firefly-iii/app/Support/Request/ChecksLogin.php

<?php
/*
 * ChecksLogin.php
 * Copyright (c) 2021 james@firefly-iii.org
 *
 * This file is part of Firefly III (https://github.com/firefly-iii).
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace FireflyIII\Support\Request;

use FireflyIII\Enums\UserRoleEnum;
use FireflyIII\Models\UserGroup;
use FireflyIII\User;
use Illuminate\Support\Facades\Log;
use ValueError;

/**
 * Trait ChecksLogin
 */
trait ChecksLogin
{
    /**
     * Verify the request.
     *
     * @return bool
     */
    public function authorize(): bool
    {
        Log::debug(sprintf('Now in %s', __METHOD__));
        // Only allow logged-in users
        $check = auth()->check();
        if (!$check) {
            return false;
        }
        if (!property_exists($this, 'acceptedRoles')) {
            app('log')->debug('Request class has no acceptedRoles array');
            return true; // check for false already took place.
        }
        /** @var UserGroup $userGroup */
        $userGroup = $this->route()->parameter('userGroup');
        if (null === $userGroup) {
            app('log')->debug('Request class has no userGroup parameter.');
            return true;
        }
        /** @var User $user */
        $user = auth()->user();
        /** @var UserRoleEnum $role */
        foreach ($this->acceptedRoles as $role) {
            if ($user->hasRoleInGroup($userGroup, $role, true, true)) {
                return true;
            }
        }
        return false;
    }
}
Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`<?php`
Update some copyrights. 2021-01-29 18:50:35 +01:00			`/*`
			`* ChecksLogin.php`
			`* Copyright (c) 2021 james@firefly-iii.org`
			`*`
			`* This file is part of Firefly III (https://github.com/firefly-iii).`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*/`

Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`declare(strict_types=1);`

			`namespace FireflyIII\Support\Request;`

Better user group management and object observers 2023-09-21 11:29:09 +02:00			`use FireflyIII\Enums\UserRoleEnum;`
			`use FireflyIII\Models\UserGroup;`
			`use FireflyIII\User;`
Add include 2023-01-11 17:30:20 +01:00			`use Illuminate\Support\Facades\Log;`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`use ValueError;`
Add include 2023-01-11 17:30:20 +01:00
Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`/**`
			`* Trait ChecksLogin`
			`*/`
			`trait ChecksLogin`
			`{`
			`/**`
			`* Verify the request.`
			`*`
			`* @return bool`
			`*/`
			`public function authorize(): bool`
			`{`
Add some debug. 2023-01-11 17:29:19 +01:00			`Log::debug(sprintf('Now in %s', __METHOD__));`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`// Only allow logged-in users`
			`$check = auth()->check();`
			`if (!$check) {`
			`return false;`
			`}`
			`if (!property_exists($this, 'acceptedRoles')) {`
			`app('log')->debug('Request class has no acceptedRoles array');`
			`return true; // check for false already took place.`
			`}`
			`/** @var UserGroup $userGroup */`
			`$userGroup = $this->route()->parameter('userGroup');`
			`if (null === $userGroup) {`
			`app('log')->debug('Request class has no userGroup parameter.');`
			`return true;`
			`}`
			`/** @var User $user */`
			`$user = auth()->user();`
			`/** @var UserRoleEnum $role */`
			`foreach ($this->acceptedRoles as $role) {`
			`if ($user->hasRoleInGroup($userGroup, $role, true, true)) {`
			`return true;`
			`}`
			`}`
			`return false;`
Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`}`
Add newlines and strict types check. 2020-12-22 05:35:06 +01:00			`}`