login admin backend min class configurable

app/Filament/Resources/System/SettingResource/Pages/EditSetting.php

@@ -8,6 +8,7 @@ use App\Models\HitAndRun;
 use App\Models\SearchBox;
 use App\Models\Setting;
 use App\Models\Tag;
+use App\Models\User;
 use App\Repositories\MeiliSearchRepository;
 use Filament\Facades\Filament;
 use Filament\Forms\ComponentContainer;
@@ -155,6 +156,11 @@ class EditSetting extends Page implements Forms\Contracts\HasForms
                     ->label(__('label.setting.system.is_invite_pre_email_and_username'))
                     ->helperText(__('label.setting.system.is_invite_pre_email_and_username_help'))
                 ,
+                Forms\Components\Select::make('system.access_admin_class_min')
+                    ->options(User::listClass(User::CLASS_VIP))
+                    ->label(__('label.setting.system.access_admin_class_min'))
+                    ->helperText(__('label.setting.system.access_admin_class_min_help'))
+                ,
             ])->columns(2);
 
         $tabs = apply_filter('nexus_setting_tabs', $tabs);

app/Models/User.php

@@ -547,7 +547,7 @@ class User extends Authenticatable implements FilamentUser, HasName
 
     public function canAccessAdmin(): bool
     {
-        $targetClass = self::CLASS_ADMINISTRATOR;
+        $targetClass = self::getAccessAdminClassMin();
         if (!$this->class || $this->class < $targetClass) {
             do_log(sprintf('user: %s, no class or class < %s, can not access admin.', $this->id, $targetClass));
             return false;
@@ -555,6 +555,11 @@ class User extends Authenticatable implements FilamentUser, HasName
         return true;
     }
 
+    public static function getAccessAdminClassMin()
+    {
+        return Setting::get("system.access_admin_class_min") ?: User::CLASS_ADMINISTRATOR;
+    }
+
     public function isDonating(): bool
     {
         $rawDonorUntil = $this->getRawOriginal('donoruntil');

include/constants.php

@@ -1,6 +1,6 @@
 <?php
 defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.8.7');
-defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-08-29');
+defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-09-03');
 defined('IN_TRACKER') || define('IN_TRACKER', false);
 defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
 defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");

include/functions.php

@@ -2671,7 +2671,7 @@ else {
                 <?php if($attendance){ printf(' <a href="attendance.php" class="">'.$lang_functions['text_attended'].'</a>', $attendance->points, $CURUSER['attendance_card']); }else{ printf(' <a href="attendance.php" class="faqlink">%s</a>', $lang_functions['text_attendance']);}?>
                 <a href="medal.php">[<?php echo nexus_trans('medal.label')?>]</a>
                 <font class = 'color_invite'><?php echo $lang_functions['text_invite'] ?></font>[<a href="invite.php?id=<?php echo $CURUSER['id']?>"><?php echo $lang_functions['text_send'] ?></a>]: <?php echo sprintf('%s(%s)', $CURUSER['invites'], \App\Models\Invite::query()->where('inviter', $CURUSER['id'])->where('invitee', '')->where('expired_at', '>', now())->count())?>
-                <?php if(get_user_class() >= \App\Models\User::CLASS_ADMINISTRATOR) printf('[<a href="%s" target="_blank">%s</a>]', nexus_env('FILAMENT_PATH', 'nexusphp'), $lang_functions['text_management_system'])?>
+                <?php if(get_user_class() >= \App\Models\User::getAccessAdminClassMin()) printf('[<a href="%s" target="_blank">%s</a>]', nexus_env('FILAMENT_PATH', 'nexusphp'), $lang_functions['text_management_system'])?>
                 <br />
 	            <font class="color_ratio"><?php echo $lang_functions['text_ratio'] ?></font> <?php echo $ratio?>
                 <font class='color_uploaded'><?php echo $lang_functions['text_uploaded'] ?></font> <?php echo mksize($CURUSER['uploaded'])?>

nexus/Install/settings.default.php

@@ -451,5 +451,6 @@ return array (
         'cookie_valid_days' => 365,
         'maximum_upload_speed' => 8000,
         'is_invite_pre_email_and_username' => 'No',
+        'access_admin_class_min' => User::CLASS_ADMINISTRATOR,
     ],
 );

resources/lang/en/label.php

@@ -104,6 +104,8 @@ return [
             'maximum_upload_speed_help' => 'A single torrent upload speed exceeding this value is instantly disabled for the account, in Mbps. For example: 100 Mbps = 12.5 MB/s',
             'is_invite_pre_email_and_username' => 'Invite whether to pre-book an email and username',
             'is_invite_pre_email_and_username_help' => "Default: 'No'. If pre-booked, email and username may not be changed when the user registers.",
+            'access_admin_class_min' => 'Minimum class for logging into admin backend',
+            'access_admin_class_min_help' => 'Default: administrator, users with a user class greater than or equal to the set value can log into the admin backend',
         ],
     ],
     'user' => [

resources/lang/zh_CN/label.php

@@ -104,6 +104,8 @@ return [
             'maximum_upload_speed_help' => '单种上传速度超过此值账号即刻禁用，单位 Mbps。如：100 Mbps = 12.5 MB/s',
             'is_invite_pre_email_and_username' => '邀请是否预定邮箱和用户名',
             'is_invite_pre_email_and_username_help' => "默认: 'No'。若预定，用户注册时不可修改邮箱和用户名",
+            'access_admin_class_min' => '登录管理后台最小等级',
+            'access_admin_class_min_help' => '默认：管理员，用户等级大于等于设定值的用户可以登录管理后台',
         ],
     ],
     'user' => [

resources/lang/zh_TW/label.php

@@ -104,6 +104,8 @@ return [
             'maximum_upload_speed_help' => '單種上傳速度超過此值賬號即刻禁用，單位 Mbps。如：100 Mbps = 12.5 MB/s',
             'is_invite_pre_email_and_username' => '邀請是否預定郵箱和用戶名',
             'is_invite_pre_email_and_username_help' => "默認: 'No'。若預定，用戶註冊時不可修改郵箱和用戶名",
+            'access_admin_class_min' => '登錄管理後臺最小等級',
+            'access_admin_class_min_help' => '默認：管理員，用戶等級大於等於設定值的用戶可以登錄管理後臺',
         ],
     ],
     'user' => [