remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix remaining issues: CDN config, min_staff_rank defaults, blade views

Browse Source 
- Centralize all CDN URLs in config('habbo.cdn.*') with env overrides
- Replace hardcoded CDN URLs in 12+ blade views (fancybox, sweetalert2,
  alpinejs, fontsource, fontawesome, html2canvas)
- Fix font-awesome 7.0.0 (non-existent) -> config with 6.7.0 default
- Centralize all hardcoded min_staff_rank defaults (3 and 7) to config
- Add MIN_STAFF_RANK and MIN_STAFF_RANK_LOGIN env variables
This commit is contained in:
root
2026-06-08 19:11:28 +02:00
parent b6fb43cba1
commit 0b6f14d5bf
20 changed files with 38 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Actions/Fortify/CreateNewUser.php
+1 -1
View File
@@ -113,7 +113,7 @@ class CreateNewUser implements CreatesNewUsers
if (! empty($discordRanks)) {
$shouldNotify = in_array($user->rank, $discordRanks);
} else {
$minStaffRank = (int) setting('min_staff_rank', 3);
$minStaffRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
$shouldNotify = $user->rank >= $minStaffRank;
}
app/Http/Controllers/Api/FurniEditorController.php
+1 -1
View File
@@ -17,7 +17,7 @@ class FurniEditorController extends Controller
{
private function checkAdmin(): void
{
if (! Auth::check() || Auth::user()->rank < (int) setting('min_staff_rank', 7)) {
if (! Auth::check() || Auth::user()->rank < (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank'))) {
abort(403, 'Forbidden');
}
}
app/Http/Middleware/AdminSecurityMiddleware.php
+1 -1
View File
@@ -20,7 +20,7 @@ class AdminSecurityMiddleware
}
// Check 2: Must have admin rank
$minRank = (int) setting('min_staff_rank', 7);
$minRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank'));
if ($user->rank < $minRank) {
Log::warning('[Security] Unauthorized API access attempt', [
'user_id' => $user->id,
app/Http/Middleware/ForceStaffTwoFactorMiddleware.php
+1 -1
View File
@@ -21,7 +21,7 @@ class ForceStaffTwoFactorMiddleware
'two-factor.verify',
];
if (($user->rank >= setting('min_staff_rank') && ! $user->two_factor_confirmed) && ! in_array(request()->route()?->getName(), $allowedRoutes)) {
if (($user->rank >= setting('min_staff_rank', config('habbo.defaults.min_staff_rank')) && ! $user->two_factor_confirmed) && ! in_array(request()->route()?->getName(), $allowedRoutes)) {
return to_route('settings.two-factor');
}
app/Http/Middleware/LogStaffActivity.php
+1 -1
View File
@@ -16,7 +16,7 @@ class LogStaffActivity
public function terminate(Request $request, Response $response): void
{
if (auth()->check() && auth()->user()->rank >= (int) setting('min_staff_rank', 3)) {
if (auth()->check() && auth()->user()->rank >= (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'))) {
$this->logRequest($request);
}
}
app/Listeners/LogStaffLogin.php
+1 -1
View File
@@ -10,7 +10,7 @@ class LogStaffLogin
public function handle(Login $event): void
{
$user = $event->user;
$minStaffRank = (int) setting('min_staff_rank', 3);
$minStaffRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
if ($user && $user->rank >= $minStaffRank) {
StaffActivity::logLogin($user->id);
app/Services/Community/StaffService.php
+2 -2
View File
@@ -18,7 +18,7 @@ readonly class StaffService
return Cache::get('staff_positions');
}
$minStaffRank = (int) setting('min_staff_rank', 3);
$minStaffRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
$minRankToSeeHidden = (int) setting('min_rank_to_see_hidden_staff', 7);
$userRank = Auth::check() ? Auth::user()->rank : 0;
@@ -49,7 +49,7 @@ readonly class StaffService
return Cache::get('staff_ids');
}
$minRank = (int) setting('min_staff_rank', 3);
$minRank = (int) setting('min_staff_rank', config('habbo.defaults.min_staff_rank_login'));
$staffIds = User::query()->select('id')
->where('rank', '>=', $minRank)
config/habbo.php
+12
View File
@@ -56,6 +56,18 @@ return [
'defaults' => [
'avatar_look' => env('DEFAULT_AVATAR_LOOK', 'hr-100-61.hd-180-1.ch-210-66'),
'min_staff_rank' => env('MIN_STAFF_RANK', 7),
'min_staff_rank_login' => env('MIN_STAFF_RANK_LOGIN', 3),
],
'cdn' => [
'fancybox_js' => env('FANCYBOX_JS_URL', 'https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js'),
'fancybox_css' => env('FANCYBOX_CSS_URL', 'https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css'),
'sweetalert2_js' => env('SWEETALERT2_JS_URL', '//cdn.jsdelivr.net/npm/sweetalert2@11'),
'alpine_js' => env('ALPINE_JS_URL', 'https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js'),
'fontsource_inter_css' => env('FONTSOURCE_INTER_CSS_URL', 'https://cdn.jsdelivr.net/npm/@fontsource/inter@4.x/400-700.css'),
'fontawesome_css' => env('FONTAWESOME_CSS_URL', 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.0/css/all.min.css'),
'html2canvas_js' => env('HTML2CANVAS_JS_URL', 'https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.3/html2canvas.min.js'),
],
'findretros' => [
resources/themes/atom/views/community/photos.blade.php
+2 -3
View File
@@ -35,8 +35,7 @@
</div>
@push('javascript')
<script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
@endpush
<script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
<link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
</x-app-layout>
resources/themes/atom/views/components/messages/flash-messages.blade.php
+1 -1
View File
@@ -1,4 +1,4 @@
<script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
<script>
var Toast = Swal.mixin({
resources/themes/atom/views/draw-badge.blade.php
+1 -1
View File
@@ -344,7 +344,7 @@
</div>
</x-content.content-card>
</div>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.0/css/all.min.css" integrity="sha512-DxV+EoADOkOygM4IR9yXP8Sb2qwgidEmeqAEmDKIOfPRQZOWbXCzLC6vjbZyy0vPisbH2SyW27+ddLVCN+OMzQ==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<link rel="stylesheet" href="{{ config('habbo.cdn.fontawesome_css') }}" crossorigin="anonymous" referrerpolicy="no-referrer" />
<script src="{{ asset('js/gif/gif.js') }}"></script>
<style>
resources/themes/atom/views/index.blade.php
+2 -2
View File
@@ -39,8 +39,8 @@
</div>
@push('javascript')
<script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
<script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
@endpush
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
<link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
</x-app-layout>
resources/themes/atom/views/logo-generator.blade.php
+2 -2
View File
@@ -73,8 +73,8 @@
</div>
{{-- TODO: Selfhost --}}
<script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.3/html2canvas.min.js"></script>
<script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
<script src="{{ config('habbo.cdn.html2canvas_js') }}"></script>
<script>
function logoGenerator() {
return {
resources/themes/dusk/views/auth/register.blade.php
+2 -2
View File
@@ -183,6 +183,6 @@
usernameInput.addEventListener('keyup', updateAvatar);
</script>
<script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
<script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
<link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
</x-app-layout>
resources/themes/dusk/views/components/messages/flash-messages.blade.php
+1 -1
View File
@@ -1,4 +1,4 @@
<script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
<script>
var Toast = Swal.mixin({
resources/themes/dusk/views/draw-badge.blade.php
+1 -1
View File
@@ -135,7 +135,7 @@
</div>
</x-content.content-card>
</div>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/7.0.0/css/all.min.css" integrity="sha512-DxV+EoADOkOygM4IR9yXP8Sb2qwgidEmeqAEmDKIOfPRQZOWbXCzLC6vjbZyy0vPisbH2SyW27+ddLVCN+OMzQ==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<link rel="stylesheet" href="{{ config('habbo.cdn.fontawesome_css') }}" crossorigin="anonymous" referrerpolicy="no-referrer" />
<script src="{{ asset('js/gif/gif.js') }}"></script>
resources/themes/dusk/views/layouts/app.blade.php
+2 -2
View File
@@ -128,9 +128,9 @@
</div>
<x-footer />
<script src="{{ config('habbo.cdn.fancybox_js') }}"></script>
<script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js"></script>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.css" />
<link rel="stylesheet" href="{{ config('habbo.cdn.fancybox_css') }}" />
@stack('javascript')
resources/themes/dusk/views/logo-generator.blade.php
+2 -2
View File
@@ -73,8 +73,8 @@
</div>
{{-- TODO: Selfhost --}}
<script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.3/html2canvas.min.js"></script>
<script src="{{ config('habbo.cdn.sweetalert2_js') }}"></script>
<script src="{{ config('habbo.cdn.html2canvas_js') }}"></script>
<script>
function logoGenerator() {
return {
resources/views/community/radio/index.blade.php
+1 -1
View File
@@ -3,7 +3,7 @@
@section('title', __('radio.music') . ' - ' . config('app.name'))
@push('styles')
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fontsource/inter@4.x/400-700.css">
<link rel="stylesheet" href="{{ config('habbo.cdn.fontsource_inter_css') }}">
<style>
:root {
--radio-primary: {{ $primaryColor ?? '#eeb425' }};
resources/views/radio/embed.blade.php
+1 -1
View File
@@ -4,7 +4,7 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Radio Player</title>
<script defer src="https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js"></script>
<script defer src="{{ config('habbo.cdn.alpine_js') }}"></script>
<style>
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
body {