From 40c7130cfbfd6e790f1df33a657cff2e1330c0d6 Mon Sep 17 00:00:00 2001
From: Akov <akov@deepwaterhooligans.com>
Date: Sat, 13 Jul 2024 16:39:01 -0700
Subject: [PATCH 1/2] Added log message for user status toggle Logged out
 inactive users, and redirected them to the login page

---
 .../Configuration/UserController.php          | 15 +++++-
 src/Http/Middleware/UserActive.php            | 47 +++++++++++++++++++
 src/Http/routes.php                           |  2 +-
 src/Models/User.php                           |  9 ++++
 src/WebServiceProvider.php                    |  5 ++
 5 files changed, 76 insertions(+), 2 deletions(-)
 create mode 100644 src/Http/Middleware/UserActive.php

diff --git a/src/Http/Controllers/Configuration/UserController.php b/src/Http/Controllers/Configuration/UserController.php
index 8a53d077b..38c0eace5 100644
--- a/src/Http/Controllers/Configuration/UserController.php
+++ b/src/Http/Controllers/Configuration/UserController.php
@@ -153,7 +153,20 @@ public function editUserAccountStatus(int $user_id)
     {
         $user = User::findOrFail($user_id);
 
-        $user->active = $user->active == false ? true : false;
+        if ($user->active == true){
+            $user->active = false;
+            event('security.log', [
+                'deactivated account for user ' . $user->name,
+                'userstatus',
+            ]);
+        } else {
+            $user->active = true;
+            event('security.log', [
+                'reactivated account for user ' . $user->name,
+                'userstatus',
+            ]);
+        }
+
         $user->save();
 
         return redirect()->back()
diff --git a/src/Http/Middleware/UserActive.php b/src/Http/Middleware/UserActive.php
new file mode 100644
index 000000000..bb91725dc
--- /dev/null
+++ b/src/Http/Middleware/UserActive.php
@@ -0,0 +1,47 @@
+<?php
+
+/*
+ * This file is part of SeAT
+ *
+ * Copyright (C) 2015 to present Leon Jacobs
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+namespace Seat\Web\Http\Middleware;
+
+use Closure;
+
+class UserActive
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     *
+     * @throws \Seat\Services\Exceptions\SettingException
+     */
+    public function handle($request, Closure $next)
+    {
+
+        if (!auth()->user()->isActive())
+            return redirect()->guest('auth/logout')
+                ->with('error', 'Account is administratively disabled.');
+
+        return $next($request);
+    }
+}
diff --git a/src/Http/routes.php b/src/Http/routes.php
index 0a3f7a902..6c94876d8 100644
--- a/src/Http/routes.php
+++ b/src/Http/routes.php
@@ -46,7 +46,7 @@
     // All routes from here require *at least* that the
     // user is authenticated. We also run the localization
     // related logic here for translation support.
-    Route::group(['middleware' => ['auth', 'locale']], function () {
+    Route::group(['middleware' => ['auth', 'locale', 'user.active']], function () {
 
         // The home route does not need any prefixes
         // and or namespacing modifications, so we will
diff --git a/src/Models/User.php b/src/Models/User.php
index 519a882f1..fd059d521 100644
--- a/src/Models/User.php
+++ b/src/Models/User.php
@@ -261,4 +261,13 @@ public function isAdmin(): bool
     {
         return $this->admin === true;
     }
+
+    /**
+     * Return whether the user is active or not.
+     * @return bool
+     */
+    public function isActive(): bool
+    {
+        return $this->active === true;
+    }
 }
diff --git a/src/WebServiceProvider.php b/src/WebServiceProvider.php
index 8c2a918ed..d1cccd242 100644
--- a/src/WebServiceProvider.php
+++ b/src/WebServiceProvider.php
@@ -58,6 +58,7 @@
 use Seat\Web\Http\Middleware\Authenticate;
 use Seat\Web\Http\Middleware\Locale;
 use Seat\Web\Http\Middleware\RegistrationAllowed;
+use Seat\Web\Http\Middleware\UserActive;
 use Seat\Web\Http\Middleware\Requirements;
 use Seat\Web\Models\Squads\SquadMember;
 use Seat\Web\Models\Squads\SquadRole;
@@ -275,6 +276,10 @@ private function add_middleware(Router $router)
         // Registration Middleware checks of the app is
         // allowing new user registration to occur.
         $router->aliasMiddleware('registration.status', RegistrationAllowed::class);
+
+        // UserActive Middleware checks if the user is active
+        // and redirects them to the login page if not.
+        $router->aliasMiddleware('user.active', UserActive::class);
     }
 
     /**

From d6494d987526a507b04b15ae26f9103124072f46 Mon Sep 17 00:00:00 2001
From: Akov stohs <akov@deepwaterhooligans.com>
Date: Sat, 13 Jul 2024 17:14:07 -0700
Subject: [PATCH 2/2] fixes for styleguide

---
 src/Http/Middleware/UserActive.php | 2 +-
 src/Models/User.php                | 1 +
 src/WebServiceProvider.php         | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/Http/Middleware/UserActive.php b/src/Http/Middleware/UserActive.php
index bb91725dc..f5b3a01f1 100644
--- a/src/Http/Middleware/UserActive.php
+++ b/src/Http/Middleware/UserActive.php
@@ -38,7 +38,7 @@ class UserActive
     public function handle($request, Closure $next)
     {
 
-        if (!auth()->user()->isActive())
+        if (! auth()->user()->isActive())
             return redirect()->guest('auth/logout')
                 ->with('error', 'Account is administratively disabled.');
 
diff --git a/src/Models/User.php b/src/Models/User.php
index fd059d521..f04463219 100644
--- a/src/Models/User.php
+++ b/src/Models/User.php
@@ -264,6 +264,7 @@ public function isAdmin(): bool
 
     /**
      * Return whether the user is active or not.
+     *
      * @return bool
      */
     public function isActive(): bool
diff --git a/src/WebServiceProvider.php b/src/WebServiceProvider.php
index d1cccd242..e4cc29787 100644
--- a/src/WebServiceProvider.php
+++ b/src/WebServiceProvider.php
@@ -58,8 +58,8 @@
 use Seat\Web\Http\Middleware\Authenticate;
 use Seat\Web\Http\Middleware\Locale;
 use Seat\Web\Http\Middleware\RegistrationAllowed;
-use Seat\Web\Http\Middleware\UserActive;
 use Seat\Web\Http\Middleware\Requirements;
+use Seat\Web\Http\Middleware\UserActive;
 use Seat\Web\Models\Squads\SquadMember;
 use Seat\Web\Models\Squads\SquadRole;
 use Seat\Web\Observers\CharacterAffiliationObserver;