Also block command thingie.

This commit is contained in:
James Cole
2026-06-30 12:12:00 +02:00
parent b0c7e827d2
commit 86118b4318
@@ -41,7 +41,6 @@ use Illuminate\Support\Facades\Log;
use Illuminate\View\View;
use Laravel\Passport\Passport;
use phpseclib3\Crypt\RSA;
use function Safe\file_put_contents;
/**
@@ -56,25 +55,26 @@ final class InstallController extends Controller
public const string FORBIDDEN_ERROR = 'Internal PHP function "proc_close" is disabled for your installation. Auto-migration is not possible.';
public const string OTHER_ERROR = 'An unknown error prevented Firefly III from executing the upgrade commands. Sorry.';
private string $lastError = '';
private string $lastError = '';
// empty on purpose.
private array $upgradeCommands = [
// there are 5 initial commands
// Check 4 places: InstallController, Docker image, UpgradeDatabase, composer.json
'firefly-iii:create-database' => [],
'migrate' => ['--seed' => true, '--force' => true],
'generate-keys' => [], // an exception :(
'firefly-iii:upgrade-database' => [],
'firefly-iii:set-latest-version' => ['--james-is-cool' => true],
'firefly-iii:verify-security-alerts' => [],
];
private array $upgradeCommands
= [
// there are 5 initial commands
// Check 4 places: InstallController, Docker image, UpgradeDatabase, composer.json
'firefly-iii:create-database' => [],
'migrate' => ['--seed' => true, '--force' => true],
'generate-keys' => [], // an exception :(
'firefly-iii:upgrade-database' => [],
'firefly-iii:set-latest-version' => ['--james-is-cool' => true],
'firefly-iii:verify-security-alerts' => [],
];
/**
* Show index.
*
* @return Factory|View
*/
public function index(): Factory|\Illuminate\Contracts\View\View
public function index(): Factory | \Illuminate\Contracts\View\View
{
if ($this->hasNoTables() || $this->isOldVersionInstalled()) {
app('view')->share('FF_VERSION', config('firefly.version'));
@@ -93,52 +93,57 @@ final class InstallController extends Controller
*/
public function keys(): void
{
$key = RSA::createKey(4096);
if (!$this->hasNoTables() && !$this->isOldVersionInstalled()) {
$key = RSA::createKey(4096);
[$publicKey, $privateKey] = [Passport::keyPath('oauth-public.key'), Passport::keyPath('oauth-private.key')];
[$publicKey, $privateKey] = [Passport::keyPath('oauth-public.key'), Passport::keyPath('oauth-private.key')];
if (file_exists($publicKey) || file_exists($privateKey)) {
return;
if (file_exists($publicKey) || file_exists($privateKey)) {
return;
}
file_put_contents($publicKey, (string)$key->getPublicKey());
file_put_contents($privateKey, $key->toString('PKCS1'));
}
file_put_contents($publicKey, (string) $key->getPublicKey());
file_put_contents($privateKey, $key->toString('PKCS1'));
}
public function runCommand(Request $request): JsonResponse
{
$requestIndex = (int) $request->get('index');
$response = ['hasNextCommand' => false, 'done' => true, 'previous' => null, 'error' => false, 'errorMessage' => null];
if (!$this->hasNoTables() && !$this->isOldVersionInstalled()) {
$requestIndex = (int)$request->input('index');
$response = ['hasNextCommand' => false, 'done' => true, 'previous' => null, 'error' => false, 'errorMessage' => null];
Log::debug(sprintf('Will now run commands. Request index is %d', $requestIndex));
$indexes = array_keys($this->upgradeCommands);
if (array_key_exists($requestIndex, $indexes)) {
$command = $indexes[$requestIndex];
$parameters = $this->upgradeCommands[$command];
Log::debug(sprintf('Will now execute command "%s" with parameters', $command), $parameters);
Log::debug(sprintf('Will now run commands. Request index is %d', $requestIndex));
$indexes = array_keys($this->upgradeCommands);
if (array_key_exists($requestIndex, $indexes)) {
$command = $indexes[$requestIndex];
$parameters = $this->upgradeCommands[$command];
Log::debug(sprintf('Will now execute command "%s" with parameters', $command), $parameters);
try {
$result = $this->executeCommand($command, $parameters);
} catch (FireflyException $e) {
Log::error($e->getMessage());
Log::error($e->getTraceAsString());
if (str_contains($e->getMessage(), 'open_basedir restriction in effect')) {
$this->lastError = self::BASEDIR_ERROR;
try {
$result = $this->executeCommand($command, $parameters);
} catch (FireflyException $e) {
Log::error($e->getMessage());
Log::error($e->getTraceAsString());
if (str_contains($e->getMessage(), 'open_basedir restriction in effect')) {
$this->lastError = self::BASEDIR_ERROR;
}
$result = false;
$this->lastError = sprintf('%s %s', self::OTHER_ERROR, $e->getMessage());
}
$result = false;
$this->lastError = sprintf('%s %s', self::OTHER_ERROR, $e->getMessage());
}
if (false === $result) {
$response['errorMessage'] = $this->lastError;
$response['error'] = true;
if (false === $result) {
$response['errorMessage'] = $this->lastError;
$response['error'] = true;
return response()->json($response);
return response()->json($response);
}
$response['hasNextCommand'] = array_key_exists($requestIndex + 1, $indexes);
$response['previous'] = $command;
}
$response['hasNextCommand'] = array_key_exists($requestIndex + 1, $indexes);
$response['previous'] = $command;
return response()->json($response);
}
return response()->json($response);
return response()->json([], 403);
}
/**