firefly-iii/app/Api/V1/Controllers/Controller.php

<?php

/**
 * Controller.php
 * Copyright (c) 2019 james@firefly-iii.org
 *
 * This file is part of Firefly III (https://github.com/firefly-iii).
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace FireflyIII\Api\V1\Controllers;

use Carbon\Carbon;
use Carbon\Exceptions\InvalidDateException;
use Carbon\Exceptions\InvalidFormatException;
use FireflyIII\Models\Preference;
use FireflyIII\User;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Routing\Controller as BaseController;
use League\Fractal\Manager;
use League\Fractal\Serializer\JsonApiSerializer;
use Symfony\Component\HttpFoundation\Exception\BadRequestException;
use Symfony\Component\HttpFoundation\ParameterBag;

/**
 * Class Controller.
 *
 * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
 * @SuppressWarnings(PHPMD.NumberOfChildren)
 */
abstract class Controller extends BaseController
{
    use AuthorizesRequests;
    use DispatchesJobs;
    use ValidatesRequests;

    protected const string CONTENT_TYPE    = 'application/vnd.api+json';

    /** @var array<int, string> */
    protected array        $allowedSort;
    protected ParameterBag $parameters;
    protected bool        $convertToNative = false;

    /**
     * Controller constructor.
     */
    public function __construct()
    {
        // get global parameters
        $this->allowedSort = config('firefly.allowed_sort_parameters');
        $this->middleware(
            function ($request, $next) {
                $this->parameters = $this->getParameters();
                if (auth()->check()) {
                    $language              = app('steam')->getLanguage();
                    $this->convertToNative = app('preferences')->get('convert_to_native', false)->data;
                    app()->setLocale($language);

                }

                return $next($request);
            }
        );
    }

    /**
     * Method to grab all parameters from the URL.
     */
    private function getParameters(): ParameterBag
    {
        $bag      = new ParameterBag();
        $page     = (int) request()->get('page');
        if ($page < 1) {
            $page = 1;
        }
        if ($page > 2 ** 16) {
            $page = 2 ** 16;
        }
        $bag->set('page', $page);

        // some date fields:
        $dates    = ['start', 'end', 'date'];
        foreach ($dates as $field) {
            $date = null;

            try {
                $date = request()->query->get($field);
            } catch (BadRequestException $e) {
                app('log')->error(sprintf('Request field "%s" contains a non-scalar value. Value set to NULL.', $field));
                app('log')->error($e->getMessage());
                app('log')->error($e->getTraceAsString());
                $value = null;
            }
            $obj  = null;
            if (null !== $date) {
                try {
                    $obj = Carbon::parse((string) $date);
                } catch (InvalidDateException|InvalidFormatException $e) {
                    // don't care
                    app('log')->warning(
                        sprintf(
                            'Ignored invalid date "%s" in API controller parameter check: %s',
                            substr((string) $date, 0, 20),
                            $e->getMessage()
                        )
                    );
                }
            }
            $bag->set($field, $obj);
        }

        // integer fields:
        $integers = ['limit'];
        foreach ($integers as $integer) {
            try {
                $value = request()->query->get($integer);
            } catch (BadRequestException $e) {
                app('log')->error(sprintf('Request field "%s" contains a non-scalar value. Value set to NULL.', $integer));
                app('log')->error($e->getMessage());
                app('log')->error($e->getTraceAsString());
                $value = null;
            }
            if (null !== $value) {
                $bag->set($integer, (int) $value);
            }
            if (null === $value
                && 'limit' === $integer // @phpstan-ignore-line
                && auth()->check()) {
                // set default for user:
                /** @var User $user */
                $user     = auth()->user();

                /** @var Preference $pageSize */
                $pageSize = (int) app('preferences')->getForUser($user, 'listPageSize', 50)->data;
                $bag->set($integer, $pageSize);
            }
        }

        // sort fields:
        return $this->getSortParameters($bag);
    }

    private function getSortParameters(ParameterBag $bag): ParameterBag
    {
        $sortParameters = [];

        try {
            $param = (string) request()->query->get('sort');
        } catch (BadRequestException $e) {
            app('log')->error('Request field "sort" contains a non-scalar value. Value set to NULL.');
            app('log')->error($e->getMessage());
            app('log')->error($e->getTraceAsString());
            $param = '';
        }
        if ('' === $param) {
            return $bag;
        }
        $parts          = explode(',', $param);
        foreach ($parts as $part) {
            $part      = trim($part);
            $direction = 'asc';
            if ('-' === $part[0]) {
                $part      = substr($part, 1);
                $direction = 'desc';
            }
            if (in_array($part, $this->allowedSort, true)) {
                $sortParameters[] = [$part, $direction];
            }
        }
        $bag->set('sort', $sortParameters);

        return $bag;
    }

    /**
     * Method to help build URL's.
     */
    final protected function buildParams(): string
    {
        $return = '?';
        $params = [];
        foreach ($this->parameters as $key => $value) {
            if ('page' === $key) {
                continue;
            }
            if ($value instanceof Carbon) {
                $params[$key] = $value->format('Y-m-d');

                continue;
            }
            $params[$key] = $value;
        }

        return $return.http_build_query($params);
    }

    final protected function getManager(): Manager
    {
        // create some objects:
        $manager = new Manager();
        $baseUrl = request()->getSchemeAndHttpHost().'/api/v1';
        $manager->setSerializer(new JsonApiSerializer($baseUrl));

        return $manager;
    }
}
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`<?php`
Update copyright statements. 2018-05-11 10:08:34 +02:00
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`/**`
			`* Controller.php`
Update email address in the readme and a selection of code. 2020-01-23 19:44:52 +01:00			`* Copyright (c) 2019 james@firefly-iii.org`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* This file is part of Firefly III (https://github.com/firefly-iii).`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* This program is distributed in the hope that it will be useful,`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* GNU Affero General Public License for more details.`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`*`
Update copyright of Firefly III to the GNU Affero General Public License as suggested by @nxxxse in #2607. This applies to all code in this commit from this moment onwards. 2019-10-02 06:37:26 +02:00			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`*/`

Update copyright statements. 2018-05-11 10:08:34 +02:00			`declare(strict_types=1);`

First empty controllers for API. 2018-02-04 13:41:42 +01:00			`namespace FireflyIII\Api\V1\Controllers;`

Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`use Carbon\Carbon;`
			`use Carbon\Exceptions\InvalidDateException;`
Catch error 2021-07-04 19:38:17 +02:00			`use Carbon\Exceptions\InvalidFormatException;`
Update various things. I know, great description. 2023-11-30 17:28:44 +01:00			`use FireflyIII\Models\Preference;`
			`use FireflyIII\User;`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`use Illuminate\Foundation\Auth\Access\AuthorizesRequests;`
			`use Illuminate\Foundation\Bus\DispatchesJobs;`
			`use Illuminate\Foundation\Validation\ValidatesRequests;`
			`use Illuminate\Routing\Controller as BaseController;`
Clean up API code and fix test code. 2019-09-04 17:39:39 +02:00			`use League\Fractal\Manager;`
			`use League\Fractal\Serializer\JsonApiSerializer;`
Catch various validation errors 2023-01-20 22:08:18 +01:00			`use Symfony\Component\HttpFoundation\Exception\BadRequestException;`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`use Symfony\Component\HttpFoundation\ParameterBag;`
First empty controllers for API. 2018-02-04 13:41:42 +01:00
			`/**`
			`* Class Controller.`
Various code cleanup. 2023-12-22 20:12:38 +01:00			`*`
			`* @SuppressWarnings(PHPMD.CouplingBetweenObjects)`
			`* @SuppressWarnings(PHPMD.NumberOfChildren)`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`*/`
Update some code style 2020-07-31 15:12:26 +02:00			`abstract class Controller extends BaseController`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`{`
Use PSR-12 code style 2022-10-30 14:23:00 +01:00			`use AuthorizesRequests;`
			`use DispatchesJobs;`
			`use ValidatesRequests;`
First empty controllers for API. 2018-02-04 13:41:42 +01:00
Auto commit for release 'branch-v6.2' on 2024-12-26 2024-12-26 05:25:46 +01:00			`protected const string CONTENT_TYPE = 'application/vnd.api+json';`
Code cleanup. 2023-12-20 19:35:52 +01:00
Fix various phpstan issues. 2023-11-04 11:31:14 +01:00			`/** @var array<int, string> */`
Code fixes. 2021-05-24 08:06:56 +02:00			`protected array $allowedSort;`
Code reordering and reformatting. I should really start employing style CI. 2021-09-18 10:26:12 +02:00			`protected ParameterBag $parameters;`
Fix charts and balances. 2024-12-26 05:11:32 +01:00			`protected bool $convertToNative = false;`
Basic code standard fixes. 2020-07-31 09:24:08 +02:00
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`/**`
			`* Controller constructor.`
			`*/`
			`public function __construct()`
			`{`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`// get global parameters`
Code fixes. 2021-05-24 08:06:56 +02:00			`$this->allowedSort = config('firefly.allowed_sort_parameters');`
Fix #3716 2020-08-22 19:27:16 +02:00			`$this->middleware(`
			`function ($request, $next) {`
Fix correct controller 2023-10-05 19:11:17 +02:00			`$this->parameters = $this->getParameters();`
Fix #3716 2020-08-22 19:27:16 +02:00			`if (auth()->check()) {`
Auto commit for release 'branch-v6.2' on 2024-12-26 2024-12-26 05:25:46 +01:00			`$language = app('steam')->getLanguage();`
Fix charts and balances. 2024-12-26 05:11:32 +01:00			`$this->convertToNative = app('preferences')->get('convert_to_native', false)->data;`
Fix #3716 2020-08-22 19:27:16 +02:00			`app()->setLocale($language);`
Fix charts and balances. 2024-12-26 05:11:32 +01:00
Fix #3716 2020-08-22 19:27:16 +02:00			`}`
Clean up code. 2020-10-23 19:11:25 +02:00
Fix #3716 2020-08-22 19:27:16 +02:00			`return $next($request);`
Clean up code. 2020-10-23 19:11:25 +02:00			`}`
			`);`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`}`

			`/**`
Replace uri with url 2022-04-12 18:19:30 +02:00			`* Method to grab all parameters from the URL.`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`*/`
			`private function getParameters(): ParameterBag`
			`{`
Various code cleanup and fixed alignments. 2024-01-01 14:41:31 +01:00			`$bag = new ParameterBag();`
Code cleanup 2024-12-22 08:43:12 +01:00			`$page = (int) request()->get('page');`
New code for API 2 2022-06-23 09:33:43 +02:00			`if ($page < 1) {`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`$page = 1;`
			`}`
Update translations 2023-11-15 06:32:41 +01:00			`if ($page > 2 ** 16) {`
			`$page = 2 ** 16;`
New code for API 2 2022-06-23 09:33:43 +02:00			`}`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`$bag->set('page', $page);`

Expand API. 2018-02-13 18:24:06 +01:00			`// some date fields:`
Various code cleanup and fixed alignments. 2024-01-01 14:41:31 +01:00			`$dates = ['start', 'end', 'date'];`
Add method that makes sure that URL's are expanded for page navigation/ 2018-02-16 14:51:59 +01:00			`foreach ($dates as $field) {`
Clean up code. 2023-02-12 07:23:57 +01:00			`$date = null;`
Code cleanup. 2023-12-20 19:35:52 +01:00
Catch various validation errors 2023-01-20 22:08:18 +01:00			`try {`
			`$date = request()->query->get($field);`
Catch and verify various errors 2023-01-21 12:21:06 +01:00			`} catch (BadRequestException $e) {`
Remove static references 2023-10-29 06:32:00 +01:00			`app('log')->error(sprintf('Request field "%s" contains a non-scalar value. Value set to NULL.', $field));`
			`app('log')->error($e->getMessage());`
			`app('log')->error($e->getTraceAsString());`
Catch various validation errors 2023-01-20 22:08:18 +01:00			`$value = null;`
			`}`
Various code cleanup and fixed alignments. 2024-01-01 14:41:31 +01:00			`$obj = null;`
Code cleanup. 2018-04-02 14:17:11 +02:00			`if (null !== $date) {`
Expand API. 2018-02-13 18:24:06 +01:00			`try {`
Code cleanup 2024-12-22 08:43:12 +01:00			`$obj = Carbon::parse((string) $date);`
Code cleanup. 2023-12-20 19:35:52 +01:00			`} catch (InvalidDateException\|InvalidFormatException $e) {`
Expand API. 2018-02-13 18:24:06 +01:00			`// don't care`
chore: code cleanup. 2023-05-29 13:56:55 +02:00			`app('log')->warning(`
			`sprintf(`
			`'Ignored invalid date "%s" in API controller parameter check: %s',`
Code cleanup 2024-12-22 08:43:12 +01:00			`substr((string) $date, 0, 20),`
chore: code cleanup. 2023-05-29 13:56:55 +02:00			`$e->getMessage()`
			`)`
			`);`
Expand API. 2018-02-13 18:24:06 +01:00			`}`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`}`
Expand API. 2018-02-13 18:24:06 +01:00			`$bag->set($field, $obj);`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00			`}`

Add limit parameter to capabilities of API 2019-01-26 12:09:46 +01:00			`// integer fields:`
			`$integers = ['limit'];`
			`foreach ($integers as $integer) {`
Catch various validation errors 2023-01-20 22:08:18 +01:00			`try {`
			`$value = request()->query->get($integer);`
Catch and verify various errors 2023-01-21 12:21:06 +01:00			`} catch (BadRequestException $e) {`
Remove static references 2023-10-29 06:32:00 +01:00			`app('log')->error(sprintf('Request field "%s" contains a non-scalar value. Value set to NULL.', $integer));`
			`app('log')->error($e->getMessage());`
			`app('log')->error($e->getTraceAsString());`
Catch various validation errors 2023-01-20 22:08:18 +01:00			`$value = null;`
			`}`
Add limit parameter to capabilities of API 2019-01-26 12:09:46 +01:00			`if (null !== $value) {`
Code cleanup 2024-12-22 08:43:12 +01:00			`$bag->set($integer, (int) $value);`
Add limit parameter to capabilities of API 2019-01-26 12:09:46 +01:00			`}`
Code cleanup. 2023-12-20 19:35:52 +01:00			`if (null === $value`
			`&& 'limit' === $integer // @phpstan-ignore-line`
			`&& auth()->check()) {`
Add limit param to all endpoints 2023-10-05 18:52:01 +02:00			`// set default for user:`
Update various things. I know, great description. 2023-11-30 17:28:44 +01:00			`/** @var User $user */`
Various code cleanup and fixed alignments. 2024-01-01 14:41:31 +01:00			`$user = auth()->user();`
Code cleanup. 2023-12-20 19:35:52 +01:00
Update various things. I know, great description. 2023-11-30 17:28:44 +01:00			`/** @var Preference $pageSize */`
Code cleanup 2024-12-22 08:43:12 +01:00			`$pageSize = (int) app('preferences')->getForUser($user, 'listPageSize', 50)->data;`
Add limit param to all endpoints 2023-10-05 18:52:01 +02:00			`$bag->set($integer, $pageSize);`
			`}`
Add limit parameter to capabilities of API 2019-01-26 12:09:46 +01:00			`}`

Code fixes. 2021-05-24 08:06:56 +02:00			`// sort fields:`
Various code cleanup. 2021-05-24 08:22:41 +02:00			`return $this->getSortParameters($bag);`
Code fixes. 2021-05-24 08:06:56 +02:00			`}`

			`private function getSortParameters(ParameterBag $bag): ParameterBag`
			`{`
			`$sortParameters = [];`
Code cleanup. 2023-12-20 19:35:52 +01:00
Catch various validation errors 2023-01-20 22:08:18 +01:00			`try {`
Code cleanup 2024-12-22 08:43:12 +01:00			`$param = (string) request()->query->get('sort');`
Catch and verify various errors 2023-01-21 12:21:06 +01:00			`} catch (BadRequestException $e) {`
Remove static references 2023-10-29 06:32:00 +01:00			`app('log')->error('Request field "sort" contains a non-scalar value. Value set to NULL.');`
			`app('log')->error($e->getMessage());`
			`app('log')->error($e->getTraceAsString());`
Catch various validation errors 2023-01-20 22:08:18 +01:00			`$param = '';`
			`}`
Code fixes. 2021-05-24 08:06:56 +02:00			`if ('' === $param) {`
			`return $bag;`
			`}`
Various code cleanup and fixed alignments. 2024-01-01 14:41:31 +01:00			`$parts = explode(',', $param);`
Code fixes. 2021-05-24 08:06:56 +02:00			`foreach ($parts as $part) {`
			`$part = trim($part);`
			`$direction = 'asc';`
			`if ('-' === $part[0]) {`
			`$part = substr($part, 1);`
			`$direction = 'desc';`
			`}`
			`if (in_array($part, $this->allowedSort, true)) {`
			`$sortParameters[] = [$part, $direction];`
			`}`
			`}`
			`$bag->set('sort', $sortParameters);`
Expanded API code, wrote a bunch new transformers as well. 2018-02-11 20:45:33 +01:00
Code fixes. 2021-05-24 08:06:56 +02:00			`return $bag;`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`}`
PHPStorm can order methods by alphabet, who knew. 2024-02-22 20:11:09 +01:00
			`/**`
			`* Method to help build URL's.`
			`*/`
			`final protected function buildParams(): string`
			`{`
			`$return = '?';`
			`$params = [];`
			`foreach ($this->parameters as $key => $value) {`
			`if ('page' === $key) {`
			`continue;`
			`}`
			`if ($value instanceof Carbon) {`
			`$params[$key] = $value->format('Y-m-d');`

			`continue;`
			`}`
			`$params[$key] = $value;`
			`}`

			`return $return.http_build_query($params);`
			`}`

			`final protected function getManager(): Manager`
			`{`
			`// create some objects:`
			`$manager = new Manager();`
			`$baseUrl = request()->getSchemeAndHttpHost().'/api/v1';`
			`$manager->setSerializer(new JsonApiSerializer($baseUrl));`

			`return $manager;`
			`}`
First empty controllers for API. 2018-02-04 13:41:42 +01:00			`}`