forked from fa/breadcrumb-the-shire
Extracts user-lifecycle, audit and telemetry from the security subpage into their own tiles, and renames the slimmed-down security subpage to account-access for a clearer scope. Each subpage now has at most three detail cards instead of the eight previously crowded into security. Hub gains four tiles, sub-action redirects (expire-remember-tokens, run-user-lifecycle) move to their new sections, architecture tests track the new section list and i18n adds the new labels in de + en. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
33 lines
1.1 KiB
PHP
33 lines
1.1 KiB
PHP
<?php
|
|
|
|
use MintyPHP\Http\SessionStoreInterface;
|
|
use MintyPHP\Router;
|
|
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
|
use MintyPHP\Support\Flash;
|
|
use MintyPHP\Support\Guard;
|
|
|
|
$session = app(SessionStoreInterface::class)->all();
|
|
Guard::requireLogin();
|
|
|
|
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
|
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
|
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_TOKENS_REVOKE, [
|
|
'actor_user_id' => $currentUserId,
|
|
]);
|
|
if (!$decision->isAllowed()) {
|
|
Guard::deny();
|
|
}
|
|
|
|
if (!actionRequirePost('admin/settings/account-access')) {
|
|
return;
|
|
}
|
|
|
|
if (!actionRequireCsrf('admin/settings/account-access', 'admin/settings/account-access', 'settings_tokens_expire')) {
|
|
return;
|
|
}
|
|
|
|
$rememberMeService = app(\MintyPHP\Service\Auth\RememberMeService::class);
|
|
$count = $rememberMeService->expireAllTokensByAdmin();
|
|
Flash::success(sprintf(t('%d login tokens expired'), $count), 'admin/settings/account-access', 'login_tokens_expired');
|
|
Router::redirect('admin/settings/account-access');
|