Expand API and refactor for user groups.

2026-01-07 14:41:20 +00:00 · 2023-09-21 15:50:49 +02:00
parent 7dbdf0c4ff
commit 0b220f3288
45 changed files with 950 additions and 243 deletions
--- a/app/Support/Request/ChecksLogin.php
+++ b/app/Support/Request/ChecksLogin.php
@@ -27,7 +27,6 @@ use FireflyIII\Enums\UserRoleEnum;
 use FireflyIII\Models\UserGroup;
 use FireflyIII\User;
 use Illuminate\Support\Facades\Log;
-use ValueError;

 /**
 * Trait ChecksLogin
@@ -51,20 +50,51 @@ trait ChecksLogin
            app('log')->debug('Request class has no acceptedRoles array');
            return true; // check for false already took place.
        }
-        /** @var UserGroup $userGroup */
-        $userGroup = $this->route()->parameter('userGroup');
-        if (null === $userGroup) {
-            app('log')->debug('Request class has no userGroup parameter.');
-            return true;
-        }
        /** @var User $user */
-        $user = auth()->user();
+        $user      = auth()->user();
+        $userGroup = $this->getUserGroup();
+        if (null === $userGroup) {
+            app('log')->error('User has no valid user group submitted or otherwise.');
+            return false;
+        }
+
        /** @var UserRoleEnum $role */
        foreach ($this->acceptedRoles as $role) {
-            if ($user->hasRoleInGroup($userGroup, $role, true, true)) {
+            // system owner cannot overrule this, MUST be member of the group.
+            if ($user->hasRoleInGroup($userGroup, $role, true, false)) {
                return true;
            }
        }
        return false;
    }
+
+    /**
+     * Return the user group or NULL if none is set.
+     * Will throw exception if invalid.
+     *
+     * @return UserGroup|null
+     */
+    public function getUserGroup(): ?UserGroup
+    {
+        /** @var User $user */
+        $user = auth()->user();
+        app('log')->debug('Now in getUserGroup()');
+        /** @var UserGroup $userGroup */
+        $userGroup = $this->route()->parameter('userGroup');
+        if (null === $userGroup) {
+            app('log')->debug('Request class has no userGroup parameter, but perhaps there is a parameter.');
+            $userGroupId = (int)$this->get('user_group_id');
+            if (0 === $userGroupId) {
+                app('log')->debug(sprintf('Request class has no user_group_id parameter, grab default from user (group #%d).', $user->user_group_id));
+                $userGroupId = (int)$user->user_group_id;
+            }
+            $userGroup = UserGroup::find($userGroupId);
+            if (null === $userGroup) {
+                app('log')->error(sprintf('Request class has user_group_id (#%d), but group does not exist.', $userGroupId));
+                return null;
+            }
+            app('log')->debug('Request class has valid user_group_id.');
+        }
+        return $userGroup;
+    }
 }
--- a/app/Support/Request/ConvertsDataTypes.php
+++ b/app/Support/Request/ConvertsDataTypes.php
@@ -26,7 +26,7 @@ namespace FireflyIII\Support\Request;
 use Carbon\Carbon;
 use Carbon\Exceptions\InvalidDateException;
 use Carbon\Exceptions\InvalidFormatException;
-use FireflyIII\Repositories\Administration\Account\AccountRepositoryInterface;
+use FireflyIII\Repositories\UserGroups\Account\AccountRepositoryInterface;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Log;

@@ -171,6 +171,7 @@ trait ConvertsDataTypes
        // set administration ID
        // group ID
        $administrationId = auth()->user()->getAdministrationId();
+        die('uses old administration ID check, needs to be updated.G');
        $repository->setAdministrationId($administrationId);

        $set        = $this->get('accounts');