Merge pull request #897 from dbarzin/dev

Dev
dbarzin · Oct 11, 2024 · 7eb534d · 7eb534d
2 parents cad1f03 + d8996d1
commit 7eb534d
Show file tree

Hide file tree

Showing 18 changed files with 336 additions and 69 deletions.
diff --git a/ROADMAP.md b/ROADMAP.md
@@ -6,6 +6,7 @@ Changements prévus en 2024 :
 
 ## Evolutions majeures
 
+- [ ] Outil de dessin de la cartographie
 - [ ] Lien avec Monarc : générer un modèle d'analyse de risques pour Monarc
 - [ ] Ajouter une vue de l'adressage réseau [Hilbert Map of IPv4 address space](https://bl.ocks.org/vasturiano/8aceecba58f115c81853879a691fd94f), [Measuring the use of IPv4 space with Heatmaps](https://www.caida.org/archive/arin-heatmaps/) identifier le nombre de périphériques par sous-réseau.
 - [ ] Ajouter des champs personnalisés aux objets de la cartographie
@@ -14,8 +15,8 @@ Changements prévus en 2024 :
 - [ ] Identifier les chemins critiques
 - [ ] Exploiter les logs - recherche et afficher tout les changements d'un objet
 - [ ] Utiliser des [Accessor pour les Model](https://laravel.com/docs/9.x/eloquent-mutators#defining-a-mutator)
-- [ ] Généraliser la notion de cartographe à d'autres objets (cf.: https://laravel.com/docs/10.x/authorization)
-- [ ] Générer les cartographes dans la gestion des utilisateurs
+- [o] Généraliser la notion de cartographe à d'autres objets (cf.: https://laravel.com/docs/10.x/authorization)
+- [o] Générer les cartographes dans la gestion des utilisateurs
 - [ ] Intégration des données de la cartographie dans syslog
 - [ ] Revoir le modèle des pages web avec Intertia.js (https://laracasts.com/series/build-modern-laravel-apps-using-inertia-js)
 - [ ] Utiliser un modèle de document pour les rapports
@@ -24,7 +25,7 @@ Changements prévus en 2024 :
 ## Evolutions mineurs
 
 - [x] Amélorer l'exploration des objets (le filtre s'applique sur le double click)
-- [ ] Ajouter des objets logiques : https://github.com/dbarzin/mercator/discussions/733
+- [x] Ajouter des objets logiques : https://github.com/dbarzin/mercator/discussions/733
 - [x] Remplacer le champ libre éditeur par un lien vers la table entités et migrer la base de données
 - [ ] Packaging des librairies JavaScript avec [Laravel Mix](https://laravel-mix.com/).
 - [x] Dessiner un nouveau jeu d'icônes compatible GLPv3
@@ -38,15 +39,15 @@ Changements prévus en 2024 :
 - [x] Ajout des flux logiques
 - [ ] Afficher l'historique des changements d'un objet
 - [x] Cloner un objet
-- [ ] Ajout d'une chart Helm pour simplifier le déploiement dans Kubernetes (https://helm.sh/docs/topics/charts/)
 
 ## Petites évolutions
 
 - [ ] Améliorer les tests Dusk
 - [x] Documenter une procédure de déploiement sous Debian
 - [ ] Dark Theme
+- [ ] Ajout d'une chart Helm pour simplifier le déploiement dans Kubernetes (https://helm.sh/docs/topics/charts/)
 
-Changements réalisés en 2023 :
+# Changements réalisés en 2023 :
 
 ## Evolutions majeures
 
@@ -66,7 +67,7 @@ Changements réalisés en 2023 :
 - [x] Ajouter l'objet cluster de serveurs logiques
 - [x] Dans l'explorer, afficher les objets du menu déroulant en se basant sur le filtre de la vue  
 
-Changements réalisés en 2022 :
+# Changements réalisés en 2022 :
 
 ## Evolutions majeures
 

diff --git a/app/Http/Controllers/Admin/ExplorerController.php b/app/Http/Controllers/Admin/ExplorerController.php
@@ -63,9 +63,17 @@ public function explore(Request $request)
             }
         }
         // Workstation
-        $workstations = DB::table('workstations')->select('id', 'name', 'address_ip', 'building_id', 'site_id')->whereNull('deleted_at')->get();
+        $workstations = DB::table('workstations')->select('id', 'name', 'icon_id', 'address_ip', 'building_id', 'site_id')->whereNull('deleted_at')->get();
         foreach ($workstations as $workstation) {
-            $this->addNode($nodes, 6, $this->formatId('WORK_', $workstation->id), $workstation->name, '/images/workstation.png', 'workstations', $workstation->address_ip);
+            $this->addNode(
+                $nodes,
+                6,
+                $this->formatId('WORK_', $workstation->id),
+                $workstation->name,
+                $workstation->icon_id === null ? '/images/workstation.png' : route('admin.documents.show', $workstation->icon_id),
+                'workstations',
+                $workstation->address_ip
+            );
             if ($workstation->building_id !== null) {
                 $this->addLinkEdge($edges, $this->formatId('WORK_', $workstation->id), $this->formatId('BUILDING_', $workstation->building_id));
             } elseif ($workstation->site_id !== null) {
@@ -524,13 +532,13 @@ public function explore(Request $request)
         // Forest
         $forests = DB::table('forest_ads')->select('id', 'name', 'zone_admin_id')->whereNull('deleted_at')->get();
         foreach ($forests as $forest) {
-            $this->addNode($nodes, 4, $this->formatId('FOREST_', $forest->id), $forest->name, '/images/ldap.png', 'forests_ads');
+            $this->addNode($nodes, 4, $this->formatId('FOREST_', $forest->id), $forest->name, '/images/ldap.png', 'forests-ads');
             $this->addLinkEdge($edges, $this->formatId('FOREST_', $forest->id), $this->formatId('ZONE_', $forest->zone_admin_id));
         }
         // Domain
         $domains = DB::table('domaine_ads')->select('id', 'name')->whereNull('deleted_at')->get();
         foreach ($domains as $domain) {
-            $this->addNode($nodes, 4, $this->formatId('DOMAIN_', $domain->id), $domain->name, '/images/domain.png', 'domaine_ads');
+            $this->addNode($nodes, 4, $this->formatId('DOMAIN_', $domain->id), $domain->name, '/images/domain.png', 'domaine-ads');
         }
         // domaine_ad_forest_ad
         $joins = DB::table('domaine_ad_forest_ad')->select('forest_ad_id', 'domaine_ad_id')->get();
@@ -540,7 +548,7 @@ public function explore(Request $request)
         // AdminUsers
         $adminUsers = DB::table('admin_users')->select('id', 'user_id', 'domain_id')->whereNull('deleted_at')->get();
         foreach ($adminUsers as $adminUser) {
-            $this->addNode($nodes, 4, $this->formatId('USER_', $adminUser->id), $adminUser->user_id, '/images/user.png', 'admin_users');
+            $this->addNode($nodes, 4, $this->formatId('USER_', $adminUser->id), $adminUser->user_id, '/images/user.png', 'admin-users');
             if ($adminUser->domain_id !== null) {
                 $this->addLinkEdge($edges, $this->formatId('USER_', $adminUser->id), $this->formatId('DOMAIN_', $adminUser->domain_id));
             }

diff --git a/app/Http/Controllers/Admin/RolesController.php b/app/Http/Controllers/Admin/RolesController.php
@@ -8,6 +8,7 @@
 use App\Http\Requests\UpdateRoleRequest;
 use App\Permission;
 use App\Role;
+use App\User;
 use Gate;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\DB;
@@ -116,6 +117,9 @@ public function destroy(Role $role)
     {
         abort_if(Gate::denies('role_delete'), Response::HTTP_FORBIDDEN, '403 Forbidden');
 
+        // Role is used
+        abort_if($role->users()->count()>0, Response::HTTP_FORBIDDEN, '403 Forbidden');
+
         $role->delete();
 
         return redirect()->route('admin.roles.index');

diff --git a/app/Http/Controllers/Admin/WorkstationController.php b/app/Http/Controllers/Admin/WorkstationController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers\Admin;
 
+use App\Document;
 use App\Building;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\MassDestroyWorkstationRequest;
@@ -32,6 +33,9 @@ public function create()
         $sites = Site::all()->sortBy('name')->pluck('name', 'id')->prepend(trans('global.pleaseSelect'), '');
         $buildings = Building::all()->sortBy('name')->pluck('name', 'id')->prepend(trans('global.pleaseSelect'), '');
 
+        // Select icons
+        $icons = Workstation::select('icon_id')->whereNotNull('icon_id')->orderBy('icon_id')->distinct()->pluck('icon_id');
+
         $application_list = MApplication::orderBy('name')->pluck('name', 'id');
 
         $type_list = Workstation::select('type')
@@ -52,7 +56,9 @@ public function create()
 
         return view(
             'admin.workstations.create',
-            compact('sites', 'buildings', 'type_list', 'operating_system_list', 'cpu_list', 'application_list')
+            compact('sites', 'buildings', 'icons',
+                    'type_list', 'operating_system_list',
+                    'cpu_list', 'application_list')
         );
     }
 
@@ -63,6 +69,9 @@ public function clone(Request $request)
         $sites = Site::all()->sortBy('name')->pluck('name', 'id')->prepend(trans('global.pleaseSelect'), '');
         $buildings = Building::all()->sortBy('name')->pluck('name', 'id')->prepend(trans('global.pleaseSelect'), '');
 
+        // Get icons
+        $icons = Workstation::select('icon_id')->whereNotNull('icon_id')->orderBy('icon_id')->distinct()->pluck('icon_id');
+
         $application_list = MApplication::orderBy('name')->pluck('name', 'id');
 
         $type_list = Workstation::select('type')
@@ -92,13 +101,40 @@ public function clone(Request $request)
 
         return view(
             'admin.workstations.create',
-            compact('sites', 'buildings', 'type_list', 'operating_system_list', 'cpu_list', 'application_list')
+            compact('sites', 'buildings', 'icons', 'type_list',
+                    'operating_system_list', 'cpu_list', 'application_list')
         );
     }
 
     public function store(StoreWorkstationRequest $request)
     {
         $workstation = Workstation::create($request->all());
+
+        // Save icon
+        if (($request->files !== null) && $request->file('iconFile') !== null) {
+            $file = $request->file('iconFile');
+            // Create a new document
+            $document = new Document();
+            $document->filename = $file->getClientOriginalName();
+            $document->mimetype = $file->getClientMimeType();
+            $document->size = $file->getSize();
+            $document->hash = hash_file('sha256', $file->path());
+
+            // Save the document
+            $document->save();
+
+            // Move the file to storage
+            $file->move(storage_path('docs'), $document->id);
+
+            $workstation->icon_id = $document->id;
+        } elseif (preg_match('/^\d+$/', $request->iconSelect)) {
+            $workstation->icon_id = intval($request->iconSelect);
+        } else {
+            $workstation->icon_id = null;
+        }
+        $site->save();
+
+        // Sync applications
         $workstation->applications()->sync($request->input('applications', []));
 
         return redirect()->route('admin.workstations.index');
@@ -110,6 +146,7 @@ public function edit(Workstation $workstation)
 
         $sites = Site::all()->sortBy('name')->pluck('name', 'id')->prepend(trans('global.pleaseSelect'), '');
         $buildings = Building::all()->sortBy('name')->pluck('name', 'id')->prepend(trans('global.pleaseSelect'), '');
+        $icons = Workstation::select('icon_id')->whereNotNull('icon_id')->orderBy('icon_id')->distinct()->pluck('icon_id');
 
         $application_list = MApplication::orderBy('name')->pluck('name', 'id');
 
@@ -133,12 +170,38 @@ public function edit(Workstation $workstation)
 
         return view(
             'admin.workstations.edit',
-            compact('sites', 'buildings', 'workstation', 'type_list', 'operating_system_list', 'cpu_list', 'application_list')
+            compact(
+                'sites', 'buildings', 'icons',
+                'workstation', 'type_list', 'operating_system_list',
+                'cpu_list', 'application_list')
         );
     }
 
     public function update(UpdateWorkstationRequest $request, Workstation $workstation)
     {
+        // Save icon
+        if (($request->files !== null) && $request->file('iconFile') !== null) {
+            $file = $request->file('iconFile');
+            // Create a new document
+            $document = new Document();
+            $document->filename = $file->getClientOriginalName();
+            $document->mimetype = $file->getClientMimeType();
+            $document->size = $file->getSize();
+            $document->hash = hash_file('sha256', $file->path());
+
+            // Save the document
+            $document->save();
+
+            // Move the file to storage
+            $file->move(storage_path('docs'), $document->id);
+
+            $workstation->icon_id = $document->id;
+        } elseif (preg_match('/^\d+$/', $request->iconSelect)) {
+            $workstation->icon_id = intval($request->iconSelect);
+        } else {
+            $workstation->icon_id = null;
+        }
+
         $workstation->update($request->all());
         $workstation->applications()->sync($request->input('applications', []));
 

diff --git a/app/Role.php b/app/Role.php
@@ -40,6 +40,11 @@ public static function getRoleByTitle(string $title)
         return Role::whereTitle($title)->first();
     }
 
+    public function users()
+    {
+        return $this->belongsToMany(User::class);
+    }
+
     public function permissions()
     {
         return $this->belongsToMany(Permission::class);

diff --git a/app/Workstation.php b/app/Workstation.php
@@ -34,6 +34,7 @@ class Workstation extends Model
         'name',
         'type',
         'description',
+        'icon_id',
         'site_id',
         'building_id',
         'cpu',

diff --git a/database/migrations/2024_08_27_200851_normalize_storage_devices.php b/database/migrations/2024_08_27_200851_normalize_storage_devices.php
@@ -32,12 +32,18 @@ public function up(): void
     public function down(): void
     {
         Schema::table('storage_devices', function (Blueprint $table) {
-            $table->unsignedInteger('physical_switch_id')->nullable()->index('physical_switch_fk_4025543');
             $table->dropColumn('type');
         });
 
-        Schema::table('storage_devices', function (Blueprint $table) {
-            $table->foreign('physical_switch_id', 'physical_switch_fk_4025543')->references('id')->on('physical_switches')->onUpdate('NO ACTION')->onDelete('NO ACTION');
-        });
+        if (DB::getDriverName() !== 'sqlite') {
+            Schema::table('storage_devices', function (Blueprint $table) {
+                $table->unsignedInteger('physical_switch_id')->nullable()->index('physical_switch_fk_4025543');
+            });
+
+            Schema::table('storage_devices', function (Blueprint $table) {
+                $table->foreign('physical_switch_id', 'physical_switch_fk_4025543')->references('id')->on('physical_switches')->onUpdate('NO ACTION')->onDelete('NO ACTION');
+            });
+
+        }
     }
 };
diff --git a/database/seeders/PermissionRoleTableSeeder.php b/database/seeders/PermissionRoleTableSeeder.php
@@ -16,7 +16,8 @@ public function run()
         $user_permissions = $admin_permissions->filter(function ($permission) {
             return  substr($permission->title, 0, 5) != 'user_' &&
                     substr($permission->title, 0, 5) != 'role_' &&
-                    substr($permission->title, 0, 11) != 'permission_';
+                    substr($permission->title, 0, 11) != 'permission_' &&
+                    ($permission->title != "profile_password_edit");
         });
         Role::findOrFail(2)->permissions()->sync($user_permissions);
 
@@ -27,19 +28,22 @@ public function run()
                     (
                         substr($permission->title, strlen($permission->title)-5, strlen($permission->title)) == '_show' ||
                         substr($permission->title, strlen($permission->title)-7, strlen($permission->title)) == '_access'
-                    );
+                    ) &&
+                    ($permission->title != "profile_password_edit");
         });
         Role::findOrFail(3)->permissions()->sync($auditor_permissions);
 
         $cartographer_permissions = $admin_permissions->filter(function ($permission) {
-           return
+           return (
                str_starts_with($permission->title, 'papplication_') ||
                str_starts_with($permission->title, 'm_application_') ||
                str_starts_with($permission->title, 'application_service_') ||
                str_starts_with($permission->title, 'database_') ||
                str_starts_with($permission->title, 'flux_') ||
                str_starts_with($permission->title, 'application_block_') ||
-               str_starts_with($permission->title, 'application_module_');
+               str_starts_with($permission->title, 'application_module_')
+               ) &&
+               ($permission->title != "profile_password_edit");
         });
         Role::findOrFail(4)->permissions()->sync($cartographer_permissions);
     }

diff --git a/mercator_data.sql b/mercator_data.sql
@@ -1108,15 +1108,6 @@ INSERT INTO `peripherals` (`id`, `name`, `type`, `icon_id`, `description`, `vend
 /*!40000 ALTER TABLE `peripherals` ENABLE KEYS */;
 UNLOCK TABLES;
 
---
--- Dumping data for table `personal_access_tokens`
---
-
-LOCK TABLES `personal_access_tokens` WRITE;
-/*!40000 ALTER TABLE `personal_access_tokens` DISABLE KEYS */;
-/*!40000 ALTER TABLE `personal_access_tokens` ENABLE KEYS */;
-UNLOCK TABLES;
-
 --
 -- Dumping data for table `phones`
 --

diff --git a/resources/views/admin/applications/create.blade.php b/resources/views/admin/applications/create.blade.php
@@ -818,7 +818,7 @@ function generateCPEList(data) {
                 img: '/images/application.png',
                 imgWidth: '120px',
                 imgHeight: '120px',
-                selected: {{ old('icon_id') === -1 ? "true" : "false" }},
+                selected: {{ old('icon_id') === null ? "true" : "false" }},
             },
             @foreach($icons as $icon)
             {