Initial commit

2026-03-23 21:37:59 +01:00
commit 2547717edb
2193 changed files with 972171 additions and 0 deletions
--- a/app/Http/Livewire/Admin/LogViewer.php
+++ b/app/Http/Livewire/Admin/LogViewer.php
@@ -0,0 +1,133 @@
+<?php
+
+namespace App\Http\Livewire\Admin;
+
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\File;
+use Livewire\Component;
+
+class LogViewer extends Component
+{
+    public $logFilename;
+    public $logContent = '';
+    public $message = '';
+    public $fileSize = '';
+    public $lastModified = '';
+    public $logTitle = '';
+
+    public function mount($logFilename, $logTitle = null)
+    {
+        // Security check: user must be authenticated
+        if (!Auth::check()) {
+            abort(403, 'Unauthorized');
+        }
+
+        // Security check: activeProfileType must be 'App\Models\Admin'
+        if (getActiveProfileType() !== 'Admin') {
+            abort(403, 'Unauthorized');
+        }
+
+        // Security check: user must own the active profile
+        $activeProfile = getActiveProfile();
+        if (!$activeProfile) {
+            abort(403, 'Unauthorized');
+        }
+
+        // CRITICAL SECURITY: Validate user has ownership/access to this profile
+        \App\Helpers\ProfileAuthorizationHelper::authorize($activeProfile);
+
+        $this->logFilename = $logFilename;
+        $this->logTitle = $logTitle ?? $logFilename;
+
+        $this->loadLogContent();
+    }
+
+    public function loadLogContent()
+    {
+        $logPath = storage_path('logs/' . $this->logFilename);
+
+        // Security: prevent directory traversal attacks
+        $realPath = realpath($logPath);
+        $logsDir = realpath(storage_path('logs'));
+
+        if (!$realPath || strpos($realPath, $logsDir) !== 0) {
+            $this->message = '<span class="font-bold text-red-500">Error:</span> Invalid log file path';
+            return;
+        }
+
+        if (file_exists($logPath)) {
+            // Get file info
+            $this->fileSize = $this->formatBytes(filesize($logPath));
+            $this->lastModified = date('Y-m-d H:i:s', filemtime($logPath));
+
+            // Load log content using tail (avoid file() which loads entire file into memory)
+            $logLines = (int) timebank_config('admin_settings.log_lines', 100);
+            $this->logContent = shell_exec("tail -n {$logLines} " . escapeshellarg($logPath));
+
+            $recentLines = explode("\n", $this->logContent ?? '');
+
+            // Check for warnings/errors in log content
+            $messages = [];
+            if (collect($recentLines)->contains(fn ($line) => stripos($line, 'WARNING') !== false)) {
+                $messages[] = '<span class="font-bold text-orange-500">Warning</span> detected in the recent log output';
+            }
+            if (collect($recentLines)->contains(fn ($line) => stripos($line, 'ERROR') !== false)) {
+                $messages[] = '<span class="font-bold text-red-500">Error</span> detected in the recent log output';
+            }
+            if (collect($recentLines)->contains(fn ($line) => stripos($line, 'CRITICAL') !== false)) {
+                $messages[] = '<span class="font-bold text-red-500">Critical</span> issue detected in the recent log output';
+            }
+            if (collect($recentLines)->contains(fn ($line) => stripos($line, 'ALERT') !== false)) {
+                $messages[] = '<span class="font-bold text-red-500">Alert</span> detected in the recent log output - IMMEDIATE ACTION REQUIRED';
+            }
+
+            if (!empty($messages)) {
+                $this->message = implode('<br>', $messages);
+            }
+        } else {
+            $this->message = '<span class="font-bold text-gray-500">Log file not found or empty</span>';
+        }
+    }
+
+    public function downloadLog()
+    {
+        $logPath = storage_path('logs/' . $this->logFilename);
+
+        // Security: prevent directory traversal attacks
+        $realPath = realpath($logPath);
+        $logsDir = realpath(storage_path('logs'));
+
+        if (!$realPath || strpos($realPath, $logsDir) !== 0) {
+            session()->flash('error', 'Invalid log file path');
+            return;
+        }
+
+        if (file_exists($logPath)) {
+            return response()->download($logPath, $this->logFilename . '-' . date('Y-m-d') . '.log');
+        }
+
+        session()->flash('error', 'Log file not found');
+    }
+
+    public function refreshLog()
+    {
+        $this->loadLogContent();
+        $this->dispatch('logRefreshed');
+    }
+
+    // Helper to format bytes
+    public function formatBytes($bytes, $precision = 2)
+    {
+        $units = ['B', 'KB', 'MB', 'GB', 'TB'];
+        $bytes = max($bytes, 0);
+        $pow = $bytes > 0 ? floor(log($bytes) / log(1024)) : 0;
+        $pow = min($pow, count($units) - 1);
+        $bytes /= (1 << (10 * $pow));
+        return round($bytes, $precision) . ' ' . $units[$pow];
+    }
+
+    public function render()
+    {
+        return view('livewire.admin.log-viewer');
+    }
+}