Merge pull request #11904 from firefly-iii/release-1772875617

🤖 Automatically merge the PR into the develop branch.

.ci/php-cs-fixer/composer.lock

@@ -1264,16 +1264,16 @@
         },
         {
             "name": "symfony/console",
-            "version": "v8.0.6",
+            "version": "v8.0.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/console.git",
-                "reference": "488285876e807a4777f074041d8bb508623419fa"
+                "reference": "15ed9008a4ebe2d6a78e4937f74e0c13ef2e618a"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/console/zipball/488285876e807a4777f074041d8bb508623419fa",
-                "reference": "488285876e807a4777f074041d8bb508623419fa",
+                "url": "https://api.github.com/repos/symfony/console/zipball/15ed9008a4ebe2d6a78e4937f74e0c13ef2e618a",
+                "reference": "15ed9008a4ebe2d6a78e4937f74e0c13ef2e618a",
                 "shasum": ""
             },
             "require": {
@@ -1330,7 +1330,7 @@
                 "terminal"
             ],
             "support": {
-                "source": "https://github.com/symfony/console/tree/v8.0.6"
+                "source": "https://github.com/symfony/console/tree/v8.0.7"
             },
             "funding": [
                 {
@@ -1350,7 +1350,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2026-02-25T16:59:43+00:00"
+            "time": "2026-03-06T14:06:22+00:00"
         },
         {
             "name": "symfony/deprecation-contracts",

.ci/phpstan.neon

@@ -14,10 +14,6 @@ parameters:
       enabled: false
     noNullableReturnTypeDeclaration:
       enabled: false
-    privateInFinalClass:
-      enabled: false
-    noIsset:
-      enabled: false
     finalInAbstractClass:
       enabled: false
     noConstructorParameterWithDefaultValue:
@@ -38,50 +34,12 @@ parameters:
   reportUnmatchedIgnoredErrors: true
   ignoreErrors:
     # these are actually interesting but not right now:
-    - identifier: staticMethod.dynamicCall
-    - identifier: argument.templateType
-    - identifier: method.childReturnType
-    - identifier: instanceof.alwaysFalse
-    - identifier: deadCode.unreachable
-    - identifier: method.dynamicName
-    - identifier: larastan.noEnvCallsOutsideOfConfig
-    - identifier: property.notFound
-    - identifier: arguments.count
-    - identifier: staticMethod.dynamicName
-    - identifier: catch.neverThrown
-    - identifier: notIdentical.alwaysTrue
-    - identifier: method.notFound
-    - identifier: nullsafe.neverNull
-    - identifier: identical.alwaysFalse
-    - identifier: if.condNotBoolean
-    # - identifier: booleanNot.exprNotBoolean
-    - identifier: method.nonObject
-    - identifier: function.impossibleType
-    - identifier: booleanNot.exprNotBoolean
-    - identifier: ternary.condNotBoolean
-    - identifier: booleanNot.alwaysFalse
-    - identifier: booleanAnd.alwaysFalse
-    - identifier: greater.alwaysTrue
-    - identifier: function.alreadyNarrowedType
-    - identifier: booleanNot.alwaysTrue
-    - identifier: property.phpDocType
-    - identifier: nullCoalesce.offset
-    - identifier: nullCoalesce.variable
-    - identifier: larastan.noUnnecessaryCollectionCall
-    - identifier: varTag.differentVariable
-    - identifier: identical.alwaysTrue
-    - identifier: clone.nonObject
-    - identifier: assign.propertyReadOnly
-    - identifier: property.nonObject
     - identifier: varTag.nativeType
-    - identifier: booleanAnd.leftAlwaysFalse
     - identifier: property.onlyWritten
     - identifier: parameter.phpDocType
     - identifier: property.dynamicName
     - identifier: property.unusedType
     - identifier: staticMethod.deprecated
-    - identifier: greater.invalid
-    - identifier: instanceof.alwaysTrue
     # ignore everything but things that BREAK
     - identifier: property.deprecated
     - identifier: method.deprecated
@@ -93,7 +51,15 @@ parameters:
     - identifier: assign.propertyType
     - identifier: return.unusedType
     - identifier: return.phpDocType
-    # all errors below I will never fix.
+    # all errors below I will (probably) never fix.
+    - identifier: method.notFound # way too many false positives
+    - identifier: catch.neverThrown # plenty of errors that are thrown undocumented
+    - identifier: staticMethod.dynamicName # dont care
+    - identifier: arguments.count # one false positive
+    - identifier: property.notFound # false positives
+    - identifier: method.dynamicName # i dont care
+    - identifier: staticMethod.dynamicCall # many false positives.
+    - identifier: argument.templateType # no clue how to fix single occurrence.
     # - '#expects view-string\|null, string given#'
     # - '#expects view-string, string given#'
     # - "#Parameter \\#[1-2] \\$num[1-2] of function bc[a-z]+ expects numeric-string, [a-z\\-|&]+ given#"

.github/workflows/release.yml

@@ -33,7 +33,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Import GPG key
-        uses: crazy-max/ghaction-import-gpg@v7
+        uses: crazy-max/ghaction-import-gpg@v6
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.PASSPHRASE }}

app/Api/V1/Controllers/Controller.php

@@ -63,6 +63,8 @@ abstract class Controller extends BaseController
     use ValidatesRequests;
     use ValidatesUserGroupTrait;
 
+    protected array $acceptedRoles           = [];
+
     protected const string CONTENT_TYPE      = 'application/vnd.api+json';
     protected const string JSON_CONTENT_TYPE = 'application/json';
 
@@ -222,7 +224,8 @@ abstract class Controller extends BaseController
                 $value = min(max(1, $value), 2 ** 16);
                 $bag->set($integer, $value);
             }
-            if (null === $value && 'limit' === $integer && auth()->check()) {
+            // && 'limit' === $integer
+            if (null === $value && auth()->check()) {
                 // set default for user:
                 /** @var User $user */
                 $user     = auth()->user();

app/Api/V1/Controllers/Models/Transaction/UpdateController.php

@@ -48,6 +48,7 @@ use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 final class UpdateController extends Controller
 {
     private TransactionGroupRepositoryInterface $groupRepository;
+    protected array $acceptedRoles = [];
 
     /**
      * TransactionController constructor.

app/Api/V1/Controllers/Summary/BasicController.php

@@ -112,19 +112,6 @@ final class BasicController extends Controller
         return response()->json($return);
     }
 
-    /**
-     * Check if date is outside session range.
-     */
-    protected function notInDateRange(Carbon $date, Carbon $start, Carbon $end): bool
-    { // Validate a preference
-        if ($start->greaterThanOrEqualTo($date) && $end->greaterThanOrEqualTo($date)) {
-            return true;
-        }
-
-        // start and end in the past? use $end
-        return $start->lessThanOrEqualTo($date) && $end->lessThanOrEqualTo($date);
-    }
-
     private function getBalanceInformation(Carbon $start, Carbon $end): array
     {
         Log::debug('getBalanceInformation');

app/Api/V1/Controllers/System/BatchController.php

@@ -62,7 +62,7 @@ final class BatchController extends Controller
         }
         Log::debug(sprintf('Counted %d journals.', count($journals)));
 
-        /** @var TransactionJournal $first */
+        /** @var null|TransactionJournal $first */
         $first             = $journals->first();
         $group             = $first?->transactionGroup;
         if (null === $group) {

app/Api/V1/Requests/AggregateFormRequest.php

@@ -34,7 +34,9 @@ abstract class AggregateFormRequest extends ApiRequest
     /**
      * @var ApiRequest[]
      */
-    protected array $requests = [];
+    protected array $requests      = [];
+
+    protected array $acceptedRoles = [];
 
     #[Override]
     public function initialize(

app/Api/V1/Requests/ApiRequest.php

@@ -32,7 +32,9 @@ class ApiRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
-    protected string $required = '';
+    protected array $acceptedRoles = [];
+
+    protected string $required     = '';
 
     public function handleConfig(array $config): void
     {

app/Api/V1/Requests/Autocomplete/AutocompleteRequest.php

@@ -39,6 +39,8 @@ class AutocompleteRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getData(): array
     {
         $types = $this->convertString('types');

app/Api/V1/Requests/Data/Bulk/MoveTransactionsRequest.php

@@ -39,6 +39,8 @@ class MoveTransactionsRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getAll(): array
     {
         return ['original_account'    => $this->convertInteger('original_account'), 'destination_account' => $this->convertInteger('destination_account')];

app/Api/V1/Requests/Data/Bulk/TransactionRequest.php

@@ -45,6 +45,8 @@ class TransactionRequest extends FormRequest
     use ConvertsDataTypes;
     use ValidatesBulkTransactionQuery;
 
+    protected array $acceptedRoles = [];
+
     public function getAll(): array
     {
         $data = [];

app/Api/V1/Requests/Data/DestroyRequest.php

@@ -36,6 +36,8 @@ class DestroyRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Data/Export/ExportRequest.php

@@ -39,6 +39,8 @@ class ExportRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getAll(): array
     {
         $result             = [

app/Api/V1/Requests/Data/SameDateRequest.php

@@ -40,6 +40,8 @@ class SameDateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/DateRangeRequest.php

@@ -38,7 +38,7 @@ class DateRangeRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
             $start = $this->getCarbonDate('start')?->startOfDay();

app/Api/V1/Requests/DateRequest.php

@@ -36,7 +36,7 @@ class DateRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
             $date  = $this->getCarbonDate('date')?->endOfDay();

app/Api/V1/Requests/Generic/ObjectTypeApiRequest.php

@@ -50,7 +50,7 @@ class ObjectTypeApiRequest extends ApiRequest
 
         $this->objectType = $config['object_type'] ?? null;
 
-        if (!$this->objectType) {
+        if (null === $this->objectType) {
             throw new RuntimeException('ObjectTypeApiRequest requires a object_type config');
         }
     }
@@ -75,7 +75,7 @@ class ObjectTypeApiRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
             $type = $this->convertString('types', 'all');

app/Api/V1/Requests/Generic/QueryRequest.php

@@ -42,7 +42,7 @@ class QueryRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
             $query = $this->convertString('query');

app/Api/V1/Requests/Generic/SingleDateRequest.php

@@ -41,6 +41,8 @@ class SingleDateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Insight/GenericRequest.php

@@ -45,6 +45,8 @@ class GenericRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     private Collection $accounts;
     private Collection $bills;
     private Collection $budgets;

app/Api/V1/Requests/Models/Account/AccountTypeApiRequest.php

@@ -40,7 +40,7 @@ class AccountTypeApiRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
 

app/Api/V1/Requests/Models/Account/AccountTypesApiRequest.php

@@ -42,7 +42,7 @@ class AccountTypesApiRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
             $types  = explode(',', $this->convertString('types', 'all'));

app/Api/V1/Requests/Models/Account/StoreRequest.php

@@ -43,6 +43,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getAllAccountData(): array
     {
         $active          = true;

app/Api/V1/Requests/Models/Account/UpdateRequest.php

@@ -46,6 +46,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getUpdateData(): array
     {
         $fields = [

app/Api/V1/Requests/Models/Attachment/StoreRequest.php

@@ -37,6 +37,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Attachment/UpdateRequest.php

@@ -37,6 +37,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/AvailableBudget/Request.php

@@ -40,6 +40,8 @@ class Request extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Bill/StoreRequest.php

@@ -42,6 +42,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Bill/UpdateRequest.php

@@ -41,6 +41,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Budget/StoreRequest.php

@@ -42,6 +42,8 @@ class StoreRequest extends FormRequest
     use ConvertsDataTypes;
     use ValidatesAutoBudgetRequest;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Budget/UpdateRequest.php

@@ -43,6 +43,8 @@ class UpdateRequest extends FormRequest
     use ConvertsDataTypes;
     use ValidatesAutoBudgetRequest;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/BudgetLimit/StoreRequest.php

@@ -26,6 +26,7 @@ namespace FireflyIII\Api\V1\Requests\Models\BudgetLimit;
 
 use Carbon\Carbon;
 use FireflyIII\Factory\TransactionCurrencyFactory;
+use FireflyIII\Models\Budget;
 use FireflyIII\Repositories\Currency\CurrencyRepositoryInterface;
 use FireflyIII\Rules\IsBoolean;
 use FireflyIII\Rules\IsValidPositiveAmount;
@@ -44,6 +45,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */
@@ -85,6 +88,7 @@ class StoreRequest extends FormRequest
      */
     public function withValidator(Validator $validator): void
     {
+        /** @var Budget $budget */
         $budget = $this->route()->parameter('budget');
         $validator->after(static function (Validator $validator) use ($budget): void {
             if (0 !== count($validator->failed())) {

app/Api/V1/Requests/Models/BudgetLimit/UpdateRequest.php

@@ -41,6 +41,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Category/StoreRequest.php

@@ -36,6 +36,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Category/UpdateRequest.php

@@ -37,6 +37,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/CurrencyExchangeRate/DestroyRequest.php

@@ -34,6 +34,8 @@ class DestroyRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getDate(): ?Carbon
     {
         return $this->getCarbonDate('date');

app/Api/V1/Requests/Models/CurrencyExchangeRate/StoreByCurrenciesRequest.php

@@ -36,6 +36,8 @@ class StoreByCurrenciesRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getAll(): array
     {
         return $this->all();

app/Api/V1/Requests/Models/CurrencyExchangeRate/StoreByDateRequest.php

@@ -37,6 +37,8 @@ class StoreByDateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * @return array<string, mixed>
      */

app/Api/V1/Requests/Models/CurrencyExchangeRate/StoreRequest.php

@@ -36,6 +36,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getDate(): ?Carbon
     {
         return $this->getCarbonDate('date');

app/Api/V1/Requests/Models/CurrencyExchangeRate/UpdateRequest.php

@@ -34,6 +34,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getDate(): ?Carbon
     {
         return $this->getCarbonDate('date');

app/Api/V1/Requests/Models/ObjectGroup/UpdateRequest.php

@@ -37,6 +37,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getUpdateData(): array
     {
         $fields = ['title' => ['title', 'convertString'], 'order' => ['order', 'convertInteger']];

app/Api/V1/Requests/Models/PiggyBank/StoreRequest.php

@@ -42,6 +42,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/PiggyBank/UpdateRequest.php

@@ -40,6 +40,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Recurrence/StoreRequest.php

@@ -49,6 +49,8 @@ class StoreRequest extends FormRequest
     use RecurrenceValidation;
     use TransactionValidation;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Recurrence/UpdateRequest.php

@@ -50,6 +50,8 @@ class UpdateRequest extends FormRequest
     use RecurrenceValidation;
     use TransactionValidation;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Rule/StoreRequest.php

@@ -42,6 +42,8 @@ class StoreRequest extends FormRequest
     use ConvertsDataTypes;
     use GetRuleConfiguration;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Rule/TestRequest.php

@@ -37,6 +37,8 @@ class TestRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getTestParameters(): array
     {
         return ['page'     => $this->getPage(), 'start'    => $this->getDate('start'), 'end'      => $this->getDate('end'), 'accounts' => $this->getAccounts()];

app/Api/V1/Requests/Models/Rule/TriggerRequest.php

@@ -37,6 +37,8 @@ class TriggerRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getTriggerParameters(): array
     {
         return ['start'    => $this->getDate('start'), 'end'      => $this->getDate('end'), 'accounts' => $this->getAccounts()];

app/Api/V1/Requests/Models/Rule/UpdateRequest.php

@@ -43,6 +43,8 @@ class UpdateRequest extends FormRequest
     use ConvertsDataTypes;
     use GetRuleConfiguration;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Rule/ValidateExpressionRequest.php

@@ -35,6 +35,8 @@ class ValidateExpressionRequest extends FormRequest
 {
     use ChecksLogin;
 
+    protected array $acceptedRoles = [];
+
     public function rules(): array
     {
         return ['expression' => ['required', new IsValidActionExpression()]];

app/Api/V1/Requests/Models/RuleGroup/StoreRequest.php

@@ -37,6 +37,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/RuleGroup/TestRequest.php

@@ -37,6 +37,8 @@ class TestRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getTestParameters(): array
     {
         return ['start'    => $this->getDate('start'), 'end'      => $this->getDate('end'), 'accounts' => $this->getAccounts()];

app/Api/V1/Requests/Models/RuleGroup/TriggerRequest.php

@@ -37,6 +37,8 @@ class TriggerRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getTriggerParameters(): array
     {
         return ['start'    => $this->getDate('start'), 'end'      => $this->getDate('end'), 'accounts' => $this->getAccounts()];

app/Api/V1/Requests/Models/RuleGroup/UpdateRequest.php

@@ -38,6 +38,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Tag/StoreRequest.php

@@ -39,6 +39,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Tag/UpdateRequest.php

@@ -40,6 +40,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/Transaction/StoreRequest.php

@@ -54,6 +54,8 @@ class StoreRequest extends FormRequest
     use GroupValidation;
     use TransactionValidation;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data. Is pretty complex because of all the ??-statements.
      */

app/Api/V1/Requests/Models/Transaction/UpdateRequest.php

@@ -50,6 +50,8 @@ class UpdateRequest extends FormRequest
     use GroupValidation;
     use TransactionValidation;
 
+    protected array $acceptedRoles = [];
+
     private array $arrayFields;
     private array $booleanFields;
     private array $dateFields;

app/Api/V1/Requests/Models/TransactionCurrency/StoreRequest.php

@@ -37,6 +37,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/TransactionCurrency/UpdateRequest.php

@@ -38,6 +38,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */
@@ -61,7 +63,7 @@ class UpdateRequest extends FormRequest
      */
     public function rules(): array
     {
-        /** @var TransactionCurrency $currency */
+        /** @var string|TransactionCurrency $currency */
         $currency = $this->route()->parameter('currency_code');
         if (is_string($currency)) {
             $currency = TransactionCurrency::whereCode($currency)->first();

app/Api/V1/Requests/Models/TransactionLink/StoreRequest.php

@@ -41,6 +41,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/TransactionLink/UpdateRequest.php

@@ -41,6 +41,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/TransactionLinkType/StoreRequest.php

@@ -36,6 +36,8 @@ class StoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/TransactionLinkType/UpdateRequest.php

@@ -38,6 +38,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Get all data from the request.
      */

app/Api/V1/Requests/Models/UserGroup/UpdateRequest.php

@@ -36,6 +36,8 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getData(): array
     {
         $fields = [

app/Api/V1/Requests/Models/Webhook/CreateRequest.php

@@ -43,6 +43,8 @@ class CreateRequest extends FormRequest
     use ConvertsDataTypes;
     use ValidatesWebhooks;
 
+    protected array $acceptedRoles = [];
+
     public function getData(): array
     {
         $fields               = ['title'  => ['title', 'convertString'], 'active' => ['active', 'boolean'], 'url'    => ['url', 'convertString']];

app/Api/V1/Requests/Models/Webhook/UpdateRequest.php

@@ -43,6 +43,8 @@ class UpdateRequest extends FormRequest
     use ConvertsDataTypes;
     use ValidatesWebhooks;
 
+    protected array $acceptedRoles = [];
+
     public function getData(): array
     {
         $fields               = ['title'  => ['title', 'convertString'], 'active' => ['active', 'boolean'], 'url'    => ['url', 'convertString']];

app/Api/V1/Requests/PaginationRequest.php

@@ -41,7 +41,7 @@ class PaginationRequest extends ApiRequest
 
         $this->sortClass = $config['sort_class'] ?? null;
 
-        if (!$this->sortClass) {
+        if (null === $this->sortClass) {
             throw new RuntimeException('PaginationRequest requires a sort_class config');
         }
     }
@@ -58,7 +58,7 @@ class PaginationRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
 
@@ -72,7 +72,7 @@ class PaginationRequest extends ApiRequest
             $page   = $this->convertInteger('page');
             $page   = min(max(1, $page), 2 ** 16);
             $offset = ($page - 1) * $limit;
-            $sort   = $this->sortClass ? $this->convertSortParameters('sort', $this->sortClass) : $this->get('sort');
+            $sort   = null !== $this->sortClass ? $this->convertSortParameters('sort', $this->sortClass) : $this->get('sort');
             $this->attributes->set('limit', $limit);
             $this->attributes->set('sort', $sort);
             $this->attributes->set('page', $page);

app/Api/V1/Requests/Search/CountRequest.php

@@ -45,7 +45,7 @@ class CountRequest extends AggregateFormRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
             $this->attributes->set('include_deleted', $this->convertBoolean($this->input('include_deleted', 'false')));

app/Api/V1/Requests/Search/SearchQueryRequest.php

@@ -37,7 +37,7 @@ class SearchQueryRequest extends ApiRequest
     public function withValidator(Validator $validator): void
     {
         $validator->after(function (Validator $validator): void {
-            if ($validator->failed()) {
+            if (count($validator->failed()) > 0) {
                 return;
             }
             $query = $this->convertString('query');

app/Api/V1/Requests/System/UpdateRequest.php

@@ -37,7 +37,9 @@ class UpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
-    private array $booleans = [
+    protected array $acceptedRoles = [];
+
+    private array $booleans        = [
         'configuration.is_demo_site',
         'configuration.single_user_mode',
         'configuration.enable_exchange_rates',
@@ -46,7 +48,7 @@ class UpdateRequest extends FormRequest
         'configuration.enable_external_rates',
         'configuration.allow_webhooks',
     ];
-    private array $integers = ['configuration.permission_update_check', 'configuration.last_update_check'];
+    private array $integers        = ['configuration.permission_update_check', 'configuration.last_update_check'];
 
     /**
      * Get all data from the request.

app/Api/V1/Requests/System/UserStoreRequest.php

@@ -37,6 +37,8 @@ class UserStoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Logged in + owner
      */

app/Api/V1/Requests/System/UserUpdateRequest.php

@@ -40,6 +40,8 @@ class UserUpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Logged in + owner
      */

app/Api/V1/Requests/User/PreferenceStoreRequest.php

@@ -36,6 +36,8 @@ class PreferenceStoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getAll(): array
     {
         $array = ['name' => $this->convertString('name'), 'data' => $this->get('data')];

app/Api/V1/Requests/User/PreferenceUpdateRequest.php

@@ -36,6 +36,8 @@ class PreferenceUpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     public function getAll(): array
     {
         $array = ['name' => $this->convertString('name'), 'data' => $this->get('data')];

app/Console/Commands/Correction/CorrectsIbans.php

@@ -57,24 +57,28 @@ class CorrectsIbans extends Command
 
         /** @var Account $account */
         foreach ($accounts as $account) {
-            $userId = $account->user_id;
+            $userId                = $account->user_id;
             $set[$userId] ??= [];
-            $iban   = (string) $account->iban;
+            $iban                  = (string) $account->iban;
             if ('' === $iban) {
                 continue;
             }
-            $type   = $account->accountType->type;
+            $type                  = $account->accountType->type;
             if (in_array($type, [AccountTypeEnum::LOAN->value, AccountTypeEnum::DEBT->value, AccountTypeEnum::MORTGAGE->value], true)) {
                 $type = 'liabilities';
             }
-            // iban already in use! two exceptions exist:
-            if (
-                array_key_exists($iban, $set[$userId]) && (
-                    !AccountTypeEnum::EXPENSE->value === $set[$userId][$iban]
-                    && AccountTypeEnum::REVENUE->value === $type
-                    && !(AccountTypeEnum::REVENUE->value === $set[$userId][$iban] && AccountTypeEnum::EXPENSE->value === $type)
-                )
-            ) {
+            $showWarningAndCorrect = false;
+            if (array_key_exists($iban, $set[$userId])) {
+                // the type is a revenue account, and the existing IBAN is NOT an expense account.
+                if (AccountTypeEnum::REVENUE->value === $type && AccountTypeEnum::EXPENSE->value !== $set[$userId][$iban]) {
+                    $showWarningAndCorrect = true;
+                }
+                // the type is an expense account, and the existing IBAN is NOT a revenue account
+                if (AccountTypeEnum::EXPENSE->value === $type && AccountTypeEnum::REVENUE->value !== $set[$userId][$iban]) {
+                    $showWarningAndCorrect = true;
+                }
+            }
+            if ($showWarningAndCorrect) {
                 $this->friendlyWarning(sprintf(
                     'IBAN "%s" is used more than once and will be removed from %s #%d ("%s")',
                     $iban,

app/Console/Commands/Correction/CorrectsInvertedBudgetLimits.php

@@ -69,10 +69,6 @@ class CorrectsInvertedBudgetLimits extends Command
             $budgetLimit->saveQuietly();
         }
 
-        if ($set->count() > 0) {
-            // FIXME here be a available budget event.
-        }
-
         if (1 === $set->count()) {
             $this->friendlyInfo('Corrected one budget limit to have the right start/end dates.');
 

app/Console/Commands/Correction/CorrectsUnevenAmount.php

@@ -322,7 +322,7 @@ class CorrectsUnevenAmount extends Command
         foreach ($journals as $entry) {
             $sum = (string) $entry->the_sum;
             $sum = Steam::floatalize($sum);
-            if (!is_numeric($sum) || '' === $sum || str_contains($sum, 'e') || str_contains($sum, ',')) {
+            if (!is_numeric($sum) || str_contains($sum, 'e') || str_contains($sum, ',')) {
                 $message = sprintf('Journal #%d has an invalid sum ("%s"). No sure what to do.', $entry->transaction_journal_id, $entry->the_sum);
                 $this->friendlyWarning($message);
                 Log::warning($message);

app/Console/Commands/Upgrade/RemovesDatabaseDecryption.php

@@ -64,10 +64,6 @@ class RemovesDatabaseDecryption extends Command
             'journal_links'        => ['comment'],
         ];
 
-        /**
-         * @var string $table
-         * @var array  $fields
-         */
         foreach ($tables as $table => $fields) {
             $this->decryptTable($table, $fields);
         }
@@ -127,7 +123,7 @@ class RemovesDatabaseDecryption extends Command
         }
 
         // A separate routine for preferences table:
-        if ('preferences' === $table && is_string($value)) {
+        if ('preferences' === $table) {
             $this->decryptPreferencesRow($id, $value);
 
             return;

app/Console/Commands/Upgrade/UpgradesLiabilitiesEight.php

@@ -101,8 +101,13 @@ class UpgradesLiabilitiesEight extends Command
 
     private function hasBadOpening(Account $account): bool
     {
+        /** @var TransactionType $openingBalanceType */
         $openingBalanceType = TransactionType::whereType(TransactionTypeEnum::OPENING_BALANCE->value)->first();
+
+        /** @var TransactionType $liabilityType */
         $liabilityType      = TransactionType::whereType(TransactionTypeEnum::LIABILITY_CREDIT->value)->first();
+
+        /** @var null|TransactionJournal $openingJournal */
         $openingJournal     = TransactionJournal::leftJoin('transactions', 'transactions.transaction_journal_id', '=', 'transaction_journals.id')
             ->where('transactions.account_id', $account->id)
             ->where('transaction_journals.transaction_type_id', $openingBalanceType->id)
@@ -111,6 +116,8 @@ class UpgradesLiabilitiesEight extends Command
         if (null === $openingJournal) {
             return false;
         }
+
+        /** @var null|TransactionJournal $liabilityJournal */
         $liabilityJournal   = TransactionJournal::leftJoin('transactions', 'transactions.transaction_journal_id', '=', 'transaction_journals.id')
             ->where('transactions.account_id', $account->id)
             ->where('transaction_journals.transaction_type_id', $liabilityType->id)
@@ -120,7 +127,7 @@ class UpgradesLiabilitiesEight extends Command
             return false;
         }
 
-        return (bool) $openingJournal->date->isSameDay($liabilityJournal->date);
+        return $openingJournal->date->isSameDay($liabilityJournal->date);
     }
 
     private function isExecuted(): bool

app/Exceptions/IntervalException.php

@@ -36,7 +36,7 @@ final class IntervalException extends Exception
     public array       $availableIntervals = [];
     public Periodicity $periodicity        = Periodicity::Monthly;
 
-    /** @var mixed */
+    /** @var string */
     protected $message                     = 'The periodicity %s is unknown. Choose one of available periodicity: %s';
 
     public function __construct(string $message = '', int $code = 0, ?Throwable $previous = null)

app/Factory/PiggyBankFactory.php

@@ -158,9 +158,9 @@ class PiggyBankFactory
                     // event(new ChangedAmount($piggyBank, $diff, null, null));
                 }
 
-                // no amount set, use previous amount or go to ZERO.
-                $toBeLinked[$account->id] = ['current_amount' => $toBeLinked[$account->id]['current_amount'] ?? '0'];
-                Log::debug(sprintf('[b] Will link account #%d with amount %s', $account->id, $toBeLinked[$account->id]['current_amount'] ?? '0'));
+                // no amount set, use previous amount
+                $toBeLinked[$account->id] = ['current_amount' => $toBeLinked[$account->id]['current_amount']];
+                Log::debug(sprintf('[b] Will link account #%d with amount %s', $account->id, $toBeLinked[$account->id]['current_amount']));
 
                 // create event:
                 Log::debug('linkToAccountIds: Trigger change for positive amount [b].');

app/Factory/TransactionJournalFactory.php

@@ -338,7 +338,7 @@ class TransactionJournalFactory
             'date_tz'                 => $carbon->format('e'),
             'order'                   => $order,
             'tag_count'               => 0,
-            'completed'               => !$row['batch_submission'],
+            'completed'               => is_bool($row['batch_submission']) && !$row['batch_submission'],
         ]);
         Log::debug(sprintf('Created new journal #%d: "%s"', $journal->id, $journal->description));
 
@@ -574,16 +574,11 @@ class TransactionJournalFactory
             return [$sourceAccount, $account];
         }
 
-        if (!$sourceAccount instanceof Account) {
-            Log::debug('Source account is NULL, destination account is not.');
-            $account = $this->accountRepository->getReconciliation($destinationAccount);
-            Log::debug(sprintf('Will return account #%d ("%s") of type "%s"', $account->id, $account->name, $account->accountType->type));
+        Log::debug('Source account is NULL, destination account is not.');
+        $account = $this->accountRepository->getReconciliation($destinationAccount);
+        Log::debug(sprintf('Will return account #%d ("%s") of type "%s"', $account->id, $account->name, $account->accountType->type));
 
-            return [$account, $destinationAccount];
-        }
-        Log::debug('Unused fallback');
-
-        return [$sourceAccount, $destinationAccount];
+        return [$account, $destinationAccount];
     }
 
     private function storeLocation(TransactionJournal $journal, NullArrayObject $data): void

app/Handlers/Observer/DeletedAccountObserver.php

@@ -54,11 +54,10 @@ class DeletedAccountObserver
             ->pluck('transaction_journal_id')
             ->toArray()
         ;
-        $groupIds   = TransactionJournal::whereIn('id', $journalIds)
-            ->get(['transaction_journals.transaction_group_id'])
-            ->pluck('transaction_group_id')
-            ->toArray()
-        ;
+
+        $groupIds   = array_map(function (array $item) {
+            return $item['transaction_group_id'];
+        }, TransactionJournal::whereIn('id', $journalIds)->get(['transaction_journals.transaction_group_id'])->toArray());
 
         if (count($journalIds) > 0) {
             Transaction::whereIn('transaction_journal_id', $journalIds)->delete();

app/Http/Controllers/Auth/LoginController.php

@@ -275,7 +275,7 @@ final class LoginController extends Controller
         $request->session()->regenerate();
         $this->clearLoginAttempts($request);
         $response = $this->authenticated($request, $this->guard()->user());
-        if ($response) {
+        if (null !== $response) {
             return $response;
         }
         $path     = Steam::getSafeUrl(session()->pull('url.intended', route('index')), route('index'));

app/Http/Controllers/Auth/RegisterController.php

@@ -176,7 +176,7 @@ final class RegisterController extends Controller
     /**
      * @throws FireflyException
      */
-    protected function allowedToRegister(): bool
+    private function allowedToRegister(): bool
     {
         // is allowed to register?
         $allowRegistration = true;

app/Http/Controllers/Budget/IndexController.php

@@ -224,7 +224,7 @@ final class IndexController extends Controller
         Log::debug(sprintf('(getAllBudgets) Start is "%s", end is "%s"', $start->format('Y-m-d H:i:s'), $end->format('Y-m-d H:i:s')));
 
         // complement budget with budget limits in range, and expenses in currency X in range.
-        /** @var Budget $current */
+        /** @var Budget $budget */
         foreach ($collection as $budget) {
             Log::debug(sprintf('Working on budget #%d ("%s")', $budget->id, $budget->name));
             $array                = $budget->toArray();

app/Http/Controllers/DebugController.php

@@ -304,7 +304,7 @@ final class DebugController extends Controller
 
         return [
             'debug'              => var_export(config('app.debug'), true),
-            'audit_log_channel'  => envNonEmpty('AUDIT_LOG_CHANNEL', '(empty)'),
+            'audit_log_channel'  => implode(', ', config('logging.channels.audit.channels')),
             'default_language'   => (string) config('firefly.default_language'),
             'default_locale'     => (string) config('firefly.default_locale'),
             'remote_header'      => 'remote_user_guard' === $userGuard ? config('auth.guard_header') : 'N/A',
@@ -323,11 +323,11 @@ final class DebugController extends Controller
     private function getBuildInfo(): array
     {
         $return = [
-            'is_docker'       => env('IS_DOCKER', false),
+            'is_docker'       => config('firefly.is_docker'),
             'build'           => '(unknown)',
             'build_date'      => '(unknown)',
-            'base_build'      => '(unknown)',
-            'base_build_date' => '(unknown)',
+            'base_build'      => config('firefly.base_image_build'),
+            'base_build_date' => config('firefly.base_image_date'),
         ];
 
         try {
@@ -348,12 +348,6 @@ final class DebugController extends Controller
             Log::debug('Could not check build date, but thats ok.');
             Log::warning($e->getMessage());
         }
-        if ('' !== (string) env('BASE_IMAGE_BUILD')) {
-            $return['base_build'] = env('BASE_IMAGE_BUILD');
-        }
-        if ('' !== (string) env('BASE_IMAGE_DATE')) {
-            $return['base_build_date'] = env('BASE_IMAGE_DATE');
-        }
 
         return $return;
     }

app/Http/Controllers/Json/ReconcileController.php

@@ -128,10 +128,10 @@ final class ReconcileController extends Controller
         Log::debug(sprintf('End balance: "%s"', $endBalance));
         Log::debug(sprintf('Cleared amount: "%s"', $clearedAmount));
         Log::debug(sprintf('Amount: "%s"', $amount));
-        $difference      = bcadd(bcadd(bcsub($startBalance ?? '0', $endBalance ?? '0'), $clearedAmount), $amount);
+        $difference      = bcadd(bcadd(bcsub($startBalance, $endBalance), $clearedAmount), $amount);
         $diffCompare     = bccomp($difference, '0');
         $countCleared    = count($clearedJournals);
-        $reconSum        = bcadd(bcadd($startBalance ?? '0', $amount), $clearedAmount);
+        $reconSum        = bcadd(bcadd($startBalance, $amount), $clearedAmount);
 
         try {
             $view = view('accounts.reconcile.overview', [

app/Http/Controllers/PreferencesController.php

@@ -86,7 +86,7 @@ final class PreferencesController extends Controller
             AccountTypeEnum::DEBT->value,
             AccountTypeEnum::MORTGAGE->value,
         ]);
-        $isDocker                       = env('IS_DOCKER', false);
+        $isDocker                       = config('firefly.is_docker');
         $groupedAccounts                = [];
 
         /** @var Account $account */

app/Http/Controllers/Transaction/MassController.php

@@ -26,7 +26,6 @@ namespace FireflyIII\Http\Controllers\Transaction;
 use Carbon\Carbon;
 use FireflyIII\Enums\AccountTypeEnum;
 use FireflyIII\Enums\TransactionTypeEnum;
-use FireflyIII\Events\Model\TransactionGroup\DestroyedSingleTransactionGroup;
 use FireflyIII\Events\Model\TransactionGroup\TransactionGroupEventFlags;
 use FireflyIII\Events\Model\TransactionGroup\TransactionGroupEventObjects;
 use FireflyIII\Events\Model\TransactionGroup\UpdatedSingleTransactionGroup;
@@ -64,7 +63,7 @@ final class MassController extends Controller
         parent::__construct();
 
         $this->middleware(function ($request, $next) {
-            app('view')->share('title', (string)trans('firefly.transactions'));
+            app('view')->share('title', (string) trans('firefly.transactions'));
             app('view')->share('mainTitleIcon', 'fa-exchange');
             $this->repository = app(JournalRepositoryInterface::class);
 
@@ -77,7 +76,7 @@ final class MassController extends Controller
      */
     public function delete(array $journals): IlluminateView
     {
-        $subTitle = (string)trans('firefly.mass_delete_journals');
+        $subTitle = (string) trans('firefly.mass_delete_journals');
 
         // put previous url in session
         $this->rememberPreviousUrl('transactions.mass-delete.url');
@@ -90,15 +89,11 @@ final class MassController extends Controller
      *
      * @return Application|Redirector|RedirectResponse
      */
-    public function destroy(MassDeleteJournalRequest $request): Redirector | RedirectResponse
+    public function destroy(MassDeleteJournalRequest $request): Redirector|RedirectResponse
     {
         Log::debug(sprintf('Now in %s', __METHOD__));
-        $ids   = $request->input('confirm_mass_delete');
+        $ids   = $request->get('confirm_mass_delete');
         $count = 0;
-
-        $objects = new TransactionGroupEventObjects();
-
-
         if (is_array($ids)) {
             Log::debug('Array of IDs', $ids);
 
@@ -107,11 +102,9 @@ final class MassController extends Controller
                 Log::debug(sprintf('Searching for ID #%d', $journalId));
 
                 /** @var null|TransactionJournal $journal */
-                $journal = $this->repository->find((int)$journalId);
-                if (null !== $journal && (int)$journalId === $journal->id) {
-                    $objects->appendFromTransactionGroup($journal->transactionGroup);
+                $journal = $this->repository->find((int) $journalId);
+                if (null !== $journal && (int) $journalId === $journal->id) {
                     $this->repository->destroyJournal($journal);
-
                     ++$count;
                     Log::debug(sprintf('Deleted transaction journal #%d', $journalId));
 
@@ -123,11 +116,6 @@ final class MassController extends Controller
         Preferences::mark();
         session()->flash('success', trans_choice('firefly.mass_deleted_transactions_success', $count));
 
-        // trigger just after destruction
-        $flags = new TransactionGroupEventFlags();
-        event(new DestroyedSingleTransactionGroup($flags, $objects));
-        event(new WebhookMessagesRequestSending());
-
         // redirect to previous URL:
         return redirect($this->getPreviousUrl('transactions.mass-delete.url'));
     }
@@ -137,22 +125,22 @@ final class MassController extends Controller
      */
     public function edit(array $journals): IlluminateView
     {
-        $subTitle = (string)trans('firefly.mass_edit_journals');
+        $subTitle            = (string) trans('firefly.mass_edit_journals');
 
         /** @var AccountRepositoryInterface $accountRepository */
-        $accountRepository = app(AccountRepositoryInterface::class);
+        $accountRepository   = app(AccountRepositoryInterface::class);
 
         // valid withdrawal sources:
-        $array             = array_keys(config(sprintf('firefly.source_dests.%s', TransactionTypeEnum::WITHDRAWAL->value)));
-        $withdrawalSources = $accountRepository->getAccountsByType($array);
+        $array               = array_keys(config(sprintf('firefly.source_dests.%s', TransactionTypeEnum::WITHDRAWAL->value)));
+        $withdrawalSources   = $accountRepository->getAccountsByType($array);
 
         // valid deposit destinations:
         $array               = config(sprintf('firefly.source_dests.%s.%s', TransactionTypeEnum::DEPOSIT->value, AccountTypeEnum::REVENUE->value));
         $depositDestinations = $accountRepository->getAccountsByType($array);
 
         /** @var BudgetRepositoryInterface $budgetRepository */
-        $budgetRepository = app(BudgetRepositoryInterface::class);
-        $budgets          = $budgetRepository->getBudgets();
+        $budgetRepository    = app(BudgetRepositoryInterface::class);
+        $budgets             = $budgetRepository->getBudgets();
 
         // reverse amounts
         foreach ($journals as $index => $journal) {
@@ -176,18 +164,18 @@ final class MassController extends Controller
      *
      * @throws FireflyException
      */
-    public function update(MassEditJournalRequest $request): Redirector | RedirectResponse
+    public function update(MassEditJournalRequest $request): Redirector|RedirectResponse
     {
         $journalIds = $request->get('journals');
         if (!is_array($journalIds)) {
             // TODO this is a weird error, should be caught.
             throw new FireflyException('This is not an array.');
         }
-        $count = 0;
+        $count      = 0;
 
         /** @var string $journalId */
         foreach ($journalIds as $journalId) {
-            $integer = (int)$journalId;
+            $integer = (int) $journalId;
 
             try {
                 $this->updateJournal($integer, $request);
@@ -236,7 +224,7 @@ final class MassController extends Controller
             return null;
         }
 
-        return (int)$value[$journalId];
+        return (int) $value[$journalId];
     }
 
     private function getStringFromRequest(MassEditJournalRequest $request, int $journalId, string $string): ?string
@@ -249,7 +237,7 @@ final class MassController extends Controller
             return null;
         }
 
-        return (string)$value[$journalId];
+        return (string) $value[$journalId];
     }
 
     /**
@@ -265,7 +253,7 @@ final class MassController extends Controller
         // for each field, call the update service.
         $service->setTransactionJournal($journal);
 
-        $data = [
+        $data    = [
             'date'             => $this->getDateFromRequest($request, $journal->id, 'date'),
             'description'      => $this->getStringFromRequest($request, $journal->id, 'description'),
             'source_id'        => $this->getIntFromRequest($request, $journal->id, 'source_id'),

app/Http/Middleware/SecureHeaders.php

@@ -67,7 +67,7 @@ class SecureHeaders
         ];
 
         // overrule in development mode
-        if (true === env('IS_LOCAL_DEV')) {
+        if (true === config('firefly.is_local_dev')) {
             $csp = [
                 "default-src 'none'",
                 "object-src 'none'",

app/Http/Requests/AttachmentFormRequest.php

@@ -37,6 +37,8 @@ class AttachmentFormRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Returns the data required by the controller.
      */

app/Http/Requests/BillStoreRequest.php

@@ -38,6 +38,8 @@ class BillStoreRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Returns the data required by the controller.
      */

app/Http/Requests/BillUpdateRequest.php

@@ -39,6 +39,8 @@ class BillUpdateRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Returns the data required by the controller.
      */

app/Http/Requests/BudgetFormStoreRequest.php

@@ -40,6 +40,8 @@ class BudgetFormStoreRequest extends FormRequest
     use ConvertsDataTypes;
     use ValidatesAutoBudgetRequest;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Returns the data required by the controller.
      */

app/Http/Requests/BudgetFormUpdateRequest.php

@@ -41,6 +41,8 @@ class BudgetFormUpdateRequest extends FormRequest
     use ConvertsDataTypes;
     use ValidatesAutoBudgetRequest;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Returns the data required by the controller.
      */

app/Http/Requests/BudgetIncomeRequest.php

@@ -36,6 +36,8 @@ class BudgetIncomeRequest extends FormRequest
 {
     use ChecksLogin;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Rules for this request.
      */

app/Http/Requests/BulkEditJournalRequest.php

@@ -37,6 +37,8 @@ class BulkEditJournalRequest extends FormRequest
     use ChecksLogin;
     use ConvertsDataTypes;
 
+    protected array $acceptedRoles = [];
+
     /**
      * Rules for this request.
      */