fsr5-fhaachen · simonostendorf · Oct 24, 2023 · Oct 19, 2023 · Oct 20, 2023 · Oct 20, 2023
diff --git a/.env.example b/.env.example
@@ -3,7 +3,11 @@ APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
 APP_URL=http://localhost
-APP_VPN_IP=127.0.0.1
+APP_IS_VPN=false
+
+APP_PORTALS_URL=http://127.0.0.1:8000
+APP_PORTALS_API_SECRET=secret
+APP_PORTALS_IMPORT_PW=123
 
 TELEGRAM_BOT_TOKEN=
 TELEGRAM_BOT_INFO_CHANNEL_ID=

diff --git a/app/Http/Controllers/PortalsController.php b/app/Http/Controllers/PortalsController.php
@@ -0,0 +1,128 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Person;
+use GuzzleHttp\Client;
+use Illuminate\Http\Request;
+use Illuminate\Http\JsonResponse;
+
+
+class PortalsController extends Controller
+{
+    /**
+     * Validate request
+     *
+     * @param string $password
+     * @return boolean
+     */
+    public function validateRequest(string $password){
+        return $password == env('APP_PORTALS_IMPORT_PW');
+    }
+
+    /**
+     * validate auth token
+     *
+     * @param  Request $request
+     * 
+     * @return JsonResponse
+     */
+    public function importUsers(Request $request)
+    {
+        if (!$this->validateRequest($request->password)) {
+            return response()->json([
+                'message' => 'Unauthorized'
+            ], 401);
+        }
+
+
+        // call APP_PORTALS_URL
+        $client = new Client();
+        $response = $client->request('GET', env('APP_PORTALS_URL') . '/api/v1/users', [
+            'headers' => [
+                'Authorization' => env('APP_PORTALS_API_SECRET')
+            ]
+        ]);
+
+        // get status code
+        $statusCode = $response->getStatusCode();
+
+        if($statusCode != 200) {
+            return response()->json([
+                'message' => 'Unauthorized',
+                'status' => $statusCode
+            ], 401);
+        }
+
+        // get body
+        $body = $response->getBody()->getContents();
+
+        // get users
+        $users = json_decode($body, true)['users'];
+
+        // loop through users
+        foreach($users as $user) {
+            // check if Person with id exists if not create new Person
+            $person = Person::firstOrNew(['id' => $user['id']]);
+
+            // set attributes
+            if($person->id == null) {
+                $person->id = $user['id'];
+            }
+            $person->firstname = $user['firstname'];
+            $person->lastname = $user['lastname'];
+            $person->email = $user['email'];
+
+            // check if course is set
+            if(isset($user['course'])) {
+                $abbreviation = strtoupper($user['course']['abbreviation']);
+
+                // add fallbacks for other courses if abbreviation is not INF, ET, WI, DIB or MCD
+                if(!in_array($abbreviation, ['INF', 'ET', 'WI', 'DIB', 'MCD'])) {
+                    if($abbreviation == 'SBE') {
+                        $abbreviation = 'ET';
+                    } else if($abbreviation == 'ET-MASTER') {
+                        $abbreviation = 'ET';
+                    } else if($abbreviation == 'ISE-MASTER') {
+                        $abbreviation = 'INF';
+                    } else {
+                        $abbreviation = 'INF';
+                    }
+                }
+
+                $person->course = $abbreviation;
+            }
+
+            // import image
+            $person->img = (!empty($user['avatarUrl']) ? $user['avatarUrl'] : '');
+
+            // cheeck roles
+            $roles = $user['roles'];
+
+            // loop through roles
+            foreach($roles as $role) {
+                // check if role is tutor
+                if($role['name'] == 'tutor') {
+                    $person->is_tutor = true;
+                }
+                // check if role is special
+                if($role['name'] == 'special') {
+                    $person->is_special = true;
+                }
+            }
+
+            // set is_disabled
+            $person->is_disabled = $user['is_disabled'];
+
+            // save Person
+            $person->save();
+
+        }
+
+        // return response
+        return response()->json([
+            'message' => 'User imported',
+            'status' => $statusCode
+        ], 200);
+    }
+}
diff --git a/app/Http/Middleware/Vpn.php b/app/Http/Middleware/Vpn.php
@@ -18,12 +18,7 @@ class Vpn
     public function handle(Request $request, Closure $next)
     {
         // skip if not in production
-        if (app()->environment() !== 'production') {
-            return $next($request);
-        }
-
-
-        if (!$_SERVER['HTTP_X_REAL_IP'] || $_SERVER['HTTP_X_REAL_IP'] != env('APP_VPN_IP')) {
+        if (!env('APP_IS_VPN')) {
             return Redirect::route('error');
         }
 

diff --git a/app/Http/Middleware/VpnOrPerson.php b/app/Http/Middleware/VpnOrPerson.php
@@ -19,13 +19,8 @@ class VpnOrPerson
     public function handle(Request $request, Closure $next)
     {
         // skip if not in production
-        if (app()->environment() !== 'production') {
-            return $next($request);
-        }
-
-        if (!$_SERVER['HTTP_X_REAL_IP'] || ($_SERVER['HTTP_X_REAL_IP'] != env('APP_VPN_IP') &&
-            ($request->session()->missing('authToken') ||
-                !Person::where('auth_token', $request->session()->get('authToken'))->count()))
+        if (!env('APP_IS_VPN') && ($request->session()->missing('authToken') ||
+            !Person::where('auth_token', $request->session()->get('authToken'))->count())
         ) {
             return Redirect::route('error');
         }

diff --git a/app/Models/Person.php b/app/Models/Person.php
@@ -47,8 +47,8 @@ class Person extends Model
      */
     public function getImageAttribute()
     {
-        if (!empty($this->img) && file_exists(public_path() . '/images/' . $this->img)) {
-            return '/images/' . $this->img;
+        if (!empty($this->img)) {
+            return $this->img;
         } else {
             return '/images/default.jpg';
         }

diff --git a/app/Utils/Telegram.php b/app/Utils/Telegram.php
@@ -64,7 +64,7 @@ public static function sendMessage(string $channelID, string $message = null, Re
         // parse output
         $output = '';
         if ($request->ip()) {
-            $output .= '*IP:* `' . ($request->ip() == env('APP_VPN_IP') ? 'VPN' : $request->ip()) . '`' . PHP_EOL;
+            $output .= '*IP:* `' . (env('APP_IS_VPN') ? 'VPN' : $request->ip()) . '`' . PHP_EOL;
         }
         if ($person) {
             $output .= '*Person:* ' . $person->fullname . ' (ID: `' . $person->id . '`)' . PHP_EOL;

diff --git a/composer.json b/composer.json
@@ -6,6 +6,7 @@
     "license": "MIT",
     "require": {
         "php": "^7.3|^8.0",
+        "doctrine/dbal": "^3.7",
         "fruitcake/laravel-cors": "^2.0",
         "guzzlehttp/guzzle": "^7.0.1",
         "inertiajs/inertia-laravel": "^0.4.4",