Rebase

README.fr.md

@@ -66,7 +66,44 @@ Modèle de données
 ## Installation
 
 - Procédure d'[installation](https://github.com/dbarzin/mercator/blob/master/INSTALL.fr.md) 
-- Déploiement sous [Docker](https://github.com/dbarzin/mercator/blob/master/docker/README.fr.md)
+
+### Docker
+
+Téléchargez d'abord l'image Docker.
+
+```Shell
+docker pull ghcr.io/dbarzin/mercator:latest
+```
+
+Ensuite, vous pouvez lancer une instance locale éphémère en mode développement (i.e. http) :
+
+```shell
+docker run -it --rm --name mercator -e APP_ENV=development -p "127.0.0.1:8000":80 ghcr.io/dbarzin/mercator:latest
+```
+
+Par défaut, il utilise un backend SQLite. Si vous voulez rendre les données persistantes :
+
+```Shell
+touch ./db.sqlite && chmod a+w ./db.sqlite
+docker run -it --rm --name mercator -e APP_ENV=development -p "127.0.0.1:8000":80 -v $PWD/db.sqlite:/var/www/mercator/db.sqlite ghcr.io/dbarzin/mercator:latest
+```
+
+Enfin, vous pouvez remplir la base de données avec des données de démonstration grâce à la variable d'environnement `USE_DEMO_DATA` :
+
+```shell
+touch ./db.sqlite && chmod a+w ./db.sqlite
+docker run -it --rm \
+           --name mercator \
+           -e APP_ENV=development \
+           -p "127.0.0.1:8000":80 \
+           -v $PWD/db.sqlite:/var/www/mercator/db.sqlite \
+           -e USE_DEMO_DATA=1 \
+           ghcr.io/dbarzin/mercator:latest
+```
+
+Visitez http://127.0.0.1:8000 !
+
+Si vous recherchez un environnement plus robuste (https) et automatisé, jetez un oeil au dossier [docker-compose](docker-compose/).
 
 ## Changelog
 

README.md

@@ -79,17 +79,17 @@ First download the docker image.
 docker pull ghcr.io/dbarzin/mercator:latest
 ```
 
-Then you can run an ephemeral local instance:
+Then you can run an ephemeral local instance in development mode (i.e. http):
 
 ```shell
-docker run -it --rm --name mercator -p "127.0.0.1:8000":80 ghcr.io/dbarzin/mercator:latest
+docker run -it --rm --name mercator -e APP_ENV=development -p "127.0.0.1:8000":80 ghcr.io/dbarzin/mercator:latest
 ```
 
 By default it uses an SQLite backend. If you want to make data persistent:
 
 ```shell
 touch ./db.sqlite && chmod a+w ./db.sqlite
-docker run -it --rm --name mercator -p "127.0.0.1:8000":80 -v $PWD/db.sqlite:/var/www/mercator/db.sqlite ghcr.io/dbarzin/mercator:latest
+docker run -it --rm --name mercator -e APP_ENV=development -p "127.0.0.1:8000":80 -v $PWD/db.sqlite:/var/www/mercator/db.sqlite ghcr.io/dbarzin/mercator:latest
 ```
 
 Finally you can populate the database with demo data through the `USE_DEMO_DATA` environment variable:
@@ -98,6 +98,7 @@ Finally you can populate the database with demo data through the `USE_DEMO_DATA`
 touch ./db.sqlite && chmod a+w ./db.sqlite
 docker run -it --rm \
            --name mercator \
+           -e APP_ENV=development \
            -p "127.0.0.1:8000":80 \
            -v $PWD/db.sqlite:/var/www/mercator/db.sqlite \
            -e USE_DEMO_DATA=1 \
@@ -106,6 +107,8 @@ docker run -it --rm \
 
 Visit http://127.0.0.1:8000 !
 
+If you are looking for a more robust (https) and automated environment, please have a look on [docker-compose](docker-compose/) folder.
+
 ## Changelog
 
 All notable changes to this project are [documented](https://github.com/dbarzin/mercator/blob/master/CHANGELOG.md).

app/Ldap/Rules/OnlySpecificUsers.php

@@ -11,7 +11,7 @@ class OnlySpecificUsers extends Rule
      *
      * @return bool
      */
-    public function isValid()
+    public function isValid(): bool
     {
         if (! config('app.ldap_groups')) {
             return true;

app/Ldap/Scopes/OnlyOrgUnitUser.php

@@ -16,7 +16,7 @@ class OnlyOrgUnitUser implements Scope
      *
      * @return void
      */
-    public function apply(Builder $query, Model $model)
+    public function apply(Builder $query, Model $model): void
     {
         if (! config('app.ldap_scope')) {
             return;

app/Providers/AuthServiceProvider.php

@@ -44,31 +44,11 @@ public function boot()
             Passport::personalAccessTokensExpireIn(now()->addHours(4));
         }
 
-        /*
-         *  Register one Gate per model for cartographers.
-         * */
-        /**
-         * Before check
-         */
-        /*
-        Gate::before(function (User $user, $ability) {
-            // check $ability before
-            if (!config('app.cartographers', false))
-                return false;
-            if ($ability==="is-cartographer-m-application")
-                // Si c'est un admin, on lui autorise toutes les applications
-                if ($user->getIsAdminAttribute())
-                    return true;
-                else
-                    return false;
-        });
-        */
-
         /**
          * MApplication
          */
         Gate::define('is-cartographer-m-application', function (User $user, MApplication $application) {
-            if (! config('app.cartographers', false)) {
+            if (! config('app.cartographers', false) || $user->isAdmin()) {
                 return true;
             }
             return $application->hasCartographer($user);

app/Services/CartographerService.php

@@ -4,6 +4,7 @@
 
 use App\MApplication;
 use App\Role;
+use App\User;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Config;
@@ -35,7 +36,7 @@ public function filterOnCartographers(Collection $applications): Collection
         // Maybe there's a way to TypeHint the authenticated user ? (\Illuminate\Contracts\Auth\Authenticatable user)
         $currentUser = Auth::user();
         // On ne filtre pas pour les admins
-        if (! $this->active || $currentUser->getIsAdminAttribute()) {
+        if (! $this->active || $currentUser->isAdmin()) {
             return $applications->sortBy('name')->pluck('name', 'id');
         }
 
@@ -53,27 +54,27 @@ public function filterOnCartographers(Collection $applications): Collection
      *
      * @param MApplication $application
      *
-     * @return bool
+     * @return void
      */
-    public function attributeCartographerRole(MApplication $application): bool
+    public function attributeCartographerRole(MApplication $application): void
     {
         if (! $this->active) {
-            return false;
+            return;
         }
 
         // On ne veut pas le créer s'il existe pas
         if (! ($role = Role::getRoleByTitle('Cartographer')) && ! ($role = Role::getRoleByTitle('Cartographe'))) {
-            return false;
+            return;
         }
 
+        /** @var User $cartographer */
         foreach ($application->cartographers as $cartographer) {
             // Pas besoin de le mettre sur les utilisateurs étant administrateurs
-            if ($cartographer->getIsAdminAttribute()) {
+            if ($cartographer->isAdmin()) {
                 continue;
             }
 
             $cartographer->addRole($role);
         }
-        return true;
     }
 }

app/Services/EventService.php

@@ -15,16 +15,18 @@ class EventService
     public function getLoadAppEvents(MApplication $application)
     {
         // Chargement des évènements triés
-        $application->load(['events' => function ($query) {
-            $query->orderBy('created_at', 'desc');
-        },
+        $application->load([
+            'events' => function ($query) {
+                $query->orderBy('created_at', 'desc');
+            },
         ]);
 
         // On veut le nom utilisateur pour chaque évènements
         foreach ($application->events as $event) {
-            $event->load(['user' => function ($query) {
-                $query->select('id', 'name');
-            },
+            $event->load([
+                'user' => function ($query) {
+                    $query->select('id', 'name');
+                },
             ]);
         }
     }

app/User.php

@@ -4,11 +4,12 @@
 
 use Carbon\Carbon;
 use DateTimeInterface;
-use Hash;
 use Illuminate\Auth\Notifications\ResetPassword;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
+use Illuminate\Support\Facades\Hash;
 use Laravel\Passport\HasApiTokens;
 use LdapRecord\Laravel\Auth\AuthenticatesWithLdap;
 use LdapRecord\Laravel\Auth\HasLdapUser;
@@ -19,7 +20,11 @@
  */
 class User extends Authenticatable implements LdapAuthenticatable
 {
-    use SoftDeletes, Notifiable, HasApiTokens, AuthenticatesWithLdap, HasLdapUser;
+    use AuthenticatesWithLdap;
+    use HasApiTokens;
+    use HasLdapUser;
+    use Notifiable;
+    use SoftDeletes;
 
     public $table = 'users';
 
@@ -28,7 +33,7 @@ class User extends Authenticatable implements LdapAuthenticatable
         'password',
     ];
 
-    protected $dates = [
+    protected array $dates = [
         'email_verified_at',
         'created_at',
         'updated_at',
@@ -48,16 +53,33 @@ class User extends Authenticatable implements LdapAuthenticatable
         'deleted_at',
     ];
 
+    /**
+     * Check if the User has the 'Admin' role, which is the first role in the app
+     * @return bool
+     */
+    public function isAdmin(): bool
+    {
+        foreach ($this->roles()->get() as $role) {
+            if ($role->id === 1) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     // Add some caching for roles
-    private $roles = null;
+    private ?BelongsToMany $cachedRoles = null;
 
-    public function getIsAdminAttribute(): bool
+    public function roles(): BelongsToMany
     {
-        return $this->roles()->where('id', 1)->exists();
+        if ($this->cachedRoles === null) {
+            $this->cachedRoles = $this->belongsToMany(Role::class);
+        }
+        return $this->cachedRoles;
     }
 
     /**
-     * Permet de check si un utilisateur a un role
+     * Check si un utilisateur a un role
      *
      * @param String|Role $role
      *
@@ -111,15 +133,6 @@ public function sendPasswordResetNotification($token)
     {
         $this->notify(new ResetPassword($token));
     }
-
-    public function roles()
-    {
-        if ($this->roles === null) {
-            return $this->roles = $this->belongsToMany(Role::class)->orderBy('title');
-        }
-        return $this->roles;
-    }
-
     public function m_applications()
     {
         return $this->belongsToMany(MApplication::class, 'cartographer_m_application');

resources/lang/fr/validation.php

@@ -89,13 +89,13 @@
     'password' => 'Le mot de passe est incorrect',
     'present' => ':attribute champ doit être présent.',
     'regex' => ":attribute n'est pas au bon format",
-    'required' => ':attribute champ est recquis.',
-    'required_if' => ':attribute champ est recquis lorsque :other est :value.',
-    'required_unless' => ':attribute champ est recquis à moins que :other est dans :values.',
-    'required_with' => ':attribute champ est recquis lorsque :values est présent.',
-    'required_with_all' => ':attribute champ est recquis lorsque :values est présent.',
-    'required_without' => ":attribute champ est recquis lorsque :values n'est pas présent.",
-    'required_without_all' => ':attribute champ est recquis lorsque aucun de :values sont présents',
+    'required' => ':attribute champ est requis.',
+    'required_if' => ':attribute champ est requis lorsque :other est :value.',
+    'required_unless' => ':attribute champ est requis à moins que :other est dans :values.',
+    'required_with' => ':attribute champ est requis lorsque :values est présent.',
+    'required_with_all' => ':attribute champ est requis lorsque :values est présent.',
+    'required_without' => ":attribute champ est requis lorsque :values n'est pas présent.",
+    'required_without_all' => ':attribute champ est requis lorsque aucun de :values sont présents',
     'reserved_word' => ':attribute contient un mot réservé.',
     'same' => ':attribute et :other doivent correspondre.',
     'size' => [

resources/views/admin/applications/create.blade.php

@@ -169,7 +169,7 @@
         <div class="row">
             <div class="col-md-4">
                 <div class="form-group">
-                    <label class="recommended" for="cartographers">{{ trans('cruds.application.fields.cartographers') }}</label>
+                    <label for="cartographers">{{ trans('cruds.application.fields.cartographers') }}</label>
                     <select class="form-control select2-free {{ $errors->has('cartographers') ? 'is-invalid' : '' }}" name="cartographers[]" id="cartographers" multiple>
                         @foreach($cartographers_list as $key => $cartographer)
                         <option value="{{ $key }}" {{ in_array($key, old('cartographers', [])) ? 'selected' : '' }}>{{ $cartographer }}</option>