diff --git a/app/Console/Commands/VerifySecurityAlerts.php b/app/Console/Commands/VerifySecurityAlerts.php
new file mode 100644
index 0000000000..c9e4cc736e
--- /dev/null
+++ b/app/Console/Commands/VerifySecurityAlerts.php
@@ -0,0 +1,89 @@
+delete('upgrade_security_message');
+ app('fireflyconfig')->delete('upgrade_security_level');
+
+ // check for security advisories.
+ $version = config('firefly.version');
+ $disk = Storage::disk('resources');
+ if (!$disk->has('alerts.json')) {
+ return 0;
+ }
+ $content = $disk->get('alerts.json');
+ $json = json_decode($content, true, 10);
+
+ /** @var array $array */
+ foreach ($json as $array) {
+ // overrule array:
+ if ($version === $array['version'] && true === $array['advisory']) {
+ // add advisory to configuration.
+ app('fireflyconfig')->set('upgrade_security_message', $array['message']);
+ app('fireflyconfig')->set('upgrade_security_level', $array['level']);
+
+ // depends on level
+ if ('info' === $array['level']) {
+ $this->info($array['message']);
+ return 0;
+ }
+ if ('warning' === $array['level']) {
+ $this->warn('------------------------ :o');
+ $this->warn($array['message']);
+ $this->warn('------------------------ :o');
+ return 0;
+ }
+ if ('danger' === $array['level']) {
+ $this->error('------------------------ :-(');
+ $this->error($array['message']);
+ $this->error('------------------------ :-(');
+ return 0;
+ }
+
+ return 0;
+ }
+ }
+
+ return 0;
+ }
+}
diff --git a/app/Http/Middleware/Range.php b/app/Http/Middleware/Range.php
index 3afa83902a..4a64f3989d 100644
--- a/app/Http/Middleware/Range.php
+++ b/app/Http/Middleware/Range.php
@@ -109,7 +109,7 @@ class Range
// send error to view if could not set money format
if (false === $moneyResult) {
Log::error('Could not set locale. The following array doesnt work: ', $localeArray);
- app('view')->share('invalidMonetaryLocale', true);
+ app('view')->share('invalidMonetaryLocale', true);
}
// save some formats:
@@ -133,5 +133,14 @@ class Range
{
$pref = app('preferences')->get('list-length', config('firefly.list_length', 10))->data;
app('view')->share('listLength', $pref);
+
+ // share security message:
+ if (
+ app('fireflyconfig')->has('upgrade_security_message')
+ && app('fireflyconfig')->has('upgrade_security_level')
+ ) {
+ app('view')->share('upgrade_security_message', app('fireflyconfig')->get('upgrade_security_message')->data);
+ app('view')->share('upgrade_security_level', app('fireflyconfig')->get('upgrade_security_level')->data);
+ }
}
}
diff --git a/app/Support/FireflyConfig.php b/app/Support/FireflyConfig.php
index b5b72516a3..9eb829bd22 100644
--- a/app/Support/FireflyConfig.php
+++ b/app/Support/FireflyConfig.php
@@ -46,7 +46,7 @@ class FireflyConfig
Cache::forget($fullName);
}
try {
- Configuration::where('name', $name)->delete();
+ Configuration::where('name', $name)->forceDelete();
} catch (Exception $e) { // @phpstan-ignore-line
// @ignoreException
}
@@ -138,7 +138,7 @@ class FireflyConfig
public function set(string $name, $value): Configuration
{
try {
- $config = Configuration::whereName($name)->first();
+ $config = Configuration::whereName($name)->whereNull('deleted_at')->first();
} catch (QueryException | Exception $e) { // @phpstan-ignore-line
$item = new Configuration;
$item->name = $name;
@@ -146,12 +146,12 @@ class FireflyConfig
return $item;
}
+
if (null === $config) {
$item = new Configuration;
$item->name = $name;
$item->data = $value;
$item->save();
-
Cache::forget('ff-config-' . $name);
return $item;
diff --git a/config/filesystems.php b/config/filesystems.php
index 4cc98ad6d5..10dbdfacbe 100644
--- a/config/filesystems.php
+++ b/config/filesystems.php
@@ -94,6 +94,10 @@ return [
'driver' => 'local',
'root' => base_path('resources/stubs'),
],
+ 'resources' => [
+ 'driver' => 'local',
+ 'root' => base_path('resources'),
+ ],
'public' => [
'driver' => 'local',
diff --git a/database/migrations/2016_06_16_000000_create_support_tables.php b/database/migrations/2016_06_16_000000_create_support_tables.php
index 4d158e268f..44dd6a2947 100644
--- a/database/migrations/2016_06_16_000000_create_support_tables.php
+++ b/database/migrations/2016_06_16_000000_create_support_tables.php
@@ -235,7 +235,6 @@ class CreateSupportTables extends Migration
$table->softDeletes();
$table->string('name', 50);
$table->text('data');
- $table->unique(['name']);
}
);
}
diff --git a/resources/lang/en_US/firefly.php b/resources/lang/en_US/firefly.php
index 3bb3d3fd60..f044ddbbaa 100644
--- a/resources/lang/en_US/firefly.php
+++ b/resources/lang/en_US/firefly.php
@@ -83,6 +83,7 @@ return [
'flash_info' => 'Message',
'flash_warning' => 'Warning!',
'flash_error' => 'Error!',
+ 'flash_danger' => 'Danger!',
'flash_info_multiple' => 'There is one message|There are :count messages',
'flash_error_multiple' => 'There is one error|There are :count errors',
'net_worth' => 'Net worth',
diff --git a/resources/views/v1/partials/flashes.twig b/resources/views/v1/partials/flashes.twig
index 4331be30c5..b5c907ce6d 100644
--- a/resources/views/v1/partials/flashes.twig
+++ b/resources/views/v1/partials/flashes.twig
@@ -8,6 +8,13 @@
{% endif %}
+{# MANDATORY UPDATE MESSAGE #}
+{% if upgrade_security_message and upgrade_security_level %}
+
+ {{ ('flash_'~upgrade_security_level)|_ }} {{ upgrade_security_message }}
+
+{% endif %}
+
{# SUCCESS MESSAGE (ALWAYS SINGULAR) #}
{% if session_has('success') %}