Fix remaining issues: CDN config, min_staff_rank defaults, blade views

- Centralize all CDN URLs in config('habbo.cdn.*') with env overrides - Replace hardcoded CDN URLs in 12+ blade views (fancybox, sweetalert2, alpinejs, fontsource, fontawesome, html2canvas) - Fix font-awesome 7.0.0 (non-existent) -> config with 6.7.0 default - Centralize all hardcoded min_staff_rank defaults (3 and 7) to config - Add MIN_STAFF_RANK and MIN_STAFF_RANK_LOGIN env variables
2026-06-08 19:11:28 +02:00
parent b6fb43cba1
commit 0b6f14d5bf
20 changed files with 38 additions and 27 deletions
@@ -113,7 +113,7 @@ class CreateNewUser implements CreatesNewUsers
            if (! empty($discordRanks)) {
                $shouldNotify = in_array($user->rank, $discordRanks);
            } else {
-                $minStaffRank = (int) setting('min_staff_rank', 3);
+                $minStaffRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
                $shouldNotify = $user->rank >= $minStaffRank;
            }
@@ -17,7 +17,7 @@ class FurniEditorController extends Controller
 {
    private function checkAdmin(): void
    {
-        if (! Auth::check() || Auth::user()->rank < (int) setting('min_staff_rank', 7)) {
+        if (! Auth::check() || Auth::user()->rank < (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank'))) {
            abort(403, 'Forbidden');
        }
    }
@@ -20,7 +20,7 @@ class AdminSecurityMiddleware
        }
        // Check 2: Must have admin rank
-        $minRank = (int) setting('min_staff_rank', 7);
+        $minRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank'));
        if ($user->rank < $minRank) {
            Log::warning('[Security] Unauthorized API access attempt', [
                'user_id' => $user->id,
@@ -21,7 +21,7 @@ class ForceStaffTwoFactorMiddleware
            'two-factor.verify',
        ];
-        if (($user->rank >= setting('min_staff_rank') && ! $user->two_factor_confirmed) && ! in_array(request()->route()?->getName(), $allowedRoutes)) {
+        if (($user->rank >= setting('min_staff_rank', config('habbo.defaults.min_staff_rank')) && ! $user->two_factor_confirmed) && ! in_array(request()->route()?->getName(), $allowedRoutes)) {
            return to_route('settings.two-factor');
        }
@@ -16,7 +16,7 @@ class LogStaffActivity
    public function terminate(Request $request, Response $response): void
    {
-        if (auth()->check() && auth()->user()->rank >= (int) setting('min_staff_rank', 3)) {
+        if (auth()->check() && auth()->user()->rank >= (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'))) {
            $this->logRequest($request);
        }
    }
@@ -10,7 +10,7 @@ class LogStaffLogin
    public function handle(Login $event): void
    {
        $user = $event->user;
-        $minStaffRank = (int) setting('min_staff_rank', 3);
+        $minStaffRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
        if ($user && $user->rank >= $minStaffRank) {
            StaffActivity::logLogin($user->id);
@@ -18,7 +18,7 @@ readonly class StaffService
            return Cache::get('staff_positions');
        }
-        $minStaffRank = (int) setting('min_staff_rank', 3);
+        $minStaffRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
        $minRankToSeeHidden = (int) setting('min_rank_to_see_hidden_staff', 7);
        $userRank = Auth::check() ? Auth::user()->rank : 0;
@@ -49,7 +49,7 @@ readonly class StaffService
            return Cache::get('staff_ids');
        }
-        $minRank = (int) setting('min_staff_rank', 3);
+        $minRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
        $staffIds = User::query()->select('id')
            ->where('rank', '>=', $minRank)
@@ -56,6 +56,18 @@ return [
    'defaults' => [
        'avatar_look' => env('DEFAULT_AVATAR_LOOK', 'hr-100-61.hd-180-1.ch-210-66'),
        'min_staff_rank' => env('MIN_STAFF_RANK', 7),
        'min_staff_rank_login' => env('MIN_STAFF_RANK_LOGIN', 3),
    ],
    'cdn' => [
        'fancybox_js' => env('FANCYBOX_JS_URL', 'https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js'),
        'fancybox_css' => env('FANCYBOX_CSS_URL', 'https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css'),
        'sweetalert2_js' => env('SWEETALERT2_JS_URL', '//cdn.jsdelivr.net/npm/sweetalert2@11'),
        'alpine_js' => env('ALPINE_JS_URL', 'https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js'),
        'fontsource_inter_css' => env('FONTSOURCE_INTER_CSS_URL', 'https://cdn.jsdelivr.net/npm/@fontsource/inter@4.x/400-700.css'),
        'fontawesome_css' => env('FONTAWESOME_CSS_URL', 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.0/css/all.min.css'),
        'html2canvas_js' => env('HTML2CANVAS_JS_URL', 'https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.3/html2canvas.min.js'),
    ],
    'findretros' => [
@@ -35,8 +35,7 @@
 </div>
 @push('javascript')
- <script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
+ <script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
 @endpush
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
+ <link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
 </x-app-layout>
@@ -1,4 +1,4 @@
-<script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
+<script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
 <script>
 var Toast = Swal.mixin({
@@ -344,7 +344,7 @@
 </div>
 </x-content.content-card>
 </div>
- <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.0/css/all.min.css" integrity="sha512-DxV+EoADOkOygM4IR9yXP8Sb2qwgidEmeqAEmDKIOfPRQZOWbXCzLC6vjbZyy0vPisbH2SyW27+ddLVCN+OMzQ==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+ <link rel="stylesheet" href="{{ config('habbo.cdn.fontawesome_css') }}" crossorigin="anonymous" referrerpolicy="no-referrer" />
 <script src="{{ asset('js/gif/gif.js') }}"></script>
 <style>
@@ -39,8 +39,8 @@
 </div>
 @push('javascript')
- <script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
+ <script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
 @endpush
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
+ <link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
 </x-app-layout>
@@ -73,8 +73,8 @@
 </div>
 {{-- TODO: Selfhost --}}
- <script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
+ <script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
- <script src="https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.3/html2canvas.min.js"></script>
+ <script src="{{ config('habbo.cdn.html2canvas_js') }}"></script>
 <script>
 function logoGenerator() {
 return {
@@ -183,6 +183,6 @@
        usernameInput.addEventListener('keyup', updateAvatar);
    </script>
-    <script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
+    <script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
-    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
+    <link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
 </x-app-layout>
@@ -1,4 +1,4 @@
-<script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
+<script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
 <script>
    var Toast = Swal.mixin({
@@ -135,7 +135,7 @@
            </div>
        </x-content.content-card>
    </div>
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.0/css/all.min.css" integrity="sha512-DxV+EoADOkOygM4IR9yXP8Sb2qwgidEmeqAEmDKIOfPRQZOWbXCzLC6vjbZyy0vPisbH2SyW27+ddLVCN+OMzQ==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+    <link rel="stylesheet" href="{{ config('habbo.cdn.fontawesome_css') }}" crossorigin="anonymous" referrerpolicy="no-referrer" />
    <script src="{{ asset('js/gif/gif.js') }}"></script>
@@ -128,9 +128,9 @@
        </div>
        <x-footer />
        <script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
-        <script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
+        <link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
        @stack('javascript')
@@ -73,8 +73,8 @@
    </div>
    {{-- TODO: Selfhost --}}
-    <script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
+    <script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.3/html2canvas.min.js"></script>
+    <script src="{{ config('habbo.cdn.html2canvas_js') }}"></script>
    <script>
        function logoGenerator() {
            return {
@@ -3,7 +3,7 @@
@section('title', __('radio.music') . ' - ' . config('app.name'))
@push('styles')
-    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fontsource/inter@4.x/400-700.css">
+    <link rel="stylesheet" href="{{ config('habbo.cdn.fontsource_inter_css') }}">
    <style>
        :root {
            --radio-primary: {{ $primaryColor ?? '#eeb425' }};
@@ -4,7 +4,7 @@
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Radio Player</title>
-    <script defer src="https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js"></script>
+    <script defer src="{{ config('habbo.cdn.alpine_js') }}"></script>
    <style>
        *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
        body {