68ff50d460
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 3m45s
Implemented the accepted risk resolution guidance, including the AcceptedRiskResolutionAdapter, guidance cards, and updated related Filament views. Added unit, feature, and browser tests.
68 lines
1.9 KiB
PHP
68 lines
1.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Filament\Pages\Monitoring\FindingExceptionsQueue;
|
|
use App\Models\ManagedEnvironment;
|
|
use App\Models\User;
|
|
use App\Models\Workspace;
|
|
use App\Services\Auth\WorkspaceCapabilityResolver;
|
|
use App\Support\Auth\Capabilities;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
use Illuminate\Http\RedirectResponse;
|
|
use Illuminate\Http\Request;
|
|
|
|
final class OpenFindingExceptionsQueueController extends Controller
|
|
{
|
|
public function __invoke(Request $request, ManagedEnvironment $environment): RedirectResponse
|
|
{
|
|
$user = auth()->user();
|
|
|
|
if (! $user instanceof User) {
|
|
abort(403);
|
|
}
|
|
|
|
$workspace = Workspace::query()->whereKey($environment->workspace_id)->first();
|
|
|
|
if (! $workspace instanceof Workspace) {
|
|
abort(404);
|
|
}
|
|
|
|
if (! $user->canAccessTenant($environment)) {
|
|
abort(404);
|
|
}
|
|
|
|
$workspaceContext = app(WorkspaceContext::class);
|
|
|
|
if (! $workspaceContext->isMember($user, $workspace)) {
|
|
abort(404);
|
|
}
|
|
|
|
/** @var WorkspaceCapabilityResolver $resolver */
|
|
$resolver = app(WorkspaceCapabilityResolver::class);
|
|
|
|
if (! $resolver->can($user, $workspace, Capabilities::FINDING_EXCEPTION_APPROVE)) {
|
|
abort(404);
|
|
}
|
|
|
|
$workspaceContext->setCurrentWorkspace($workspace, $user, $request);
|
|
|
|
if (! $workspaceContext->rememberEnvironmentContext($environment, $request)) {
|
|
abort(404);
|
|
}
|
|
|
|
$parameters = array_replace($request->query(), [
|
|
'environment_id' => (int) $environment->getKey(),
|
|
]);
|
|
|
|
unset($parameters['tenant']);
|
|
|
|
return redirect()->to(FindingExceptionsQueue::getUrl(
|
|
panel: 'admin',
|
|
parameters: array_filter($parameters, static fn (mixed $value): bool => $value !== null && $value !== '' && $value !== []),
|
|
));
|
|
}
|
|
}
|