kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-11-18 15:39:50 +00:00
Code Issues Projects Releases Wiki Activity

Disable attachment API for demo users

Browse Source
This commit is contained in:
James Cole
2023-12-30 12:54:21 +01:00
parent d777a1f2b8
commit 2e5bc750d1
8 changed files with 60 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/Api/V1/Controllers/Models/Attachment/StoreController.php
View File

@@ -34,7 +34,9 @@ use FireflyIII\Transformers\AttachmentTransformer;
use FireflyIII\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use League\Fractal\Resource\Item;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
/**
* Class StoreController
@@ -72,6 +74,11 @@ class StoreController extends Controller
*/
public function store(StoreRequest $request): JsonResponse
{
if(true === auth()->user()->hasRole('demo')) {
Log::channel('audit')->info(sprintf('Demo user tries to access attachment API in %s', __METHOD__));
throw new NotFoundHttpException();
}
app('log')->debug(sprintf('Now in %s', __METHOD__));
$data = $request->getAll();
$attachment = $this->repository->store($data);
@@ -91,6 +98,12 @@ class StoreController extends Controller
*/
public function upload(Request $request, Attachment $attachment): JsonResponse
{
if(true === auth()->user()->hasRole('demo')) {
Log::channel('audit')->info(sprintf('Demo user tries to access attachment API in %s', __METHOD__));
throw new NotFoundHttpException();
}
/** @var AttachmentHelperInterface $helper */
$helper = app(AttachmentHelperInterface::class);
$body = $request->getContent();