token permission config + fix getLogFile()

2026-04-15 05:00:49 +08:00 · 2025-05-02 21:15:00 +07:00
parent 14f06778b2
commit 6a3ed230df
11 changed files with 63 additions and 19 deletions
--- a/app/Filament/Resources/System/SettingResource/Pages/EditSetting.php
+++ b/app/Filament/Resources/System/SettingResource/Pages/EditSetting.php
@@ -2,15 +2,18 @@

 namespace App\Filament\Resources\System\SettingResource\Pages;

+use App\Auth\Permission;
 use App\Filament\OptionsTrait;
 use App\Filament\Resources\System\SettingResource;
 use App\Models\HitAndRun;
 use App\Models\SearchBox;
 use App\Models\Setting;
 use App\Models\User;
+use App\Repositories\TokenRepository;
 use Filament\Facades\Filament;
 use Filament\Resources\Pages\Page;
 use Filament\Forms;
+use Illuminate\Support\HtmlString;

 class EditSetting extends Page implements Forms\Contracts\HasForms
 {
@@ -103,12 +106,12 @@ class EditSetting extends Page implements Forms\Contracts\HasForms
                Forms\Components\Radio::make('backup.frequency')->options(['daily' => 'daily', 'hourly' => 'hourly'])->inline(true)->label(__('label.setting.backup.frequency'))->helperText(__('label.setting.backup.frequency_help')),
                Forms\Components\Select::make('backup.hour')->options(range(0, 23))->label(__('label.setting.backup.hour'))->helperText(__('label.setting.backup.hour_help')),
                Forms\Components\Select::make('backup.minute')->options(range(0, 59))->label(__('label.setting.backup.minute'))->helperText(__('label.setting.backup.minute_help')),
-                Forms\Components\TextInput::make('backup.google_drive_client_id')->label(__('label.setting.backup.google_drive_client_id')),
-                Forms\Components\TextInput::make('backup.google_drive_client_secret')->label(__('label.setting.backup.google_drive_client_secret')),
-                Forms\Components\TextInput::make('backup.google_drive_refresh_token')->label(__('label.setting.backup.google_drive_refresh_token')),
-                Forms\Components\TextInput::make('backup.google_drive_folder_id')->label(__('label.setting.backup.google_drive_folder_id')),
-                Forms\Components\Radio::make('backup.via_ftp')->options(self::$yesOrNo)->inline(true)->label(__('label.setting.backup.via_ftp'))->helperText(__('label.setting.backup.via_ftp_help')),
-                Forms\Components\Radio::make('backup.via_sftp')->options(self::$yesOrNo)->inline(true)->label(__('label.setting.backup.via_sftp'))->helperText(__('label.setting.backup.via_sftp_help')),
+//                Forms\Components\TextInput::make('backup.google_drive_client_id')->label(__('label.setting.backup.google_drive_client_id')),
+//                Forms\Components\TextInput::make('backup.google_drive_client_secret')->label(__('label.setting.backup.google_drive_client_secret')),
+//                Forms\Components\TextInput::make('backup.google_drive_refresh_token')->label(__('label.setting.backup.google_drive_refresh_token')),
+//                Forms\Components\TextInput::make('backup.google_drive_folder_id')->label(__('label.setting.backup.google_drive_folder_id')),
+                Forms\Components\Radio::make('backup.via_ftp')->options(self::$yesOrNo)->inline(true)->label(__('label.setting.backup.via_ftp'))->helperText(new HtmlString(__('label.setting.backup.via_ftp_help'))),
+                Forms\Components\Radio::make('backup.via_sftp')->options(self::$yesOrNo)->inline(true)->label(__('label.setting.backup.via_sftp'))->helperText(new HtmlString(__('label.setting.backup.via_sftp_help'))),
            ])->columns(2);

        $tabs[] = Forms\Components\Tabs\Tab::make(__('label.setting.seed_box.tab_header'))
@@ -134,6 +137,12 @@ class EditSetting extends Page implements Forms\Contracts\HasForms
            ->schema($this->getTabImageHostingSchema($id))
            ->columns(2)
        ;
+        $id = "permission";
+        $tabs[] = Forms\Components\Tabs\Tab::make(__("label.setting.$id.tab_header"))
+            ->id($id)
+            ->schema($this->getTabPermissionSchema($id))
+            ->columns(2)
+        ;

        $tabs[] = Forms\Components\Tabs\Tab::make(__('label.setting.system.tab_header'))
            ->id('system')
@@ -277,6 +286,22 @@ class EditSetting extends Page implements Forms\Contracts\HasForms
        $schema[] = $driverSection;


+        return $schema;
+    }
+
+    private function getTabPermissionSchema($id): array
+    {
+        $schema = [];
+
+        $name = "$id.user_token_allowed";
+        $schema[] = Forms\Components\CheckboxList::make($name)
+            ->options(TokenRepository::listUserTokenPermissions())
+            ->label(__("label.setting.{$name}"))
+            ->helperText(__("label.setting.{$name}_help"))
+            ->columns(2)
+        ;
+
+
        return $schema;
    }

--- a/app/Http/Controllers/ToolController.php
+++ b/app/Http/Controllers/ToolController.php
@@ -33,6 +33,7 @@ class ToolController extends Controller
    public function test(Request $request)
    {
        $result = ['id' => 1];
+        $result['logFile'] = getLogFile();
        $resource = new JsonResource($result);
        return $this->success($resource);
    }
--- a/app/Logging/NexusFormatter.php
+++ b/app/Logging/NexusFormatter.php
@@ -18,6 +18,7 @@ class NexusFormatter
        if (nexus()) {
            $id = nexus()->getRequestId();
        }
+        $id .= " -> " . getLogFile();
        $format = "[%datetime%] [" . $id . "] %channel%.%level_name%: %message% %context% %extra%\n";
        return tap(new LineFormatter($format, 'Y-m-d H:i:s', true, true), function ($formatter) {
            $formatter->includeStacktraces();
--- a/app/Repositories/TokenRepository.php
+++ b/app/Repositories/TokenRepository.php
@@ -12,7 +12,7 @@ class TokenRepository extends BaseRepository
        RoutePermissionEnum::USER_VIEW,
    ];

-    public function listUserTokenPermissions(): array
+    public static function listUserTokenPermissions(): array
    {
        $result = [];
        foreach (self::$userTokenPermissions as $permission) {
--- a/include/constants.php
+++ b/include/constants.php
@@ -1,6 +1,6 @@
 <?php
 defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.9.0');
-defined('RELEASE_DATE') || define('RELEASE_DATE', '2025-05-01');
+defined('RELEASE_DATE') || define('RELEASE_DATE', '2025-05-02');
 defined('IN_TRACKER') || define('IN_TRACKER', false);
 defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
 defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");
--- a/include/functions.php
+++ b/include/functions.php
@@ -46,7 +46,6 @@ function get_langfile_path($script_name ="", $target = false, $lang_folder = "")
 		$lang_folder = $CURLANGDIR;
 	}
 	$result = "lang/" . ($target == false ? $lang_folder : "_target") ."/lang_". ( $script_name == "" ? substr(strrchr($_SERVER['SCRIPT_NAME'],'/'),1) : $script_name);
-    do_log($result);
    return $result;
 }

--- a/include/globalfunctions.php
+++ b/include/globalfunctions.php
@@ -242,19 +242,23 @@ function getLogFile($append = '')
    if (isset($logFiles[$append])) {
        return $logFiles[$append];
    }
-    $config = nexus_config('nexus');
-    if (!empty($config['log_file']) && in_array($config['log_file'], ["php://stdout", "php://stderr"])) {
-        return $logFiles[$append] = $config['log_file'];
+    $std = ["php://stdout", "php://stderr"];
+    $logFileFromDotEnv = nexus_env('LOG_FILE');
+    if ($logFileFromDotEnv && in_array($logFileFromDotEnv, $std)) {
+        return $logFiles[$append] = $logFileFromDotEnv;
    }
    $path = getenv('NEXUS_LOG_DIR', true);
+    if (in_array($path, $std)) {
+        return $logFiles[$append] = $path;
+    }
    $fromEnv = true;
    if ($path === false) {
        $fromEnv = false;
        $path = sys_get_temp_dir();
    }
    $logFile = rtrim($path, '/') . '/nexus.log';
-    if (!$fromEnv && !empty($config['log_file'])) {
-        $logFile = $config['log_file'];
+    if (!$fromEnv && $logFileFromDotEnv) {
+        $logFile = $logFileFromDotEnv;
    }
    $lastDotPos = strrpos($logFile, '.');
    if ($lastDotPos !== false) {
--- a/public/usercp.php
+++ b/public/usercp.php
@@ -1128,8 +1128,7 @@ JS;
 //end seed box

 //token start
-$tokenRep = new \App\Repositories\TokenRepository();
-$permissions = $tokenRep->listUserTokenPermissions();
+$permissions = \App\Repositories\TokenRepository::listUserTokenPermissions();
 $permissionOptions = [];
 foreach ($permissions as $name => $label) {
    $permissionOptions[] = sprintf('<label><input type="checkbox" name="permissions[]" value="%s">%s</label>', $name, $label);
--- a/resources/lang/en/label.php
+++ b/resources/lang/en/label.php
@@ -124,7 +124,12 @@ return [
            'upload_api_endpoint' => 'Upload interface address',
            'base_url' => 'Image URL prefix',
            'upload_token' => 'Upload token',
-        ]
+        ],
+        'permission' => [
+            'tab_header' => 'Permission',
+            'user_token_allowed' => 'Permission available to user token',
+            'user_token_allowed_help' => 'User token has no right to invoke without permission from this tabular list',
+        ],
    ],
    'user' => [
        'label' => 'User',
--- a/resources/lang/zh_CN/label.php
+++ b/resources/lang/zh_CN/label.php
@@ -124,7 +124,12 @@ return [
            'upload_api_endpoint' => '上传接口地址',
            'base_url' => '图片 URL 前缀',
            'upload_token' => '上传令牌',
-        ]
+        ],
+        'permission' => [
+            'tab_header' => '权限',
+            'user_token_allowed' => '用户 token 可用权限',
+            'user_token_allowed_help' => '不在此列表的权限，用户 token 无权调用',
+        ],
    ],
    'user' => [
        'label' => '用户',
--- a/resources/lang/zh_TW/label.php
+++ b/resources/lang/zh_TW/label.php
@@ -124,7 +124,12 @@ return [
            'upload_api_endpoint' => '上傳接口地址',
            'base_url' => '圖片 URL 前綴',
            'upload_token' => '上傳令牌',
-        ]
+        ],
+        'permission' => [
+            'tab_header' => '權限',
+            'user_token_allowed' => '用戶 token 可用權限',
+            'user_token_allowed_help' => '不在此列表的權限，用戶 token 無權調用',
+        ],
    ],
    'user' => [
        'label' => '用戶',