pacnpal/thrillwiki_laravel
1
0
Fork 0
mirror of https://github.com/pacnpal/thrillwiki_laravel.git synced 2025-12-20 05:51:09 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: add middleware for cookie encryption, CSRF verification, string trimming, and maintenance request prevention; implement Designer resource management with CRUD pages and permissions

Browse Source
This commit is contained in:
pacnpal
2025-02-26 21:28:02 -05:00
parent 0e61f7d694
commit 2436e8cec6
46 changed files with 4623 additions and 2391 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
app/Filament/Resources/DesignerResource.php Normal file
View File

@@ -0,0 +1,125 @@
<?php
namespace App\Filament\Resources;
use App\Filament\Resources\DesignerResource\Pages;
use App\Filament\Resources\DesignerResource\RelationManagers;
use App\Models\Designer;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Resources\Resource;
use Filament\Tables;
use Filament\Tables\Table;
use Illuminate\Database\Eloquent\Builder;
class DesignerResource extends Resource
{
protected static ?string $model = Designer::class;
protected static ?string $navigationIcon = 'heroicon-o-building-office';
protected static ?string $navigationGroup = 'Company Management';
protected static ?int $navigationSort = 1;
public static function form(Form $form): Form
{
return $form
->schema([
Forms\Components\Section::make('Basic Information')
->schema([
Forms\Components\TextInput::make('name')
->required()
->maxLength(255)
->live(onBlur: true)
->afterStateUpdated(fn ($state, Forms\Set $set) =>
$set('slug', str($state)->slug())),
Forms\Components\TextInput::make('slug')
->required()
->maxLength(255)
->unique(ignoreRecord: true),
Forms\Components\TextInput::make('headquarters')
->maxLength(255),
Forms\Components\DatePicker::make('founded_date')
->label('Founded Date')
->format('Y-m-d'),
])->columns(2),
Forms\Components\Section::make('Additional Details')
->schema([
Forms\Components\TextInput::make('website')
->url()
->prefix('https://')
->maxLength(255),
Forms\Components\RichEditor::make('description')
->columnSpanFull()
->toolbarButtons([
'bold',
'italic',
'link',
'bulletList',
'orderedList',
'h2',
'h3',
]),
]),
]);
}
public static function table(Table $table): Table
{
return $table
->columns([
Tables\Columns\TextColumn::make('name')
->searchable()
->sortable(),
Tables\Columns\TextColumn::make('headquarters')
->searchable()
->sortable(),
Tables\Columns\TextColumn::make('founded_date')
->date()
->sortable(),
Tables\Columns\TextColumn::make('rides_count')
->counts('rides')
->label('Rides')
->sortable(),
Tables\Columns\TextColumn::make('website')
->searchable()
->url(fn ($state) => str($state)->start('https://')),
Tables\Columns\TextColumn::make('updated_at')
->dateTime()
->sortable()
->toggleable(),
])
->filters([
Tables\Filters\Filter::make('has_rides')
->query(fn (Builder $query) => $query->has('rides'))
->label('Has Rides'),
Tables\Filters\Filter::make('no_rides')
->query(fn (Builder $query) => $query->doesntHave('rides'))
->label('No Rides'),
])
->actions([
Tables\Actions\EditAction::make(),
Tables\Actions\ViewAction::make(),
])
->bulkActions([
Tables\Actions\BulkActionGroup::make([
Tables\Actions\DeleteBulkAction::make(),
]),
]);
}
public static function getRelations(): array
{
return [
RelationManagers\RidesRelationManager::class,
];
}
public static function getPages(): array
{
return [
'index' => Pages\ListDesigners::route('/'),
'create' => Pages\CreateDesigner::route('/create'),
'edit' => Pages\EditDesigner::route('/{record}/edit'),
];
}
}

12
app/Filament/Resources/DesignerResource/Pages/CreateDesigner.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
namespace App\Filament\Resources\DesignerResource\Pages;
use App\Filament\Resources\DesignerResource;
use Filament\Actions;
use Filament\Resources\Pages\CreateRecord;
class CreateDesigner extends CreateRecord
{
protected static string $resource = DesignerResource::class;
}

19
app/Filament/Resources/DesignerResource/Pages/EditDesigner.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace App\Filament\Resources\DesignerResource\Pages;
use App\Filament\Resources\DesignerResource;
use Filament\Actions;
use Filament\Resources\Pages\EditRecord;
class EditDesigner extends EditRecord
{
protected static string $resource = DesignerResource::class;
protected function getHeaderActions(): array
{
return [
Actions\DeleteAction::make(),
];
}
}

19
app/Filament/Resources/DesignerResource/Pages/ListDesigners.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace App\Filament\Resources\DesignerResource\Pages;
use App\Filament\Resources\DesignerResource;
use Filament\Actions;
use Filament\Resources\Pages\ListRecords;
class ListDesigners extends ListRecords
{
protected static string $resource = DesignerResource::class;
protected function getHeaderActions(): array
{
return [
Actions\CreateAction::make(),
];
}
}

76
app/Filament/Resources/DesignerResource/RelationManagers/RidesRelationManager.php Normal file
View File

@@ -0,0 +1,76 @@
<?php
namespace App\Filament\Resources\DesignerResource\RelationManagers;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Resources\RelationManagers\RelationManager;
use Filament\Tables;
use Filament\Tables\Table;
class RidesRelationManager extends RelationManager
{
protected static string $relationship = 'rides';
protected static ?string $title = 'Rides';
public function form(Form $form): Form
{
return $form
->schema([
Forms\Components\TextInput::make('name')
->required()
->maxLength(255),
Forms\Components\TextInput::make('manufacturer_name')
->maxLength(255),
Forms\Components\TextInput::make('model_name')
->maxLength(255),
Forms\Components\DatePicker::make('opened_date')
->label('Opening Date'),
Forms\Components\DatePicker::make('closed_date')
->label('Closing Date')
->after('opened_date'),
Forms\Components\Textarea::make('description')
->columnSpanFull(),
Forms\Components\Toggle::make('is_active')
->label('Active')
->default(true),
]);
}
public function table(Table $table): Table
{
return $table
->columns([
Tables\Columns\TextColumn::make('name')
->sortable()
->searchable(),
Tables\Columns\TextColumn::make('manufacturer_name')
->sortable()
->searchable(),
Tables\Columns\TextColumn::make('opened_date')
->date()
->sortable(),
Tables\Columns\TextColumn::make('closed_date')
->date()
->sortable(),
Tables\Columns\IconColumn::make('is_active')
->boolean()
->sortable(),
])
->filters([
Tables\Filters\TrashedFilter::make(),
])
->headerActions([
Tables\Actions\CreateAction::make(),
])
->actions([
Tables\Actions\EditAction::make(),
Tables\Actions\DeleteAction::make(),
])
->bulkActions([
Tables\Actions\BulkActionGroup::make([
Tables\Actions\DeleteBulkAction::make(),
]),
]);
}
}

47
app/Http/Kernel.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
protected $middleware = [
\App\Http\Middleware\TrustProxies::class,
\Illuminate\Http\Middleware\HandleCors::class,
\App\Http\Middleware\PreventRequestsDuringMaintenance::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
protected $middlewareAliases = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class,
'signed' => \App\Http\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
}

17
app/Http/Middleware/Authenticate.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
use Illuminate\Http\Request;
class Authenticate extends Middleware
{
/**
* Get the path the user should be redirected to when they are not authenticated.
*/
protected function redirectTo(Request $request): ?string
{
return $request->expectsJson() ? null : route('login');
}
}

12
app/Http/Middleware/EncryptCookies.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
class EncryptCookies extends Middleware
{
protected $except = [
//
];
}

12
app/Http/Middleware/PreventRequestsDuringMaintenance.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance as Middleware;
class PreventRequestsDuringMaintenance extends Middleware
{
protected $except = [
//
];
}

14
app/Http/Middleware/TrimStrings.php Normal file
View File

@@ -0,0 +1,14 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
class TrimStrings extends Middleware
{
protected $except = [
'current_password',
'password',
'password_confirmation',
];
}

17
app/Http/Middleware/TrustProxies.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Http\Middleware\TrustProxies as Middleware;
use Illuminate\Http\Request;
class TrustProxies extends Middleware
{
protected $proxies;
protected $headers =
Request::HEADER_X_FORWARDED_FOR |
Request::HEADER_X_FORWARDED_HOST |
Request::HEADER_X_FORWARDED_PORT |
Request::HEADER_X_FORWARDED_PROTO |
Request::HEADER_X_FORWARDED_AWS_ELB;
}

12
app/Http/Middleware/VerifyCsrfToken.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
protected $except = [
//
];
}

28
app/Models/Designer.php
View File

@@ -2,26 +2,27 @@
namespace App\Models;
use App\Traits\HasSlugHistory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Support\Str;
class Designer extends Model
{
/**
* The attributes that are mass assignable.
*
* @var array<string>
*/
use HasSlugHistory;
protected $fillable = [
'name',
'slug',
'bio',
'description',
'website',
'founded_date',
'headquarters',
];
protected $casts = [
'founded_date' => 'date',
];
/**
* Boot the model.
*/
protected static function boot()
{
parent::boot();
@@ -32,11 +33,8 @@ class Designer extends Model
}
});
}
/**
* Get the rides designed by this designer.
*/
public function rides(): HasMany
public function rides()
{
return $this->hasMany(Ride::class);
}

68
app/Policies/DesignerPolicy.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
namespace App\Policies;
use App\Models\Designer;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class DesignerPolicy
{
use HandlesAuthorization;
/**
* Determine whether the user can view any models.
*/
public function viewAny(User $user): bool
{
return $user->hasPermissionTo('view designers');
}
/**
* Determine whether the user can view the model.
*/
public function view(User $user, Designer $designer): bool
{
return $user->hasPermissionTo('view designers');
}
/**
* Determine whether the user can create models.
*/
public function create(User $user): bool
{
return $user->hasPermissionTo('create designers');
}
/**
* Determine whether the user can update the model.
*/
public function update(User $user, Designer $designer): bool
{
return $user->hasPermissionTo('edit designers');
}
/**
* Determine whether the user can delete the model.
*/
public function delete(User $user, Designer $designer): bool
{
return $user->hasPermissionTo('delete designers');
}
/**
* Determine whether the user can restore the model.
*/
public function restore(User $user, Designer $designer): bool
{
return $user->hasPermissionTo('restore designers');
}
/**
* Determine whether the user can permanently delete the model.
*/
public function forceDelete(User $user, Designer $designer): bool
{
return $user->hasPermissionTo('force delete designers');
}
}

69
app/Providers/Filament/AdminPanelProvider.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
namespace App\Providers\Filament;
use Filament\Http\Middleware\Authenticate;
use Filament\Http\Middleware\DisableBladeIconComponents;
use Filament\Http\Middleware\DispatchServingFilamentEvent;
use Filament\Pages;
use Filament\Panel;
use Filament\PanelProvider;
use Filament\Support\Colors\Color;
use Filament\Widgets;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
use Illuminate\Cookie\Middleware\EncryptCookies;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Session\Middleware\AuthenticateSession;
use Illuminate\Session\Middleware\StartSession;
use Illuminate\View\Middleware\ShareErrorsFromSession;
class AdminPanelProvider extends PanelProvider
{
public function panel(Panel $panel): Panel
{
return $panel
->default()
->id('admin')
->path('admin')
->login()
->colors([
'primary' => Color::Amber,
])
->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
->pages([
Pages\Dashboard::class,
])
->widgets([
Widgets\AccountWidget::class,
Widgets\FilamentInfoWidget::class,
])
->middleware([
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
AuthenticateSession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
DisableBladeIconComponents::class,
DispatchServingFilamentEvent::class,
])
->authMiddleware([
Authenticate::class,
])
->resources([
config('filament.resources.namespace') => app_path('Filament/Resources'),
])
->navigationGroups([
'Company Management',
'Attractions',
'Parks',
'User Management',
'System',
])
->brandName('ThrillWiki Admin')
->sidebarCollapsibleOnDesktop();
}
}

64
app/Providers/Filament/ModerationPanelProvider.php Normal file
View File

@@ -0,0 +1,64 @@
<?php
namespace App\Providers\Filament;
use Filament\Http\Middleware\Authenticate;
use Filament\Http\Middleware\DisableBladeIconComponents;
use Filament\Http\Middleware\DispatchServingFilamentEvent;
use Filament\Pages;
use Filament\Panel;
use Filament\PanelProvider;
use Filament\Support\Colors\Color;
use Filament\Widgets;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
use Illuminate\Cookie\Middleware\EncryptCookies;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Session\Middleware\AuthenticateSession;
use Illuminate\Session\Middleware\StartSession;
use Illuminate\View\Middleware\ShareErrorsFromSession;
class ModerationPanelProvider extends PanelProvider
{
public function panel(Panel $panel): Panel
{
return $panel
->id('moderation')
->path('moderation')
->login()
->colors([
'primary' => Color::Blue,
])
->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
->pages([
Pages\Dashboard::class,
])
->widgets([
Widgets\AccountWidget::class,
])
->middleware([
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
AuthenticateSession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
DisableBladeIconComponents::class,
DispatchServingFilamentEvent::class,
])
->authMiddleware([
Authenticate::class,
])
->navigationGroups([
'Content Moderation',
'User Management',
'Reviews',
'Reports',
])
->brandName('ThrillWiki Moderation')
->sidebarCollapsibleOnDesktop()
->maxContentWidth('full');
}
}