firefly-iii/app/Support/Request/ChecksLogin.php

<?php

/*
 * ChecksLogin.php
 * Copyright (c) 2021 james@firefly-iii.org
 *
 * This file is part of Firefly III (https://github.com/firefly-iii).
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace FireflyIII\Support\Request;

use FireflyIII\Enums\UserRoleEnum;
use FireflyIII\Models\UserGroup;
use FireflyIII\User;

/**
 * Trait ChecksLogin
 */
trait ChecksLogin
{
    /**
     * Verify the request.
     */
    public function authorize(): bool
    {
        app('log')->debug(sprintf('Now in %s', __METHOD__));
        // Only allow logged-in users
        $check = auth()->check();
        if (!$check) {
            return false;
        }
        if (!property_exists($this, 'acceptedRoles')) { // @phpstan-ignore-line
            app('log')->debug('Request class has no acceptedRoles array');

            return true; // check for false already took place.
        }

        /** @var User $user */
        $user      = auth()->user();
        $userGroup = $this->getUserGroup();
        if (null === $userGroup) {
            app('log')->error('User has no valid user group submitted or otherwise.');

            return false;
        }

        /** @var UserRoleEnum $role */
        foreach ($this->acceptedRoles as $role) {
            // system owner cannot overrule this, MUST be member of the group.
            $access = $user->hasRoleInGroupOrOwner($userGroup, $role);
            if ($access) {
                return true;
            }
        }

        return false;
    }

    /**
     * Return the user group or NULL if none is set.
     * Will throw exception if invalid.
     * TODO duplicated in JSONAPI code.
     */
    public function getUserGroup(): ?UserGroup
    {
        /** @var User $user */
        $user = auth()->user();
        app('log')->debug('Now in getUserGroup()');

        /** @var null|UserGroup $userGroup */
        $userGroup = $this->route()?->parameter('userGroup');
        if (null === $userGroup) {
            app('log')->debug('Request class has no userGroup parameter, but perhaps there is a parameter.');
            $userGroupId = (int) $this->get('user_group_id');
            if (0 === $userGroupId) {
                app('log')->debug(sprintf('Request class has no user_group_id parameter, grab default from user (group #%d).', $user->user_group_id));
                $userGroupId = (int) $user->user_group_id;
            }
            $userGroup = UserGroup::find($userGroupId);
            if (null === $userGroup) {
                app('log')->error(sprintf('Request class has user_group_id (#%d), but group does not exist.', $userGroupId));

                return null;
            }
            app('log')->debug('Request class has valid user_group_id.');
        }

        return $userGroup;
    }
}
Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`<?php`
Auto commit for release 'develop' on 2024-11-25 2024-11-25 04:18:55 +01:00
Update some copyrights. 2021-01-29 18:50:35 +01:00			`/*`
			`* ChecksLogin.php`
			`* Copyright (c) 2021 james@firefly-iii.org`
			`*`
			`* This file is part of Firefly III (https://github.com/firefly-iii).`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*/`

Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`declare(strict_types=1);`

			`namespace FireflyIII\Support\Request;`

Better user group management and object observers 2023-09-21 11:29:09 +02:00			`use FireflyIII\Enums\UserRoleEnum;`
			`use FireflyIII\Models\UserGroup;`
			`use FireflyIII\User;`
Add include 2023-01-11 17:30:20 +01:00
Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`/**`
			`* Trait ChecksLogin`
			`*/`
			`trait ChecksLogin`
			`{`
			`/**`
			`* Verify the request.`
			`*/`
			`public function authorize(): bool`
			`{`
Remove static references 2023-10-29 06:33:43 +01:00			`app('log')->debug(sprintf('Now in %s', __METHOD__));`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`// Only allow logged-in users`
Clean up balance methods. 2024-12-22 20:32:58 +01:00			`$check = auth()->check();`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`if (!$check) {`
			`return false;`
			`}`
Fix phpstan issues. 2023-11-05 16:55:16 +01:00			`if (!property_exists($this, 'acceptedRoles')) { // @phpstan-ignore-line`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`app('log')->debug('Request class has no acceptedRoles array');`
Code cleanup. 2023-12-20 19:35:52 +01:00
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`return true; // check for false already took place.`
			`}`
Code cleanup. 2023-12-20 19:35:52 +01:00
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`/** @var User $user */`
			`$user = auth()->user();`
			`$userGroup = $this->getUserGroup();`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`if (null === $userGroup) {`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`app('log')->error('User has no valid user group submitted or otherwise.');`
Code cleanup. 2023-12-20 19:35:52 +01:00
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`return false;`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`}`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`/** @var UserRoleEnum $role */`
			`foreach ($this->acceptedRoles as $role) {`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`// system owner cannot overrule this, MUST be member of the group.`
Update various things. I know, great description. 2023-11-30 17:28:44 +01:00			`$access = $user->hasRoleInGroupOrOwner($userGroup, $role);`
			`if ($access) {`
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`return true;`
			`}`
			`}`
Code cleanup. 2023-12-20 19:35:52 +01:00
Better user group management and object observers 2023-09-21 11:29:09 +02:00			`return false;`
Use trait, not class extension as an experiment. 2020-10-19 06:23:22 +02:00			`}`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00
			`/**`
			`* Return the user group or NULL if none is set.`
			`* Will throw exception if invalid.`
Various API updates. 2024-07-27 15:42:43 +02:00			`* TODO duplicated in JSONAPI code.`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`*/`
			`public function getUserGroup(): ?UserGroup`
			`{`
			`/** @var User $user */`
Clean up balance methods. 2024-12-22 20:32:58 +01:00			`$user = auth()->user();`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`app('log')->debug('Now in getUserGroup()');`
Code cleanup. 2023-12-20 19:35:52 +01:00
			`/** @var null\|UserGroup $userGroup */`
Fix various phpstan things 2023-11-29 06:30:35 +01:00			`$userGroup = $this->route()?->parameter('userGroup');`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`if (null === $userGroup) {`
			`app('log')->debug('Request class has no userGroup parameter, but perhaps there is a parameter.');`
Code cleanup 2024-12-22 08:43:12 +01:00			`$userGroupId = (int) $this->get('user_group_id');`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`if (0 === $userGroupId) {`
			`app('log')->debug(sprintf('Request class has no user_group_id parameter, grab default from user (group #%d).', $user->user_group_id));`
Code cleanup 2024-12-22 08:43:12 +01:00			`$userGroupId = (int) $user->user_group_id;`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`}`
Clean up balance methods. 2024-12-22 20:32:58 +01:00			`$userGroup = UserGroup::find($userGroupId);`
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`if (null === $userGroup) {`
			`app('log')->error(sprintf('Request class has user_group_id (#%d), but group does not exist.', $userGroupId));`
Code cleanup. 2023-12-20 19:35:52 +01:00
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`return null;`
			`}`
			`app('log')->debug('Request class has valid user_group_id.');`
			`}`
Code cleanup. 2023-12-20 19:35:52 +01:00
Expand API and refactor for user groups. 2023-09-21 15:50:49 +02:00			`return $userGroup;`
			`}`
Add newlines and strict types check. 2020-12-22 05:35:06 +01:00			`}`