Gestion utilisateurs, limites recherche, filtres lieux/sources, fix logo prod
- Admin : CRUD complet utilisateurs (créer, modifier nom/email/mdp/rôle, supprimer) avec garde-fous (dernier admin, compte propre) - Recherche : limite configurable par l'admin (défaut 200), bannière d'avertissement quand la limite est atteinte, plus de pagination (résultats en bloc) - Lieux : liste non chargée sans filtre actif (performance sur grands volumes) - Sources : idem pour admin/responsables ; membres voient toujours leurs sources - Logo 404 prod : +FollowSymLinks dans .htaccess, storage:link dans l'assistant d'installation, bouton "Recréer le lien" dans Administration → Paramètres Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -162,13 +162,27 @@ class SettingController extends Controller
|
||||
public function updateSettings(Request $request): RedirectResponse
|
||||
{
|
||||
$data = $request->validate([
|
||||
'site_name' => ['nullable', 'string', 'max:100'],
|
||||
'site_name' => ['nullable', 'string', 'max:100'],
|
||||
'search_max_results' => ['nullable', 'integer', 'min:10', 'max:5000'],
|
||||
]);
|
||||
|
||||
$siteName = trim($data['site_name'] ?? '');
|
||||
SiteSettingsService::set('site_name', $siteName ?: null);
|
||||
SiteSettingsService::set('registration_enabled', $request->boolean('registration_enabled'));
|
||||
if (isset($data['search_max_results'])) {
|
||||
SiteSettingsService::set('search_max_results', (int) $data['search_max_results']);
|
||||
}
|
||||
|
||||
return back()->with('success', 'Paramètres enregistrés.');
|
||||
}
|
||||
|
||||
public function storageLink(): RedirectResponse
|
||||
{
|
||||
try {
|
||||
\Illuminate\Support\Facades\Artisan::call('storage:link');
|
||||
return back()->with('success', 'Lien de stockage public créé (public/storage → storage/app/public).');
|
||||
} catch (\Exception $e) {
|
||||
return back()->with('error', 'Impossible de créer le lien : ' . $e->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -208,6 +208,33 @@ class UserController extends Controller
|
||||
return view('admin.utilisateurs.import', compact('results', 'created', 'errors'));
|
||||
}
|
||||
|
||||
public function create(): View
|
||||
{
|
||||
return view('admin.utilisateurs.create');
|
||||
}
|
||||
|
||||
public function store(Request $request): RedirectResponse
|
||||
{
|
||||
$data = $request->validate([
|
||||
'name' => ['required', 'string', 'max:255'],
|
||||
'email' => ['required', 'email', 'max:255', 'unique:users,email'],
|
||||
'password' => ['required', 'string', 'min:8', 'confirmed'],
|
||||
'role' => ['required', new Enum(UserRole::class)],
|
||||
]);
|
||||
|
||||
$user = User::create([
|
||||
'name' => $data['name'],
|
||||
'email' => $data['email'],
|
||||
'password' => Hash::make($data['password']),
|
||||
'role' => $data['role'],
|
||||
'is_active' => true,
|
||||
'email_verified_at' => now(),
|
||||
]);
|
||||
|
||||
return redirect()->route('admin.utilisateurs.edit', $user)
|
||||
->with('success', 'Utilisateur créé.');
|
||||
}
|
||||
|
||||
public function edit(User $user): View
|
||||
{
|
||||
$user->load('sections', 'sourcesAssignees');
|
||||
@@ -217,24 +244,64 @@ class UserController extends Controller
|
||||
|
||||
public function update(Request $request, User $user): RedirectResponse
|
||||
{
|
||||
$data = $request->validate([
|
||||
'role' => ['required', new Enum(UserRole::class)],
|
||||
]);
|
||||
$isSelf = $user->id === auth()->id();
|
||||
|
||||
if ($user->id === auth()->id()) {
|
||||
return back()->with('error', 'Vous ne pouvez pas modifier votre propre rôle.');
|
||||
$rules = [
|
||||
'name' => ['required', 'string', 'max:255'],
|
||||
'email' => ['required', 'email', 'max:255', 'unique:users,email,' . $user->id],
|
||||
'role' => ['required', new Enum(UserRole::class)],
|
||||
];
|
||||
|
||||
if ($request->filled('password')) {
|
||||
$rules['password'] = ['string', 'min:8', 'confirmed'];
|
||||
$rules['password_confirmation'] = ['required'];
|
||||
}
|
||||
|
||||
if ($user->role === UserRole::Admin && $data['role'] !== UserRole::Admin->value) {
|
||||
$data = $request->validate($rules);
|
||||
|
||||
// Protection : retrait du dernier admin ou de son propre rôle
|
||||
if (! $isSelf && $user->role === UserRole::Admin && $data['role'] !== UserRole::Admin->value) {
|
||||
$adminCount = User::where('role', UserRole::Admin->value)->count();
|
||||
if ($adminCount <= 1) {
|
||||
return back()->with('error', 'Impossible de retirer le rôle admin au dernier administrateur.');
|
||||
}
|
||||
}
|
||||
|
||||
$user->update(['role' => $data['role']]);
|
||||
$update = [
|
||||
'name' => $data['name'],
|
||||
'email' => $data['email'],
|
||||
];
|
||||
|
||||
return back()->with('success', 'Rôle mis à jour.');
|
||||
if (! $isSelf) {
|
||||
$update['role'] = $data['role'];
|
||||
}
|
||||
|
||||
if ($request->filled('password')) {
|
||||
$update['password'] = Hash::make($data['password']);
|
||||
}
|
||||
|
||||
$user->update($update);
|
||||
|
||||
return back()->with('success', 'Utilisateur mis à jour.');
|
||||
}
|
||||
|
||||
public function destroy(User $user): RedirectResponse
|
||||
{
|
||||
if ($user->id === auth()->id()) {
|
||||
return back()->with('error', 'Vous ne pouvez pas supprimer votre propre compte.');
|
||||
}
|
||||
|
||||
if ($user->role === UserRole::Admin) {
|
||||
$adminCount = User::where('role', UserRole::Admin->value)->count();
|
||||
if ($adminCount <= 1) {
|
||||
return back()->with('error', 'Impossible de supprimer le dernier administrateur.');
|
||||
}
|
||||
}
|
||||
|
||||
$user->delete();
|
||||
|
||||
return redirect()->route('admin.utilisateurs.index')
|
||||
->with('success', 'Utilisateur supprimé.');
|
||||
}
|
||||
|
||||
public function toggleActive(User $user): RedirectResponse
|
||||
|
||||
Reference in New Issue
Block a user