kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2026-05-04 05:06:37 +00:00
Code Issues Projects Releases Wiki Activity

Fix #3915

Browse Source
This commit is contained in:
James Cole
2020-10-13 06:48:11 +02:00
parent 13e15d0476
commit 4b1f4ae319
3 changed files with 40 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
app/Http/Controllers/ProfileController.php
View File

@@ -60,7 +60,8 @@ class ProfileController extends Controller
{ {
use RequestInformation, CreateStuff; use RequestInformation, CreateStuff;
protected bool $externalIdentity; protected bool $internalAuth;
protected bool $internalIdentity;
/** /**
* ProfileController constructor. * ProfileController constructor.
@@ -81,7 +82,8 @@ class ProfileController extends Controller
); );
$loginProvider = config('firefly.login_provider'); $loginProvider = config('firefly.login_provider');
$authGuard = config('firefly.authentication_guard'); $authGuard = config('firefly.authentication_guard');
$this->externalIdentity = 'web' !== $authGuard; $this->internalAuth = 'web' === $authGuard;
$this->internalIdentity = 'eloquent' === $loginProvider;
Log::debug(sprintf('ProfileController::__construct(). Login provider is "%s", authentication guard is "%s"', $loginProvider, $authGuard)); Log::debug(sprintf('ProfileController::__construct(). Login provider is "%s", authentication guard is "%s"', $loginProvider, $authGuard));
$this->middleware(IsDemoUser::class)->except(['index']); $this->middleware(IsDemoUser::class)->except(['index']);
@@ -92,7 +94,10 @@ class ProfileController extends Controller
*/ */
public function logoutOtherSessions() public function logoutOtherSessions()
{ {
// if (!$this->internalAuth) {
session()->flash('info', (string) trans('firefly.external_auth_disabled'));
return redirect(route('profile.index'));
}
return view('profile.logout-other-sessions'); return view('profile.logout-other-sessions');
} }
@@ -103,6 +108,10 @@ class ProfileController extends Controller
*/ */
public function postLogoutOtherSessions(Request $request) public function postLogoutOtherSessions(Request $request)
{ {
if (!$this->internalAuth) {
session()->flash('info', (string) trans('firefly.external_auth_disabled'));
return redirect(route('profile.index'));
}
$creds = [ $creds = [
'email' => auth()->user()->email, 'email' => auth()->user()->email,
'password' => $request->get('password'), 'password' => $request->get('password'),
@@ -128,7 +137,7 @@ class ProfileController extends Controller
*/ */
public function changeEmail(Request $request) public function changeEmail(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -151,7 +160,7 @@ class ProfileController extends Controller
*/ */
public function changePassword(Request $request) public function changePassword(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -173,7 +182,7 @@ class ProfileController extends Controller
*/ */
public function code(Request $request) public function code(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -229,7 +238,7 @@ class ProfileController extends Controller
*/ */
public function confirmEmailChange(UserRepositoryInterface $repository, string $token) public function confirmEmailChange(UserRepositoryInterface $repository, string $token)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
// @codeCoverageIgnoreStart // @codeCoverageIgnoreStart
throw new FireflyException(trans('firefly.external_user_mgt_disabled')); throw new FireflyException(trans('firefly.external_user_mgt_disabled'));
// @codeCoverageIgnoreEnd // @codeCoverageIgnoreEnd
@@ -265,7 +274,7 @@ class ProfileController extends Controller
*/ */
public function deleteAccount(Request $request) public function deleteAccount(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -284,7 +293,7 @@ class ProfileController extends Controller
*/ */
public function deleteCode(Request $request) public function deleteCode(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -309,7 +318,7 @@ class ProfileController extends Controller
*/ */
public function enable2FA(Request $request) public function enable2FA(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -340,7 +349,8 @@ class ProfileController extends Controller
{ {
/** @var User $user */ /** @var User $user */
$user = auth()->user(); $user = auth()->user();
$isExternalIdentity = $this->externalIdentity; $isInternalAuth = $this->internalAuth;
$isInternalIdentity = $this->internalIdentity;
$count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count(); $count = DB::table('oauth_clients')->where('personal_access_client', 1)->whereNull('user_id')->count();
$subTitle = $user->email; $subTitle = $user->email;
$userId = $user->id; $userId = $user->id;
@@ -360,7 +370,7 @@ class ProfileController extends Controller
$accessToken = app('preferences')->set('access_token', $token); $accessToken = app('preferences')->set('access_token', $token);
} }
return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'isExternalIdentity')); return view('profile.index', compact('subTitle', 'mfaBackupCount', 'userId', 'accessToken', 'enabled2FA', 'isInternalAuth','isInternalIdentity'));
} }
/** /**
@@ -368,7 +378,7 @@ class ProfileController extends Controller
*/ */
public function newBackupCodes(Request $request) public function newBackupCodes(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -399,7 +409,7 @@ class ProfileController extends Controller
*/ */
public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository) public function postChangeEmail(EmailFormRequest $request, UserRepositoryInterface $repository)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -450,7 +460,7 @@ class ProfileController extends Controller
*/ */
public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository) public function postChangePassword(ProfileFormRequest $request, UserRepositoryInterface $repository)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -485,7 +495,7 @@ class ProfileController extends Controller
*/ */
public function postCode(TokenFormRequest $request) public function postCode(TokenFormRequest $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -530,7 +540,7 @@ class ProfileController extends Controller
*/ */
public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request) public function postDeleteAccount(UserRepositoryInterface $repository, DeleteAccountFormRequest $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -559,7 +569,7 @@ class ProfileController extends Controller
*/ */
public function regenerate(Request $request) public function regenerate(Request $request)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
$request->session()->flash('error', trans('firefly.external_user_mgt_disabled')); $request->session()->flash('error', trans('firefly.external_user_mgt_disabled'));
return redirect(route('profile.index')); return redirect(route('profile.index'));
@@ -587,7 +597,7 @@ class ProfileController extends Controller
*/ */
public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash) public function undoEmailChange(UserRepositoryInterface $repository, string $token, string $hash)
{ {
if ($this->externalIdentity) { if (!$this->internalAuth || !$this->internalIdentity) {
throw new FireflyException(trans('firefly.external_user_mgt_disabled')); throw new FireflyException(trans('firefly.external_user_mgt_disabled'));
} }

1
resources/lang/en_US/firefly.php
View File

@@ -754,6 +754,7 @@ return [
'login_with_old_email' => 'You can now login with your old email address again.', 'login_with_old_email' => 'You can now login with your old email address again.',
'login_provider_local_only' => 'This action is not available when authenticating through ":login_provider".', 'login_provider_local_only' => 'This action is not available when authenticating through ":login_provider".',
'external_user_mgt_disabled' => 'This action is not available when Firefly III isn\'t responsible for user management or authentication handling.', 'external_user_mgt_disabled' => 'This action is not available when Firefly III isn\'t responsible for user management or authentication handling.',
'external_auth_disabled' => 'This action is not available when Firefly III isn\'t responsible for authentication handling.',
'delete_local_info_only' => "Because Firefly III isn't responsible for user management or authentication handling, this function will only delete local Firefly III information.", 'delete_local_info_only' => "Because Firefly III isn't responsible for user management or authentication handling, this function will only delete local Firefly III information.",
'oauth' => 'OAuth', 'oauth' => 'OAuth',
'profile_oauth_clients' => 'OAuth Clients', 'profile_oauth_clients' => 'OAuth Clients',

14
resources/views/v1/profile/index.twig
View File

@@ -18,17 +18,21 @@
<li role="presentation"> <li role="presentation">
<a href="#cmd" aria-controls="profile" role="tab" data-toggle="tab">{{ 'command_line_token'|_ }}</a> <a href="#cmd" aria-controls="profile" role="tab" data-toggle="tab">{{ 'command_line_token'|_ }}</a>
</li> </li>
{% if false == isExternalIdentity %} {% if true == isInternalAuth %}
<li role="presentation"> <li role="presentation">
<a href="#oauth" aria-controls="messages" role="tab" data-toggle="tab">{{ 'oauth'|_ }}</a> <a href="#oauth" aria-controls="messages" role="tab" data-toggle="tab">{{ 'oauth'|_ }}</a>
</li> </li>
{% endif %}
{% if true == isInternalAuth and true == isInternalIdentity %}
<li role="presentation"> <li role="presentation">
<a href="#mfa" aria-controls="settings" role="tab" data-toggle="tab">{{ 'pref_two_factor_auth'|_ }}</a> <a href="#mfa" aria-controls="settings" role="tab" data-toggle="tab">{{ 'pref_two_factor_auth'|_ }}</a>
</li> </li>
{% endif %} {% endif %}
{% if true == isInternalAuth and true == isInternalIdentity %}
<li role="presentation"> <li role="presentation">
<a href="#delete" aria-controls="settings" role="tab" data-toggle="tab">{{ 'delete_stuff_header'|_ }}</a> <a href="#delete" aria-controls="settings" role="tab" data-toggle="tab">{{ 'delete_stuff_header'|_ }}</a>
</li> </li>
{% endif %}
</ul> </ul>
<div class="tab-content"> <div class="tab-content">
@@ -42,7 +46,7 @@
<div class="row"> <div class="row">
<div class="col-lg-6"> <div class="col-lg-6">
<ul> <ul>
{% if false == isExternalIdentity %} {% if true == isInternalAuth and true == isInternalIdentity %}
<li> <li>
<a href="{{ route('profile.change-email') }}">{{ 'change_your_email'|_ }}</a> <a href="{{ route('profile.change-email') }}">{{ 'change_your_email'|_ }}</a>
</li> </li>
@@ -52,7 +56,7 @@
{% endif %} {% endif %}
<li><a href="{{ route('logout') }}">{{ 'logout'|_ }}</a></li> <li><a href="{{ route('logout') }}">{{ 'logout'|_ }}</a></li>
{% if false == isExternalIdentity %} {% if true == isInternalAuth and true == isInternalIdentity %}
<li> <li>
<a href="{{ route('profile.logout-others') }}">{{ 'logout_other_sessions'|_ }}</a> <a href="{{ route('profile.logout-others') }}">{{ 'logout_other_sessions'|_ }}</a>
</li> </li>
@@ -93,12 +97,14 @@
</div> </div>
</div> </div>
{% if false == isExternalIdentity %} {% if true == isInternalAuth %}
<!-- OAuth --> <!-- OAuth -->
<div role="tabpanel" class="tab-pane" id="oauth"> <div role="tabpanel" class="tab-pane" id="oauth">
<div id="passport_clients"></div> <div id="passport_clients"></div>
</div> </div>
{% endif %}
{% if true == isInternalAuth and true == isInternalIdentity %}
<!-- MFA --> <!-- MFA -->
<div role="tabpanel" class="tab-pane" id="mfa"> <div role="tabpanel" class="tab-pane" id="mfa">
<div class="box box-default"> <div class="box box-default">