '') {
return back()->with('error', 'No email address on file. Contact your administrator.');
}
try {
$this->passwordReset->sendResetLink($username);
$request->attributes->set('audit_metadata', [
'email' => $targetEmail,
]);
return back()->with('success', "Password reset link sent to {$targetEmail}.");
} catch (Throwable) {
return back()->with('error', 'Failed to send password reset email.');
}
}
}