diff --git a/modules/audit/lib/Module/Audit/Support/AuditPageHelper.php b/modules/audit/lib/Module/Audit/Support/AuditPageHelper.php new file mode 100644 index 0000000..9274040 --- /dev/null +++ b/modules/audit/lib/Module/Audit/Support/AuditPageHelper.php @@ -0,0 +1,62 @@ +method()) !== 'POST') { + Router::redirect($route); + } + + $errorBag = formErrors(); + if (!Session::checkCsrfToken()) { + $errorBag->addGlobal(t('Form expired, please try again')); + flashFormErrors($errorBag, $route, $flashGroup); + Router::redirect($route); + } + } + + /** + * Guard a view action: require login + ability, find record by ID, redirect on not-found. + * + * @return array The found record + */ + public static function findOrRedirect( + string $ability, + string $serviceClass, + string $route, + string $errorMessage, + string $flashGroup, + string $title, + mixed $id = null + ): array { + Guard::requireLogin(); + Guard::requireAbility($ability); + + $recordId = (int) ($id ?? 0); + $record = $recordId > 0 ? app($serviceClass)->find($recordId) : null; + if (!$record) { + Flash::error(t($errorMessage), $route, $flashGroup); + Router::redirect($route); + } + + Buffer::set('title', t($title)); + + return $record; + } +} diff --git a/modules/audit/pages/audit/api-audit/purge().php b/modules/audit/pages/audit/api-audit/purge().php index 66716d3..72d3916 100644 --- a/modules/audit/pages/audit/api-audit/purge().php +++ b/modules/audit/pages/audit/api-audit/purge().php @@ -1,23 +1,17 @@ method())) !== 'POST') { - Router::redirect('audit/api-audit'); -} -$errorBag = formErrors(); -if (!Session::checkCsrfToken()) { - $errorBag->addGlobal(t('Form expired, please try again')); - flashFormErrors($errorBag, 'audit/api-audit', 'api_audit'); - Router::redirect('audit/api-audit'); -} - -$deleted = app(\MintyPHP\Module\Audit\Service\ApiAuditService::class)->purgeExpired(); +$deleted = app(ApiAuditService::class)->purgeExpired(); Flash::success(sprintf(t('%d API audit entries purged'), $deleted), 'audit/api-audit', 'api_audit_purged'); Router::redirect('audit/api-audit'); diff --git a/modules/audit/pages/audit/api-audit/view($id).php b/modules/audit/pages/audit/api-audit/view($id).php index e311cb8..16da877 100644 --- a/modules/audit/pages/audit/api-audit/view($id).php +++ b/modules/audit/pages/audit/api-audit/view($id).php @@ -1,18 +1,15 @@ 0 ? app(\MintyPHP\Module\Audit\Service\ApiAuditService::class)->find($auditId) : null; -if (!$auditLog) { - Flash::error(t('API audit entry not found'), 'audit/api-audit', 'api_audit_not_found'); - Router::redirect('audit/api-audit'); -} - -Buffer::set('title', t('View API audit entry')); +$auditLog = AuditPageHelper::findOrRedirect( + AuditAuthorizationPolicy::ABILITY_API_AUDIT_VIEW, + ApiAuditService::class, + 'audit/api-audit', + 'API audit entry not found', + 'api_audit_not_found', + 'View API audit entry', + $id ?? null +); diff --git a/modules/audit/pages/audit/import-audit/purge().php b/modules/audit/pages/audit/import-audit/purge().php index fdc8317..11d9ba7 100644 --- a/modules/audit/pages/audit/import-audit/purge().php +++ b/modules/audit/pages/audit/import-audit/purge().php @@ -1,23 +1,16 @@ method())) !== 'POST') { - Router::redirect('audit/import-audit'); -} -$errorBag = formErrors(); -if (!Session::checkCsrfToken()) { - $errorBag->addGlobal(t('Form expired, please try again')); - flashFormErrors($errorBag, 'audit/import-audit', 'import_audit'); - Router::redirect('audit/import-audit'); -} +AuditPageHelper::requirePurgePost( + AuditAuthorizationPolicy::ABILITY_IMPORTS_AUDIT_PURGE, + 'audit/import-audit', + 'import_audit' +); $deleted = app(ImportAuditService::class)->purgeExpired(); Flash::success(sprintf(t('%d import audit entries purged'), $deleted), 'audit/import-audit', 'import_audit_purged'); diff --git a/modules/audit/pages/audit/import-audit/view($id).php b/modules/audit/pages/audit/import-audit/view($id).php index f4a91c7..c51cc4e 100644 --- a/modules/audit/pages/audit/import-audit/view($id).php +++ b/modules/audit/pages/audit/import-audit/view($id).php @@ -1,18 +1,15 @@ 0 ? app(\MintyPHP\Module\Audit\Service\ImportAuditService::class)->find($runId) : null; -if (!$auditRun) { - Flash::error(t('Import audit entry not found'), 'audit/import-audit', 'import_audit_not_found'); - Router::redirect('audit/import-audit'); -} - -Buffer::set('title', t('View import audit entry')); +$auditRun = AuditPageHelper::findOrRedirect( + AuditAuthorizationPolicy::ABILITY_IMPORTS_AUDIT_VIEW, + ImportAuditService::class, + 'audit/import-audit', + 'Import audit entry not found', + 'import_audit_not_found', + 'View import audit entry', + $id ?? null +); diff --git a/modules/audit/pages/audit/system-audit/purge().php b/modules/audit/pages/audit/system-audit/purge().php index 6cefee3..c9c255f 100644 --- a/modules/audit/pages/audit/system-audit/purge().php +++ b/modules/audit/pages/audit/system-audit/purge().php @@ -3,24 +3,15 @@ use MintyPHP\Module\Audit\AuditAuthorizationPolicy; use MintyPHP\Module\Audit\Domain\SystemAuditOutcome; use MintyPHP\Module\Audit\Service\SystemAuditService; +use MintyPHP\Module\Audit\Support\AuditPageHelper; use MintyPHP\Router; -use MintyPHP\Session; use MintyPHP\Support\Flash; -use MintyPHP\Support\Guard; -Guard::requireLogin(); -Guard::requireAbility(AuditAuthorizationPolicy::ABILITY_SYSTEM_AUDIT_PURGE); - -if (strtoupper((string) requestInput()->method()) !== 'POST') { - Router::redirect('audit/system-audit'); -} - -$errorBag = formErrors(); -if (!Session::checkCsrfToken()) { - $errorBag->addGlobal(t('Form expired, please try again')); - flashFormErrors($errorBag, 'audit/system-audit', 'system_audit'); - Router::redirect('audit/system-audit'); -} +AuditPageHelper::requirePurgePost( + AuditAuthorizationPolicy::ABILITY_SYSTEM_AUDIT_PURGE, + 'audit/system-audit', + 'system_audit' +); $service = app(SystemAuditService::class); $deleted = $service->purgeExpired(); diff --git a/modules/audit/pages/audit/system-audit/view($id).php b/modules/audit/pages/audit/system-audit/view($id).php index 5fdd96d..ce3dc29 100644 --- a/modules/audit/pages/audit/system-audit/view($id).php +++ b/modules/audit/pages/audit/system-audit/view($id).php @@ -1,20 +1,15 @@ 0 ? app(SystemAuditService::class)->find($auditId) : null; -if (!$auditLog) { - Flash::error(t('System audit entry not found'), 'audit/system-audit', 'system_audit_not_found'); - Router::redirect('audit/system-audit'); -} - -Buffer::set('title', t('View system audit entry')); +$auditLog = AuditPageHelper::findOrRedirect( + AuditAuthorizationPolicy::ABILITY_SYSTEM_AUDIT_VIEW, + SystemAuditService::class, + 'audit/system-audit', + 'System audit entry not found', + 'system_audit_not_found', + 'View system audit entry', + $id ?? null +); diff --git a/modules/audit/pages/audit/user-lifecycle-audit/purge().php b/modules/audit/pages/audit/user-lifecycle-audit/purge().php index 72ee93a..677eb7d 100644 --- a/modules/audit/pages/audit/user-lifecycle-audit/purge().php +++ b/modules/audit/pages/audit/user-lifecycle-audit/purge().php @@ -1,24 +1,18 @@ method())) !== 'POST') { - Router::redirect('audit/user-lifecycle-audit'); -} -$errorBag = formErrors(); -if (!Session::checkCsrfToken()) { - $errorBag->addGlobal(t('Form expired, please try again')); - flashFormErrors($errorBag, 'audit/user-lifecycle-audit', 'user_lifecycle_audit'); - Router::redirect('audit/user-lifecycle-audit'); -} - -$deleted = app(\MintyPHP\Module\Audit\Service\UserLifecycleAuditService::class)->purgeExpired(); +$deleted = app(UserLifecycleAuditService::class)->purgeExpired(); Flash::success( sprintf(t('%d user lifecycle audit entries purged'), $deleted), 'audit/user-lifecycle-audit', diff --git a/modules/audit/pages/audit/user-lifecycle-audit/view($id).php b/modules/audit/pages/audit/user-lifecycle-audit/view($id).php index 8909186..2d26b01 100644 --- a/modules/audit/pages/audit/user-lifecycle-audit/view($id).php +++ b/modules/audit/pages/audit/user-lifecycle-audit/view($id).php @@ -1,26 +1,25 @@ all(); -Guard::requireLogin(); -Guard::requireAbility(AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_VIEW); -$auditId = (int) ($id ?? 0); -$auditService = app(\MintyPHP\Module\Audit\Service\UserLifecycleAuditService::class); -$auditLog = $auditId > 0 ? $auditService->find($auditId) : null; -if (!$auditLog) { - Flash::error(t('Lifecycle audit entry not found'), 'audit/user-lifecycle-audit', 'user_lifecycle_audit_not_found'); - Router::redirect('audit/user-lifecycle-audit'); -} +$auditLog = AuditPageHelper::findOrRedirect( + AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_VIEW, + UserLifecycleAuditService::class, + 'audit/user-lifecycle-audit', + 'Lifecycle audit entry not found', + 'user_lifecycle_audit_not_found', + 'View user lifecycle audit entry', + $id ?? null +); +$auditService = app(UserLifecycleAuditService::class); $snapshot = null; if ((string) ($auditLog['action'] ?? '') === UserLifecycleAction::Delete->value) { $snapshot = $auditService->decryptSnapshot($auditLog); @@ -29,5 +28,3 @@ $viewAuth['page'] = app(UiAccessService::class)->pageCapabilities( (int) ($session['user']['id'] ?? 0), ['can_restore' => AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_RESTORE] ); - -Buffer::set('title', t('View user lifecycle audit entry'));