# TODO: Add Backend Interception for Disabled Pages ## Problem Statement Pages disabled through the Ultimate Console are still accessible via direct URL `/p/{page}/s/{data}`. The `VueRouteMap` already has disabled page checks, but `viewHelperController` does not. ## Implementation Plan ### Step 1: Add Disabled Page Check to viewHelperController - **File:** `app/Http/Controllers/viewHelperController.php` - **Method:** `servePageFragmentUnified()` - **Changes:** - Add check for `disabled_pages` system setting at the start of the method - Retrieve disabled pages list using `SystemSetting::getValue('disabled_pages', [])` - Check if current page name is in the disabled list (case-insensitive) - If disabled and user is not Ultimate type, return redirect to `/` or 403 error - Allow Ultimate users to still access disabled pages (for fixing settings) ### Step 2: Add Helper Method for Disabled Page Checking - **File:** `app/Http/Controllers/viewHelperController.php` - **New Method:** `isPageDisabled(string $pageName): bool` - **Purpose:** Centralized logic to check if a page is disabled - **Logic:** - Get `disabled_pages` from SystemSetting - Compare page name case-insensitively - Return true if disabled, false otherwise ### Step 3: Add Helper Method for Access Permission - **File:** `app/Http/Controllers/viewHelperController.php` - **New Method:** `canAccessDisabledPage(): bool` - **Purpose:** Check if current user can access disabled pages - **Logic:** - Check if user is authenticated - Check if user has Ultimate account type - Return true only for Ultimate users ### Step 4: Update servePageFragmentUnified Method - **Location:** After user authentication check, before viewMap lookup - **Logic Flow:** 1. Check if page is disabled using `isPageDisabled()` 2. If disabled, check if user can access using `canAccessDisabledPage()` 3. If user cannot access, return appropriate response: - Option A: Redirect to `/` (consistent with VueRouteMap) - Option B: Return 403 Forbidden with message 4. If user can access (Ultimate), continue normal flow ### Step 5: Handle Edge Cases - Ensure case-insensitive matching for page names - Handle null/empty disabled_pages gracefully - Maintain backward compatibility with existing functionality - Ensure public pages are not affected by this check ### Step 6: Testing Considerations - Test with disabled page list containing various page names - Test with Ultimate user accessing disabled page - Test with non-Ultimate user accessing disabled page - Test with empty disabled_pages setting - Test with case variations in page names ## Files to Modify 1. `app/Http/Controllers/viewHelperController.php` - Main changes ## Dependencies - `App\Models\SystemSetting` - For retrieving disabled_pages setting - `App\Enums\UserTypes` - For checking Ultimate user type - `Hypervel\Support\Facades\Auth` - For user authentication ## Expected Outcome After implementation, pages disabled in the Ultimate Console will be inaccessible via direct URL `/p/{page}/s/{data}` for non-Ultimate users, while Ultimate users retain access to fix settings.