Merge branch 'php8' into role

app/Console/Commands/NexusUpdate.php

@@ -70,7 +70,10 @@ class NexusUpdate extends Command
             if ($tag === 'dev') {
                 $url = "https://github.com/xiaomlove/nexusphp/archive/refs/heads/php8.zip";
             } else {
-                $url = "https://api.github.com/repos/xiaomlove/nexusphp/tarball/v$tag";
+                if (!str_starts_with($tag, 'v')) {
+                    $tag = "v$tag";
+                }
+                $url = "https://api.github.com/repos/xiaomlove/nexusphp/tarball/$tag";
             }
             $this->doLog("Specific tag: '$tag', download from '$url' and extra code, includes: " . implode(', ', $includes));
             $tmpPath = $this->update->downAndExtractCode($url, $includes);

app/Exceptions/Handler.php

@@ -41,14 +41,19 @@ class Handler extends ExceptionHandler
      */
     public function register()
     {
+        $this->reportable(function (InsufficientPermissionException $e) {
+            if (request()->expectsJson()) {
+                return response()->json(fail($e->getMessage(), request()->all()), 403);
+            } else {
+                return abort(403);
+            }
+        });
+
+        //Other Only handle in json request
         if (!request()->expectsJson()) {
             return;
         }
 
-        $this->reportable(function (Throwable $e) {
-            //
-        });
-
         $this->renderable(function (AuthenticationException $e) {
             return response()->json(fail($e->getMessage(), $e->guards()), 401);
         });
@@ -82,7 +87,7 @@ class Handler extends ExceptionHandler
     {
         $data = $request->all();
         $httpStatusCode = $this->getHttpStatusCode($e);
-        $msg = $e->getMessage();
+        $msg = $e->getMessage() ?: class_basename($e);
         $trace = $e->getTraceAsString();
         if (config('app.debug')) {
             $data['trace'] = $trace;

app/Http/Controllers/Controller.php

@@ -2,10 +2,13 @@
 
 namespace App\Http\Controllers;
 
+use App\Exceptions\InsufficientPermissionException;
+use App\Models\Setting;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Bus\DispatchesJobs;
 use Illuminate\Foundation\Validation\ValidatesRequests;
 use Illuminate\Routing\Controller as BaseController;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Str;
 
 class Controller extends BaseController
@@ -54,4 +57,11 @@ class Controller extends BaseController
         return Str::slug("$title.$action", '.');
     }
 
+    protected function checkPermission($permission)
+    {
+        if (Auth::user()->class < Setting::get($permission)) {
+            throw new InsufficientPermissionException();
+        }
+    }
+
 }

app/Http/Controllers/TorrentController.php

@@ -107,6 +107,7 @@ class TorrentController extends Controller
     public function approvalPage(Request $request)
     {
         $request->validate(['torrent_id' => 'required']);
+        $this->checkPermission('authority.torrentmanage');
         $torrentId = $request->torrent_id;
         $torrent = Torrent::query()->findOrFail($torrentId, Torrent::$commentFields);
         $denyReasons = TorrentDenyReason::query()->orderBy('priority', 'desc')->get();
@@ -116,6 +117,7 @@ class TorrentController extends Controller
     public function approvalLogs(Request $request)
     {
         $request->validate(['torrent_id' => 'required']);
+        $this->checkPermission('authority.torrentmanage');
         $torrentId = $request->torrent_id;
         $actionTypes = [
             TorrentOperationLog::ACTION_TYPE_APPROVAL_NONE,
@@ -140,8 +142,10 @@ class TorrentController extends Controller
             'torrent_id' => 'required',
             'approval_status' => 'required',
         ]);
+        $this->checkPermission('authority.torrentmanage');
         $params = $request->all();
         $this->repository->approval(Auth::user(), $params);
         return $this->success($params);
     }
+
 }

app/Providers/AuthServiceProvider.php

@@ -41,9 +41,6 @@ class AuthServiceProvider extends ServiceProvider
             return new NexusWebGuard($app['request'], new NexusWebUserProvider());
         });
 
-//        Bouncer::useAbilityModel(Permission::class);
-//        Bouncer::useRoleModel(Role::class);
-//        Bouncer::useUserModel(User::class);
     }
 
     private function getUserByCookie($cookie)

app/Repositories/TorrentRepository.php

@@ -479,6 +479,9 @@ class TorrentRepository extends BaseRepository
     public function approval($user, array $params): array
     {
         $user = $this->getUser($user);
+        if ($user->class < Setting::get('authority.torrentmanage')) {
+            throw new InsufficientPermissionException();
+        }
         $torrent = Torrent::query()->findOrFail($params['torrent_id'], ['id', 'banned', 'approval_status', 'visible', 'owner']);
         $lastLog = TorrentOperationLog::query()
             ->where('torrent_id', $params['torrent_id'])

include/constants.php

@@ -1,6 +1,6 @@
 <?php
-defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.7.21');
-defined('RELEASE_DATE') || define('RELEASE_DATE', '2022-08-16');
+defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.7.22');
+defined('RELEASE_DATE') || define('RELEASE_DATE', '2022-08-17');
 defined('IN_TRACKER') || define('IN_TRACKER', false);
 defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
 defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");

routes/web.php

@@ -17,7 +17,7 @@ Route::get('/', function () {
     return redirect('index.php');
 });
 
-Route::group(['prefix' => 'web', 'middleware' => ['auth.nexus:nexus', 'locale']], function () {
+Route::group(['prefix' => 'web', 'middleware' => ['auth.nexus:nexus-web', 'locale']], function () {
     Route::get('torrent-approval-page', [\App\Http\Controllers\TorrentController::class, 'approvalPage']);
     Route::get('torrent-approval-logs', [\App\Http\Controllers\TorrentController::class, 'approvalLogs']);
     Route::post('torrent-approval', [\App\Http\Controllers\TorrentController::class, 'approval']);