2024-03-28 18:14:30 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Http\Requests\Integration;
|
|
|
|
|
|
Email spam security (#641)
* Add hCaptcha on register page
* register page captcha test cases
* Refactor integration validation rules to include form context
- Updated the `getValidationRules` method in various integration handlers (Discord, Email, Google Sheets, Slack, Webhook, Zapier) to accept an optional `Form` parameter, allowing for context-aware validation.
- Enhanced the `EmailIntegration` handler to enforce restrictions based on user plans, ensuring free users can only create one email integration per form and can only send to a single email address.
- Added a new test suite for `EmailIntegration` to validate the new restrictions and ensure proper functionality for both free and pro users.
- Introduced loading state management in the `IntegrationModal` component to improve user experience during save operations.
These changes improve the flexibility and user experience of form integrations, particularly for email handling.
* for self-hosted ignore emil validation for spam
* fix pint
* ignore register throttle for testing env
* support new migration for mysql also
* Register page captcha enable if captcha key set
* fix test case
* fix test case
* fix test case
* fix pint
* Refactor RegisterController middleware and update TestCase setup
- Removed environment check for throttling middleware in RegisterController, ensuring consistent rate limiting for the registration endpoint.
- Updated TestCase to disable throttle middleware during tests, allowing for more flexible testing scenarios without rate limiting interference.
* Enhance hCaptcha integration in tests and configuration
- Added hCaptcha site and secret keys to phpunit.xml for testing purposes.
- Updated RegisterTest to configure hCaptcha secret key dynamically, ensuring proper token validation in production environment.
These changes improve the testing setup for hCaptcha, facilitating more accurate simulation of production conditions.
---------
Co-authored-by: Julien Nahum <julien@nahum.net>
2024-12-18 13:16:27 +01:00
|
|
|
use App\Models\Forms\Form;
|
2024-03-28 18:14:30 +01:00
|
|
|
use App\Models\Integration\FormIntegration;
|
|
|
|
|
use App\Rules\IntegrationLogicRule;
|
|
|
|
|
use Illuminate\Foundation\Http\FormRequest;
|
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
|
use Illuminate\Support\Str;
|
|
|
|
|
use Illuminate\Validation\Rule;
|
|
|
|
|
|
|
|
|
|
class FormIntegrationsRequest extends FormRequest
|
|
|
|
|
{
|
|
|
|
|
public array $integrationRules = [];
|
|
|
|
|
|
|
|
|
|
private ?string $integrationClassName = null;
|
Email spam security (#641)
* Add hCaptcha on register page
* register page captcha test cases
* Refactor integration validation rules to include form context
- Updated the `getValidationRules` method in various integration handlers (Discord, Email, Google Sheets, Slack, Webhook, Zapier) to accept an optional `Form` parameter, allowing for context-aware validation.
- Enhanced the `EmailIntegration` handler to enforce restrictions based on user plans, ensuring free users can only create one email integration per form and can only send to a single email address.
- Added a new test suite for `EmailIntegration` to validate the new restrictions and ensure proper functionality for both free and pro users.
- Introduced loading state management in the `IntegrationModal` component to improve user experience during save operations.
These changes improve the flexibility and user experience of form integrations, particularly for email handling.
* for self-hosted ignore emil validation for spam
* fix pint
* ignore register throttle for testing env
* support new migration for mysql also
* Register page captcha enable if captcha key set
* fix test case
* fix test case
* fix test case
* fix pint
* Refactor RegisterController middleware and update TestCase setup
- Removed environment check for throttling middleware in RegisterController, ensuring consistent rate limiting for the registration endpoint.
- Updated TestCase to disable throttle middleware during tests, allowing for more flexible testing scenarios without rate limiting interference.
* Enhance hCaptcha integration in tests and configuration
- Added hCaptcha site and secret keys to phpunit.xml for testing purposes.
- Updated RegisterTest to configure hCaptcha secret key dynamically, ensuring proper token validation in production environment.
These changes improve the testing setup for hCaptcha, facilitating more accurate simulation of production conditions.
---------
Co-authored-by: Julien Nahum <julien@nahum.net>
2024-12-18 13:16:27 +01:00
|
|
|
private ?Form $form = null;
|
2024-03-28 18:14:30 +01:00
|
|
|
|
|
|
|
|
public function __construct(Request $request)
|
|
|
|
|
{
|
Email spam security (#641)
* Add hCaptcha on register page
* register page captcha test cases
* Refactor integration validation rules to include form context
- Updated the `getValidationRules` method in various integration handlers (Discord, Email, Google Sheets, Slack, Webhook, Zapier) to accept an optional `Form` parameter, allowing for context-aware validation.
- Enhanced the `EmailIntegration` handler to enforce restrictions based on user plans, ensuring free users can only create one email integration per form and can only send to a single email address.
- Added a new test suite for `EmailIntegration` to validate the new restrictions and ensure proper functionality for both free and pro users.
- Introduced loading state management in the `IntegrationModal` component to improve user experience during save operations.
These changes improve the flexibility and user experience of form integrations, particularly for email handling.
* for self-hosted ignore emil validation for spam
* fix pint
* ignore register throttle for testing env
* support new migration for mysql also
* Register page captcha enable if captcha key set
* fix test case
* fix test case
* fix test case
* fix pint
* Refactor RegisterController middleware and update TestCase setup
- Removed environment check for throttling middleware in RegisterController, ensuring consistent rate limiting for the registration endpoint.
- Updated TestCase to disable throttle middleware during tests, allowing for more flexible testing scenarios without rate limiting interference.
* Enhance hCaptcha integration in tests and configuration
- Added hCaptcha site and secret keys to phpunit.xml for testing purposes.
- Updated RegisterTest to configure hCaptcha secret key dynamically, ensuring proper token validation in production environment.
These changes improve the testing setup for hCaptcha, facilitating more accurate simulation of production conditions.
---------
Co-authored-by: Julien Nahum <julien@nahum.net>
2024-12-18 13:16:27 +01:00
|
|
|
$this->form = Form::findOrFail(request()->route('id'));
|
2024-03-28 18:14:30 +01:00
|
|
|
if ($request->integration_id) {
|
|
|
|
|
// Load integration class, and get rules
|
|
|
|
|
$integration = FormIntegration::getIntegration($request->integration_id);
|
|
|
|
|
if ($integration && isset($integration['file_name']) && class_exists(
|
2024-06-05 15:35:46 +02:00
|
|
|
'App\Integrations\Handlers\\' . $integration['file_name']
|
2024-03-28 18:14:30 +01:00
|
|
|
)) {
|
2024-06-05 15:35:46 +02:00
|
|
|
$this->integrationClassName = 'App\Integrations\Handlers\\' . $integration['file_name'];
|
2024-03-28 18:14:30 +01:00
|
|
|
$this->loadIntegrationRules();
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
throw new \Exception('Unknown Integration!');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the validation rules that apply to the request.
|
|
|
|
|
*
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public function rules()
|
|
|
|
|
{
|
|
|
|
|
return array_merge([
|
|
|
|
|
'integration_id' => ['required', Rule::in(array_keys(FormIntegration::getAllIntegrations()))],
|
2024-06-05 15:35:46 +02:00
|
|
|
'oauth_id' => [
|
|
|
|
|
$this->isOAuthRequired() ? 'required' : 'nullable',
|
|
|
|
|
Rule::exists('oauth_providers', 'id')
|
|
|
|
|
],
|
2024-03-28 18:14:30 +01:00
|
|
|
'settings' => 'present|array',
|
|
|
|
|
'status' => 'required|boolean',
|
2024-06-05 15:35:46 +02:00
|
|
|
'logic' => [new IntegrationLogicRule()],
|
2024-03-28 18:14:30 +01:00
|
|
|
], $this->integrationRules);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Give the validated fields a better "human-readable" name
|
|
|
|
|
*
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public function attributes()
|
|
|
|
|
{
|
2024-06-05 15:35:46 +02:00
|
|
|
$attributes = $this->integrationClassName::getValidationAttributes();
|
|
|
|
|
|
2024-03-28 18:14:30 +01:00
|
|
|
$fields = [];
|
|
|
|
|
foreach ($this->rules() as $key => $value) {
|
2024-06-05 15:35:46 +02:00
|
|
|
$fields[$key] = $attributes[$key] ?? Str::of($key)
|
2024-03-28 18:14:30 +01:00
|
|
|
->replace('settings.', '')
|
2024-06-05 15:35:46 +02:00
|
|
|
->headline()
|
|
|
|
|
->toString();
|
2024-03-28 18:14:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $fields;
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-05 15:35:46 +02:00
|
|
|
protected function isOAuthRequired(): bool
|
|
|
|
|
{
|
|
|
|
|
return $this->integrationClassName::isOAuthRequired();
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-28 18:14:30 +01:00
|
|
|
private function loadIntegrationRules()
|
|
|
|
|
{
|
Email spam security (#641)
* Add hCaptcha on register page
* register page captcha test cases
* Refactor integration validation rules to include form context
- Updated the `getValidationRules` method in various integration handlers (Discord, Email, Google Sheets, Slack, Webhook, Zapier) to accept an optional `Form` parameter, allowing for context-aware validation.
- Enhanced the `EmailIntegration` handler to enforce restrictions based on user plans, ensuring free users can only create one email integration per form and can only send to a single email address.
- Added a new test suite for `EmailIntegration` to validate the new restrictions and ensure proper functionality for both free and pro users.
- Introduced loading state management in the `IntegrationModal` component to improve user experience during save operations.
These changes improve the flexibility and user experience of form integrations, particularly for email handling.
* for self-hosted ignore emil validation for spam
* fix pint
* ignore register throttle for testing env
* support new migration for mysql also
* Register page captcha enable if captcha key set
* fix test case
* fix test case
* fix test case
* fix pint
* Refactor RegisterController middleware and update TestCase setup
- Removed environment check for throttling middleware in RegisterController, ensuring consistent rate limiting for the registration endpoint.
- Updated TestCase to disable throttle middleware during tests, allowing for more flexible testing scenarios without rate limiting interference.
* Enhance hCaptcha integration in tests and configuration
- Added hCaptcha site and secret keys to phpunit.xml for testing purposes.
- Updated RegisterTest to configure hCaptcha secret key dynamically, ensuring proper token validation in production environment.
These changes improve the testing setup for hCaptcha, facilitating more accurate simulation of production conditions.
---------
Co-authored-by: Julien Nahum <julien@nahum.net>
2024-12-18 13:16:27 +01:00
|
|
|
foreach ($this->integrationClassName::getValidationRules($this->form) as $key => $value) {
|
2024-03-28 18:14:30 +01:00
|
|
|
$this->integrationRules['settings.' . $key] = $value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function toIntegrationData(): array
|
|
|
|
|
{
|
|
|
|
|
return $this->integrationClassName::formatData([
|
|
|
|
|
'status' => ($this->validated(
|
|
|
|
|
'status'
|
|
|
|
|
)) ? FormIntegration::STATUS_ACTIVE : FormIntegration::STATUS_INACTIVE,
|
|
|
|
|
'integration_id' => $this->validated('integration_id'),
|
|
|
|
|
'data' => $this->validated('settings') ?? [],
|
2024-06-05 15:35:46 +02:00
|
|
|
'logic' => $this->validated('logic') ?? [],
|
|
|
|
|
'oauth_id' => $this->validated('oauth_id'),
|
2024-03-28 18:14:30 +01:00
|
|
|
]);
|
|
|
|
|
}
|
|
|
|
|
}
|
