josh/BarangaySystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
BarangaySystem/ai-docs/todo-completed/todo-1a2b3c4d5e6f.md
Jonathan Sykes eb4a5731fb initial: bootstrap from BukidBountyApp base
2026-06-06 18:43:00 +08:00

3.1 KiB
Raw Permalink Blame History

TODO: Add Backend Interception for Disabled Pages

Problem Statement

Pages disabled through the Ultimate Console are still accessible via direct URL /p/{page}/s/{data}. The VueRouteMap already has disabled page checks, but viewHelperController does not.

Implementation Plan

Step 1: Add Disabled Page Check to viewHelperController

  • File: app/Http/Controllers/viewHelperController.php
  • Method: servePageFragmentUnified()
  • Changes:
    • Add check for disabled_pages system setting at the start of the method
    • Retrieve disabled pages list using SystemSetting::getValue('disabled_pages', [])
    • Check if current page name is in the disabled list (case-insensitive)
    • If disabled and user is not Ultimate type, return redirect to / or 403 error
    • Allow Ultimate users to still access disabled pages (for fixing settings)

Step 2: Add Helper Method for Disabled Page Checking

  • File: app/Http/Controllers/viewHelperController.php
  • New Method: isPageDisabled(string $pageName): bool
  • Purpose: Centralized logic to check if a page is disabled
  • Logic:
    • Get disabled_pages from SystemSetting
    • Compare page name case-insensitively
    • Return true if disabled, false otherwise

Step 3: Add Helper Method for Access Permission

  • File: app/Http/Controllers/viewHelperController.php
  • New Method: canAccessDisabledPage(): bool
  • Purpose: Check if current user can access disabled pages
  • Logic:
    • Check if user is authenticated
    • Check if user has Ultimate account type
    • Return true only for Ultimate users

Step 4: Update servePageFragmentUnified Method

  • Location: After user authentication check, before viewMap lookup
  • Logic Flow:
    1. Check if page is disabled using isPageDisabled()
    2. If disabled, check if user can access using canAccessDisabledPage()
    3. If user cannot access, return appropriate response:
      • Option A: Redirect to / (consistent with VueRouteMap)
      • Option B: Return 403 Forbidden with message
    4. If user can access (Ultimate), continue normal flow

Step 5: Handle Edge Cases

  • Ensure case-insensitive matching for page names
  • Handle null/empty disabled_pages gracefully
  • Maintain backward compatibility with existing functionality
  • Ensure public pages are not affected by this check

Step 6: Testing Considerations

  • Test with disabled page list containing various page names
  • Test with Ultimate user accessing disabled page
  • Test with non-Ultimate user accessing disabled page
  • Test with empty disabled_pages setting
  • Test with case variations in page names

Files to Modify

  1. app/Http/Controllers/viewHelperController.php - Main changes

Dependencies

  • App\Models\SystemSetting - For retrieving disabled_pages setting
  • App\Enums\UserTypes - For checking Ultimate user type
  • Hypervel\Support\Facades\Auth - For user authentication

Expected Outcome

After implementation, pages disabled in the Ultimate Console will be inaccessible via direct URL /p/{page}/s/{data} for non-Ultimate users, while Ultimate users retain access to fix settings.