remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b6fb43cba1263738dea57b76b871ee71a0ffff72
Atomcms-edit/routes/admin.php
T
root 4094f0fb14 Fix 40+ codebase issues: security, performance, duplication, dead code, and routes 
HIGH:
- Add missing import RadioSongRequestFormRequest (fixes crash on POST)
- Add Purify XSS sanitization for article full_story
- Fix duplicate radio API routes (/api/radio vs /api/radio/v2)
- Add try-catch guards in InstallationController for missing records

MEDIUM:
- Fix N+1: eager load comments.user in ArticleController::show()
- Fix GuestbookController authorization logic
- Remove dead doSetup() method and duplicate route
- Extract shared HasRadioDefaults trait (remove code duplication)
- Use named routes in ForceStaffTwoFactorMiddleware
- Fix WebsiteHelpCenterTicket::isOpen() (no permission leak)
- Enable  on WebsiteHelpCenterTicket (matches schema)
- Replace WebsiteTeam::all()->pluck() with direct pluck()
- Replace CatalogPage::all()->pluck() with direct pluck()
- Replace WebsiteBadge::all() with direct pluck()
- Add throttle middleware to guestbook store, logo-generator, radio embed

LOW:
- Remove unused imports
- Remove dead /inertia-test route
- Consolidate cache keys in RadioController
2026-06-08 18:56:34 +02:00

37 lines
2.2 KiB
PHP
Executable File
Raw Blame History

<?php
use App\Http\Controllers\Admin\RadioSetupController;
use App\Http\Controllers\Admin\RadioWizardController;
use App\Http\Controllers\Api\FurniEditorController;
use Illuminate\Support\Facades\Route;
// Admin radio setup
Route::prefix('admin')->middleware(['auth', 'admin.security'])->group(function () {
Route::get('/radio/setup', [RadioSetupController::class, 'index'])->name('admin.radio.setup');
Route::post('/radio/setup', [RadioSetupController::class, 'setup'])->name('admin.radio.setup.post');
Route::post('/radio/setup/reset', [RadioSetupController::class, 'reset'])->name('admin.radio.setup.reset');
// Radio wizard (multi-step)
Route::prefix('radio/wizard')->group(function () {
Route::get('/', [RadioWizardController::class, 'index'])->name('admin.radio.wizard');
Route::post('/step-1', [RadioWizardController::class, 'processStep1'])->name('admin.radio.wizard.process-step-1');
Route::get('/step/{step}', [RadioWizardController::class, 'step'])->name('admin.radio.wizard.step')->where('step', '[2-5]');
Route::post('/step-2', [RadioWizardController::class, 'processStep2'])->name('admin.radio.wizard.process-step-2');
Route::post('/step-3', [RadioWizardController::class, 'processStep3'])->name('admin.radio.wizard.process-step-3');
Route::post('/step-4', [RadioWizardController::class, 'processStep4'])->name('admin.radio.wizard.process-step-4');
Route::get('/test', [RadioWizardController::class, 'runTest'])->name('admin.radio.wizard.test');
Route::post('/complete', [RadioWizardController::class, 'complete'])->name('admin.radio.wizard.complete');
});
});
// Furni editor API
Route::prefix('api/admin/furni-editor')->middleware(['auth', 'admin.security', 'throttle:api'])->group(function () {
Route::get('/', [FurniEditorController::class, 'search']);
Route::post('/', [FurniEditorController::class, 'create']);
Route::get('/detail', [FurniEditorController::class, 'detail']);
Route::post('/update', [FurniEditorController::class, 'update']);
Route::post('/delete', [FurniEditorController::class, 'delete']);
Route::get('/interactions', [FurniEditorController::class, 'interactions']);
Route::get('/by-sprite', [FurniEditorController::class, 'bySprite']);
});
Reference in New Issue View Git Blame Copy Permalink