161 lines
5.5 KiB
PHP
161 lines
5.5 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Livewire\Traits;
|
|
|
|
use App\Helpers\ProfileAuthorizationHelper;
|
|
use Illuminate\Support\Facades\Log;
|
|
|
|
/**
|
|
* Requires Admin Authorization Trait
|
|
*
|
|
* Provides reusable admin authorization checks for Livewire components.
|
|
* Prevents IDOR attacks and cross-guard access by validating every sensitive
|
|
* operation, not just the initial component mount.
|
|
*
|
|
* CRITICAL: mount() protection alone is insufficient because Livewire methods
|
|
* can be called directly after the component loads, bypassing mount() checks.
|
|
*
|
|
* Usage:
|
|
* 1. Add trait to component: use RequiresAdminAuthorization;
|
|
* 2. Call at start of sensitive methods: $this->authorizeAdminAccess();
|
|
*
|
|
* Example:
|
|
* public function deletePost($id)
|
|
* {
|
|
* $this->authorizeAdminAccess(); // CRITICAL: Check on every call
|
|
*
|
|
* // Safe to proceed with deletion
|
|
* Post::destroy($id);
|
|
* }
|
|
*/
|
|
trait RequiresAdminAuthorization
|
|
{
|
|
/**
|
|
* Cached authorization result to avoid repeated checks within same request
|
|
*
|
|
* @var bool|null
|
|
*/
|
|
private $adminAuthorizationChecked = null;
|
|
|
|
/**
|
|
* Authorize admin access for the current operation.
|
|
*
|
|
* This method MUST be called at the start of every sensitive operation
|
|
* (create, update, delete, etc.) to prevent unauthorized access.
|
|
*
|
|
* Validates:
|
|
* - Active profile exists in session
|
|
* - Profile ownership via ProfileAuthorizationHelper (prevents cross-guard attacks)
|
|
* - Admin or central bank (level=0) permissions
|
|
*
|
|
* @param bool $forceRecheck Force a new authorization check even if already checked
|
|
* @return void
|
|
* @throws \Symfony\Component\HttpKernel\Exception\HttpException (403 or 401)
|
|
*/
|
|
protected function authorizeAdminAccess(bool $forceRecheck = false): void
|
|
{
|
|
// Use cached result unless force recheck
|
|
if (!$forceRecheck && $this->adminAuthorizationChecked === true) {
|
|
return;
|
|
}
|
|
|
|
// Get active profile from session
|
|
$activeProfileType = session('activeProfileType');
|
|
$activeProfileId = session('activeProfileId');
|
|
|
|
if (!$activeProfileType || !$activeProfileId) {
|
|
Log::warning('RequiresAdminAuthorization: No active profile in session', [
|
|
'component' => static::class,
|
|
'method' => debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2)[1]['function'] ?? 'unknown',
|
|
'ip_address' => request()->ip(),
|
|
]);
|
|
|
|
abort(403, __('No active profile selected'));
|
|
}
|
|
|
|
$profile = $activeProfileType::find($activeProfileId);
|
|
|
|
if (!$profile) {
|
|
Log::warning('RequiresAdminAuthorization: Active profile not found', [
|
|
'component' => static::class,
|
|
'active_profile_type' => $activeProfileType,
|
|
'active_profile_id' => $activeProfileId,
|
|
'method' => debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2)[1]['function'] ?? 'unknown',
|
|
'ip_address' => request()->ip(),
|
|
]);
|
|
|
|
abort(403, __('Active profile not found'));
|
|
}
|
|
|
|
// Validate profile ownership using ProfileAuthorizationHelper
|
|
// This prevents cross-guard attacks (e.g., web user accessing admin profile)
|
|
ProfileAuthorizationHelper::authorize($profile);
|
|
|
|
// Verify admin or central bank permissions
|
|
if ($profile instanceof \App\Models\Admin) {
|
|
// Admin access OK
|
|
$this->adminAuthorizationChecked = true;
|
|
return;
|
|
}
|
|
|
|
if ($profile instanceof \App\Models\Bank) {
|
|
// Only central bank (level 0) can access admin functions
|
|
if ($profile->level === 0) {
|
|
$this->adminAuthorizationChecked = true;
|
|
return;
|
|
}
|
|
|
|
Log::warning('RequiresAdminAuthorization: Non-central bank attempted admin operation', [
|
|
'component' => static::class,
|
|
'method' => debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2)[1]['function'] ?? 'unknown',
|
|
'bank_id' => $profile->id,
|
|
'bank_level' => $profile->level,
|
|
'ip_address' => request()->ip(),
|
|
]);
|
|
|
|
abort(403, __('Central bank access required for admin operations'));
|
|
}
|
|
|
|
// Not admin or central bank
|
|
Log::warning('RequiresAdminAuthorization: Unauthorized profile type attempted admin operation', [
|
|
'component' => static::class,
|
|
'method' => debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2)[1]['function'] ?? 'unknown',
|
|
'profile_type' => get_class($profile),
|
|
'profile_id' => $profile->id,
|
|
'ip_address' => request()->ip(),
|
|
]);
|
|
|
|
abort(403, __('Admin or central bank access required'));
|
|
}
|
|
|
|
/**
|
|
* Reset authorization cache.
|
|
*
|
|
* Call this if you need to force a fresh authorization check
|
|
* (e.g., after switching profiles within the same component lifecycle).
|
|
*
|
|
* @return void
|
|
*/
|
|
protected function resetAdminAuthorization(): void
|
|
{
|
|
$this->adminAuthorizationChecked = null;
|
|
}
|
|
|
|
/**
|
|
* Check if admin access is authorized without throwing an exception.
|
|
*
|
|
* Useful for conditional UI rendering or feature availability checks.
|
|
*
|
|
* @return bool True if authorized, false otherwise
|
|
*/
|
|
protected function canPerformAdminActions(): bool
|
|
{
|
|
try {
|
|
$this->authorizeAdminAccess();
|
|
return true;
|
|
} catch (\Throwable $e) {
|
|
return false;
|
|
}
|
|
}
|
|
}
|