You've already forked Atomcms-edit
root
91 lines
2.5 KiB
PHP
Executable File
91 lines
2.5 KiB
PHP
Executable File
<?php
|
|
|
|
namespace App\Services\Diagnostics;
|
|
|
|
use Illuminate\Support\Facades\File;
|
|
|
|
class SecurityDiagnostic
|
|
{
|
|
/**
|
|
* @return array<DiagnosticResult>
|
|
*/
|
|
public function runAll(): array
|
|
{
|
|
return [
|
|
$this->checkAppKey(),
|
|
$this->checkDebugMode(),
|
|
$this->checkEnvFile(),
|
|
$this->checkFilePermissions(),
|
|
];
|
|
}
|
|
|
|
public function checkAppKey(): DiagnosticResult
|
|
{
|
|
$key = config('app.key');
|
|
|
|
if (empty($key)) {
|
|
return DiagnosticResult::error('App Key', 'No application key set', 'Run: php artisan key:generate');
|
|
}
|
|
|
|
return DiagnosticResult::ok('App Key', 'Application key is set');
|
|
}
|
|
|
|
public function checkDebugMode(): DiagnosticResult
|
|
{
|
|
if (config('app.debug') && app()->environment('production')) {
|
|
return DiagnosticResult::error(
|
|
'Debug Mode',
|
|
'Debug mode is enabled in production',
|
|
'Set APP_DEBUG=false in .env'
|
|
);
|
|
}
|
|
|
|
return DiagnosticResult::ok('Debug Mode', 'Debug mode is ' . (config('app.debug') ? 'enabled (dev)' : 'disabled'));
|
|
}
|
|
|
|
public function checkEnvFile(): DiagnosticResult
|
|
{
|
|
$envPath = base_path('.env');
|
|
|
|
if (! File::exists($envPath)) {
|
|
return DiagnosticResult::error('.env File', '.env file not found', 'Copy .env.example to .env');
|
|
}
|
|
|
|
$content = File::get($envPath);
|
|
if (! str_contains($content, "\n") && strlen($content) > 500) {
|
|
return DiagnosticResult::warning(
|
|
'.env File',
|
|
'File appears to be on a single line',
|
|
'Ensure .env has proper line breaks'
|
|
);
|
|
}
|
|
|
|
return DiagnosticResult::ok('.env File', 'File exists and is properly formatted');
|
|
}
|
|
|
|
public function checkFilePermissions(): DiagnosticResult
|
|
{
|
|
$directories = [
|
|
storage_path(),
|
|
base_path('bootstrap/cache'),
|
|
];
|
|
|
|
$issues = [];
|
|
foreach ($directories as $dir) {
|
|
if (! is_writable($dir)) {
|
|
$issues[] = $dir;
|
|
}
|
|
}
|
|
|
|
if ($issues !== []) {
|
|
return DiagnosticResult::error(
|
|
'File Permissions',
|
|
'Not writable: ' . implode(', ', $issues),
|
|
'Run: chmod -R 775 storage bootstrap/cache'
|
|
);
|
|
}
|
|
|
|
return DiagnosticResult::ok('File Permissions', 'All directories are writable');
|
|
}
|
|
}
|