diff --git a/.env.example b/.env.example index bd65c1935..f4947e647 100644 --- a/.env.example +++ b/.env.example @@ -8,6 +8,7 @@ APP_URL=null APP_TIMEZONE='UTC' APP_LOCALE=en MAX_RESULTS=500 +ALLOW_DATA_PURGE=false # -------------------------------------------- # REQUIRED: UPLOADED FILE STORAGE SETTINGS diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index d6574f17c..0e8427fbd 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -1299,8 +1299,13 @@ class SettingsController extends Controller public function getPurge() { \Log::warning('User ID '.Auth::user()->id.' is attempting a PURGE'); + if (config('app.allow_purge')=='true') { + + return view('settings.purge-form'); + } + + return redirect()->back()->with('error', trans('general.purge_not_allowed')); - return view('settings.purge-form'); } /** @@ -1314,21 +1319,25 @@ class SettingsController extends Controller */ public function postPurge(Request $request) { - if (! config('app.lock_passwords')) { - if ('DELETE' == $request->input('confirm_purge')) { - \Log::warning('User ID '.Auth::user()->id.' initiated a PURGE!'); - // Run a backup immediately before processing - Artisan::call('backup:run'); - Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]); - $output = Artisan::output(); + if (config('app.allow_purge')=='true') { + if (!config('app.lock_passwords')) { + if ('DELETE' == $request->input('confirm_purge')) { + \Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!'); + // Run a backup immediately before processing + Artisan::call('backup:run'); + Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]); + $output = Artisan::output(); - return view('settings/purge') - ->with('output', $output)->with('success', trans('admin/settings/message.purge.success')); + return view('settings/purge') + ->with('output', $output)->with('success', trans('admin/settings/message.purge.success')); + } else { + return redirect()->back()->with('error', trans('admin/settings/message.purge.validation_failed')); + } } else { - return redirect()->back()->with('error', trans('admin/settings/message.purge.validation_failed')); + return redirect()->back()->with('error', trans('general.feature_disabled')); } - } else { - return redirect()->back()->with('error', trans('general.feature_disabled')); + + return redirect()->back()->with('error', trans('general.purge_not_allowed')); } } diff --git a/config/app.php b/config/app.php index ba56b42e3..3969da19d 100755 --- a/config/app.php +++ b/config/app.php @@ -430,4 +430,16 @@ return [ 'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120), + + /* + |-------------------------------------------------------------------------- + | Allow Web-Based Purge + |-------------------------------------------------------------------------- + | + | This sets whether or not to allow superadmins to purge deleted data + | + */ + + 'allow_purge' => env('ALLOW_DATA_PURGE', false), + ]; diff --git a/resources/lang/en/general.php b/resources/lang/en/general.php index 0b9c680f2..74c403baf 100644 --- a/resources/lang/en/general.php +++ b/resources/lang/en/general.php @@ -360,4 +360,5 @@ return [ 'maintenance_mode' => 'The service is temporarily unavailable for system updates. Please check back later.', 'maintenance_mode_title' => 'System Temporarily Unavailable', 'ldap_import' => 'User password should not be managed by LDAP. (This allows you to send forgotten password requests.)', + 'purge_not_allowed' => 'Purging deleted data has been disabled in the .env file. Contact support or your systems administrator.', ]; \ No newline at end of file diff --git a/resources/views/settings/index.blade.php b/resources/views/settings/index.blade.php index d2817ae04..ff7d0cfd3 100755 --- a/resources/views/settings/index.blade.php +++ b/resources/views/settings/index.blade.php @@ -314,6 +314,7 @@ @endif + @if (config('app.allow_purge')=='true')
@@ -329,6 +330,7 @@
+ @endif