Merge pull request #12003 from firefly-iii/release-1774107220

🤖 Automatically merge the PR into the develop branch.

app/Exceptions/Handler.php

@@ -251,7 +251,7 @@ class Handler extends ExceptionHandler
             'method'       => request()->method(),
             'headers'      => $headers,
             // @mago-expect lint:no-request-all
-            'post'         => 'POST' === request()->method() ? json_encode(request()->all()) : '',
+            'post'         => 'PUT' === request()->method() || 'POST' === request()->method() ? json_encode(request()->all()) : '',
         ];
 
         // create job that will mail.

app/Http/Middleware/IsAdminApi.php

@@ -29,6 +29,7 @@ use FireflyIII\User;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;
 
 /**
  * Class IsAdmin.
@@ -41,6 +42,8 @@ class IsAdminApi
      * @param null|string $guard
      *
      * @return mixed
+     *
+     * @throws AuthorizationException
      */
     public function handle(Request $request, Closure $next, $guard = null)
     {
@@ -58,6 +61,8 @@ class IsAdminApi
         /** @var UserRepositoryInterface $repository */
         $repository = app(UserRepositoryInterface::class);
         if (!$repository->hasRole($user, 'owner')) {
+            Log::error(sprintf('Cannot access %s?%s.', $request->url(), $request->getQueryString()));
+
             throw new AuthorizationException();
         }
 

config/firefly.php

@@ -79,7 +79,7 @@ return [
         // see cer.php for exchange rates feature flag.
     ],
     'version'                              => 'develop/2026-03-21',
-    'build_time'                           => 1774102650,
+    'build_time'                           => 1774107027,
     'api_version'                          => '2.1.0', // field is no longer used.
     'db_version'                           => 28, // field is no longer used.
 

package-lock.json

@@ -7143,9 +7143,9 @@
             }
         },
         "node_modules/i18next": {
-            "version": "25.10.0",
-            "resolved": "https://registry.npmjs.org/i18next/-/i18next-25.10.0.tgz",
-            "integrity": "sha512-syBEN80PJ3MOpczGXFtv6OTfKQzgi/VbvgtQQjr1z5b/0xSGa1iG8n5ESG7TVT5scGbbRr/1Du2tufHEkr5pHw==",
+            "version": "25.10.1",
+            "resolved": "https://registry.npmjs.org/i18next/-/i18next-25.10.1.tgz",
+            "integrity": "sha512-d7MZx1UDamSmjbaqFg00w+EXUTqIB8x8cmYRGsAzQqXFVyrNFprGqPItANtlF6V1tuBFyZyp+4/q2MFqODWerg==",
             "funding": [
                 {
                     "type": "individual",
@@ -7162,7 +7162,7 @@
             ],
             "license": "MIT",
             "dependencies": {
-                "@babel/runtime": "^7.28.6"
+                "@babel/runtime": "^7.29.2"
             },
             "peerDependencies": {
                 "typescript": "^5"

routes/api.php

@@ -347,7 +347,6 @@ Route::group(
         'namespace'  => 'FireflyIII\Api\V1\Controllers\Models\UserGroup',
         'prefix'     => 'v1/user-groups',
         'as'         => 'api.v1.user-groups.',
-        'middleware' => ['api-admin'],
     ],
     static function (): void {
         Route::get('', ['uses' => 'IndexController@index', 'as' => 'index']);