firefly-iii/app/Console/Commands/VerifiesAccessToken.php

<?php
/**
 * VerifiesAccessToken.php
 * Copyright (c) 2020 james@firefly-iii.org
 *
 * This file is part of Firefly III (https://github.com/firefly-iii).
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace FireflyIII\Console\Commands;

use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Repositories\User\UserRepositoryInterface;
use FireflyIII\User;

/**
 * Trait VerifiesAccessToken.
 *
 * Verifies user access token for sensitive commands.
 */
trait VerifiesAccessToken
{
    /**
     * @throws FireflyException
     */
    public function getUser(): User
    {
        $userId     = (int)$this->option('user');

        /** @var UserRepositoryInterface $repository */
        $repository = app(UserRepositoryInterface::class);
        $user       = $repository->find($userId);
        if (null === $user) {
            throw new FireflyException('300000: User is unexpectedly NULL');
        }

        return $user;
    }

    /**
     * Abstract method to make sure trait knows about method "option".
     *
     * @param null|string $key
     *
     * @return mixed
     */
    abstract public function option($key = null);

    /**
     * Returns false when given token does not match given user token.
     *
     * @throws FireflyException
     */
    protected function verifyAccessToken(): bool
    {
        $userId      = (int)$this->option('user');
        $token       = (string)$this->option('token');

        /** @var UserRepositoryInterface $repository */
        $repository  = app(UserRepositoryInterface::class);
        $user        = $repository->find($userId);

        if (null === $user) {
            app('log')->error(sprintf('verifyAccessToken(): no such user for input "%d"', $userId));

            return false;
        }
        $accessToken = app('preferences')->getForUser($user, 'access_token');
        if (null === $accessToken) {
            app('log')->error(sprintf('User #%d has no access token, so cannot access command line options.', $userId));

            return false;
        }
        if ($accessToken->data !== $token) {
            app('log')->error(sprintf('Invalid access token for user #%d.', $userId));
            app('log')->error(sprintf('Token given is "%s", expected something else.', $token));

            return false;
        }

        return true;
    }
}
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`<?php`
			`/**`
			`* VerifiesAccessToken.php`
Update copyright thingie. 2020-01-23 20:35:02 +01:00			`* Copyright (c) 2020 james@firefly-iii.org`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* This file is part of Firefly III (https://github.com/firefly-iii).`
New copyright notice. 2017-10-21 08:40:00 +02:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
New copyright notice. 2017-10-21 08:40:00 +02:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* This program is distributed in the hope that it will be useful,`
New copyright notice. 2017-10-21 08:40:00 +02:00			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* GNU Affero General Public License for more details.`
New copyright notice. 2017-10-21 08:40:00 +02:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`*/`

Update copyright statements. 2018-05-11 10:08:34 +02:00			`declare(strict_types=1);`

Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`namespace FireflyIII\Console\Commands;`

Code for #1071 2018-10-13 21:32:20 +02:00			`use FireflyIII\Exceptions\FireflyException;`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`use FireflyIII\Repositories\User\UserRepositoryInterface;`
Code for #1071 2018-10-13 21:32:20 +02:00			`use FireflyIII\User;`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00
Various code cleanup. 2017-09-16 07:41:03 +02:00			`/**`
Code clean up. 2017-11-15 12:25:49 +01:00			`* Trait VerifiesAccessToken.`
Various code cleanup. 2017-09-16 07:41:03 +02:00			`*`
			`* Verifies user access token for sensitive commands.`
			`*/`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`trait VerifiesAccessToken`
			`{`
Code for #1071 2018-10-13 21:32:20 +02:00			`/**`
Code cleanup 2021-03-21 09:15:40 +01:00			`* @throws FireflyException`
Code for #1071 2018-10-13 21:32:20 +02:00			`*/`
			`public function getUser(): User`
			`{`
Various code cleanup and fixed alignments. 2024-01-01 14:43:56 +01:00			`$userId = (int)$this->option('user');`
Code cleanup. 2023-12-20 19:35:52 +01:00
Code for #1071 2018-10-13 21:32:20 +02:00			`/** @var UserRepositoryInterface $repository */`
			`$repository = app(UserRepositoryInterface::class);`
Refactor findNull to find 2021-06-30 06:17:38 +02:00			`$user = $repository->find($userId);`
Code for #1071 2018-10-13 21:32:20 +02:00			`if (null === $user) {`
Catch and verify various errors 2023-01-21 12:21:06 +01:00			`throw new FireflyException('300000: User is unexpectedly NULL');`
Code for #1071 2018-10-13 21:32:20 +02:00			`}`

			`return $user;`
			`}`

Various code cleanup 2017-09-16 07:17:58 +02:00			`/**`
Various code cleanup. 2017-09-16 07:41:03 +02:00			`* Abstract method to make sure trait knows about method "option".`
Various code cleanup. 2017-10-05 11:49:06 +02:00			`*`
Code cleanup. 2023-12-20 19:35:52 +01:00			`* @param null\|string $key`
Various code cleanup 2017-09-16 07:17:58 +02:00			`*`
			`* @return mixed`
			`*/`
			`abstract public function option($key = null);`

Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`/**`
Various code cleanup. 2017-09-16 07:41:03 +02:00			`* Returns false when given token does not match given user token.`
			`*`
Various code cleanup. 2021-05-24 08:50:17 +02:00			`* @throws FireflyException`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`*/`
			`protected function verifyAccessToken(): bool`
			`{`
Various code cleanup and fixed alignments. 2024-01-01 14:43:56 +01:00			`$userId = (int)$this->option('user');`
			`$token = (string)$this->option('token');`
Code cleanup. 2023-12-20 19:35:52 +01:00
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00			`/** @var UserRepositoryInterface $repository */`
Various code cleanup and fixed alignments. 2024-01-01 14:43:56 +01:00			`$repository = app(UserRepositoryInterface::class);`
			`$user = $repository->find($userId);`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00
Some light refactoring. No changes. 2018-01-25 18:41:27 +01:00			`if (null === $user) {`
Remove static references 2023-10-29 06:32:00 +01:00			`app('log')->error(sprintf('verifyAccessToken(): no such user for input "%d"', $userId));`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00
			`return false;`
			`}`
Various code cleanup. 2021-05-24 08:50:17 +02:00			`$accessToken = app('preferences')->getForUser($user, 'access_token');`
Code clean up. 2017-11-15 12:25:49 +01:00			`if (null === $accessToken) {`
Remove static references 2023-10-29 06:32:00 +01:00			`app('log')->error(sprintf('User #%d has no access token, so cannot access command line options.', $userId));`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00
			`return false;`
			`}`
Reverse logic operators. 2020-10-24 16:59:56 +02:00			`if ($accessToken->data !== $token) {`
Remove static references 2023-10-29 06:32:00 +01:00			`app('log')->error(sprintf('Invalid access token for user #%d.', $userId));`
			`app('log')->error(sprintf('Token given is "%s", expected something else.', $token));`
Improve export routine and cron job for #837 2017-09-14 21:17:19 +02:00
			`return false;`
			`}`

			`return true;`
			`}`
Code cleanup. 2017-11-08 09:05:10 +01:00			`}`