Replaced middleware with policy + new logo and other small stuff

.env.example

@@ -21,13 +21,6 @@ DB_DATABASE='events'
 DB_USERNAME=''
 DB_PASSWORD=''
 
-DB_HANDOVER_HOST=127.0.0.1
-DB_HANDOVER_PORT=3306
-DB_HANDOVER_DATABASE=handover
-DB_HANDOVER_USERNAME=''
-DB_HANDOVER_PASSWORD=''
-DB_HANDOVER_TABLE_PREFIX=
-
 OAUTH_ID=""
 OAUTH_SECRET=""
 OAUTH_URL=""
@@ -38,21 +31,15 @@ OAUTH_MAPPING_EMAIL=data-personal-email
 OAUTH_MAPPING_FIRSTNAME=data-personal-name_first
 OAUTH_MAPPING_LASTNAME=data-personal-name_last
 
-EVENTS_API_KEY=""
-
 BROADCAST_DRIVER=log
 CACHE_DRIVER=file
 FILESYSTEM_DISK=local
 QUEUE_CONNECTION=sync
 SESSION_DRIVER=file
-SESSION_LIFETIME=120
+SESSION_LIFETIME=10080
 
 MEMCACHED_HOST=127.0.0.1
 
-REDIS_HOST=127.0.0.1
-REDIS_PASSWORD=null
-REDIS_PORT=6379
-
 MAIL_MAILER=smtp
 MAIL_HOST=mailpit
 MAIL_PORT=1025
@@ -62,20 +49,6 @@ MAIL_ENCRYPTION=null
 MAIL_FROM_ADDRESS="[email protected]"
 MAIL_FROM_NAME="${APP_NAME}"
 
-AWS_ACCESS_KEY_ID=
-AWS_SECRET_ACCESS_KEY=
-AWS_DEFAULT_REGION=us-east-1
-AWS_BUCKET=
-AWS_USE_PATH_STYLE_ENDPOINT=false
-
-PUSHER_APP_ID=
-PUSHER_APP_KEY=
-PUSHER_APP_SECRET=
-PUSHER_HOST=
-PUSHER_PORT=443
-PUSHER_SCHEME=https
-PUSHER_APP_CLUSTER=mt1
-
 VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
 VITE_PUSHER_HOST="${PUSHER_HOST}"
 VITE_PUSHER_PORT="${PUSHER_PORT}"

app/Http/Controllers/FrontController.php

@@ -25,6 +25,8 @@ public function __construct()
      */
     public function index()
     {
+        $this->authorize('index', Event::class);
+
         $now = Carbon::now();
         $events = Event::whereBetween('start_date', [$now, $now->copy()->addDay()])
             ->orderBy('start_date', 'asc')

app/Http/Kernel.php

@@ -64,6 +64,5 @@ class Kernel extends HttpKernel
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
         'api-token' => \App\Http\Middleware\ApiToken::class,
-        'staff' => \App\Http\Middleware\StaffCheck::class,
     ];
 }

app/Policies/UserPolicy.php

@@ -18,7 +18,7 @@ public function index(User $user)
 
     public function view(User $user, User $model) 
     {
-        return $user->isAdmin() || $user->is($model);
+        return $user->isAdmin() || ($user->is($model) && $user->isModeratorOrAbove());
     }
 
     public function viewAccess(User $user) 

config/custom.php

@@ -9,6 +9,4 @@
     */
     'discord_bot_token' => env('DISCORD_BOT_TOKEN', null),
     'discord_guild_id' => env('DISCORD_GUILD_ID', null),
-
-    'events_api_key' => env('EVENTS_API_KEY', null),
 ];

resources/views/layouts/auth/sidebar.blade.php

@@ -96,7 +96,7 @@
         @endif
 
         <!-- Logo -->
-        <a href="#"><img class="logo" src="{{ asset('images/'. config('app.logo')) }}"></a>
+        <a href="#"><img class="logo" src="{{ asset('images/vatsca_logo.svg') }}"></a>
         <a href="https://github.com/Vatsim-Scandinavia/events" target="_blank" class="version-sidebar">Event Manager v{{ config('app.version') }}</a>
     @else
         <!-- Divider -->

resources/views/layouts/public/topbar.blade.php

@@ -15,11 +15,13 @@
             </li>
             @if (Route::has('login'))
                 @auth
-                    <li class="nav-item">
-                        <a class="nav-link" href="{{ route('dashboard') }}">
-                            <i class="fas fa-fw fa-table-columns"></i>
-                            <span>Dashboard</span></a>
-                    </li>
+                    @can('index', \App\Models\Event::class)
+                        <li class="nav-item">
+                            <a class="nav-link" href="{{ route('dashboard') }}">
+                                <i class="fas fa-fw fa-table-columns"></i>
+                                <span>Dashboard</span></a>
+                        </li>
+                    @endcan
                 @else
                     <li class="nav-item">
                         <a class="nav-link" href="{{ route('login') }}">

resources/views/welcome.blade.php

@@ -2,9 +2,6 @@
 @section('title', 'Home')
 @section('content')
     <div class="container mt-5">
-        <div class="jumbotron text-center shadow-sm">
-            <h1 class="display-4">Welcome to {{ config('app.owner_name') }} Event Manager</h1>
-        </div>
 
         <div class="card mt-5 shadow-sm">
             <div class="card-header bg-primary text-white">
@@ -23,9 +20,7 @@
                             </li>
                         @endforeach
                     @else
-                        <li class="list-group-item d-flex justify-content-between align-items-center">
-                            <p>No Events Available</p>
-                        </li>
+                        <span>No Events Available</span>
                     @endif
                 </ul>
             </div>

routes/web.php

@@ -38,7 +38,7 @@
 
 // Auth::routes();
 
-Route::middleware(['auth', 'staff'])->group(function() {
+Route::middleware(['auth'])->group(function() {
 
     Route::get('/dashboard', [FrontController::class, 'index'])->name('dashboard');
 

tests/Feature/Models/CalendarTest.php

@@ -40,7 +40,7 @@ public function test_calendars_page_cannot_be_rendered_without_correct_permissio
         $response = $this->actingAs($user)->get(route('calendars.index'));
 
         // Check status code
-        $response->assertStatus(302);
+        $response->assertStatus(403);
     }
 
     /**
@@ -70,7 +70,7 @@ public function test_calendars_create_page_cannot_be_rendered_without_correct_pe
         $response = $this->actingAs($user)->get(route('calendars.create'));
 
         // Check status code
-        $response->assertStatus(302);
+        $response->assertStatus(403);
     }
 
     /**
@@ -107,7 +107,7 @@ public function test_calendars_edit_page_cannot_be_rendered_without_correct_perm
         $response = $this->actingAs($user)->get(route('calendars.edit', $calendar));
 
         // Check status code
-        $response->assertStatus(302);
+        $response->assertStatus(403);
     }
 
     /**

tests/Feature/Models/EventTest.php

@@ -44,7 +44,7 @@ public function test_events_page_cannot_be_rendered_without_correct_permissions(
         $response = $this->actingAs($user)->get(route('events.index'));
 
         // Check status code
-        $response->assertStatus(302);
+        $response->assertStatus(403);
     }
 
     /**
@@ -74,7 +74,7 @@ public function test_events_create_page_cannot_be_rendered_without_correct_permi
         $response = $this->actingAs($user)->get(route('events.create'));
 
         // Check status code
-        $response->assertStatus(302);
+        $response->assertStatus(403);
     }
 
     /**
@@ -113,7 +113,7 @@ public function test_events_edit_page_cannot_be_rendered_without_correct_permiss
         $response = $this->actingAs($user)->get(route('events.edit', $event));
 
         // Check status code
-        $response->assertStatus(302);
+        $response->assertStatus(403);
     }
 
     public function test_normal_event_can_be_created() : void 

tests/Feature/Models/UserTest.php

@@ -40,7 +40,7 @@ public function test_users_page_cannot_be_rendered(): void
         $response = $this->actingAs($user)->get(route('users.index', $user));
 
         // Check status code
-        $response->assertStatus(302);
+        $response->assertStatus(403);
     }
 
     /**