kenmirrors/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2025-08-08 23:29:43 +00:00
Code Issues Projects Releases Wiki Activity

Applied EditorConfig settings to all files

Browse Source
This commit is contained in:
Bernd Bestel 2020-08-29 16:41:27 +02:00
parent 2c966c77fd
commit 3b0d29bed0
No known key found for this signature in database
GPG Key ID: 71BD34C0D4891300
87 changed files with 797 additions and 798 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app.php
View File

@ -67,7 +67,7 @@ if (!empty(GROCY_BASE_PATH))
$app->addRoutingMiddleware(); $app->addRoutingMiddleware();
$errorMiddleware = $app->addErrorMiddleware(true, false, false); $errorMiddleware = $app->addErrorMiddleware(true, false, false);
$errorMiddleware->setDefaultErrorHandler( $errorMiddleware->setDefaultErrorHandler(
new \Grocy\Controllers\ExceptionController($app, $container) new \Grocy\Controllers\ExceptionController($app, $container)
); );
$app->run(); $app->run();

12
controllers/BaseController.php
View File

@ -34,7 +34,7 @@ class BaseController
$this->View->set('version', $versionInfo->Version); $this->View->set('version', $versionInfo->Version);
$this->View->set('releaseDate', $versionInfo->ReleaseDate); $this->View->set('releaseDate', $versionInfo->ReleaseDate);
$localizationService = $this->getLocalizationService(); $localizationService = $this->getLocalizationService();
$this->View->set('__t', function(string $text, ...$placeholderValues) use($localizationService) $this->View->set('__t', function(string $text, ...$placeholderValues) use($localizationService)
{ {
return $localizationService->__t($text, $placeholderValues); return $localizationService->__t($text, $placeholderValues);
@ -98,12 +98,12 @@ class BaseController
return $this->render($response, $page, $data); return $this->render($response, $page, $data);
} }
protected function getDatabaseService() protected function getDatabaseService()
{ {
return DatabaseService::getInstance(); return DatabaseService::getInstance();
} }
protected function getDatabase() protected function getDatabase()
{ {
return $this->getDatabaseService()->GetDbConnection(); return $this->getDatabaseService()->GetDbConnection();
} }
@ -128,7 +128,7 @@ class BaseController
return CalendarService::getInstance(); return CalendarService::getInstance();
} }
protected function getSessionService() protected function getSessionService()
{ {
return SessionService::getInstance(); return SessionService::getInstance();
} }
@ -143,12 +143,12 @@ class BaseController
return StockService::getInstance(); return StockService::getInstance();
} }
protected function getTasksService() protected function getTasksService()
{ {
return TasksService::getInstance(); return TasksService::getInstance();
} }
protected function getUsersService() protected function getUsersService()
{ {
return UsersService::getInstance(); return UsersService::getInstance();
} }

8
controllers/BatteriesApiController.php
View File

@ -13,9 +13,9 @@ class BatteriesApiController extends BaseApiController
public function TrackChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function TrackChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_BATTERY_TRACK_CHARGE_CYCLE); User::checkPermission($request, User::PERMISSION_BATTERY_TRACK_CHARGE_CYCLE);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -53,9 +53,9 @@ class BatteriesApiController extends BaseApiController
public function UndoChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function UndoChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE); User::checkPermission($request, User::PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE);
try try
{ {
$this->ApiResponse($response, $this->getBatteriesService()->UndoChargeCycle($args['chargeCycleId'])); $this->ApiResponse($response, $this->getBatteriesService()->UndoChargeCycle($args['chargeCycleId']));
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);

14
controllers/ChoresApiController.php
View File

@ -17,9 +17,9 @@ class ChoresApiController extends BaseApiController
try try
{ {
User::checkPermission($request, User::PERMISSION_CHORE_TRACK); User::checkPermission($request, User::PERMISSION_CHORE_TRACK);
$trackedTime = date('Y-m-d H:i:s'); $trackedTime = date('Y-m-d H:i:s');
if (array_key_exists('tracked_time', $requestBody) && (IsIsoDateTime($requestBody['tracked_time']) || IsIsoDate($requestBody['tracked_time']))) if (array_key_exists('tracked_time', $requestBody) && (IsIsoDateTime($requestBody['tracked_time']) || IsIsoDate($requestBody['tracked_time'])))
{ {
$trackedTime = $requestBody['tracked_time']; $trackedTime = $requestBody['tracked_time'];
@ -31,7 +31,7 @@ class ChoresApiController extends BaseApiController
$doneBy = $requestBody['done_by']; $doneBy = $requestBody['done_by'];
} }
if($doneBy != GROCY_USER_ID) if($doneBy != GROCY_USER_ID)
User::checkPermission($request, User::PERMISSION_CHORE_TRACK_OTHERS); User::checkPermission($request, User::PERMISSION_CHORE_TRACK_OTHERS);
$choreExecutionId = $this->getChoresService()->TrackChore($args['choreId'], $trackedTime, $doneBy); $choreExecutionId = $this->getChoresService()->TrackChore($args['choreId'], $trackedTime, $doneBy);
return $this->ApiResponse($response, $this->getDatabase()->chores_log($choreExecutionId)); return $this->ApiResponse($response, $this->getDatabase()->chores_log($choreExecutionId));
@ -63,9 +63,9 @@ class ChoresApiController extends BaseApiController
{ {
try try
{ {
User::checkPermission($request, User::PERMISSION_CHORE_UNDO); User::checkPermission($request, User::PERMISSION_CHORE_UNDO);
$this->ApiResponse($response, $this->getChoresService()->UndoChoreExecution($args['executionId'])); $this->ApiResponse($response, $this->getChoresService()->UndoChoreExecution($args['executionId']));
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);
} }
catch (\Exception $ex) catch (\Exception $ex)
@ -78,9 +78,9 @@ class ChoresApiController extends BaseApiController
{ {
try try
{ {
User::checkPermission($request, User::PERMISSION_CHORE_EDIT); User::checkPermission($request, User::PERMISSION_CHORE_EDIT);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
$choreId = null; $choreId = null;
if (array_key_exists('chore_id', $requestBody) && !empty($requestBody['chore_id']) && is_numeric($requestBody['chore_id'])) if (array_key_exists('chore_id', $requestBody) && !empty($requestBody['chore_id']) && is_numeric($requestBody['chore_id']))

99
controllers/ExceptionController.php
View File

@ -1,6 +1,5 @@
<?php <?php
namespace Grocy\Controllers; namespace Grocy\Controllers;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
@ -12,58 +11,58 @@ use Throwable;
class ExceptionController extends BaseApiController class ExceptionController extends BaseApiController
{ {
/** /**
* @var \Slim\App * @var \Slim\App
*/ */
private $app; private $app;
public function __construct(\Slim\App $app, \DI\Container $container) public function __construct(\Slim\App $app, \DI\Container $container)
{ {
parent::__construct($container); parent::__construct($container);
$this->app = $app; $this->app = $app;
} }
public function __invoke(ServerRequestInterface $request, public function __invoke(ServerRequestInterface $request,
Throwable $exception, Throwable $exception,
bool $displayErrorDetails, bool $displayErrorDetails,
bool $logErrors, bool $logErrors,
bool $logErrorDetails, bool $logErrorDetails,
?LoggerInterface $logger = null) ?LoggerInterface $logger = null)
{ {
$response = $this->app->getResponseFactory()->createResponse(); $response = $this->app->getResponseFactory()->createResponse();
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/'); $isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
if ($isApiRoute) { if ($isApiRoute) {
$status = 500; $status = 500;
if ($exception instanceof HttpException) { if ($exception instanceof HttpException) {
$status = $exception->getCode(); $status = $exception->getCode();
} }
$data = [ $data = [
'error_message' => $exception->getMessage(), 'error_message' => $exception->getMessage(),
]; ];
if ($displayErrorDetails) { if ($displayErrorDetails) {
$data['error_details'] = [ $data['error_details'] = [
'stack_trace' => $exception->getTraceAsString(), 'stack_trace' => $exception->getTraceAsString(),
'file' => $exception->getFile(), 'file' => $exception->getFile(),
'line' => $exception->getLine(), 'line' => $exception->getLine(),
]; ];
} }
return $this->ApiResponse($response->withStatus($status), $data); return $this->ApiResponse($response->withStatus($status), $data);
} }
if ($exception instanceof HttpNotFoundException) { if ($exception instanceof HttpNotFoundException) {
return $this->renderPage($response->withStatus(404), 'errors/404', [ return $this->renderPage($response->withStatus(404), 'errors/404', [
'exception' => $exception 'exception' => $exception
]); ]);
} }
if ($exception instanceof HttpForbiddenException) { if ($exception instanceof HttpForbiddenException) {
return $this->renderPage($response->withStatus(403), 'errors/403', [ return $this->renderPage($response->withStatus(403), 'errors/403', [
'exception' => $exception 'exception' => $exception
]); ]);
} }
return $this->renderPage($response->withStatus(500), 'errors/500', [ return $this->renderPage($response->withStatus(500), 'errors/500', [
'exception' => $exception 'exception' => $exception
]); ]);
} }
} }

8
controllers/FilesApiController.php
View File

@ -16,9 +16,9 @@ class FilesApiController extends BaseApiController
{ {
try try
{ {
User::checkPermission($request, User::PERMISSION_UPLOAD_FILE); User::checkPermission($request, User::PERMISSION_UPLOAD_FILE);
if (IsValidFileName(base64_decode($args['fileName']))) if (IsValidFileName(base64_decode($args['fileName'])))
{ {
$fileName = base64_decode($args['fileName']); $fileName = base64_decode($args['fileName']);
} }
@ -100,9 +100,9 @@ class FilesApiController extends BaseApiController
{ {
try try
{ {
User::checkPermission($request, User::PERMISSION_DELETE_FILE); User::checkPermission($request, User::PERMISSION_DELETE_FILE);
if (IsValidFileName(base64_decode($args['fileName']))) if (IsValidFileName(base64_decode($args['fileName'])))
{ {
$fileName = base64_decode($args['fileName']); $fileName = base64_decode($args['fileName']);
} }

30
controllers/GenericEntityApiController.php
View File

@ -13,7 +13,7 @@ class GenericEntityApiController extends BaseApiController
public function GetObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function GetObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
$objects = $this->getDatabase()->{$args['entity']}(); $objects = $this->getDatabase()->{$args['entity']}();
$allUserfields = $this->getUserfieldsService()->GetAllValues($args['entity']); $allUserfields = $this->getUserfieldsService()->GetAllValues($args['entity']);
foreach ($objects as $object) foreach ($objects as $object)
@ -43,7 +43,7 @@ class GenericEntityApiController extends BaseApiController
public function GetObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function GetObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity'])) if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
{ {
$userfields = $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']); $userfields = $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']);
if (count($userfields) === 0) if (count($userfields) === 0)
@ -52,9 +52,9 @@ class GenericEntityApiController extends BaseApiController
} }
$object = $this->getDatabase()->{$args['entity']}($args['objectId']); $object = $this->getDatabase()->{$args['entity']}($args['objectId']);
if ($object == null) { if ($object == null) {
return $this->GenericErrorResponse($response, 'Object not found', 404); return $this->GenericErrorResponse($response, 'Object not found', 404);
} }
$object['userfields'] = $userfields; $object['userfields'] = $userfields;
@ -68,9 +68,9 @@ class GenericEntityApiController extends BaseApiController
public function AddObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function AddObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT); User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
if ($this->IsValidEntity($args['entity'])) if ($this->IsValidEntity($args['entity']))
{ {
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
@ -101,9 +101,9 @@ class GenericEntityApiController extends BaseApiController
public function EditObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function EditObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT); User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
if ($this->IsValidEntity($args['entity'])) if ($this->IsValidEntity($args['entity']))
{ {
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
@ -132,9 +132,9 @@ class GenericEntityApiController extends BaseApiController
public function DeleteObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function DeleteObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT); User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
if ($this->IsValidEntity($args['entity'])) if ($this->IsValidEntity($args['entity']))
{ {
$row = $this->getDatabase()->{$args['entity']}($args['objectId']); $row = $this->getDatabase()->{$args['entity']}($args['objectId']);
$row->delete(); $row->delete();
@ -150,7 +150,7 @@ class GenericEntityApiController extends BaseApiController
public function SearchObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function SearchObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity'])) if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
{ {
try try
{ {
@ -169,7 +169,7 @@ class GenericEntityApiController extends BaseApiController
public function GetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function GetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
try try
{ {
return $this->ApiResponse($response, $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId'])); return $this->ApiResponse($response, $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']));
} }
@ -181,9 +181,9 @@ class GenericEntityApiController extends BaseApiController
public function SetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function SetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT); User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {

8
controllers/RecipesApiController.php
View File

@ -13,9 +13,9 @@ class RecipesApiController extends BaseApiController
public function AddNotFulfilledProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function AddNotFulfilledProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD); User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
$excludedProductIds = null; $excludedProductIds = null;
if ($requestBody !== null && array_key_exists('excludedProductIds', $requestBody)) if ($requestBody !== null && array_key_exists('excludedProductIds', $requestBody))
@ -29,9 +29,9 @@ class RecipesApiController extends BaseApiController
public function ConsumeRecipe(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function ConsumeRecipe(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME); User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME);
try try
{ {
$this->getRecipesService()->ConsumeRecipe($args['recipeId']); $this->getRecipesService()->ConsumeRecipe($args['recipeId']);
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);

52
controllers/StockApiController.php
View File

@ -63,9 +63,9 @@ class StockApiController extends BaseApiController
public function AddProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function AddProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_PRODUCT_PURCHASE); User::checkPermission($request, User::PERMISSION_PRODUCT_PURCHASE);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -139,9 +139,9 @@ class StockApiController extends BaseApiController
public function EditStockEntry(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function EditStockEntry(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_STOCK_EDIT); User::checkPermission($request, User::PERMISSION_STOCK_EDIT);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -190,9 +190,9 @@ class StockApiController extends BaseApiController
public function TransferProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function TransferProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_STOCK_TRANSFER); User::checkPermission($request, User::PERMISSION_STOCK_TRANSFER);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -246,9 +246,9 @@ class StockApiController extends BaseApiController
public function ConsumeProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function ConsumeProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME); User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
$result = null; $result = null;
@ -319,9 +319,9 @@ class StockApiController extends BaseApiController
public function InventoryProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function InventoryProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION); User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -383,9 +383,9 @@ class StockApiController extends BaseApiController
public function OpenProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function OpenProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_PRODUCT_OPEN); User::checkPermission($request, User::PERMISSION_PRODUCT_OPEN);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -452,9 +452,9 @@ class StockApiController extends BaseApiController
public function AddMissingProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function AddMissingProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD); User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
try try
{ {
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
@ -475,9 +475,9 @@ class StockApiController extends BaseApiController
public function ClearShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function ClearShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE); User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
try try
{ {
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
@ -499,9 +499,9 @@ class StockApiController extends BaseApiController
public function AddProductToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function AddProductToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD); User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
try try
{ {
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
@ -542,9 +542,9 @@ class StockApiController extends BaseApiController
public function RemoveProductFromShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function RemoveProductFromShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE); User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
try try
{ {
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
@ -580,9 +580,9 @@ class StockApiController extends BaseApiController
public function ExternalBarcodeLookup(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function ExternalBarcodeLookup(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT); User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
try try
{ {
$addFoundProduct = false; $addFoundProduct = false;
if (isset($request->getQueryParams()['add']) && ($request->getQueryParams()['add'] === 'true' || $request->getQueryParams()['add'] === 1)) if (isset($request->getQueryParams()['add']) && ($request->getQueryParams()['add'] === 'true' || $request->getQueryParams()['add'] === 1))
@ -600,9 +600,9 @@ class StockApiController extends BaseApiController
public function UndoBooking(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function UndoBooking(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION); User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
try try
{ {
$this->ApiResponse($response, $this->getStockService()->UndoBooking($args['bookingId'])); $this->ApiResponse($response, $this->getStockService()->UndoBooking($args['bookingId']));
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);
@ -615,9 +615,9 @@ class StockApiController extends BaseApiController
public function UndoTransaction(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function UndoTransaction(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION); User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
try try
{ {
$this->ApiResponse($response, $this->getStockService()->UndoTransaction($args['transactionId'])); $this->ApiResponse($response, $this->getStockService()->UndoTransaction($args['transactionId']));
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);

2
controllers/StockController.php
View File

@ -16,7 +16,7 @@ class StockController extends BaseController
$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['stock_expring_soon_days']; $nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['stock_expring_soon_days'];
return $this->renderPage($response, 'stockoverview', [ return $this->renderPage($response, 'stockoverview', [
'currentStock' => $this->getStockService()->GetCurrentStockOverview(), 'currentStock' => $this->getStockService()->GetCurrentStockOverview(),
'locations' => $this->getDatabase()->locations()->orderBy('name'), 'locations' => $this->getDatabase()->locations()->orderBy('name'),
'currentStockLocations' => $this->getStockService()->GetCurrentStockLocations(), 'currentStockLocations' => $this->getStockService()->GetCurrentStockLocations(),
'nextXDays' => $nextXDays, 'nextXDays' => $nextXDays,

6
controllers/SystemApiController.php
View File

@ -11,9 +11,9 @@ class SystemApiController extends BaseApiController
public function GetDbChangedTime(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function GetDbChangedTime(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
return $this->ApiResponse($response, array( return $this->ApiResponse($response, array(
'changed_time' => $this->getDatabaseService()->GetDbChangedTime() 'changed_time' => $this->getDatabaseService()->GetDbChangedTime()
)); ));
} }
public function GetConfig(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function GetConfig(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)

8
controllers/TasksApiController.php
View File

@ -18,9 +18,9 @@ class TasksApiController extends BaseApiController
public function MarkTaskAsCompleted(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function MarkTaskAsCompleted(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_TASKS_MARK_COMPLETED); User::checkPermission($request, User::PERMISSION_TASKS_MARK_COMPLETED);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -41,9 +41,9 @@ class TasksApiController extends BaseApiController
public function UndoTask(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function UndoTask(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_TASKS_UNDO); User::checkPermission($request, User::PERMISSION_TASKS_UNDO);
try try
{ {
$this->getTasksService()->UndoTask($args['taskId']); $this->getTasksService()->UndoTask($args['taskId']);
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);

8
controllers/Users/PermissionMissingException.php
View File

@ -8,8 +8,8 @@ use Throwable;
class PermissionMissingException extends HttpForbiddenException class PermissionMissingException extends HttpForbiddenException
{ {
public function __construct(ServerRequestInterface $request, string $permission, ?Throwable $previous = null) public function __construct(ServerRequestInterface $request, string $permission, ?Throwable $previous = null)
{ {
parent::__construct($request, 'Permission missing: ' . $permission, $previous); parent::__construct($request, 'Permission missing: ' . $permission, $previous);
} }
} }

142
controllers/Users/User.php
View File

@ -7,85 +7,85 @@ use LessQL\Result;
class User class User
{ {
const PERMISSION_ADMIN = 'ADMIN'; const PERMISSION_ADMIN = 'ADMIN';
const PERMISSION_CREATE_USER = 'CREATE_USER'; const PERMISSION_CREATE_USER = 'CREATE_USER';
const PERMISSION_EDIT_USER = 'EDIT_USER'; const PERMISSION_EDIT_USER = 'EDIT_USER';
const PERMISSION_READ_USER = 'READ_USER'; const PERMISSION_READ_USER = 'READ_USER';
const PERMISSION_EDIT_SELF = 'EDIT_SELF'; const PERMISSION_EDIT_SELF = 'EDIT_SELF';
const PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE = 'BATTERY_UNDO_TRACK_CHARGE_CYCLE'; const PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE = 'BATTERY_UNDO_TRACK_CHARGE_CYCLE';
const PERMISSION_BATTERY_TRACK_CHARGE_CYCLE = 'BATTERY_TRACK_CHARGE_CYCLE'; const PERMISSION_BATTERY_TRACK_CHARGE_CYCLE = 'BATTERY_TRACK_CHARGE_CYCLE';
const PERMISSION_CHORE_TRACK = 'CHORE_TRACK'; const PERMISSION_CHORE_TRACK = 'CHORE_TRACK';
const PERMISSION_CHORE_TRACK_OTHERS = 'CHORE_TRACK_OTHERS'; const PERMISSION_CHORE_TRACK_OTHERS = 'CHORE_TRACK_OTHERS';
const PERMISSION_CHORE_EDIT = 'CHORE_EDIT'; const PERMISSION_CHORE_EDIT = 'CHORE_EDIT';
const PERMISSION_CHORE_UNDO = 'CHORE_UNDO'; const PERMISSION_CHORE_UNDO = 'CHORE_UNDO';
const PERMISSION_UPLOAD_FILE = 'UPLOAD_FILE'; const PERMISSION_UPLOAD_FILE = 'UPLOAD_FILE';
const PERMISSION_DELETE_FILE = 'DELETE_FILE'; const PERMISSION_DELETE_FILE = 'DELETE_FILE';
const PERMISSION_MASTER_DATA_EDIT = 'MASTER_DATA_EDIT'; const PERMISSION_MASTER_DATA_EDIT = 'MASTER_DATA_EDIT';
const PERMISSION_TASKS_UNDO = 'TASKS_UNDO'; const PERMISSION_TASKS_UNDO = 'TASKS_UNDO';
const PERMISSION_TASKS_MARK_COMPLETED = 'TASKS_MARK_COMPLETED'; const PERMISSION_TASKS_MARK_COMPLETED = 'TASKS_MARK_COMPLETED';
const PERMISSION_STOCK_TRANSFER = 'STOCK_TRANSFER'; const PERMISSION_STOCK_TRANSFER = 'STOCK_TRANSFER';
const PERMISSION_STOCK_EDIT = 'STOCK_EDIT'; const PERMISSION_STOCK_EDIT = 'STOCK_EDIT';
const PERMISSION_PRODUCT_CONSUME = 'PRODUCT_CONSUME'; const PERMISSION_PRODUCT_CONSUME = 'PRODUCT_CONSUME';
const PERMISSION_STOCK_CORRECTION = 'STOCK_CORRECTION'; const PERMISSION_STOCK_CORRECTION = 'STOCK_CORRECTION';
const PERMISSION_PRODUCT_OPEN = 'PRODUCT_OPEN'; const PERMISSION_PRODUCT_OPEN = 'PRODUCT_OPEN';
const PERMISSION_SHOPPINGLIST_ITEMS_ADD = 'SHOPPINGLIST_ITEMS_ADD'; const PERMISSION_SHOPPINGLIST_ITEMS_ADD = 'SHOPPINGLIST_ITEMS_ADD';
const PERMISSION_SHOPPINGLIST_ITEMS_DELETE = 'SHOPPINGLIST_ITEMS_DELETE'; const PERMISSION_SHOPPINGLIST_ITEMS_DELETE = 'SHOPPINGLIST_ITEMS_DELETE';
const PERMISSION_PRODUCT_PURCHASE = 'PRODUCT_PURCHASE'; const PERMISSION_PRODUCT_PURCHASE = 'PRODUCT_PURCHASE';
/** /**
* @var \LessQL\Database|null * @var \LessQL\Database|null
*/ */
protected $db; protected $db;
public function __construct() public function __construct()
{ {
$this->db = DatabaseService::getInstance()->GetDbConnection(); $this->db = DatabaseService::getInstance()->GetDbConnection();
} }
protected function getPermissions(): Result protected function getPermissions(): Result
{ {
return $this->db->user_permissions_resolved()->where('user_id', GROCY_USER_ID); return $this->db->user_permissions_resolved()->where('user_id', GROCY_USER_ID);
} }
public function hasPermission(string $permission): bool public function hasPermission(string $permission): bool
{ {
// global $PERMISSION_CACHE; // global $PERMISSION_CACHE;
// if(isset($PERMISSION_CACHE[$permission])) // if(isset($PERMISSION_CACHE[$permission]))
// return $PERMISSION_CACHE[$permission]; // return $PERMISSION_CACHE[$permission];
return $this->getPermissions()->where('permission_name', $permission)->fetch() !== null; return $this->getPermissions()->where('permission_name', $permission)->fetch() !== null;
} }
public static function checkPermission($request, string ...$permissions): void public static function checkPermission($request, string ...$permissions): void
{ {
$user = new User(); $user = new User();
foreach ($permissions as $permission) { foreach ($permissions as $permission) {
if (!$user->hasPermission($permission)) { if (!$user->hasPermission($permission)) {
throw new PermissionMissingException($request, $permission); throw new PermissionMissingException($request, $permission);
} }
} }
} }
public function getPermissionList() public function getPermissionList()
{ {
return $this->db->uihelper_user_permissions()->where('user_id', GROCY_USER_ID); return $this->db->uihelper_user_permissions()->where('user_id', GROCY_USER_ID);
} }
public static function hasPermissions(string ...$permissions) public static function hasPermissions(string ...$permissions)
{ {
$user = new User(); $user = new User();
foreach ($permissions as $permission) { foreach ($permissions as $permission) {
if (!$user->hasPermission($permission)) { if (!$user->hasPermission($permission)) {
return false; return false;
} }
} }
return true; return true;
} }
public static function PermissionList() public static function PermissionList()
{ {
$user = new User(); $user = new User();
return $user->getPermissionList(); return $user->getPermissionList();
} }
} }

128
controllers/UsersApiController.php
View File

@ -13,8 +13,8 @@ class UsersApiController extends BaseApiController
public function GetUsers(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function GetUsers(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_READ_USER); User::checkPermission($request, User::PERMISSION_READ_USER);
try try
{ {
return $this->ApiResponse($response, $this->getUsersService()->GetUsersAsDto()); return $this->ApiResponse($response, $this->getUsersService()->GetUsersAsDto());
} }
@ -26,7 +26,7 @@ class UsersApiController extends BaseApiController
public function CreateUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function CreateUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_CREATE_USER); User::checkPermission($request, User::PERMISSION_CREATE_USER);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
@ -47,8 +47,8 @@ class UsersApiController extends BaseApiController
public function DeleteUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function DeleteUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_EDIT_USER); User::checkPermission($request, User::PERMISSION_EDIT_USER);
try try
{ {
$this->getUsersService()->DeleteUser($args['userId']); $this->getUsersService()->DeleteUser($args['userId']);
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);
@ -61,12 +61,12 @@ class UsersApiController extends BaseApiController
public function EditUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function EditUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
if ($args['userId'] == GROCY_USER_ID) { if ($args['userId'] == GROCY_USER_ID) {
User::checkPermission($request, User::PERMISSION_EDIT_SELF); User::checkPermission($request, User::PERMISSION_EDIT_SELF);
} else { } else {
User::checkPermission($request, User::PERMISSION_EDIT_USER); User::checkPermission($request, User::PERMISSION_EDIT_USER);
} }
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
try try
{ {
@ -119,65 +119,65 @@ class UsersApiController extends BaseApiController
} }
} }
public function AddPermission(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function AddPermission(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
try { try {
User::checkPermission($request, User::PERMISSION_ADMIN); User::checkPermission($request, User::PERMISSION_ADMIN);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
$this->getDatabase()->user_permissions()->createRow(array( $this->getDatabase()->user_permissions()->createRow(array(
'user_id' => $args['userId'], 'user_id' => $args['userId'],
'permission_id' => $requestBody['permission_id'], 'permission_id' => $requestBody['permission_id'],
))->save(); ))->save();
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);
} catch (\Slim\Exception\HttpSpecializedException $ex) { } catch (\Slim\Exception\HttpSpecializedException $ex) {
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode()); return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
} catch (\Exception $ex) { } catch (\Exception $ex) {
return $this->GenericErrorResponse($response, $ex->getMessage()); return $this->GenericErrorResponse($response, $ex->getMessage());
} }
} }
public function ListPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function ListPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
try { try {
User::checkPermission($request, User::PERMISSION_ADMIN); User::checkPermission($request, User::PERMISSION_ADMIN);
return $this->ApiResponse($response, return $this->ApiResponse($response,
$this->getDatabase()->user_permissions()->where($args['userId']) $this->getDatabase()->user_permissions()->where($args['userId'])
); );
} catch (\Slim\Exception\HttpSpecializedException $ex) { } catch (\Slim\Exception\HttpSpecializedException $ex) {
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode()); return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
} catch (\Exception $ex) { } catch (\Exception $ex) {
return $this->GenericErrorResponse($response, $ex->getMessage()); return $this->GenericErrorResponse($response, $ex->getMessage());
} }
} }
public function SetPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function SetPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
try { try {
User::checkPermission($request, User::PERMISSION_ADMIN); User::checkPermission($request, User::PERMISSION_ADMIN);
$requestBody = $request->getParsedBody(); $requestBody = $request->getParsedBody();
$db = $this->getDatabase(); $db = $this->getDatabase();
$db->user_permissions() $db->user_permissions()
->where('user_id', $args['userId']) ->where('user_id', $args['userId'])
->delete(); ->delete();
$perms = []; $perms = [];
foreach ($requestBody['permissions'] as $perm_id) { foreach ($requestBody['permissions'] as $perm_id) {
$perms[] = array( $perms[] = array(
'user_id' => $args['userId'], 'user_id' => $args['userId'],
'permission_id' => $perm_id 'permission_id' => $perm_id
); );
} }
$db->insert('user_permissions', $perms, 'batch'); $db->insert('user_permissions', $perms, 'batch');
return $this->EmptyApiResponse($response); return $this->EmptyApiResponse($response);
} catch (\Slim\Exception\HttpSpecializedException $ex) { } catch (\Slim\Exception\HttpSpecializedException $ex) {
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode()); return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
} catch (\Exception $ex) { } catch (\Exception $ex) {
return $this->GenericErrorResponse($response, $ex->getMessage()); return $this->GenericErrorResponse($response, $ex->getMessage());
} }
} }
} }

34
controllers/UsersController.php
View File

@ -8,8 +8,8 @@ class UsersController extends BaseController
{ {
public function UsersList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function UsersList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_READ_USER); User::checkPermission($request, User::PERMISSION_READ_USER);
return $this->renderPage($response, 'users', [ return $this->renderPage($response, 'users', [
'users' => $this->getDatabase()->users()->orderBy('username') 'users' => $this->getDatabase()->users()->orderBy('username')
]); ]);
} }
@ -18,30 +18,30 @@ class UsersController extends BaseController
{ {
if ($args['userId'] == 'new') if ($args['userId'] == 'new')
{ {
User::checkPermission($request, User::PERMISSION_CREATE_USER); User::checkPermission($request, User::PERMISSION_CREATE_USER);
return $this->renderPage($response, 'userform', [ return $this->renderPage($response, 'userform', [
'mode' => 'create' 'mode' => 'create'
]); ]);
} }
else else
{ {
if($args['userId'] == GROCY_USER_ID) if($args['userId'] == GROCY_USER_ID)
User::checkPermission($request, User::PERMISSION_EDIT_SELF); User::checkPermission($request, User::PERMISSION_EDIT_SELF);
else User::checkPermission($request, User::PERMISSION_EDIT_USER); else User::checkPermission($request, User::PERMISSION_EDIT_USER);
return $this->renderPage($response, 'userform', [ return $this->renderPage($response, 'userform', [
'user' => $this->getDatabase()->users($args['userId']), 'user' => $this->getDatabase()->users($args['userId']),
'mode' => 'edit' 'mode' => 'edit'
]); ]);
} }
} }
public function PermissionList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args) public function PermissionList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{ {
User::checkPermission($request, User::PERMISSION_READ_USER); User::checkPermission($request, User::PERMISSION_READ_USER);
return $this->renderPage($response, 'userpermissions', [ return $this->renderPage($response, 'userpermissions', [
'user' => $this->getDatabase()->users($args['userId']), 'user' => $this->getDatabase()->users($args['userId']),
'permissions' => $this->getDatabase()->uihelper_user_permissions() 'permissions' => $this->getDatabase()->uihelper_user_permissions()
->where('parent IS NULL')->where('user_id', $args['userId']), ->where('parent IS NULL')->where('user_id', $args['userId']),
]); ]);
} }
} }

96
helpers/PrerequisiteChecker.php
View File

@ -7,61 +7,61 @@ const REQUIRED_SQLITE_VERSION = "3.8.3";
class PrerequisiteChecker class PrerequisiteChecker
{ {
public function checkRequirements() public function checkRequirements()
{ {
self::checkForConfigFile(); self::checkForConfigFile();
self::checkForConfigDistFile(); self::checkForConfigDistFile();
self::checkForComposer(); self::checkForComposer();
self::checkForPhpExtensions(); self::checkForPhpExtensions();
self::checkForSqliteVersion(); self::checkForSqliteVersion();
} }
private function checkForConfigFile() private function checkForConfigFile()
{ {
if (!file_exists(GROCY_DATAPATH . '/config.php')) if (!file_exists(GROCY_DATAPATH . '/config.php'))
{ {
throw new ERequirementNotMet('config.php in data directory (' . GROCY_DATAPATH . ') not found. Have you copied config-dist.php to the data directory and renamed it to config.php?'); throw new ERequirementNotMet('config.php in data directory (' . GROCY_DATAPATH . ') not found. Have you copied config-dist.php to the data directory and renamed it to config.php?');
} }
} }
private function checkForConfigDistFile() private function checkForConfigDistFile()
{ {
if (!file_exists(__DIR__ . '/../config-dist.php')) if (!file_exists(__DIR__ . '/../config-dist.php'))
{ {
throw new ERequirementNotMet('config-dist.php not found. Please do not remove this file.'); throw new ERequirementNotMet('config-dist.php not found. Please do not remove this file.');
} }
} }
private function checkForComposer() private function checkForComposer()
{ {
if (!file_exists(__DIR__ . '/../vendor/autoload.php')) if (!file_exists(__DIR__ . '/../vendor/autoload.php'))
{ {
throw new ERequirementNotMet('/vendor/autoload.php not found. Have you run Composer?'); throw new ERequirementNotMet('/vendor/autoload.php not found. Have you run Composer?');
} }
} }
private function checkForPhpExtensions() private function checkForPhpExtensions()
{ {
$loadedExtensions = get_loaded_extensions(); $loadedExtensions = get_loaded_extensions();
foreach (REQUIRED_PHP_EXTENSIONS as $extension) foreach (REQUIRED_PHP_EXTENSIONS as $extension)
{ {
if (!in_array($extension, $loadedExtensions)) if (!in_array($extension, $loadedExtensions))
{ {
throw new ERequirementNotMet("PHP module '{$extension}' not installed, but required."); throw new ERequirementNotMet("PHP module '{$extension}' not installed, but required.");
} }
} }
} }
private function checkForSqliteVersion() private function checkForSqliteVersion()
{ {
$sqliteVersion = self::getSqlVersionAsString(); $sqliteVersion = self::getSqlVersionAsString();
if (version_compare($sqliteVersion, REQUIRED_SQLITE_VERSION, '<')) if (version_compare($sqliteVersion, REQUIRED_SQLITE_VERSION, '<'))
{ {
throw new ERequirementNotMet('SQLite ' . REQUIRED_SQLITE_VERSION . ' is required, however you are running ' . $sqliteVersion); throw new ERequirementNotMet('SQLite ' . REQUIRED_SQLITE_VERSION . ' is required, however you are running ' . $sqliteVersion);
} }
} }
private function getSqlVersionAsString() private function getSqlVersionAsString()
{ {

106
middleware/ApiKeyAuthMiddleware.php
View File

@ -10,67 +10,67 @@ use Grocy\Services\ApiKeyService;
class ApiKeyAuthMiddleware extends AuthMiddleware class ApiKeyAuthMiddleware extends AuthMiddleware
{ {
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory) public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
{ {
parent::__construct($container, $responseFactory); parent::__construct($container, $responseFactory);
$this->ApiKeyHeaderName = $this->AppContainer->get('ApiKeyHeaderName'); $this->ApiKeyHeaderName = $this->AppContainer->get('ApiKeyHeaderName');
} }
protected $ApiKeyHeaderName; protected $ApiKeyHeaderName;
function authenticate(Request $request) function authenticate(Request $request)
{ {
if (!defined('GROCY_SHOW_AUTH_VIEWS')) if (!defined('GROCY_SHOW_AUTH_VIEWS'))
{ {
define('GROCY_SHOW_AUTH_VIEWS', true); define('GROCY_SHOW_AUTH_VIEWS', true);
} }
$routeContext = RouteContext::fromRequest($request); $routeContext = RouteContext::fromRequest($request);
$route = $routeContext->getRoute(); $route = $routeContext->getRoute();
$routeName = $route->getName(); $routeName = $route->getName();
$validApiKey = true; $validApiKey = true;
$usedApiKey = null; $usedApiKey = null;
$apiKeyService = new ApiKeyService(); $apiKeyService = new ApiKeyService();
// First check of the API key in the configured header // First check of the API key in the configured header
if (!$request->hasHeader($this->ApiKeyHeaderName) || !$apiKeyService->IsValidApiKey($request->getHeaderLine($this->ApiKeyHeaderName))) if (!$request->hasHeader($this->ApiKeyHeaderName) || !$apiKeyService->IsValidApiKey($request->getHeaderLine($this->ApiKeyHeaderName)))
{ {
$validApiKey = false; $validApiKey = false;
} }
else else
{ {
$usedApiKey = $request->getHeaderLine($this->ApiKeyHeaderName); $usedApiKey = $request->getHeaderLine($this->ApiKeyHeaderName);
} }
// Not recommended, but it's also possible to provide the API key via a query parameter (same name as the configured header) // Not recommended, but it's also possible to provide the API key via a query parameter (same name as the configured header)
if (!$validApiKey && !empty($request->getQueryParam($this->ApiKeyHeaderName)) && $apiKeyService->IsValidApiKey($request->getQueryParam($this->ApiKeyHeaderName))) if (!$validApiKey && !empty($request->getQueryParam($this->ApiKeyHeaderName)) && $apiKeyService->IsValidApiKey($request->getQueryParam($this->ApiKeyHeaderName)))
{ {
$validApiKey = true; $validApiKey = true;
$usedApiKey = $request->getQueryParam($this->ApiKeyHeaderName); $usedApiKey = $request->getQueryParam($this->ApiKeyHeaderName);
} }
// Handling of special purpose API keys // Handling of special purpose API keys
if (!$validApiKey) if (!$validApiKey)
{ {
if ($routeName === 'calendar-ical') if ($routeName === 'calendar-ical')
{ {
if ($request->getQueryParam('secret') !== null && $apiKeyService->IsValidApiKey($request->getQueryParam('secret'), ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL)) if ($request->getQueryParam('secret') !== null && $apiKeyService->IsValidApiKey($request->getQueryParam('secret'), ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL))
{ {
$validApiKey = true; $validApiKey = true;
} }
} }
} }
if ($validApiKey) if ($validApiKey)
{ {
return $apiKeyService->GetUserByApiKey($usedApiKey); return $apiKeyService->GetUserByApiKey($usedApiKey);
} }
else else
{ {
return null; return null;
} }
} }
} }

120
middleware/AuthMiddleware.php
View File

@ -12,73 +12,73 @@ use Grocy\Services\SessionService;
abstract class AuthMiddleware extends BaseMiddleware abstract class AuthMiddleware extends BaseMiddleware
{ {
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory) public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
{ {
parent::__construct($container); parent::__construct($container);
$this->ResponseFactory = $responseFactory; $this->ResponseFactory = $responseFactory;
} }
protected $ResponseFactory; protected $ResponseFactory;
public function __invoke(Request $request, RequestHandler $handler): Response public function __invoke(Request $request, RequestHandler $handler): Response
{ {
$routeContext = RouteContext::fromRequest($request); $routeContext = RouteContext::fromRequest($request);
$route = $routeContext->getRoute(); $route = $routeContext->getRoute();
$routeName = $route->getName(); $routeName = $route->getName();
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/'); $isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
if ($routeName === 'root') if ($routeName === 'root')
{ {
return $handler->handle($request); return $handler->handle($request);
} }
else if ($routeName === 'login') else if ($routeName === 'login')
{ {
define('GROCY_AUTHENTICATED', false); define('GROCY_AUTHENTICATED', false);
return $handler->handle($request); return $handler->handle($request);
} }
if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH) if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
{ {
$sessionService = SessionService::getInstance(); $sessionService = SessionService::getInstance();
$user = $sessionService->GetDefaultUser(); $user = $sessionService->GetDefaultUser();
define('GROCY_AUTHENTICATED', true); define('GROCY_AUTHENTICATED', true);
define('GROCY_USER_USERNAME', $user->username); define('GROCY_USER_USERNAME', $user->username);
return $handler->handle($request); return $handler->handle($request);
} }
else else
{ {
$user = $this->authenticate($request); $user = $this->authenticate($request);
if ($user === null) if ($user === null)
{ {
define('GROCY_AUTHENTICATED', false); define('GROCY_AUTHENTICATED', false);
$response = $this->ResponseFactory->createResponse(); $response = $this->ResponseFactory->createResponse();
if ($isApiRoute) if ($isApiRoute)
{ {
return $response->withStatus(401); return $response->withStatus(401);
} }
else else
{ {
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login')); return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
} }
} }
else else
{ {
define('GROCY_AUTHENTICATED', true); define('GROCY_AUTHENTICATED', true);
define('GROCY_USER_ID', $user->id); define('GROCY_USER_ID', $user->id);
define('GROCY_USER_USERNAME', $user->username); define('GROCY_USER_USERNAME', $user->username);
return $response = $handler->handle($request); return $response = $handler->handle($request);
} }
} }
} }
/** /**
* @param Request $request * @param Request $request
* @return mixed|null the user row or null if the request is not authenticated * @return mixed|null the user row or null if the request is not authenticated
* @throws \Exception Throws an \Exception if config is invalid. * @throws \Exception Throws an \Exception if config is invalid.
*/ */
protected abstract function authenticate(Request $request); protected abstract function authenticate(Request $request);
} }

28
middleware/DefaultAuthMiddleware.php
View File

@ -6,19 +6,19 @@ use Psr\Http\Message\ServerRequestInterface as Request;
class DefaultAuthMiddleware extends AuthMiddleware class DefaultAuthMiddleware extends AuthMiddleware
{ {
protected function authenticate(Request $request) protected function authenticate(Request $request)
{ {
// First try to authenticate by API key // First try to authenticate by API key
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory); $auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
$user = $auth->authenticate($request); $user = $auth->authenticate($request);
if ($user !== null) if ($user !== null)
{ {
return $user; return $user;
} }
// Then by session cookie // Then by session cookie
$auth = new SessionAuthMiddleware($this->AppContainer, $this->ResponseFactory); $auth = new SessionAuthMiddleware($this->AppContainer, $this->ResponseFactory);
$user = $auth->authenticate($request); $user = $auth->authenticate($request);
return $user; return $user;
} }
} }

42
middleware/ReverseProxyAuthMiddleware.php
View File

@ -9,32 +9,32 @@ use Grocy\Services\UsersService;
class ReverseProxyAuthMiddleware extends AuthMiddleware class ReverseProxyAuthMiddleware extends AuthMiddleware
{ {
function authenticate(Request $request) function authenticate(Request $request)
{ {
if (!defined('GROCY_SHOW_AUTH_VIEWS')) if (!defined('GROCY_SHOW_AUTH_VIEWS'))
{ {
define('GROCY_SHOW_AUTH_VIEWS', false); define('GROCY_SHOW_AUTH_VIEWS', false);
} }
$db = DatabaseService::getInstance()->GetDbConnection(); $db = DatabaseService::getInstance()->GetDbConnection();
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER); $username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
if (count($username) !== 1) if (count($username) !== 1)
{ {
// Invalid configuration of Proxy // Invalid configuration of Proxy
throw new \Exception("ReverseProxyAuthMiddleware: Invalid username from proxy: " . var_dump($username)); throw new \Exception("ReverseProxyAuthMiddleware: Invalid username from proxy: " . var_dump($username));
} }
$username = $username[0]; $username = $username[0];
$user = $db->users()->where('username', $username)->fetch(); $user = $db->users()->where('username', $username)->fetch();
if ($user == null) if ($user == null)
{ {
$user = UsersService::getInstance()->CreateUser($username, '', '', ''); $user = UsersService::getInstance()->CreateUser($username, '', '', '');
} }
return $user; return $user;
} }
} }

44
middleware/SessionAuthMiddleware.php
View File

@ -10,29 +10,29 @@ use Grocy\Services\SessionService;
class SessionAuthMiddleware extends AuthMiddleware class SessionAuthMiddleware extends AuthMiddleware
{ {
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory) public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
{ {
parent::__construct($container, $responseFactory); parent::__construct($container, $responseFactory);
$this->SessionCookieName = $this->AppContainer->get('LoginControllerInstance')->GetSessionCookieName(); $this->SessionCookieName = $this->AppContainer->get('LoginControllerInstance')->GetSessionCookieName();
} }
protected $SessionCookieName; protected $SessionCookieName;
function authenticate(Request $request) function authenticate(Request $request)
{ {
if (!defined('GROCY_SHOW_AUTH_VIEWS')) if (!defined('GROCY_SHOW_AUTH_VIEWS'))
{ {
define('GROCY_SHOW_AUTH_VIEWS', true); define('GROCY_SHOW_AUTH_VIEWS', true);
} }
$sessionService = SessionService::getInstance(); $sessionService = SessionService::getInstance();
if (!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName])) if (!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName]))
{ {
return null; return null;
} }
else else
{ {
return $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]); return $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
} }
} }
} }

8
public/css/grocy.css
View File

@ -575,13 +575,13 @@ canvas.drawingBuffer {
} }
.print-view { .print-view {
width: 100%; width: 100%;
max-width: 100%; max-width: 100%;
flex-basis: 100%; flex-basis: 100%;
} }
} }
.not-allowed { .not-allowed {
pointer-events: none; pointer-events: none;
opacity: 0.5; opacity: 0.5;
} }

12
public/css/grocy_night_mode.css
View File

@ -220,23 +220,23 @@
} }
.night-mode .note-editor.note-frame .note-editing-area .note-editable { .night-mode .note-editor.note-frame .note-editing-area .note-editable {
color: #c1c1c1; color: #c1c1c1;
background-color: #333131; background-color: #333131;
} }
.night-mode .bootstrap-datetimepicker-widget table td.day { .night-mode .bootstrap-datetimepicker-widget table td.day {
background-color: #333131; background-color: #333131;
} }
.night-mode .bootstrap-datetimepicker-widget table td { .night-mode .bootstrap-datetimepicker-widget table td {
background-color: #333131; background-color: #333131;
} }
.night-mode .bootstrap-datetimepicker-widget table td, .night-mode .bootstrap-datetimepicker-widget table td,
.night-mode .bootstrap-datetimepicker-widget table th { .night-mode .bootstrap-datetimepicker-widget table th {
background-color: #333131; background-color: #333131;
} }
.night-mode .dropdown-menu { .night-mode .dropdown-menu {
background-color: #333131; background-color: #333131;
} }

2
public/index.php
View File

@ -36,7 +36,7 @@ try
} }
catch (ERequirementNotMet $ex) catch (ERequirementNotMet $ex)
{ {
die('Unable to run grocy: ' . $ex->getMessage()); die('Unable to run grocy: ' . $ex->getMessage());
} }
require_once __DIR__ . '/../app.php'; require_once __DIR__ . '/../app.php';

8
public/js/extensions.js
View File

@ -91,11 +91,11 @@ FindObjectInArrayByPropertyValue = function(array, propertyName, propertyValue)
{ {
if (array[i][propertyName] == propertyValue) if (array[i][propertyName] == propertyValue)
{ {
return array[i]; return array[i];
} }
} }
return null; return null;
} }
FindAllObjectsInArrayByPropertyValue = function(array, propertyName, propertyValue) FindAllObjectsInArrayByPropertyValue = function(array, propertyName, propertyValue)
@ -107,7 +107,7 @@ FindAllObjectsInArrayByPropertyValue = function(array, propertyName, propertyVal
if (array[i][propertyName] == propertyValue) if (array[i][propertyName] == propertyValue)
{ {
returnArray.push(array[i]); returnArray.push(array[i]);
} }
} }
return returnArray; return returnArray;

2
public/viewjs/components/barcodescanner.js
View File

@ -233,7 +233,7 @@ $(document).on("click", "#barcodescanner-start-button", async function(e)
{ {
Grocy.Components.BarcodeScanner.TorchOn(Quagga.CameraAccess.getActiveTrack()); Grocy.Components.BarcodeScanner.TorchOn(Quagga.CameraAccess.getActiveTrack());
return false; return false;
} }
}, },
cancel: { cancel: {
label: __t('Cancel'), label: __t('Cancel'),

6
public/viewjs/purchase.js
View File

@ -153,7 +153,7 @@ if (Grocy.Components.ProductPicker !== undefined)
$('#product_id').attr("barcode-qu-factor-purchase-to-stock", "null"); $('#product_id').attr("barcode-qu-factor-purchase-to-stock", "null");
$('#product_id').attr("barcode-shopping-location-id", "null"); $('#product_id').attr("barcode-shopping-location-id", "null");
} }
}, },
function(xhr) function(xhr)
{ {
console.error(xhr); console.error(xhr);
@ -184,11 +184,11 @@ if (Grocy.Components.ProductPicker !== undefined)
{ {
if (productDetails.last_qu_factor_purchase_to_stock != null) if (productDetails.last_qu_factor_purchase_to_stock != null)
{ {
qu_factor_purchase_to_stock = productDetails.last_qu_factor_purchase_to_stock; qu_factor_purchase_to_stock = productDetails.last_qu_factor_purchase_to_stock;
} }
else else
{ {
qu_factor_purchase_to_stock = productDetails.product.qu_factor_purchase_to_stock; qu_factor_purchase_to_stock = productDetails.product.qu_factor_purchase_to_stock;
} }
} }

8
public/viewjs/quantityunitconversionform.js
View File

@ -36,10 +36,10 @@
Grocy.FrontendHelpers.ShowGenericError('Error while saving, probably this item already exists', xhr.response) Grocy.FrontendHelpers.ShowGenericError('Error while saving, probably this item already exists', xhr.response)
} }
); );
if ($("#create_inverse").is(":checked")) if ($("#create_inverse").is(":checked"))
{ {
jsonData.to_qu_id = inverse_to_qu_id; jsonData.to_qu_id = inverse_to_qu_id;
jsonData.from_qu_id = inverse_from_qu_id; jsonData.from_qu_id = inverse_from_qu_id;
jsonData.factor = 1 / jsonData.factor; jsonData.factor = 1 / jsonData.factor;
//Create Inverse //Create Inverse
@ -124,7 +124,7 @@ $("#create_inverse").on("change", function()
if (value) if (value)
{ {
$('#qu-conversion-inverse-info').removeClass('d-none'); $('#qu-conversion-inverse-info').removeClass('d-none');
} }
else else
{ {

62
public/viewjs/userpermissions.js
View File

@ -1,42 +1,42 @@
$('input.permission-cb').click( $('input.permission-cb').click(
function () { function () {
check_hierachy(this.checked, this.name); check_hierachy(this.checked, this.name);
} }
); );
function check_hierachy(checked, name) { function check_hierachy(checked, name) {
var disabled = checked; var disabled = checked;
$('#permission-sub-' + name).find('input.permission-cb') $('#permission-sub-' + name).find('input.permission-cb')
.prop('checked', disabled) .prop('checked', disabled)
.attr('disabled', disabled); .attr('disabled', disabled);
} }
$('#permission-save').click( $('#permission-save').click(
function () { function () {
var permission_list = $('input.permission-cb') var permission_list = $('input.permission-cb')
.filter(function () { .filter(function () {
return $(this).prop('checked') && !$(this).attr('disabled'); return $(this).prop('checked') && !$(this).attr('disabled');
}).map(function () { }).map(function () {
return $(this).data('perm-id'); return $(this).data('perm-id');
}).toArray(); }).toArray();
Grocy.Api.Put('users/' + Grocy.EditObjectId + '/permissions', { Grocy.Api.Put('users/' + Grocy.EditObjectId + '/permissions', {
'permissions': permission_list, 'permissions': permission_list,
}, function (result) { }, function (result) {
toastr.success(__t("Permissions saved")); toastr.success(__t("Permissions saved"));
}, function (xhr) { }, function (xhr) {
toastr.error(__t(JSON.parse(xhr.response).error_message)); toastr.error(__t(JSON.parse(xhr.response).error_message));
} }
); );
} }
); );
if (Grocy.EditObjectId == Grocy.UserId) { if (Grocy.EditObjectId == Grocy.UserId) {
$('input.permission-cb[name=ADMIN]').click(function () { $('input.permission-cb[name=ADMIN]').click(function () {
if (!this.checked) { if (!this.checked) {
if (!confirm(__t('Are you sure you want to stop being an ADMIN?'))) { if (!confirm(__t('Are you sure you want to stop being an ADMIN?'))) {
this.checked = true; this.checked = true;
check_hierachy(this.checked, this.name); check_hierachy(this.checked, this.name);
} }
} }
}) })
} }

12
routes.php
View File

@ -33,9 +33,9 @@ $app->group('', function(RouteCollectorProxy $group)
// User routes // User routes
$group->get('/users', '\Grocy\Controllers\UsersController:UsersList'); $group->get('/users', '\Grocy\Controllers\UsersController:UsersList');
$group->get('/user/{userId}', '\Grocy\Controllers\UsersController:UserEditForm'); $group->get('/user/{userId}', '\Grocy\Controllers\UsersController:UserEditForm');
$group->get('/user/{userId}/permissions', '\Grocy\Controllers\UsersController:PermissionList'); $group->get('/user/{userId}/permissions', '\Grocy\Controllers\UsersController:PermissionList');
// Stock routes // Stock routes
if (GROCY_FEATURE_FLAG_STOCK) if (GROCY_FEATURE_FLAG_STOCK)
{ {
$group->get('/stockoverview', '\Grocy\Controllers\StockController:Overview'); $group->get('/stockoverview', '\Grocy\Controllers\StockController:Overview');
@ -169,11 +169,11 @@ $app->group('/api', function(RouteCollectorProxy $group)
$group->post('/users', '\Grocy\Controllers\UsersApiController:CreateUser'); $group->post('/users', '\Grocy\Controllers\UsersApiController:CreateUser');
$group->put('/users/{userId}', '\Grocy\Controllers\UsersApiController:EditUser'); $group->put('/users/{userId}', '\Grocy\Controllers\UsersApiController:EditUser');
$group->delete('/users/{userId}', '\Grocy\Controllers\UsersApiController:DeleteUser'); $group->delete('/users/{userId}', '\Grocy\Controllers\UsersApiController:DeleteUser');
$group->get('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:ListPermissions'); $group->get('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:ListPermissions');
$group->post('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:AddPermission'); $group->post('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:AddPermission');
$group->put('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:SetPermissions'); $group->put('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:SetPermissions');
// User // User
$group->get('/user/settings', '\Grocy\Controllers\UsersApiController:GetUserSettings'); $group->get('/user/settings', '\Grocy\Controllers\UsersApiController:GetUserSettings');
$group->get('/user/settings/{settingKey}', '\Grocy\Controllers\UsersApiController:GetUserSetting'); $group->get('/user/settings/{settingKey}', '\Grocy\Controllers\UsersApiController:GetUserSetting');
$group->put('/user/settings/{settingKey}', '\Grocy\Controllers\UsersApiController:SetUserSetting'); $group->put('/user/settings/{settingKey}', '\Grocy\Controllers\UsersApiController:SetUserSetting');

2
services/BaseService.php
View File

@ -23,7 +23,7 @@ class BaseService
return self::$instances[$className]; return self::$instances[$className];
} }
protected function getDatabaseService() protected function getDatabaseService()
{ {
return DatabaseService::getInstance(); return DatabaseService::getInstance();
} }

2
services/DatabaseService.php
View File

@ -28,7 +28,7 @@ class DatabaseService
return GROCY_DATAPATH . '/grocy.db'; return GROCY_DATAPATH . '/grocy.db';
} }
private static $DbConnectionRaw = null; private static $DbConnectionRaw = null;
/** /**
* @return \PDO * @return \PDO
*/ */

2
services/DemoDataGeneratorService.php
View File

@ -12,7 +12,7 @@ class DemoDataGeneratorService extends BaseService
$this->LocalizationService = new LocalizationService(GROCY_CULTURE); $this->LocalizationService = new LocalizationService(GROCY_CULTURE);
} }
protected $LocalizationService; protected $LocalizationService;
public function PopulateDemoData() public function PopulateDemoData()
{ {

24
services/LocalizationService.php
View File

@ -21,16 +21,16 @@ class LocalizationService
protected function getDatabaseService() protected function getDatabaseService()
{ {
return DatabaseService::getInstance(); return DatabaseService::getInstance();
} }
protected function getdatabase() protected function getdatabase()
{ {
return $this->getDatabaseService()->GetDbConnection(); return $this->getDatabaseService()->GetDbConnection();
} }
public static function getInstance(string $culture) public static function getInstance(string $culture)
{ {
if (!in_array($culture, self::$instanceMap)) if (!in_array($culture, self::$instanceMap))
{ {
@ -92,10 +92,10 @@ class LocalizationService
{ {
$this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/userfield_types.po")); $this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/userfield_types.po"));
} }
if (file_exists(__DIR__ . "/../localization/$culture/permissions.po")) if (file_exists(__DIR__ . "/../localization/$culture/permissions.po"))
{ {
$this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/permissions.po")); $this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/permissions.po"));
} }
if (GROCY_MODE !== 'production' && file_exists(__DIR__ . "/../localization/$culture/demo_data.po")) if (GROCY_MODE !== 'production' && file_exists(__DIR__ . "/../localization/$culture/demo_data.po"))
{ {
$this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/demo_data.po")); $this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/demo_data.po"));

18
services/StockService.php
View File

@ -14,16 +14,16 @@ class StockService extends BaseService
const TRANSACTION_TYPE_PRODUCT_OPENED = 'product-opened'; const TRANSACTION_TYPE_PRODUCT_OPENED = 'product-opened';
const TRANSACTION_TYPE_SELF_PRODUCTION = 'self-production'; const TRANSACTION_TYPE_SELF_PRODUCTION = 'self-production';
public function GetCurrentStockOverview() public function GetCurrentStockOverview()
{ {
if (!GROCY_FEATURE_SETTING_STOCK_COUNT_OPENED_PRODUCTS_AGAINST_MINIMUM_STOCK_AMOUNT) { if (!GROCY_FEATURE_SETTING_STOCK_COUNT_OPENED_PRODUCTS_AGAINST_MINIMUM_STOCK_AMOUNT) {
return $this->getDatabase()->uihelper_stock_current_overview(); return $this->getDatabase()->uihelper_stock_current_overview();
} else { } else {
return $this->getDatabase()->uihelper_stock_current_overview_including_opened(); return $this->getDatabase()->uihelper_stock_current_overview_including_opened();
} }
} }
public function GetCurrentStock($includeNotInStockButMissingProducts = false) public function GetCurrentStock($includeNotInStockButMissingProducts = false)
{ {
$sql = 'SELECT * FROM stock_current'; $sql = 'SELECT * FROM stock_current';
if ($includeNotInStockButMissingProducts) if ($includeNotInStockButMissingProducts)

14
services/UserfieldsService.php
View File

@ -23,13 +23,13 @@ class UserfieldsService extends BaseService
protected $OpenApiSpec = null; protected $OpenApiSpec = null;
protected function getOpenApispec() protected function getOpenApispec()
{ {
if($this->OpenApiSpec == null) if($this->OpenApiSpec == null)
{ {
$this->OpenApiSpec = json_decode(file_get_contents(__DIR__ . '/../grocy.openapi.json')); $this->OpenApiSpec = json_decode(file_get_contents(__DIR__ . '/../grocy.openapi.json'));
} }
return $this->OpenApiSpec; return $this->OpenApiSpec;
} }
public function GetFields($entity) public function GetFields($entity)
{ {

20
services/UsersService.php
View File

@ -12,17 +12,17 @@ class UsersService extends BaseService
'last_name' => $lastName, 'last_name' => $lastName,
'password' => password_hash($password, PASSWORD_DEFAULT) 'password' => password_hash($password, PASSWORD_DEFAULT)
)); ));
$newUserRow = $newUserRow->save(); $newUserRow = $newUserRow->save();
$permList = array(); $permList = array();
foreach ($this->getDatabase()->permission_hierarchy()->where('name', GROCY_DEFAULT_PERMISSIONS)->fetchAll() as $perm) { foreach ($this->getDatabase()->permission_hierarchy()->where('name', GROCY_DEFAULT_PERMISSIONS)->fetchAll() as $perm) {
$permList[] = array( $permList[] = array(
'user_id' => $newUserRow->id, 'user_id' => $newUserRow->id,
'permission_id' => $perm->id 'permission_id' => $perm->id
); );
} }
$this->getDatabase()->user_permissions()->insert($permList); $this->getDatabase()->user_permissions()->insert($permList);
return $newUserRow; return $newUserRow;
} }
public function EditUser(int $userId, string $username, string $firstName, string $lastName, string $password) public function EditUser(int $userId, string $username, string $firstName, string $lastName, string $password)

2
views/components/shoppinglocationpicker.blade.php
View File

@ -16,5 +16,5 @@
<option value="{{ $shoppinglocation->id }}">{{ $shoppinglocation->name }}</option> <option value="{{ $shoppinglocation->id }}">{{ $shoppinglocation->name }}</option>
@endforeach @endforeach
</select> </select>
<div class="invalid-feedback">{{ $__t('You have to select a store') }}</div> <div class="invalid-feedback">{{ $__t('You have to select a store') }}</div>
</div> </div>

22
views/components/userpermission_select.blade.php
View File

@ -1,15 +1,15 @@
<label> <label>
<input type="checkbox" name="{{ $perm->permission_name }}" class="permission-cb" data-perm-id="{{ $perm->permission_id }}" @if($perm->has_permission) checked @endif autocomplete="off"> <input type="checkbox" name="{{ $perm->permission_name }}" class="permission-cb" data-perm-id="{{ $perm->permission_id }}" @if($perm->has_permission) checked @endif autocomplete="off">
{{ $__t($perm->permission_name) }} {{ $__t($perm->permission_name) }}
</label> </label>
<div id="permission-sub-{{ $perm->permission_name }}"> <div id="permission-sub-{{ $perm->permission_name }}">
<ul> <ul>
@foreach($perm->uihelper_user_permissionsList(array('user_id' => $user->id))->via('parent') as $p) @foreach($perm->uihelper_user_permissionsList(array('user_id' => $user->id))->via('parent') as $p)
<li> <li>
@include('components.userpermission_select', array( @include('components.userpermission_select', array(
'perm' => $p 'perm' => $p
)) ))
</li> </li>
@endforeach @endforeach
</ul> </ul>
</div> </div>

10
views/errors/403.blade.php
View File

@ -3,9 +3,9 @@
@section('title', $__t('Unauthorized')) @section('title', $__t('Unauthorized'))
@section('content') @section('content')
<div class="row"> <div class="row">
<div class="col"> <div class="col">
<div class="alert alert-danger">{{ $__t('You are not allowed to view this page') }}</div> <div class="alert alert-danger">{{ $__t('You are not allowed to view this page') }}</div>
</div> </div>
</div> </div>
@stop @stop

14
views/errors/404.blade.php
View File

@ -3,11 +3,11 @@
@section('title', $__t('Page not found')) @section('title', $__t('Page not found'))
@section('content') @section('content')
<meta http-equiv="refresh" content="5;url={{$U('/')}}"> <meta http-equiv="refresh" content="5;url={{$U('/')}}">
<div class="row"> <div class="row">
<div class="col"> <div class="col">
<div class="alert alert-danger">{{ $__t('This page does not exists') }}</div> <div class="alert alert-danger">{{ $__t('This page does not exists') }}</div>
<div>{{ $__t('You will be redirected to the default page in %s seconds', '5') }}</div> <div>{{ $__t('You will be redirected to the default page in %s seconds', '5') }}</div>
</div> </div>
</div> </div>
@stop @stop

6
views/errors/500.blade.php
View File

@ -3,9 +3,9 @@
@section('title', $__t('Server error')) @section('title', $__t('Server error'))
@section('content') @section('content')
<div class="row"> <div class="row">
<div class="col"> <div class="col">
<div class="alert alert-danger">{{ $__t('A server error occured while processing your request') }}</div> <div class="alert alert-danger">{{ $__t('A server error occured while processing your request') }}</div>
<div class="alert alert-warning"> <div class="alert alert-warning">
{{ $__t('If you think this is a bug, please report it') }}<br> {{ $__t('If you think this is a bug, please report it') }}<br>
&rarr; <a target="_blank" href="https://github.com/grocy/grocy/issues">https://github.com/grocy/grocy/issues</a> &rarr; <a target="_blank" href="https://github.com/grocy/grocy/issues">https://github.com/grocy/grocy/issues</a>

32
views/errors/base.blade.php
View File

@ -1,20 +1,20 @@
@extends('layout.default') @extends('layout.default')
@section('content') @section('content')
<div class="row"> <div class="row">
<div class="col"> <div class="col">
<div> <div>
<h6>{{ $__t('Error source') }}</h6> <h6>{{ $__t('Error source') }}</h6>
<pre><code>{!! $exception->getFile() !!}:{!! $exception->getLine() !!}</code></pre> <pre><code>{!! $exception->getFile() !!}:{!! $exception->getLine() !!}</code></pre>
</div> </div>
<div> <div>
<h6>{{ $__t('Error message') }}</h6> <h6>{{ $__t('Error message') }}</h6>
<pre><code>{!! $exception->getMessage() !!}</code></pre> <pre><code>{!! $exception->getMessage() !!}</code></pre>
</div> </div>
<div> <div>
<h6>{{ $__t('Stack trace') }}</h6> <h6>{{ $__t('Stack trace') }}</h6>
<pre><code>{!! $exception->getTraceAsString() !!}</code></pre> <pre><code>{!! $exception->getTraceAsString() !!}</code></pre>
</div> </div>
</div> </div>
</div> </div>
@stop @stop

24
views/userpermissions.blade.php
View File

@ -5,9 +5,9 @@
@section('viewJsName', 'userpermissions') @section('viewJsName', 'userpermissions')
@push('pageScripts') @push('pageScripts')
<script> <script>
Grocy.EditObjectId = {{ $user->id }}; Grocy.EditObjectId = {{ $user->id }};
</script> </script>
@endpush @endpush
@section('content') @section('content')
@ -20,15 +20,15 @@
<div class="row mt-3"> <div class="row mt-3">
<div class="col"> <div class="col">
<ul> <ul>
@foreach($permissions as $perm) @foreach($permissions as $perm)
<li> <li>
@include('components.userpermission_select', array( @include('components.userpermission_select', array(
'permission' => $perm 'permission' => $perm
)) ))
</li> </li>
@endforeach @endforeach
</ul> </ul>
<button id="permission-save" class="btn btn-success" type="submit">{{ $__t('Save') }}</button> <button id="permission-save" class="btn btn-success" type="submit">{{ $__t('Save') }}</button>
</div> </div>
</div> </div>
@endsection @endsection