Add SSO, Permissions System, and Scramble Docs

.composer/.htaccess

@@ -0,0 +1 @@
+Deny from all

.composer/cache/.htaccess

@@ -0,0 +1 @@
+Deny from all

.env.azuredevops

@@ -31,6 +31,11 @@ COPILOT_DB_DATABASE=#{copilot.database}#
 # connection info for PCI Forms db connection
 PCIFORMS_DB_DATABASE=#{pciforms.database}#
 
+# Azure Entra ID Credentials
+AZURE_CLIENT_ID=#{azure.client.id}#
+AZURE_CLIENT_SECRET=#{azure.client.secret}#
+AZURE_TENANT_ID=#{azure.tenant.id}#
+AZURE_REDIRECT_URI=#{azure.redirect.uri}#
 
 BROADCAST_DRIVER=#{broadcast.driver}#
 CACHE_DRIVER=#{cache.driver}#
@@ -59,18 +64,6 @@ MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
 
 JWT_SECRET=#{jwt.secret}#
 
-# Config for ADLDAP authentication
-ADLDAP_CONTROLLERS=#{adldap.controllers}#
-ADLDAP_BASEDN=#{adldap.basedn}#
-ADLDAP_PORT=#{adldap.port}#
-ADLDAP_ADMIN_USERNAME="#{adldap.username}#"
-ADLDAP_ADMIN_PASSWORD="#{adldap.password}#"
-ADLDAP_USE_SSL=#{adldap.useSSL}#
-ADLDAP_USE_TLS=#{adldap.useTLS}#
-
-# Complete distinguished name of group to which to limit admin dashboard access
-ADMIN_GROUP="#{admin.group}#"
-
 # Client id/key used for test cases
 TEST_CLIENTID=
 TEST_CLIENTKEY=

.env.example

@@ -64,6 +64,12 @@ COPILOT_DB_DATABASE=
 COPILOT_DB_USERNAME=
 COPILOT_DB_PASSWORD=
 
+# Azure Entra ID Credentials
+AZURE_CLIENT_ID=
+AZURE_CLIENT_SECRET=
+AZURE_TENANT_ID=
+AZURE_REDIRECT_URI=
+
 BROADCAST_DRIVER=log
 CACHE_DRIVER=file
 SESSION_DRIVER=file
@@ -91,18 +97,6 @@ MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
 
 JWT_SECRET=
 
-# Config for ADLDAP authentication
-ADLDAP_CONTROLLERS=
-ADLDAP_BASEDN=
-ADLDAP_PORT=636
-ADLDAP_ADMIN_USERNAME=
-ADLDAP_ADMIN_PASSWORD=
-ADLDAP_USE_SSL=true
-ADLDAP_USE_TLS=false
-
-# Complete distinguished name of group to which to limit admin dashboard access
-ADMIN_GROUP=
-
 # Client id/key used for test cases
 TEST_CLIENTID=
 TEST_CLIENTKEY=

.gitignore

@@ -13,3 +13,4 @@ yarn-error.log
 .env
 .DS_Store
 /storage/api-docs
+/docker/nginx/ssl

app/Http/Controllers/AdminController.php

@@ -8,6 +8,8 @@
 use Illuminate\Support\Facades\Hash;
 use App\Models\Client;
 
+
+
 class AdminController extends Controller
 {
     public function __construct()
@@ -18,6 +20,7 @@ public function __construct()
     public function index()
     {
         $client_data = Client::all();
+        //dd($client_data);
         return view('admin.index', ['data' => $client_data ]);
     }
 
@@ -57,7 +60,7 @@ public function deleteClient($id){
         //delete client
         try { 
             Client::destroy($id);
-            Log::info(sprintf("Client %d deleted by %s.", $id, Auth::user()->getUserPrincipalName()));
+            Log::info(sprintf("Client %d deleted", $id));
         } catch ( \Exception $e ) {
             Log::error($e->getMessage());
             return redirect()->back()->withError("There was an error while deleting the client.");
@@ -67,7 +70,9 @@ public function deleteClient($id){
     }
 
     public function addClientShow() {
-        return view('admin.addclient'); 
+        // Get available permissions
+        $permissions = config('permissions');
+        return view('admin.addclient', compact('permissions')); 
     }
 
     public function addClientPost(Request $request) {
@@ -77,7 +82,7 @@ public function addClientPost(Request $request) {
             'clienturl'   => 'required'
         ]);
 
-        $form_input = $request->only('clientname', 'clienturl');
+        $form_input = $request->only('clientname', 'clienturl', 'permissions');
 
         $new_clientkey = Client::generateClientKey();
 
@@ -86,9 +91,17 @@ public function addClientPost(Request $request) {
         $newclient->clienturl = $form_input['clienturl'];
         $newclient->clientid = Client::generateClientID();
         $newclient->password = Hash::make($new_clientkey);
+        $newclient->created_by = Auth::id();
 
         try { 
             $newclient->save();
+
+            // Sync permissions after the client is saved
+            if (isset($form_input['permissions'])) {
+                $newclient->syncPermissionsByName($form_input['permissions']);
+            } else {
+                $newclient->syncPermissionsByName([]);
+            }
         }
         catch ( \Exception $e ) {
             return redirect()->back()->withError("There was an error while adding the client.");
@@ -97,6 +110,63 @@ public function addClientPost(Request $request) {
         return view('admin.addclient')->with('success', true)
             ->with('clientname', $newclient->clientname)
             ->with('clientid', $newclient->clientid)
-            ->with('clientkey', $new_clientkey);
+            ->with('clientkey', $new_clientkey)
+            ->with('set_permissions', $form_input['permissions'] ?? []);
+    }
+
+    /**
+     * Edit an existing client
+     * 
+     * @param Request $request
+     * @param int $id
+     * @return \Illuminate\View\View
+     */
+    public function updateClient(Request $request, $id)
+    {
+        // Get available permissions
+        $permissions = config('permissions');
+
+        // Get the client to edit
+        $client = Client::findOrFail($id);
+
+        return view('admin.updateclient', compact('client', 'permissions'));
+    }
+
+    public function updateClientPut(Request $request, $id)
+    {
+        $this->validate($request, [
+            'clientname' => 'required',
+            'clienturl' => 'required|url'
+        ]);
+
+        $form_input = $request->only('clientname', 'clienturl', 'permissions');
+
+        try {
+            // Find the existing client
+            $client = Client::findOrFail($id);
+
+            // Update client details
+            $client->clientname = $form_input['clientname'];
+            $client->clienturl = $form_input['clienturl'];
+            $client->save();
+
+            // Sync permissions
+            if (isset($form_input['permissions'])) {
+                $client->syncPermissionsByName($form_input['permissions']);
+            } else {
+                $client->syncPermissionsByName([]);
+            }
+
+            return redirect()
+                ->route('admin.client.update', ['id' => $id])
+                ->with('success', 'Client updated successfully.');
+
+        } catch (\Exception $e) {
+            Log::error('Error updating client: ' . $e->getMessage());
+            return redirect()
+                ->back()
+                ->withInput()
+                ->withError('There was an error while updating the client.');
+        }
     }
-}
+}