Disallow purge

Signed-off-by: snipe <snipe@snipe.net>
2022-06-23 20:11:43 -07:00 · 2022-06-23 20:11:43 -07:00 · 77bf28bcb6
commit 77bf28bcb6
parent d0081188c7
5 changed files with 38 additions and 13 deletions
--- a/.env.example
+++ b/.env.example
@ -8,6 +8,7 @@ APP_URL=null
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
 MAX_RESULTS=500
 ALLOW_DATA_PURGE=false
 # --------------------------------------------
 # REQUIRED: UPLOADED FILE STORAGE SETTINGS
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@ -1299,10 +1299,15 @@ class SettingsController extends Controller
    public function getPurge()
    {
        \Log::warning('User ID '.Auth::user()->id.' is attempting a PURGE');
        if (config('app.allow_purge')=='true') {
            return view('settings.purge-form');
        }
        return redirect()->back()->with('error', trans('general.purge_not_allowed'));
    }
    /**
     * Purges soft-deletes.
     *
@ -1314,6 +1319,7 @@ class SettingsController extends Controller
     */
    public function postPurge(Request $request)
    {
        if (config('app.allow_purge')=='true') {
            if (!config('app.lock_passwords')) {
                if ('DELETE' == $request->input('confirm_purge')) {
                    \Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
@ -1330,6 +1336,9 @@ class SettingsController extends Controller
            } else {
                return redirect()->back()->with('error', trans('general.feature_disabled'));
            }
            return redirect()->back()->with('error', trans('general.purge_not_allowed'));
        }
    }
    /**
--- a/config/app.php
+++ b/config/app.php
@ -430,4 +430,16 @@ return [
    'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120),
    /*
    |--------------------------------------------------------------------------
    | Allow Web-Based Purge
    |--------------------------------------------------------------------------
    |
    | This sets whether or not to allow superadmins to purge deleted data
    |
    */
    'allow_purge' => env('ALLOW_DATA_PURGE', false),
 ];
--- a/resources/lang/en/general.php
+++ b/resources/lang/en/general.php
@ -360,4 +360,5 @@ return [
    'maintenance_mode'      => 'The service is temporarily unavailable for system updates. Please check back later.',
    'maintenance_mode_title' => 'System Temporarily Unavailable',
    'ldap_import'           => 'User password should not be managed by LDAP. (This allows you to send forgotten password requests.)',
    'purge_not_allowed'     => 'Purging deleted data has been disabled in the .env file. Contact support or your systems administrator.',
 ];
--- a/resources/views/settings/index.blade.php
+++ b/resources/views/settings/index.blade.php
@ -314,6 +314,7 @@
          </div>
        @endif
      @if (config('app.allow_purge')=='true')
    <div class="col-md-4 col-lg-3 col-sm-6 col-xl-1">
      <div class="box box-danger">
        <div class="box-body text-center">
@ -329,6 +330,7 @@
        </div>
      </div>
    </div>
        @endif
    </div>