| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | <?php | 
					
						
							| 
									
										
										
										
											2018-05-11 10:08:34 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | /** | 
					
						
							|  |  |  |  * Controller.php | 
					
						
							| 
									
										
										
										
											2020-01-23 19:44:52 +01:00
										 |  |  |  * Copyright (c) 2019 james@firefly-iii.org | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * This file is part of Firefly III (https://github.com/firefly-iii). | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * This program is free software: you can redistribute it and/or modify | 
					
						
							|  |  |  |  * it under the terms of the GNU Affero General Public License as | 
					
						
							|  |  |  |  * published by the Free Software Foundation, either version 3 of the | 
					
						
							|  |  |  |  * License, or (at your option) any later version. | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * This program is distributed in the hope that it will be useful, | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |  * but WITHOUT ANY WARRANTY; without even the implied warranty of | 
					
						
							|  |  |  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * GNU Affero General Public License for more details. | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2019-10-02 06:37:26 +02:00
										 |  |  |  * You should have received a copy of the GNU Affero General Public License | 
					
						
							|  |  |  |  * along with this program.  If not, see <https://www.gnu.org/licenses/>. | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-05-11 10:08:34 +02:00
										 |  |  | declare(strict_types=1); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | namespace FireflyIII\Api\V1\Controllers; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  | use Carbon\Carbon; | 
					
						
							|  |  |  | use Carbon\Exceptions\InvalidDateException; | 
					
						
							| 
									
										
										
										
											2021-07-04 19:38:17 +02:00
										 |  |  | use Carbon\Exceptions\InvalidFormatException; | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | use Illuminate\Foundation\Auth\Access\AuthorizesRequests; | 
					
						
							|  |  |  | use Illuminate\Foundation\Bus\DispatchesJobs; | 
					
						
							|  |  |  | use Illuminate\Foundation\Validation\ValidatesRequests; | 
					
						
							|  |  |  | use Illuminate\Routing\Controller as BaseController; | 
					
						
							| 
									
										
										
										
											2019-09-04 17:39:39 +02:00
										 |  |  | use League\Fractal\Manager; | 
					
						
							|  |  |  | use League\Fractal\Serializer\JsonApiSerializer; | 
					
						
							| 
									
										
										
										
											2022-03-30 20:09:19 +02:00
										 |  |  | use Psr\Container\ContainerExceptionInterface; | 
					
						
							|  |  |  | use Psr\Container\NotFoundExceptionInterface; | 
					
						
							| 
									
										
										
										
											2023-01-20 22:08:18 +01:00
										 |  |  | use Symfony\Component\HttpFoundation\Exception\BadRequestException; | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  | use Symfony\Component\HttpFoundation\ParameterBag; | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | /** | 
					
						
							|  |  |  |  * Class Controller. | 
					
						
							| 
									
										
										
										
											2018-03-10 22:38:20 +01:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2023-02-12 07:15:06 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |  */ | 
					
						
							| 
									
										
										
										
											2020-07-31 15:12:26 +02:00
										 |  |  | abstract class Controller extends BaseController | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | { | 
					
						
							| 
									
										
										
										
											2022-10-30 14:23:00 +01:00
										 |  |  |     use AuthorizesRequests; | 
					
						
							|  |  |  |     use DispatchesJobs; | 
					
						
							|  |  |  |     use ValidatesRequests; | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-10-04 07:20:48 +02:00
										 |  |  |     protected const CONTENT_TYPE = 'application/vnd.api+json'; | 
					
						
							| 
									
										
										
										
											2021-05-24 08:06:56 +02:00
										 |  |  |     protected array        $allowedSort; | 
					
						
							| 
									
										
										
										
											2021-09-18 10:26:12 +02:00
										 |  |  |     protected ParameterBag $parameters; | 
					
						
							| 
									
										
										
										
											2020-07-31 09:24:08 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Controller constructor. | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function __construct() | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |         // get global parameters
 | 
					
						
							| 
									
										
										
										
											2021-05-24 08:06:56 +02:00
										 |  |  |         $this->allowedSort = config('firefly.allowed_sort_parameters'); | 
					
						
							| 
									
										
										
										
											2020-08-22 19:27:16 +02:00
										 |  |  |         $this->middleware( | 
					
						
							|  |  |  |             function ($request, $next) { | 
					
						
							| 
									
										
										
										
											2023-10-05 19:11:17 +02:00
										 |  |  |                 $this->parameters = $this->getParameters(); | 
					
						
							| 
									
										
										
										
											2020-08-22 19:27:16 +02:00
										 |  |  |                 if (auth()->check()) { | 
					
						
							|  |  |  |                     $language = app('steam')->getLanguage(); | 
					
						
							|  |  |  |                     app()->setLocale($language); | 
					
						
							|  |  |  |                 } | 
					
						
							| 
									
										
										
										
											2020-10-23 19:11:25 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-08-22 19:27:16 +02:00
										 |  |  |                 return $next($request); | 
					
						
							| 
									
										
										
										
											2020-10-23 19:11:25 +02:00
										 |  |  |             } | 
					
						
							|  |  |  |         ); | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							| 
									
										
										
										
											2022-04-12 18:19:30 +02:00
										 |  |  |      * Method to grab all parameters from the URL. | 
					
						
							| 
									
										
										
										
											2018-07-06 07:15:42 +02:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |      * @return ParameterBag | 
					
						
							| 
									
										
										
										
											2022-03-30 20:09:19 +02:00
										 |  |  |      * @throws ContainerExceptionInterface | 
					
						
							|  |  |  |      * @throws NotFoundExceptionInterface | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |      */ | 
					
						
							|  |  |  |     private function getParameters(): ParameterBag | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2022-10-30 14:23:00 +01:00
										 |  |  |         $bag  = new ParameterBag(); | 
					
						
							| 
									
										
										
										
											2020-10-23 19:11:25 +02:00
										 |  |  |         $page = (int)request()->get('page'); | 
					
						
							| 
									
										
										
										
											2022-06-23 09:33:43 +02:00
										 |  |  |         if ($page < 1) { | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |             $page = 1; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2023-04-26 11:31:46 +02:00
										 |  |  |         if ($page > pow(2, 16)) { | 
					
						
							|  |  |  |             $page = pow(2, 16); | 
					
						
							| 
									
										
										
										
											2022-06-23 09:33:43 +02:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |         $bag->set('page', $page); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-13 18:24:06 +01:00
										 |  |  |         // some date fields:
 | 
					
						
							| 
									
										
										
										
											2018-02-16 14:51:59 +01:00
										 |  |  |         $dates = ['start', 'end', 'date']; | 
					
						
							|  |  |  |         foreach ($dates as $field) { | 
					
						
							| 
									
										
										
										
											2023-02-12 07:23:57 +01:00
										 |  |  |             $date = null; | 
					
						
							| 
									
										
										
										
											2023-01-20 22:08:18 +01:00
										 |  |  |             try { | 
					
						
							|  |  |  |                 $date = request()->query->get($field); | 
					
						
							| 
									
										
										
										
											2023-01-21 12:21:06 +01:00
										 |  |  |             } catch (BadRequestException $e) { | 
					
						
							| 
									
										
										
										
											2023-10-29 06:32:00 +01:00
										 |  |  |                 app('log')->error(sprintf('Request field "%s" contains a non-scalar value. Value set to NULL.', $field)); | 
					
						
							|  |  |  |                 app('log')->error($e->getMessage()); | 
					
						
							|  |  |  |                 app('log')->error($e->getTraceAsString()); | 
					
						
							| 
									
										
										
										
											2023-01-20 22:08:18 +01:00
										 |  |  |                 $value = null; | 
					
						
							|  |  |  |             } | 
					
						
							| 
									
										
										
										
											2023-01-21 12:21:06 +01:00
										 |  |  |             $obj = null; | 
					
						
							| 
									
										
										
										
											2018-04-02 14:17:11 +02:00
										 |  |  |             if (null !== $date) { | 
					
						
							| 
									
										
										
										
											2018-02-13 18:24:06 +01:00
										 |  |  |                 try { | 
					
						
							| 
									
										
										
										
											2019-02-08 07:14:45 +01:00
										 |  |  |                     $obj = Carbon::parse($date); | 
					
						
							| 
									
										
										
										
											2023-06-21 12:34:58 +02:00
										 |  |  |                 } catch (InvalidDateException | InvalidFormatException $e) { | 
					
						
							| 
									
										
										
										
											2018-02-13 18:24:06 +01:00
										 |  |  |                     // don't care
 | 
					
						
							| 
									
										
										
										
											2023-05-29 13:56:55 +02:00
										 |  |  |                     app('log')->warning( | 
					
						
							|  |  |  |                         sprintf( | 
					
						
							|  |  |  |                             'Ignored invalid date "%s" in API controller parameter check: %s', | 
					
						
							|  |  |  |                             substr($date, 0, 20), | 
					
						
							|  |  |  |                             $e->getMessage() | 
					
						
							|  |  |  |                         ) | 
					
						
							|  |  |  |                     ); | 
					
						
							| 
									
										
										
										
											2018-02-13 18:24:06 +01:00
										 |  |  |                 } | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |             } | 
					
						
							| 
									
										
										
										
											2018-02-13 18:24:06 +01:00
										 |  |  |             $bag->set($field, $obj); | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-01-26 12:09:46 +01:00
										 |  |  |         // integer fields:
 | 
					
						
							|  |  |  |         $integers = ['limit']; | 
					
						
							|  |  |  |         foreach ($integers as $integer) { | 
					
						
							| 
									
										
										
										
											2023-01-20 22:08:18 +01:00
										 |  |  |             try { | 
					
						
							|  |  |  |                 $value = request()->query->get($integer); | 
					
						
							| 
									
										
										
										
											2023-01-21 12:21:06 +01:00
										 |  |  |             } catch (BadRequestException $e) { | 
					
						
							| 
									
										
										
										
											2023-10-29 06:32:00 +01:00
										 |  |  |                 app('log')->error(sprintf('Request field "%s" contains a non-scalar value. Value set to NULL.', $integer)); | 
					
						
							|  |  |  |                 app('log')->error($e->getMessage()); | 
					
						
							|  |  |  |                 app('log')->error($e->getTraceAsString()); | 
					
						
							| 
									
										
										
										
											2023-01-20 22:08:18 +01:00
										 |  |  |                 $value = null; | 
					
						
							|  |  |  |             } | 
					
						
							| 
									
										
										
										
											2019-01-26 12:09:46 +01:00
										 |  |  |             if (null !== $value) { | 
					
						
							| 
									
										
										
										
											2020-10-23 19:11:25 +02:00
										 |  |  |                 $bag->set($integer, (int)$value); | 
					
						
							| 
									
										
										
										
											2019-01-26 12:09:46 +01:00
										 |  |  |             } | 
					
						
							| 
									
										
										
										
											2023-10-05 19:11:17 +02:00
										 |  |  |             if (null === $value && 'limit' === $integer && auth()->check()) { | 
					
						
							| 
									
										
										
										
											2023-10-05 18:52:01 +02:00
										 |  |  |                 // set default for user:
 | 
					
						
							|  |  |  |                 $pageSize = (int)app('preferences')->getForUser(auth()->user(), 'listPageSize', 50)->data; | 
					
						
							|  |  |  |                 $bag->set($integer, $pageSize); | 
					
						
							|  |  |  |             } | 
					
						
							| 
									
										
										
										
											2019-01-26 12:09:46 +01:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-05-24 08:06:56 +02:00
										 |  |  |         // sort fields:
 | 
					
						
							| 
									
										
										
										
											2021-05-24 08:22:41 +02:00
										 |  |  |         return $this->getSortParameters($bag); | 
					
						
							| 
									
										
										
										
											2021-05-24 08:06:56 +02:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							| 
									
										
										
										
											2023-06-21 12:34:58 +02:00
										 |  |  |      * @param ParameterBag $bag | 
					
						
							| 
									
										
										
										
											2021-05-24 08:06:56 +02:00
										 |  |  |      * | 
					
						
							|  |  |  |      * @return ParameterBag | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     private function getSortParameters(ParameterBag $bag): ParameterBag | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $sortParameters = []; | 
					
						
							| 
									
										
										
										
											2023-01-20 22:08:18 +01:00
										 |  |  |         try { | 
					
						
							| 
									
										
										
										
											2023-01-21 12:21:06 +01:00
										 |  |  |             $param = (string)request()->query->get('sort'); | 
					
						
							|  |  |  |         } catch (BadRequestException $e) { | 
					
						
							| 
									
										
										
										
											2023-10-29 06:32:00 +01:00
										 |  |  |             app('log')->error('Request field "sort" contains a non-scalar value. Value set to NULL.'); | 
					
						
							|  |  |  |             app('log')->error($e->getMessage()); | 
					
						
							|  |  |  |             app('log')->error($e->getTraceAsString()); | 
					
						
							| 
									
										
										
										
											2023-01-20 22:08:18 +01:00
										 |  |  |             $param = ''; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2021-05-24 08:06:56 +02:00
										 |  |  |         if ('' === $param) { | 
					
						
							|  |  |  |             return $bag; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         $parts = explode(',', $param); | 
					
						
							|  |  |  |         foreach ($parts as $part) { | 
					
						
							|  |  |  |             $part      = trim($part); | 
					
						
							|  |  |  |             $direction = 'asc'; | 
					
						
							|  |  |  |             if ('-' === $part[0]) { | 
					
						
							|  |  |  |                 $part      = substr($part, 1); | 
					
						
							|  |  |  |                 $direction = 'desc'; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |             if (in_array($part, $this->allowedSort, true)) { | 
					
						
							|  |  |  |                 $sortParameters[] = [$part, $direction]; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         $bag->set('sort', $sortParameters); | 
					
						
							| 
									
										
										
										
											2018-02-11 20:45:33 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-05-24 08:06:56 +02:00
										 |  |  |         return $bag; | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2023-06-21 12:34:58 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Method to help build URL's. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return string | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     final protected function buildParams(): string | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         $return = '?'; | 
					
						
							|  |  |  |         $params = []; | 
					
						
							|  |  |  |         foreach ($this->parameters as $key => $value) { | 
					
						
							|  |  |  |             if ('page' === $key) { | 
					
						
							|  |  |  |                 continue; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |             if ($value instanceof Carbon) { | 
					
						
							|  |  |  |                 $params[$key] = $value->format('Y-m-d'); | 
					
						
							|  |  |  |                 continue; | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |             $params[$key] = $value; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return $return . http_build_query($params); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * @return Manager | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     final protected function getManager(): Manager | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         // create some objects:
 | 
					
						
							|  |  |  |         $manager = new Manager(); | 
					
						
							|  |  |  |         $baseUrl = request()->getSchemeAndHttpHost() . '/api/v1'; | 
					
						
							|  |  |  |         $manager->setSerializer(new JsonApiSerializer($baseUrl)); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return $manager; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2018-02-04 13:41:42 +01:00
										 |  |  | } |