| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  | <?php | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-10 19:31:55 +02:00
										 |  |  | /* | 
					
						
							|  |  |  |  * TransactionController.php | 
					
						
							|  |  |  |  * Copyright (c) 2021 james@firefly-iii.org | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * This file is part of Firefly III (https://github.com/firefly-iii). | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * This program is free software: you can redistribute it and/or modify | 
					
						
							|  |  |  |  * it under the terms of the GNU Affero General Public License as | 
					
						
							|  |  |  |  * published by the Free Software Foundation, either version 3 of the | 
					
						
							|  |  |  |  * License, or (at your option) any later version. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * This program is distributed in the hope that it will be useful, | 
					
						
							|  |  |  |  * but WITHOUT ANY WARRANTY; without even the implied warranty of | 
					
						
							|  |  |  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | 
					
						
							|  |  |  |  * GNU Affero General Public License for more details. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * You should have received a copy of the GNU Affero General Public License | 
					
						
							|  |  |  |  * along with this program.  If not, see <https://www.gnu.org/licenses/>. | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | declare(strict_types=1); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  | namespace FireflyIII\Api\V1\Controllers\Data\Bulk; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | use FireflyIII\Api\V1\Controllers\Controller; | 
					
						
							|  |  |  | use FireflyIII\Api\V1\Requests\Data\Bulk\TransactionRequest; | 
					
						
							| 
									
										
										
										
											2025-08-15 20:06:28 +02:00
										 |  |  | use FireflyIII\Enums\UserRoleEnum; | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  | use FireflyIII\Repositories\Account\AccountRepositoryInterface; | 
					
						
							|  |  |  | use FireflyIII\Services\Internal\Destroy\AccountDestroyService; | 
					
						
							|  |  |  | use Illuminate\Http\JsonResponse; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | /** | 
					
						
							|  |  |  |  * Class TransactionController | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * Endpoint to update transactions by submitting | 
					
						
							|  |  |  |  * (optional) a "where" clause and an "update" | 
					
						
							|  |  |  |  * clause. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * Because this is a security nightmare waiting to happen validation | 
					
						
							|  |  |  |  * is pretty strict. | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | class TransactionController extends Controller | 
					
						
							|  |  |  | { | 
					
						
							|  |  |  |     private AccountRepositoryInterface $repository; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-15 20:06:28 +02:00
										 |  |  |     protected array $acceptedRoles = [UserRoleEnum::MANAGE_TRANSACTIONS]; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  |     public function __construct() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         parent::__construct(); | 
					
						
							|  |  |  |         $this->middleware( | 
					
						
							|  |  |  |             function ($request, $next) { | 
					
						
							| 
									
										
										
										
											2025-08-15 20:06:28 +02:00
										 |  |  |                 $this->validateUserGroup($request); | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  |                 $this->repository = app(AccountRepositoryInterface::class); | 
					
						
							| 
									
										
										
										
											2025-08-15 20:06:28 +02:00
										 |  |  |                 $this->repository->setUserGroup($this->userGroup); | 
					
						
							|  |  |  |                 $this->repository->setUser($this->user); | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |                 return $next($request); | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         ); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     public function update(TransactionRequest $request): JsonResponse | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $query  = $request->getAll(); | 
					
						
							|  |  |  |         $params = $query['query']; | 
					
						
							| 
									
										
										
										
											2021-09-18 05:26:31 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  |         // this deserves better code, but for now a loop of basic if-statements
 | 
					
						
							|  |  |  |         // to respond to what is in the $query.
 | 
					
						
							|  |  |  |         // this is OK because only one thing can be in the query at the moment.
 | 
					
						
							| 
									
										
										
										
											2023-11-04 17:41:28 +01:00
										 |  |  |         if ($this->isUpdateTransactionAccount($params)) { | 
					
						
							| 
									
										
										
										
											2024-12-22 08:43:12 +01:00
										 |  |  |             $original    = $this->repository->find((int) $params['where']['account_id']); | 
					
						
							|  |  |  |             $destination = $this->repository->find((int) $params['update']['account_id']); | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |             /** @var AccountDestroyService $service */ | 
					
						
							| 
									
										
										
										
											2024-01-01 14:41:31 +01:00
										 |  |  |             $service     = app(AccountDestroyService::class); | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  |             $service->moveTransactions($original, $destination); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return response()->json([], 204); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							| 
									
										
										
										
											2023-12-23 06:22:47 +01:00
										 |  |  |      * @param array<string, array<string, string>> $params | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2023-11-04 17:41:28 +01:00
										 |  |  |     private function isUpdateTransactionAccount(array $params): bool | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2021-09-18 05:26:31 +02:00
										 |  |  |         return array_key_exists('account_id', $params['where']) && array_key_exists('account_id', $params['update']); | 
					
						
							| 
									
										
										
										
											2021-08-10 18:43:21 +02:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2021-08-10 19:31:55 +02:00
										 |  |  | } |