mirror of
https://github.com/grocy/grocy.git
synced 2025-08-08 15:21:25 +00:00
Applied EditorConfig settings to all files
This commit is contained in:
Bernd Bestel
parent
2c966c77fd
commit
3b0d29bed0
2
app.php
2
app.php
@ -67,7 +67,7 @@ if (!empty(GROCY_BASE_PATH))
|
||||
$app->addRoutingMiddleware();
|
||||
$errorMiddleware = $app->addErrorMiddleware(true, false, false);
|
||||
$errorMiddleware->setDefaultErrorHandler(
|
||||
new \Grocy\Controllers\ExceptionController($app, $container)
|
||||
new \Grocy\Controllers\ExceptionController($app, $container)
|
||||
);
|
||||
|
||||
$app->run();
|
||||
|
||||
@ -34,7 +34,7 @@ class BaseController
|
||||
$this->View->set('version', $versionInfo->Version);
|
||||
$this->View->set('releaseDate', $versionInfo->ReleaseDate);
|
||||
|
||||
$localizationService = $this->getLocalizationService();
|
||||
$localizationService = $this->getLocalizationService();
|
||||
$this->View->set('__t', function(string $text, ...$placeholderValues) use($localizationService)
|
||||
{
|
||||
return $localizationService->__t($text, $placeholderValues);
|
||||
@ -98,12 +98,12 @@ class BaseController
|
||||
return $this->render($response, $page, $data);
|
||||
}
|
||||
|
||||
protected function getDatabaseService()
|
||||
protected function getDatabaseService()
|
||||
{
|
||||
return DatabaseService::getInstance();
|
||||
}
|
||||
|
||||
protected function getDatabase()
|
||||
protected function getDatabase()
|
||||
{
|
||||
return $this->getDatabaseService()->GetDbConnection();
|
||||
}
|
||||
@ -128,7 +128,7 @@ class BaseController
|
||||
return CalendarService::getInstance();
|
||||
}
|
||||
|
||||
protected function getSessionService()
|
||||
protected function getSessionService()
|
||||
{
|
||||
return SessionService::getInstance();
|
||||
}
|
||||
@ -143,12 +143,12 @@ class BaseController
|
||||
return StockService::getInstance();
|
||||
}
|
||||
|
||||
protected function getTasksService()
|
||||
protected function getTasksService()
|
||||
{
|
||||
return TasksService::getInstance();
|
||||
}
|
||||
|
||||
protected function getUsersService()
|
||||
protected function getUsersService()
|
||||
{
|
||||
return UsersService::getInstance();
|
||||
}
|
||||
|
||||
@ -13,9 +13,9 @@ class BatteriesApiController extends BaseApiController
|
||||
|
||||
public function TrackChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_BATTERY_TRACK_CHARGE_CYCLE);
|
||||
User::checkPermission($request, User::PERMISSION_BATTERY_TRACK_CHARGE_CYCLE);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -53,9 +53,9 @@ class BatteriesApiController extends BaseApiController
|
||||
|
||||
public function UndoChargeCycle(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE);
|
||||
User::checkPermission($request, User::PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$this->ApiResponse($response, $this->getBatteriesService()->UndoChargeCycle($args['chargeCycleId']));
|
||||
return $this->EmptyApiResponse($response);
|
||||
|
||||
@ -17,9 +17,9 @@ class ChoresApiController extends BaseApiController
|
||||
|
||||
try
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_TRACK);
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_TRACK);
|
||||
|
||||
$trackedTime = date('Y-m-d H:i:s');
|
||||
$trackedTime = date('Y-m-d H:i:s');
|
||||
if (array_key_exists('tracked_time', $requestBody) && (IsIsoDateTime($requestBody['tracked_time']) || IsIsoDate($requestBody['tracked_time'])))
|
||||
{
|
||||
$trackedTime = $requestBody['tracked_time'];
|
||||
@ -31,7 +31,7 @@ class ChoresApiController extends BaseApiController
|
||||
$doneBy = $requestBody['done_by'];
|
||||
}
|
||||
if($doneBy != GROCY_USER_ID)
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_TRACK_OTHERS);
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_TRACK_OTHERS);
|
||||
|
||||
$choreExecutionId = $this->getChoresService()->TrackChore($args['choreId'], $trackedTime, $doneBy);
|
||||
return $this->ApiResponse($response, $this->getDatabase()->chores_log($choreExecutionId));
|
||||
@ -63,9 +63,9 @@ class ChoresApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_UNDO);
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_UNDO);
|
||||
|
||||
$this->ApiResponse($response, $this->getChoresService()->UndoChoreExecution($args['executionId']));
|
||||
$this->ApiResponse($response, $this->getChoresService()->UndoChoreExecution($args['executionId']));
|
||||
return $this->EmptyApiResponse($response);
|
||||
}
|
||||
catch (\Exception $ex)
|
||||
@ -78,9 +78,9 @@ class ChoresApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_EDIT);
|
||||
User::checkPermission($request, User::PERMISSION_CHORE_EDIT);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
$choreId = null;
|
||||
if (array_key_exists('chore_id', $requestBody) && !empty($requestBody['chore_id']) && is_numeric($requestBody['chore_id']))
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
<?php
|
||||
|
||||
|
||||
namespace Grocy\Controllers;
|
||||
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -12,58 +11,58 @@ use Throwable;
|
||||
|
||||
class ExceptionController extends BaseApiController
|
||||
{
|
||||
/**
|
||||
* @var \Slim\App
|
||||
*/
|
||||
private $app;
|
||||
/**
|
||||
* @var \Slim\App
|
||||
*/
|
||||
private $app;
|
||||
|
||||
public function __construct(\Slim\App $app, \DI\Container $container)
|
||||
{
|
||||
parent::__construct($container);
|
||||
$this->app = $app;
|
||||
}
|
||||
public function __construct(\Slim\App $app, \DI\Container $container)
|
||||
{
|
||||
parent::__construct($container);
|
||||
$this->app = $app;
|
||||
}
|
||||
|
||||
public function __invoke(ServerRequestInterface $request,
|
||||
Throwable $exception,
|
||||
bool $displayErrorDetails,
|
||||
bool $logErrors,
|
||||
bool $logErrorDetails,
|
||||
?LoggerInterface $logger = null)
|
||||
{
|
||||
$response = $this->app->getResponseFactory()->createResponse();
|
||||
public function __invoke(ServerRequestInterface $request,
|
||||
Throwable $exception,
|
||||
bool $displayErrorDetails,
|
||||
bool $logErrors,
|
||||
bool $logErrorDetails,
|
||||
?LoggerInterface $logger = null)
|
||||
{
|
||||
$response = $this->app->getResponseFactory()->createResponse();
|
||||
|
||||
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
|
||||
if ($isApiRoute) {
|
||||
$status = 500;
|
||||
if ($exception instanceof HttpException) {
|
||||
$status = $exception->getCode();
|
||||
}
|
||||
$data = [
|
||||
'error_message' => $exception->getMessage(),
|
||||
];
|
||||
if ($displayErrorDetails) {
|
||||
$data['error_details'] = [
|
||||
'stack_trace' => $exception->getTraceAsString(),
|
||||
'file' => $exception->getFile(),
|
||||
'line' => $exception->getLine(),
|
||||
];
|
||||
}
|
||||
return $this->ApiResponse($response->withStatus($status), $data);
|
||||
}
|
||||
if ($exception instanceof HttpNotFoundException) {
|
||||
return $this->renderPage($response->withStatus(404), 'errors/404', [
|
||||
'exception' => $exception
|
||||
]);
|
||||
}
|
||||
if ($exception instanceof HttpForbiddenException) {
|
||||
return $this->renderPage($response->withStatus(403), 'errors/403', [
|
||||
'exception' => $exception
|
||||
]);
|
||||
}
|
||||
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
|
||||
if ($isApiRoute) {
|
||||
$status = 500;
|
||||
if ($exception instanceof HttpException) {
|
||||
$status = $exception->getCode();
|
||||
}
|
||||
$data = [
|
||||
'error_message' => $exception->getMessage(),
|
||||
];
|
||||
if ($displayErrorDetails) {
|
||||
$data['error_details'] = [
|
||||
'stack_trace' => $exception->getTraceAsString(),
|
||||
'file' => $exception->getFile(),
|
||||
'line' => $exception->getLine(),
|
||||
];
|
||||
}
|
||||
return $this->ApiResponse($response->withStatus($status), $data);
|
||||
}
|
||||
if ($exception instanceof HttpNotFoundException) {
|
||||
return $this->renderPage($response->withStatus(404), 'errors/404', [
|
||||
'exception' => $exception
|
||||
]);
|
||||
}
|
||||
if ($exception instanceof HttpForbiddenException) {
|
||||
return $this->renderPage($response->withStatus(403), 'errors/403', [
|
||||
'exception' => $exception
|
||||
]);
|
||||
}
|
||||
|
||||
return $this->renderPage($response->withStatus(500), 'errors/500', [
|
||||
'exception' => $exception
|
||||
]);
|
||||
return $this->renderPage($response->withStatus(500), 'errors/500', [
|
||||
'exception' => $exception
|
||||
]);
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -16,9 +16,9 @@ class FilesApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_UPLOAD_FILE);
|
||||
User::checkPermission($request, User::PERMISSION_UPLOAD_FILE);
|
||||
|
||||
if (IsValidFileName(base64_decode($args['fileName'])))
|
||||
if (IsValidFileName(base64_decode($args['fileName'])))
|
||||
{
|
||||
$fileName = base64_decode($args['fileName']);
|
||||
}
|
||||
@ -100,9 +100,9 @@ class FilesApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_DELETE_FILE);
|
||||
User::checkPermission($request, User::PERMISSION_DELETE_FILE);
|
||||
|
||||
if (IsValidFileName(base64_decode($args['fileName'])))
|
||||
if (IsValidFileName(base64_decode($args['fileName'])))
|
||||
{
|
||||
$fileName = base64_decode($args['fileName']);
|
||||
}
|
||||
|
||||
@ -13,7 +13,7 @@ class GenericEntityApiController extends BaseApiController
|
||||
|
||||
public function GetObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
$objects = $this->getDatabase()->{$args['entity']}();
|
||||
$objects = $this->getDatabase()->{$args['entity']}();
|
||||
$allUserfields = $this->getUserfieldsService()->GetAllValues($args['entity']);
|
||||
|
||||
foreach ($objects as $object)
|
||||
@ -43,7 +43,7 @@ class GenericEntityApiController extends BaseApiController
|
||||
|
||||
public function GetObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
|
||||
if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
|
||||
{
|
||||
$userfields = $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']);
|
||||
if (count($userfields) === 0)
|
||||
@ -52,9 +52,9 @@ class GenericEntityApiController extends BaseApiController
|
||||
}
|
||||
|
||||
$object = $this->getDatabase()->{$args['entity']}($args['objectId']);
|
||||
if ($object == null) {
|
||||
return $this->GenericErrorResponse($response, 'Object not found', 404);
|
||||
}
|
||||
if ($object == null) {
|
||||
return $this->GenericErrorResponse($response, 'Object not found', 404);
|
||||
}
|
||||
|
||||
$object['userfields'] = $userfields;
|
||||
|
||||
@ -68,9 +68,9 @@ class GenericEntityApiController extends BaseApiController
|
||||
|
||||
public function AddObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
|
||||
if ($this->IsValidEntity($args['entity']))
|
||||
if ($this->IsValidEntity($args['entity']))
|
||||
{
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
@ -101,9 +101,9 @@ class GenericEntityApiController extends BaseApiController
|
||||
|
||||
public function EditObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
|
||||
if ($this->IsValidEntity($args['entity']))
|
||||
if ($this->IsValidEntity($args['entity']))
|
||||
{
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
@ -132,9 +132,9 @@ class GenericEntityApiController extends BaseApiController
|
||||
|
||||
public function DeleteObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
|
||||
if ($this->IsValidEntity($args['entity']))
|
||||
if ($this->IsValidEntity($args['entity']))
|
||||
{
|
||||
$row = $this->getDatabase()->{$args['entity']}($args['objectId']);
|
||||
$row->delete();
|
||||
@ -150,7 +150,7 @@ class GenericEntityApiController extends BaseApiController
|
||||
public function SearchObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
|
||||
if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
|
||||
if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
|
||||
{
|
||||
try
|
||||
{
|
||||
@ -169,7 +169,7 @@ class GenericEntityApiController extends BaseApiController
|
||||
|
||||
public function GetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
try
|
||||
try
|
||||
{
|
||||
return $this->ApiResponse($response, $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']));
|
||||
}
|
||||
@ -181,9 +181,9 @@ class GenericEntityApiController extends BaseApiController
|
||||
|
||||
public function SetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
|
||||
@ -13,9 +13,9 @@ class RecipesApiController extends BaseApiController
|
||||
|
||||
public function AddNotFulfilledProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
$excludedProductIds = null;
|
||||
|
||||
if ($requestBody !== null && array_key_exists('excludedProductIds', $requestBody))
|
||||
@ -29,9 +29,9 @@ class RecipesApiController extends BaseApiController
|
||||
|
||||
public function ConsumeRecipe(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME);
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$this->getRecipesService()->ConsumeRecipe($args['recipeId']);
|
||||
return $this->EmptyApiResponse($response);
|
||||
|
||||
@ -63,9 +63,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function AddProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_PURCHASE);
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_PURCHASE);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -139,9 +139,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function EditStockEntry(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_EDIT);
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_EDIT);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -190,9 +190,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function TransferProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_TRANSFER);
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_TRANSFER);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -246,9 +246,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function ConsumeProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME);
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_CONSUME);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
$result = null;
|
||||
|
||||
@ -319,9 +319,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function InventoryProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -383,9 +383,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function OpenProduct(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_OPEN);
|
||||
User::checkPermission($request, User::PERMISSION_PRODUCT_OPEN);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -452,9 +452,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function AddMissingProductsToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
@ -475,9 +475,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function ClearShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
@ -499,9 +499,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function AddProductToShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
@ -542,9 +542,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function RemoveProductFromShoppingList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
|
||||
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
@ -580,9 +580,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function ExternalBarcodeLookup(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$addFoundProduct = false;
|
||||
if (isset($request->getQueryParams()['add']) && ($request->getQueryParams()['add'] === 'true' || $request->getQueryParams()['add'] === 1))
|
||||
@ -600,9 +600,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function UndoBooking(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$this->ApiResponse($response, $this->getStockService()->UndoBooking($args['bookingId']));
|
||||
return $this->EmptyApiResponse($response);
|
||||
@ -615,9 +615,9 @@ class StockApiController extends BaseApiController
|
||||
|
||||
public function UndoTransaction(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
|
||||
User::checkPermission($request, User::PERMISSION_STOCK_CORRECTION);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$this->ApiResponse($response, $this->getStockService()->UndoTransaction($args['transactionId']));
|
||||
return $this->EmptyApiResponse($response);
|
||||
|
||||
@ -16,7 +16,7 @@ class StockController extends BaseController
|
||||
$nextXDays = $usersService->GetUserSettings(GROCY_USER_ID)['stock_expring_soon_days'];
|
||||
|
||||
return $this->renderPage($response, 'stockoverview', [
|
||||
'currentStock' => $this->getStockService()->GetCurrentStockOverview(),
|
||||
'currentStock' => $this->getStockService()->GetCurrentStockOverview(),
|
||||
'locations' => $this->getDatabase()->locations()->orderBy('name'),
|
||||
'currentStockLocations' => $this->getStockService()->GetCurrentStockLocations(),
|
||||
'nextXDays' => $nextXDays,
|
||||
|
||||
@ -11,9 +11,9 @@ class SystemApiController extends BaseApiController
|
||||
|
||||
public function GetDbChangedTime(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
return $this->ApiResponse($response, array(
|
||||
'changed_time' => $this->getDatabaseService()->GetDbChangedTime()
|
||||
));
|
||||
return $this->ApiResponse($response, array(
|
||||
'changed_time' => $this->getDatabaseService()->GetDbChangedTime()
|
||||
));
|
||||
}
|
||||
|
||||
public function GetConfig(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
|
||||
@ -18,9 +18,9 @@ class TasksApiController extends BaseApiController
|
||||
|
||||
public function MarkTaskAsCompleted(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_TASKS_MARK_COMPLETED);
|
||||
User::checkPermission($request, User::PERMISSION_TASKS_MARK_COMPLETED);
|
||||
|
||||
$requestBody = $request->getParsedBody();
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -41,9 +41,9 @@ class TasksApiController extends BaseApiController
|
||||
|
||||
public function UndoTask(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_TASKS_UNDO);
|
||||
User::checkPermission($request, User::PERMISSION_TASKS_UNDO);
|
||||
|
||||
try
|
||||
try
|
||||
{
|
||||
$this->getTasksService()->UndoTask($args['taskId']);
|
||||
return $this->EmptyApiResponse($response);
|
||||
|
||||
@ -8,8 +8,8 @@ use Throwable;
|
||||
|
||||
class PermissionMissingException extends HttpForbiddenException
|
||||
{
|
||||
public function __construct(ServerRequestInterface $request, string $permission, ?Throwable $previous = null)
|
||||
{
|
||||
parent::__construct($request, 'Permission missing: ' . $permission, $previous);
|
||||
}
|
||||
public function __construct(ServerRequestInterface $request, string $permission, ?Throwable $previous = null)
|
||||
{
|
||||
parent::__construct($request, 'Permission missing: ' . $permission, $previous);
|
||||
}
|
||||
}
|
||||
@ -7,85 +7,85 @@ use LessQL\Result;
|
||||
|
||||
class User
|
||||
{
|
||||
const PERMISSION_ADMIN = 'ADMIN';
|
||||
const PERMISSION_CREATE_USER = 'CREATE_USER';
|
||||
const PERMISSION_EDIT_USER = 'EDIT_USER';
|
||||
const PERMISSION_READ_USER = 'READ_USER';
|
||||
const PERMISSION_EDIT_SELF = 'EDIT_SELF';
|
||||
const PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE = 'BATTERY_UNDO_TRACK_CHARGE_CYCLE';
|
||||
const PERMISSION_BATTERY_TRACK_CHARGE_CYCLE = 'BATTERY_TRACK_CHARGE_CYCLE';
|
||||
const PERMISSION_CHORE_TRACK = 'CHORE_TRACK';
|
||||
const PERMISSION_CHORE_TRACK_OTHERS = 'CHORE_TRACK_OTHERS';
|
||||
const PERMISSION_CHORE_EDIT = 'CHORE_EDIT';
|
||||
const PERMISSION_CHORE_UNDO = 'CHORE_UNDO';
|
||||
const PERMISSION_UPLOAD_FILE = 'UPLOAD_FILE';
|
||||
const PERMISSION_DELETE_FILE = 'DELETE_FILE';
|
||||
const PERMISSION_MASTER_DATA_EDIT = 'MASTER_DATA_EDIT';
|
||||
const PERMISSION_TASKS_UNDO = 'TASKS_UNDO';
|
||||
const PERMISSION_TASKS_MARK_COMPLETED = 'TASKS_MARK_COMPLETED';
|
||||
const PERMISSION_STOCK_TRANSFER = 'STOCK_TRANSFER';
|
||||
const PERMISSION_STOCK_EDIT = 'STOCK_EDIT';
|
||||
const PERMISSION_PRODUCT_CONSUME = 'PRODUCT_CONSUME';
|
||||
const PERMISSION_STOCK_CORRECTION = 'STOCK_CORRECTION';
|
||||
const PERMISSION_PRODUCT_OPEN = 'PRODUCT_OPEN';
|
||||
const PERMISSION_SHOPPINGLIST_ITEMS_ADD = 'SHOPPINGLIST_ITEMS_ADD';
|
||||
const PERMISSION_SHOPPINGLIST_ITEMS_DELETE = 'SHOPPINGLIST_ITEMS_DELETE';
|
||||
const PERMISSION_PRODUCT_PURCHASE = 'PRODUCT_PURCHASE';
|
||||
const PERMISSION_ADMIN = 'ADMIN';
|
||||
const PERMISSION_CREATE_USER = 'CREATE_USER';
|
||||
const PERMISSION_EDIT_USER = 'EDIT_USER';
|
||||
const PERMISSION_READ_USER = 'READ_USER';
|
||||
const PERMISSION_EDIT_SELF = 'EDIT_SELF';
|
||||
const PERMISSION_BATTERY_UNDO_TRACK_CHARGE_CYCLE = 'BATTERY_UNDO_TRACK_CHARGE_CYCLE';
|
||||
const PERMISSION_BATTERY_TRACK_CHARGE_CYCLE = 'BATTERY_TRACK_CHARGE_CYCLE';
|
||||
const PERMISSION_CHORE_TRACK = 'CHORE_TRACK';
|
||||
const PERMISSION_CHORE_TRACK_OTHERS = 'CHORE_TRACK_OTHERS';
|
||||
const PERMISSION_CHORE_EDIT = 'CHORE_EDIT';
|
||||
const PERMISSION_CHORE_UNDO = 'CHORE_UNDO';
|
||||
const PERMISSION_UPLOAD_FILE = 'UPLOAD_FILE';
|
||||
const PERMISSION_DELETE_FILE = 'DELETE_FILE';
|
||||
const PERMISSION_MASTER_DATA_EDIT = 'MASTER_DATA_EDIT';
|
||||
const PERMISSION_TASKS_UNDO = 'TASKS_UNDO';
|
||||
const PERMISSION_TASKS_MARK_COMPLETED = 'TASKS_MARK_COMPLETED';
|
||||
const PERMISSION_STOCK_TRANSFER = 'STOCK_TRANSFER';
|
||||
const PERMISSION_STOCK_EDIT = 'STOCK_EDIT';
|
||||
const PERMISSION_PRODUCT_CONSUME = 'PRODUCT_CONSUME';
|
||||
const PERMISSION_STOCK_CORRECTION = 'STOCK_CORRECTION';
|
||||
const PERMISSION_PRODUCT_OPEN = 'PRODUCT_OPEN';
|
||||
const PERMISSION_SHOPPINGLIST_ITEMS_ADD = 'SHOPPINGLIST_ITEMS_ADD';
|
||||
const PERMISSION_SHOPPINGLIST_ITEMS_DELETE = 'SHOPPINGLIST_ITEMS_DELETE';
|
||||
const PERMISSION_PRODUCT_PURCHASE = 'PRODUCT_PURCHASE';
|
||||
|
||||
/**
|
||||
* @var \LessQL\Database|null
|
||||
*/
|
||||
protected $db;
|
||||
/**
|
||||
* @var \LessQL\Database|null
|
||||
*/
|
||||
protected $db;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->db = DatabaseService::getInstance()->GetDbConnection();
|
||||
public function __construct()
|
||||
{
|
||||
$this->db = DatabaseService::getInstance()->GetDbConnection();
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
protected function getPermissions(): Result
|
||||
{
|
||||
return $this->db->user_permissions_resolved()->where('user_id', GROCY_USER_ID);
|
||||
}
|
||||
protected function getPermissions(): Result
|
||||
{
|
||||
return $this->db->user_permissions_resolved()->where('user_id', GROCY_USER_ID);
|
||||
}
|
||||
|
||||
public function hasPermission(string $permission): bool
|
||||
{
|
||||
// global $PERMISSION_CACHE;
|
||||
// if(isset($PERMISSION_CACHE[$permission]))
|
||||
// return $PERMISSION_CACHE[$permission];
|
||||
return $this->getPermissions()->where('permission_name', $permission)->fetch() !== null;
|
||||
}
|
||||
public function hasPermission(string $permission): bool
|
||||
{
|
||||
// global $PERMISSION_CACHE;
|
||||
// if(isset($PERMISSION_CACHE[$permission]))
|
||||
// return $PERMISSION_CACHE[$permission];
|
||||
return $this->getPermissions()->where('permission_name', $permission)->fetch() !== null;
|
||||
}
|
||||
|
||||
public static function checkPermission($request, string ...$permissions): void
|
||||
{
|
||||
$user = new User();
|
||||
foreach ($permissions as $permission) {
|
||||
if (!$user->hasPermission($permission)) {
|
||||
throw new PermissionMissingException($request, $permission);
|
||||
}
|
||||
}
|
||||
public static function checkPermission($request, string ...$permissions): void
|
||||
{
|
||||
$user = new User();
|
||||
foreach ($permissions as $permission) {
|
||||
if (!$user->hasPermission($permission)) {
|
||||
throw new PermissionMissingException($request, $permission);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
public function getPermissionList()
|
||||
{
|
||||
return $this->db->uihelper_user_permissions()->where('user_id', GROCY_USER_ID);
|
||||
}
|
||||
public function getPermissionList()
|
||||
{
|
||||
return $this->db->uihelper_user_permissions()->where('user_id', GROCY_USER_ID);
|
||||
}
|
||||
|
||||
public static function hasPermissions(string ...$permissions)
|
||||
{
|
||||
$user = new User();
|
||||
foreach ($permissions as $permission) {
|
||||
if (!$user->hasPermission($permission)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
public static function hasPermissions(string ...$permissions)
|
||||
{
|
||||
$user = new User();
|
||||
foreach ($permissions as $permission) {
|
||||
if (!$user->hasPermission($permission)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public static function PermissionList()
|
||||
{
|
||||
$user = new User();
|
||||
return $user->getPermissionList();
|
||||
}
|
||||
public static function PermissionList()
|
||||
{
|
||||
$user = new User();
|
||||
return $user->getPermissionList();
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,8 +13,8 @@ class UsersApiController extends BaseApiController
|
||||
|
||||
public function GetUsers(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_READ_USER);
|
||||
try
|
||||
User::checkPermission($request, User::PERMISSION_READ_USER);
|
||||
try
|
||||
{
|
||||
return $this->ApiResponse($response, $this->getUsersService()->GetUsersAsDto());
|
||||
}
|
||||
@ -26,7 +26,7 @@ class UsersApiController extends BaseApiController
|
||||
|
||||
public function CreateUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_CREATE_USER);
|
||||
User::checkPermission($request, User::PERMISSION_CREATE_USER);
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
@ -47,8 +47,8 @@ class UsersApiController extends BaseApiController
|
||||
|
||||
public function DeleteUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_USER);
|
||||
try
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_USER);
|
||||
try
|
||||
{
|
||||
$this->getUsersService()->DeleteUser($args['userId']);
|
||||
return $this->EmptyApiResponse($response);
|
||||
@ -61,12 +61,12 @@ class UsersApiController extends BaseApiController
|
||||
|
||||
public function EditUser(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
if ($args['userId'] == GROCY_USER_ID) {
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_SELF);
|
||||
} else {
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_USER);
|
||||
}
|
||||
$requestBody = $request->getParsedBody();
|
||||
if ($args['userId'] == GROCY_USER_ID) {
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_SELF);
|
||||
} else {
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_USER);
|
||||
}
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
try
|
||||
{
|
||||
@ -119,65 +119,65 @@ class UsersApiController extends BaseApiController
|
||||
}
|
||||
}
|
||||
|
||||
public function AddPermission(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
try {
|
||||
User::checkPermission($request, User::PERMISSION_ADMIN);
|
||||
$requestBody = $request->getParsedBody();
|
||||
public function AddPermission(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
try {
|
||||
User::checkPermission($request, User::PERMISSION_ADMIN);
|
||||
$requestBody = $request->getParsedBody();
|
||||
|
||||
$this->getDatabase()->user_permissions()->createRow(array(
|
||||
'user_id' => $args['userId'],
|
||||
'permission_id' => $requestBody['permission_id'],
|
||||
))->save();
|
||||
return $this->EmptyApiResponse($response);
|
||||
} catch (\Slim\Exception\HttpSpecializedException $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
|
||||
} catch (\Exception $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage());
|
||||
}
|
||||
}
|
||||
$this->getDatabase()->user_permissions()->createRow(array(
|
||||
'user_id' => $args['userId'],
|
||||
'permission_id' => $requestBody['permission_id'],
|
||||
))->save();
|
||||
return $this->EmptyApiResponse($response);
|
||||
} catch (\Slim\Exception\HttpSpecializedException $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
|
||||
} catch (\Exception $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
public function ListPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
try {
|
||||
User::checkPermission($request, User::PERMISSION_ADMIN);
|
||||
public function ListPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
try {
|
||||
User::checkPermission($request, User::PERMISSION_ADMIN);
|
||||
|
||||
return $this->ApiResponse($response,
|
||||
$this->getDatabase()->user_permissions()->where($args['userId'])
|
||||
);
|
||||
} catch (\Slim\Exception\HttpSpecializedException $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
|
||||
} catch (\Exception $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage());
|
||||
}
|
||||
}
|
||||
return $this->ApiResponse($response,
|
||||
$this->getDatabase()->user_permissions()->where($args['userId'])
|
||||
);
|
||||
} catch (\Slim\Exception\HttpSpecializedException $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
|
||||
} catch (\Exception $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
public function SetPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
try {
|
||||
User::checkPermission($request, User::PERMISSION_ADMIN);
|
||||
$requestBody = $request->getParsedBody();
|
||||
$db = $this->getDatabase();
|
||||
$db->user_permissions()
|
||||
->where('user_id', $args['userId'])
|
||||
->delete();
|
||||
public function SetPermissions(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
try {
|
||||
User::checkPermission($request, User::PERMISSION_ADMIN);
|
||||
$requestBody = $request->getParsedBody();
|
||||
$db = $this->getDatabase();
|
||||
$db->user_permissions()
|
||||
->where('user_id', $args['userId'])
|
||||
->delete();
|
||||
|
||||
$perms = [];
|
||||
$perms = [];
|
||||
|
||||
foreach ($requestBody['permissions'] as $perm_id) {
|
||||
$perms[] = array(
|
||||
'user_id' => $args['userId'],
|
||||
'permission_id' => $perm_id
|
||||
);
|
||||
}
|
||||
foreach ($requestBody['permissions'] as $perm_id) {
|
||||
$perms[] = array(
|
||||
'user_id' => $args['userId'],
|
||||
'permission_id' => $perm_id
|
||||
);
|
||||
}
|
||||
|
||||
$db->insert('user_permissions', $perms, 'batch');
|
||||
$db->insert('user_permissions', $perms, 'batch');
|
||||
|
||||
return $this->EmptyApiResponse($response);
|
||||
} catch (\Slim\Exception\HttpSpecializedException $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
|
||||
} catch (\Exception $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage());
|
||||
}
|
||||
}
|
||||
return $this->EmptyApiResponse($response);
|
||||
} catch (\Slim\Exception\HttpSpecializedException $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage(), $ex->getCode());
|
||||
} catch (\Exception $ex) {
|
||||
return $this->GenericErrorResponse($response, $ex->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -8,8 +8,8 @@ class UsersController extends BaseController
|
||||
{
|
||||
public function UsersList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_READ_USER);
|
||||
return $this->renderPage($response, 'users', [
|
||||
User::checkPermission($request, User::PERMISSION_READ_USER);
|
||||
return $this->renderPage($response, 'users', [
|
||||
'users' => $this->getDatabase()->users()->orderBy('username')
|
||||
]);
|
||||
}
|
||||
@ -18,30 +18,30 @@ class UsersController extends BaseController
|
||||
{
|
||||
if ($args['userId'] == 'new')
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_CREATE_USER);
|
||||
return $this->renderPage($response, 'userform', [
|
||||
User::checkPermission($request, User::PERMISSION_CREATE_USER);
|
||||
return $this->renderPage($response, 'userform', [
|
||||
'mode' => 'create'
|
||||
]);
|
||||
}
|
||||
else
|
||||
{
|
||||
if($args['userId'] == GROCY_USER_ID)
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_SELF);
|
||||
else User::checkPermission($request, User::PERMISSION_EDIT_USER);
|
||||
return $this->renderPage($response, 'userform', [
|
||||
if($args['userId'] == GROCY_USER_ID)
|
||||
User::checkPermission($request, User::PERMISSION_EDIT_SELF);
|
||||
else User::checkPermission($request, User::PERMISSION_EDIT_USER);
|
||||
return $this->renderPage($response, 'userform', [
|
||||
'user' => $this->getDatabase()->users($args['userId']),
|
||||
'mode' => 'edit'
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
public function PermissionList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_READ_USER);
|
||||
return $this->renderPage($response, 'userpermissions', [
|
||||
'user' => $this->getDatabase()->users($args['userId']),
|
||||
'permissions' => $this->getDatabase()->uihelper_user_permissions()
|
||||
->where('parent IS NULL')->where('user_id', $args['userId']),
|
||||
]);
|
||||
}
|
||||
public function PermissionList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
||||
{
|
||||
User::checkPermission($request, User::PERMISSION_READ_USER);
|
||||
return $this->renderPage($response, 'userpermissions', [
|
||||
'user' => $this->getDatabase()->users($args['userId']),
|
||||
'permissions' => $this->getDatabase()->uihelper_user_permissions()
|
||||
->where('parent IS NULL')->where('user_id', $args['userId']),
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,61 +7,61 @@ const REQUIRED_SQLITE_VERSION = "3.8.3";
|
||||
|
||||
class PrerequisiteChecker
|
||||
{
|
||||
public function checkRequirements()
|
||||
{
|
||||
self::checkForConfigFile();
|
||||
self::checkForConfigDistFile();
|
||||
self::checkForComposer();
|
||||
self::checkForPhpExtensions();
|
||||
self::checkForSqliteVersion();
|
||||
}
|
||||
public function checkRequirements()
|
||||
{
|
||||
self::checkForConfigFile();
|
||||
self::checkForConfigDistFile();
|
||||
self::checkForComposer();
|
||||
self::checkForPhpExtensions();
|
||||
self::checkForSqliteVersion();
|
||||
}
|
||||
|
||||
|
||||
private function checkForConfigFile()
|
||||
{
|
||||
if (!file_exists(GROCY_DATAPATH . '/config.php'))
|
||||
{
|
||||
throw new ERequirementNotMet('config.php in data directory (' . GROCY_DATAPATH . ') not found. Have you copied config-dist.php to the data directory and renamed it to config.php?');
|
||||
}
|
||||
}
|
||||
private function checkForConfigFile()
|
||||
{
|
||||
if (!file_exists(GROCY_DATAPATH . '/config.php'))
|
||||
{
|
||||
throw new ERequirementNotMet('config.php in data directory (' . GROCY_DATAPATH . ') not found. Have you copied config-dist.php to the data directory and renamed it to config.php?');
|
||||
}
|
||||
}
|
||||
|
||||
private function checkForConfigDistFile()
|
||||
{
|
||||
if (!file_exists(__DIR__ . '/../config-dist.php'))
|
||||
{
|
||||
throw new ERequirementNotMet('config-dist.php not found. Please do not remove this file.');
|
||||
}
|
||||
}
|
||||
private function checkForConfigDistFile()
|
||||
{
|
||||
if (!file_exists(__DIR__ . '/../config-dist.php'))
|
||||
{
|
||||
throw new ERequirementNotMet('config-dist.php not found. Please do not remove this file.');
|
||||
}
|
||||
}
|
||||
|
||||
private function checkForComposer()
|
||||
{
|
||||
if (!file_exists(__DIR__ . '/../vendor/autoload.php'))
|
||||
{
|
||||
throw new ERequirementNotMet('/vendor/autoload.php not found. Have you run Composer?');
|
||||
}
|
||||
}
|
||||
private function checkForComposer()
|
||||
{
|
||||
if (!file_exists(__DIR__ . '/../vendor/autoload.php'))
|
||||
{
|
||||
throw new ERequirementNotMet('/vendor/autoload.php not found. Have you run Composer?');
|
||||
}
|
||||
}
|
||||
|
||||
private function checkForPhpExtensions()
|
||||
{
|
||||
$loadedExtensions = get_loaded_extensions();
|
||||
foreach (REQUIRED_PHP_EXTENSIONS as $extension)
|
||||
{
|
||||
if (!in_array($extension, $loadedExtensions))
|
||||
{
|
||||
throw new ERequirementNotMet("PHP module '{$extension}' not installed, but required.");
|
||||
}
|
||||
}
|
||||
}
|
||||
private function checkForPhpExtensions()
|
||||
{
|
||||
$loadedExtensions = get_loaded_extensions();
|
||||
foreach (REQUIRED_PHP_EXTENSIONS as $extension)
|
||||
{
|
||||
if (!in_array($extension, $loadedExtensions))
|
||||
{
|
||||
throw new ERequirementNotMet("PHP module '{$extension}' not installed, but required.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private function checkForSqliteVersion()
|
||||
{
|
||||
$sqliteVersion = self::getSqlVersionAsString();
|
||||
if (version_compare($sqliteVersion, REQUIRED_SQLITE_VERSION, '<'))
|
||||
{
|
||||
throw new ERequirementNotMet('SQLite ' . REQUIRED_SQLITE_VERSION . ' is required, however you are running ' . $sqliteVersion);
|
||||
}
|
||||
}
|
||||
private function checkForSqliteVersion()
|
||||
{
|
||||
$sqliteVersion = self::getSqlVersionAsString();
|
||||
if (version_compare($sqliteVersion, REQUIRED_SQLITE_VERSION, '<'))
|
||||
{
|
||||
throw new ERequirementNotMet('SQLite ' . REQUIRED_SQLITE_VERSION . ' is required, however you are running ' . $sqliteVersion);
|
||||
}
|
||||
}
|
||||
|
||||
private function getSqlVersionAsString()
|
||||
{
|
||||
|
||||
@ -10,67 +10,67 @@ use Grocy\Services\ApiKeyService;
|
||||
|
||||
class ApiKeyAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->ApiKeyHeaderName = $this->AppContainer->get('ApiKeyHeaderName');
|
||||
}
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->ApiKeyHeaderName = $this->AppContainer->get('ApiKeyHeaderName');
|
||||
}
|
||||
|
||||
protected $ApiKeyHeaderName;
|
||||
protected $ApiKeyHeaderName;
|
||||
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
|
||||
$validApiKey = true;
|
||||
$usedApiKey = null;
|
||||
$validApiKey = true;
|
||||
$usedApiKey = null;
|
||||
|
||||
$apiKeyService = new ApiKeyService();
|
||||
$apiKeyService = new ApiKeyService();
|
||||
|
||||
// First check of the API key in the configured header
|
||||
if (!$request->hasHeader($this->ApiKeyHeaderName) || !$apiKeyService->IsValidApiKey($request->getHeaderLine($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = false;
|
||||
}
|
||||
else
|
||||
{
|
||||
$usedApiKey = $request->getHeaderLine($this->ApiKeyHeaderName);
|
||||
}
|
||||
// First check of the API key in the configured header
|
||||
if (!$request->hasHeader($this->ApiKeyHeaderName) || !$apiKeyService->IsValidApiKey($request->getHeaderLine($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = false;
|
||||
}
|
||||
else
|
||||
{
|
||||
$usedApiKey = $request->getHeaderLine($this->ApiKeyHeaderName);
|
||||
}
|
||||
|
||||
// Not recommended, but it's also possible to provide the API key via a query parameter (same name as the configured header)
|
||||
if (!$validApiKey && !empty($request->getQueryParam($this->ApiKeyHeaderName)) && $apiKeyService->IsValidApiKey($request->getQueryParam($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = true;
|
||||
$usedApiKey = $request->getQueryParam($this->ApiKeyHeaderName);
|
||||
}
|
||||
// Not recommended, but it's also possible to provide the API key via a query parameter (same name as the configured header)
|
||||
if (!$validApiKey && !empty($request->getQueryParam($this->ApiKeyHeaderName)) && $apiKeyService->IsValidApiKey($request->getQueryParam($this->ApiKeyHeaderName)))
|
||||
{
|
||||
$validApiKey = true;
|
||||
$usedApiKey = $request->getQueryParam($this->ApiKeyHeaderName);
|
||||
}
|
||||
|
||||
// Handling of special purpose API keys
|
||||
if (!$validApiKey)
|
||||
{
|
||||
if ($routeName === 'calendar-ical')
|
||||
{
|
||||
if ($request->getQueryParam('secret') !== null && $apiKeyService->IsValidApiKey($request->getQueryParam('secret'), ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL))
|
||||
{
|
||||
$validApiKey = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
// Handling of special purpose API keys
|
||||
if (!$validApiKey)
|
||||
{
|
||||
if ($routeName === 'calendar-ical')
|
||||
{
|
||||
if ($request->getQueryParam('secret') !== null && $apiKeyService->IsValidApiKey($request->getQueryParam('secret'), ApiKeyService::API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL))
|
||||
{
|
||||
$validApiKey = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($validApiKey)
|
||||
{
|
||||
return $apiKeyService->GetUserByApiKey($usedApiKey);
|
||||
if ($validApiKey)
|
||||
{
|
||||
return $apiKeyService->GetUserByApiKey($usedApiKey);
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -12,73 +12,73 @@ use Grocy\Services\SessionService;
|
||||
|
||||
abstract class AuthMiddleware extends BaseMiddleware
|
||||
{
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container);
|
||||
$this->ResponseFactory = $responseFactory;
|
||||
}
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container);
|
||||
$this->ResponseFactory = $responseFactory;
|
||||
}
|
||||
|
||||
protected $ResponseFactory;
|
||||
protected $ResponseFactory;
|
||||
|
||||
public function __invoke(Request $request, RequestHandler $handler): Response
|
||||
{
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
|
||||
public function __invoke(Request $request, RequestHandler $handler): Response
|
||||
{
|
||||
$routeContext = RouteContext::fromRequest($request);
|
||||
$route = $routeContext->getRoute();
|
||||
$routeName = $route->getName();
|
||||
$isApiRoute = string_starts_with($request->getUri()->getPath(), '/api/');
|
||||
|
||||
if ($routeName === 'root')
|
||||
{
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else if ($routeName === 'login')
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
return $handler->handle($request);
|
||||
}
|
||||
if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
|
||||
{
|
||||
$sessionService = SessionService::getInstance();
|
||||
$user = $sessionService->GetDefaultUser();
|
||||
if ($routeName === 'root')
|
||||
{
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else if ($routeName === 'login')
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
return $handler->handle($request);
|
||||
}
|
||||
if (GROCY_MODE === 'dev' || GROCY_MODE === 'demo' || GROCY_MODE === 'prerelease' || GROCY_IS_EMBEDDED_INSTALL || GROCY_DISABLE_AUTH)
|
||||
{
|
||||
$sessionService = SessionService::getInstance();
|
||||
$user = $sessionService->GetDefaultUser();
|
||||
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else
|
||||
{
|
||||
$user = $this->authenticate($request);
|
||||
return $handler->handle($request);
|
||||
}
|
||||
else
|
||||
{
|
||||
$user = $this->authenticate($request);
|
||||
|
||||
if ($user === null)
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
if ($user === null)
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', false);
|
||||
|
||||
$response = $this->ResponseFactory->createResponse();
|
||||
if ($isApiRoute)
|
||||
{
|
||||
return $response->withStatus(401);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_ID', $user->id);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
$response = $this->ResponseFactory->createResponse();
|
||||
if ($isApiRoute)
|
||||
{
|
||||
return $response->withStatus(401);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $response->withHeader('Location', $this->AppContainer->get('UrlManager')->ConstructUrl('/login'));
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
define('GROCY_AUTHENTICATED', true);
|
||||
define('GROCY_USER_ID', $user->id);
|
||||
define('GROCY_USER_USERNAME', $user->username);
|
||||
|
||||
return $response = $handler->handle($request);
|
||||
}
|
||||
}
|
||||
}
|
||||
return $response = $handler->handle($request);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param Request $request
|
||||
* @return mixed|null the user row or null if the request is not authenticated
|
||||
* @throws \Exception Throws an \Exception if config is invalid.
|
||||
*/
|
||||
protected abstract function authenticate(Request $request);
|
||||
/**
|
||||
* @param Request $request
|
||||
* @return mixed|null the user row or null if the request is not authenticated
|
||||
* @throws \Exception Throws an \Exception if config is invalid.
|
||||
*/
|
||||
protected abstract function authenticate(Request $request);
|
||||
}
|
||||
|
||||
@ -6,19 +6,19 @@ use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
|
||||
class DefaultAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
protected function authenticate(Request $request)
|
||||
{
|
||||
// First try to authenticate by API key
|
||||
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
if ($user !== null)
|
||||
{
|
||||
return $user;
|
||||
}
|
||||
protected function authenticate(Request $request)
|
||||
{
|
||||
// First try to authenticate by API key
|
||||
$auth = new ApiKeyAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
if ($user !== null)
|
||||
{
|
||||
return $user;
|
||||
}
|
||||
|
||||
// Then by session cookie
|
||||
$auth = new SessionAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
return $user;
|
||||
}
|
||||
// Then by session cookie
|
||||
$auth = new SessionAuthMiddleware($this->AppContainer, $this->ResponseFactory);
|
||||
$user = $auth->authenticate($request);
|
||||
return $user;
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,32 +9,32 @@ use Grocy\Services\UsersService;
|
||||
|
||||
class ReverseProxyAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', false);
|
||||
}
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', false);
|
||||
}
|
||||
|
||||
$db = DatabaseService::getInstance()->GetDbConnection();
|
||||
$db = DatabaseService::getInstance()->GetDbConnection();
|
||||
|
||||
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
|
||||
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
|
||||
|
||||
if (count($username) !== 1)
|
||||
{
|
||||
// Invalid configuration of Proxy
|
||||
throw new \Exception("ReverseProxyAuthMiddleware: Invalid username from proxy: " . var_dump($username));
|
||||
}
|
||||
if (count($username) !== 1)
|
||||
{
|
||||
// Invalid configuration of Proxy
|
||||
throw new \Exception("ReverseProxyAuthMiddleware: Invalid username from proxy: " . var_dump($username));
|
||||
}
|
||||
|
||||
$username = $username[0];
|
||||
$username = $username[0];
|
||||
|
||||
$user = $db->users()->where('username', $username)->fetch();
|
||||
$user = $db->users()->where('username', $username)->fetch();
|
||||
|
||||
if ($user == null)
|
||||
{
|
||||
$user = UsersService::getInstance()->CreateUser($username, '', '', '');
|
||||
}
|
||||
if ($user == null)
|
||||
{
|
||||
$user = UsersService::getInstance()->CreateUser($username, '', '', '');
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
return $user;
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,29 +10,29 @@ use Grocy\Services\SessionService;
|
||||
|
||||
class SessionAuthMiddleware extends AuthMiddleware
|
||||
{
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->SessionCookieName = $this->AppContainer->get('LoginControllerInstance')->GetSessionCookieName();
|
||||
}
|
||||
public function __construct(\DI\Container $container, ResponseFactoryInterface $responseFactory)
|
||||
{
|
||||
parent::__construct($container, $responseFactory);
|
||||
$this->SessionCookieName = $this->AppContainer->get('LoginControllerInstance')->GetSessionCookieName();
|
||||
}
|
||||
|
||||
protected $SessionCookieName;
|
||||
protected $SessionCookieName;
|
||||
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
function authenticate(Request $request)
|
||||
{
|
||||
if (!defined('GROCY_SHOW_AUTH_VIEWS'))
|
||||
{
|
||||
define('GROCY_SHOW_AUTH_VIEWS', true);
|
||||
}
|
||||
|
||||
$sessionService = SessionService::getInstance();
|
||||
if (!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName]))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
return $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
|
||||
}
|
||||
}
|
||||
$sessionService = SessionService::getInstance();
|
||||
if (!isset($_COOKIE[$this->SessionCookieName]) || !$sessionService->IsValidSession($_COOKIE[$this->SessionCookieName]))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
else
|
||||
{
|
||||
return $sessionService->GetUserBySessionKey($_COOKIE[$this->SessionCookieName]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -575,13 +575,13 @@ canvas.drawingBuffer {
|
||||
}
|
||||
|
||||
.print-view {
|
||||
width: 100%;
|
||||
max-width: 100%;
|
||||
flex-basis: 100%;
|
||||
width: 100%;
|
||||
max-width: 100%;
|
||||
flex-basis: 100%;
|
||||
}
|
||||
}
|
||||
|
||||
.not-allowed {
|
||||
pointer-events: none;
|
||||
pointer-events: none;
|
||||
opacity: 0.5;
|
||||
}
|
||||
@ -220,23 +220,23 @@
|
||||
}
|
||||
|
||||
.night-mode .note-editor.note-frame .note-editing-area .note-editable {
|
||||
color: #c1c1c1;
|
||||
background-color: #333131;
|
||||
color: #c1c1c1;
|
||||
background-color: #333131;
|
||||
}
|
||||
|
||||
.night-mode .bootstrap-datetimepicker-widget table td.day {
|
||||
background-color: #333131;
|
||||
background-color: #333131;
|
||||
}
|
||||
|
||||
.night-mode .bootstrap-datetimepicker-widget table td {
|
||||
background-color: #333131;
|
||||
background-color: #333131;
|
||||
}
|
||||
|
||||
.night-mode .bootstrap-datetimepicker-widget table td,
|
||||
.night-mode .bootstrap-datetimepicker-widget table th {
|
||||
background-color: #333131;
|
||||
background-color: #333131;
|
||||
}
|
||||
|
||||
.night-mode .dropdown-menu {
|
||||
background-color: #333131;
|
||||
background-color: #333131;
|
||||
}
|
||||
|
||||
@ -36,7 +36,7 @@ try
|
||||
}
|
||||
catch (ERequirementNotMet $ex)
|
||||
{
|
||||
die('Unable to run grocy: ' . $ex->getMessage());
|
||||
die('Unable to run grocy: ' . $ex->getMessage());
|
||||
}
|
||||
|
||||
require_once __DIR__ . '/../app.php';
|
||||
|
||||
@ -91,11 +91,11 @@ FindObjectInArrayByPropertyValue = function(array, propertyName, propertyValue)
|
||||
{
|
||||
if (array[i][propertyName] == propertyValue)
|
||||
{
|
||||
return array[i];
|
||||
}
|
||||
return array[i];
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
return null;
|
||||
}
|
||||
|
||||
FindAllObjectsInArrayByPropertyValue = function(array, propertyName, propertyValue)
|
||||
@ -107,7 +107,7 @@ FindAllObjectsInArrayByPropertyValue = function(array, propertyName, propertyVal
|
||||
if (array[i][propertyName] == propertyValue)
|
||||
{
|
||||
returnArray.push(array[i]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return returnArray;
|
||||
|
||||
@ -233,7 +233,7 @@ $(document).on("click", "#barcodescanner-start-button", async function(e)
|
||||
{
|
||||
Grocy.Components.BarcodeScanner.TorchOn(Quagga.CameraAccess.getActiveTrack());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
},
|
||||
cancel: {
|
||||
label: __t('Cancel'),
|
||||
|
||||
@ -153,7 +153,7 @@ if (Grocy.Components.ProductPicker !== undefined)
|
||||
$('#product_id').attr("barcode-qu-factor-purchase-to-stock", "null");
|
||||
$('#product_id').attr("barcode-shopping-location-id", "null");
|
||||
}
|
||||
},
|
||||
},
|
||||
function(xhr)
|
||||
{
|
||||
console.error(xhr);
|
||||
@ -184,11 +184,11 @@ if (Grocy.Components.ProductPicker !== undefined)
|
||||
{
|
||||
if (productDetails.last_qu_factor_purchase_to_stock != null)
|
||||
{
|
||||
qu_factor_purchase_to_stock = productDetails.last_qu_factor_purchase_to_stock;
|
||||
qu_factor_purchase_to_stock = productDetails.last_qu_factor_purchase_to_stock;
|
||||
}
|
||||
else
|
||||
{
|
||||
qu_factor_purchase_to_stock = productDetails.product.qu_factor_purchase_to_stock;
|
||||
qu_factor_purchase_to_stock = productDetails.product.qu_factor_purchase_to_stock;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -36,10 +36,10 @@
|
||||
Grocy.FrontendHelpers.ShowGenericError('Error while saving, probably this item already exists', xhr.response)
|
||||
}
|
||||
);
|
||||
if ($("#create_inverse").is(":checked"))
|
||||
if ($("#create_inverse").is(":checked"))
|
||||
{
|
||||
jsonData.to_qu_id = inverse_to_qu_id;
|
||||
jsonData.from_qu_id = inverse_from_qu_id;
|
||||
jsonData.to_qu_id = inverse_to_qu_id;
|
||||
jsonData.from_qu_id = inverse_from_qu_id;
|
||||
jsonData.factor = 1 / jsonData.factor;
|
||||
|
||||
//Create Inverse
|
||||
@ -124,7 +124,7 @@ $("#create_inverse").on("change", function()
|
||||
|
||||
if (value)
|
||||
{
|
||||
$('#qu-conversion-inverse-info').removeClass('d-none');
|
||||
$('#qu-conversion-inverse-info').removeClass('d-none');
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@ -1,42 +1,42 @@
|
||||
$('input.permission-cb').click(
|
||||
function () {
|
||||
check_hierachy(this.checked, this.name);
|
||||
}
|
||||
function () {
|
||||
check_hierachy(this.checked, this.name);
|
||||
}
|
||||
);
|
||||
|
||||
function check_hierachy(checked, name) {
|
||||
var disabled = checked;
|
||||
$('#permission-sub-' + name).find('input.permission-cb')
|
||||
.prop('checked', disabled)
|
||||
.attr('disabled', disabled);
|
||||
var disabled = checked;
|
||||
$('#permission-sub-' + name).find('input.permission-cb')
|
||||
.prop('checked', disabled)
|
||||
.attr('disabled', disabled);
|
||||
}
|
||||
|
||||
$('#permission-save').click(
|
||||
function () {
|
||||
var permission_list = $('input.permission-cb')
|
||||
.filter(function () {
|
||||
return $(this).prop('checked') && !$(this).attr('disabled');
|
||||
}).map(function () {
|
||||
return $(this).data('perm-id');
|
||||
}).toArray();
|
||||
Grocy.Api.Put('users/' + Grocy.EditObjectId + '/permissions', {
|
||||
'permissions': permission_list,
|
||||
}, function (result) {
|
||||
toastr.success(__t("Permissions saved"));
|
||||
}, function (xhr) {
|
||||
toastr.error(__t(JSON.parse(xhr.response).error_message));
|
||||
}
|
||||
);
|
||||
}
|
||||
function () {
|
||||
var permission_list = $('input.permission-cb')
|
||||
.filter(function () {
|
||||
return $(this).prop('checked') && !$(this).attr('disabled');
|
||||
}).map(function () {
|
||||
return $(this).data('perm-id');
|
||||
}).toArray();
|
||||
Grocy.Api.Put('users/' + Grocy.EditObjectId + '/permissions', {
|
||||
'permissions': permission_list,
|
||||
}, function (result) {
|
||||
toastr.success(__t("Permissions saved"));
|
||||
}, function (xhr) {
|
||||
toastr.error(__t(JSON.parse(xhr.response).error_message));
|
||||
}
|
||||
);
|
||||
}
|
||||
);
|
||||
|
||||
if (Grocy.EditObjectId == Grocy.UserId) {
|
||||
$('input.permission-cb[name=ADMIN]').click(function () {
|
||||
if (!this.checked) {
|
||||
if (!confirm(__t('Are you sure you want to stop being an ADMIN?'))) {
|
||||
this.checked = true;
|
||||
check_hierachy(this.checked, this.name);
|
||||
}
|
||||
}
|
||||
})
|
||||
$('input.permission-cb[name=ADMIN]').click(function () {
|
||||
if (!this.checked) {
|
||||
if (!confirm(__t('Are you sure you want to stop being an ADMIN?'))) {
|
||||
this.checked = true;
|
||||
check_hierachy(this.checked, this.name);
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
12
routes.php
12
routes.php
@ -33,9 +33,9 @@ $app->group('', function(RouteCollectorProxy $group)
|
||||
// User routes
|
||||
$group->get('/users', '\Grocy\Controllers\UsersController:UsersList');
|
||||
$group->get('/user/{userId}', '\Grocy\Controllers\UsersController:UserEditForm');
|
||||
$group->get('/user/{userId}/permissions', '\Grocy\Controllers\UsersController:PermissionList');
|
||||
$group->get('/user/{userId}/permissions', '\Grocy\Controllers\UsersController:PermissionList');
|
||||
|
||||
// Stock routes
|
||||
// Stock routes
|
||||
if (GROCY_FEATURE_FLAG_STOCK)
|
||||
{
|
||||
$group->get('/stockoverview', '\Grocy\Controllers\StockController:Overview');
|
||||
@ -169,11 +169,11 @@ $app->group('/api', function(RouteCollectorProxy $group)
|
||||
$group->post('/users', '\Grocy\Controllers\UsersApiController:CreateUser');
|
||||
$group->put('/users/{userId}', '\Grocy\Controllers\UsersApiController:EditUser');
|
||||
$group->delete('/users/{userId}', '\Grocy\Controllers\UsersApiController:DeleteUser');
|
||||
$group->get('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:ListPermissions');
|
||||
$group->post('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:AddPermission');
|
||||
$group->put('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:SetPermissions');
|
||||
$group->get('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:ListPermissions');
|
||||
$group->post('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:AddPermission');
|
||||
$group->put('/users/{userId}/permissions', '\Grocy\Controllers\UsersApiController:SetPermissions');
|
||||
|
||||
// User
|
||||
// User
|
||||
$group->get('/user/settings', '\Grocy\Controllers\UsersApiController:GetUserSettings');
|
||||
$group->get('/user/settings/{settingKey}', '\Grocy\Controllers\UsersApiController:GetUserSetting');
|
||||
$group->put('/user/settings/{settingKey}', '\Grocy\Controllers\UsersApiController:SetUserSetting');
|
||||
|
||||
@ -23,7 +23,7 @@ class BaseService
|
||||
return self::$instances[$className];
|
||||
}
|
||||
|
||||
protected function getDatabaseService()
|
||||
protected function getDatabaseService()
|
||||
{
|
||||
return DatabaseService::getInstance();
|
||||
}
|
||||
|
||||
@ -28,7 +28,7 @@ class DatabaseService
|
||||
return GROCY_DATAPATH . '/grocy.db';
|
||||
}
|
||||
|
||||
private static $DbConnectionRaw = null;
|
||||
private static $DbConnectionRaw = null;
|
||||
/**
|
||||
* @return \PDO
|
||||
*/
|
||||
|
||||
@ -12,7 +12,7 @@ class DemoDataGeneratorService extends BaseService
|
||||
$this->LocalizationService = new LocalizationService(GROCY_CULTURE);
|
||||
}
|
||||
|
||||
protected $LocalizationService;
|
||||
protected $LocalizationService;
|
||||
|
||||
public function PopulateDemoData()
|
||||
{
|
||||
|
||||
@ -21,16 +21,16 @@ class LocalizationService
|
||||
|
||||
|
||||
protected function getDatabaseService()
|
||||
{
|
||||
return DatabaseService::getInstance();
|
||||
}
|
||||
{
|
||||
return DatabaseService::getInstance();
|
||||
}
|
||||
|
||||
protected function getdatabase()
|
||||
{
|
||||
return $this->getDatabaseService()->GetDbConnection();
|
||||
}
|
||||
protected function getdatabase()
|
||||
{
|
||||
return $this->getDatabaseService()->GetDbConnection();
|
||||
}
|
||||
|
||||
public static function getInstance(string $culture)
|
||||
public static function getInstance(string $culture)
|
||||
{
|
||||
if (!in_array($culture, self::$instanceMap))
|
||||
{
|
||||
@ -92,10 +92,10 @@ class LocalizationService
|
||||
{
|
||||
$this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/userfield_types.po"));
|
||||
}
|
||||
if (file_exists(__DIR__ . "/../localization/$culture/permissions.po"))
|
||||
{
|
||||
$this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/permissions.po"));
|
||||
}
|
||||
if (file_exists(__DIR__ . "/../localization/$culture/permissions.po"))
|
||||
{
|
||||
$this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/permissions.po"));
|
||||
}
|
||||
if (GROCY_MODE !== 'production' && file_exists(__DIR__ . "/../localization/$culture/demo_data.po"))
|
||||
{
|
||||
$this->Po = $this->Po->mergeWith(Translations::fromPoFile(__DIR__ . "/../localization/$culture/demo_data.po"));
|
||||
|
||||
@ -14,16 +14,16 @@ class StockService extends BaseService
|
||||
const TRANSACTION_TYPE_PRODUCT_OPENED = 'product-opened';
|
||||
const TRANSACTION_TYPE_SELF_PRODUCTION = 'self-production';
|
||||
|
||||
public function GetCurrentStockOverview()
|
||||
{
|
||||
if (!GROCY_FEATURE_SETTING_STOCK_COUNT_OPENED_PRODUCTS_AGAINST_MINIMUM_STOCK_AMOUNT) {
|
||||
return $this->getDatabase()->uihelper_stock_current_overview();
|
||||
} else {
|
||||
return $this->getDatabase()->uihelper_stock_current_overview_including_opened();
|
||||
}
|
||||
}
|
||||
public function GetCurrentStockOverview()
|
||||
{
|
||||
if (!GROCY_FEATURE_SETTING_STOCK_COUNT_OPENED_PRODUCTS_AGAINST_MINIMUM_STOCK_AMOUNT) {
|
||||
return $this->getDatabase()->uihelper_stock_current_overview();
|
||||
} else {
|
||||
return $this->getDatabase()->uihelper_stock_current_overview_including_opened();
|
||||
}
|
||||
}
|
||||
|
||||
public function GetCurrentStock($includeNotInStockButMissingProducts = false)
|
||||
public function GetCurrentStock($includeNotInStockButMissingProducts = false)
|
||||
{
|
||||
$sql = 'SELECT * FROM stock_current';
|
||||
if ($includeNotInStockButMissingProducts)
|
||||
|
||||
@ -23,13 +23,13 @@ class UserfieldsService extends BaseService
|
||||
protected $OpenApiSpec = null;
|
||||
|
||||
protected function getOpenApispec()
|
||||
{
|
||||
if($this->OpenApiSpec == null)
|
||||
{
|
||||
$this->OpenApiSpec = json_decode(file_get_contents(__DIR__ . '/../grocy.openapi.json'));
|
||||
}
|
||||
return $this->OpenApiSpec;
|
||||
}
|
||||
{
|
||||
if($this->OpenApiSpec == null)
|
||||
{
|
||||
$this->OpenApiSpec = json_decode(file_get_contents(__DIR__ . '/../grocy.openapi.json'));
|
||||
}
|
||||
return $this->OpenApiSpec;
|
||||
}
|
||||
|
||||
public function GetFields($entity)
|
||||
{
|
||||
|
||||
@ -12,17 +12,17 @@ class UsersService extends BaseService
|
||||
'last_name' => $lastName,
|
||||
'password' => password_hash($password, PASSWORD_DEFAULT)
|
||||
));
|
||||
$newUserRow = $newUserRow->save();
|
||||
$permList = array();
|
||||
foreach ($this->getDatabase()->permission_hierarchy()->where('name', GROCY_DEFAULT_PERMISSIONS)->fetchAll() as $perm) {
|
||||
$permList[] = array(
|
||||
'user_id' => $newUserRow->id,
|
||||
'permission_id' => $perm->id
|
||||
);
|
||||
}
|
||||
$this->getDatabase()->user_permissions()->insert($permList);
|
||||
$newUserRow = $newUserRow->save();
|
||||
$permList = array();
|
||||
foreach ($this->getDatabase()->permission_hierarchy()->where('name', GROCY_DEFAULT_PERMISSIONS)->fetchAll() as $perm) {
|
||||
$permList[] = array(
|
||||
'user_id' => $newUserRow->id,
|
||||
'permission_id' => $perm->id
|
||||
);
|
||||
}
|
||||
$this->getDatabase()->user_permissions()->insert($permList);
|
||||
|
||||
return $newUserRow;
|
||||
return $newUserRow;
|
||||
}
|
||||
|
||||
public function EditUser(int $userId, string $username, string $firstName, string $lastName, string $password)
|
||||
|
||||
@ -16,5 +16,5 @@
|
||||
<option value="{{ $shoppinglocation->id }}">{{ $shoppinglocation->name }}</option>
|
||||
@endforeach
|
||||
</select>
|
||||
<div class="invalid-feedback">{{ $__t('You have to select a store') }}</div>
|
||||
<div class="invalid-feedback">{{ $__t('You have to select a store') }}</div>
|
||||
</div>
|
||||
|
||||
@ -1,15 +1,15 @@
|
||||
<label>
|
||||
<input type="checkbox" name="{{ $perm->permission_name }}" class="permission-cb" data-perm-id="{{ $perm->permission_id }}" @if($perm->has_permission) checked @endif autocomplete="off">
|
||||
{{ $__t($perm->permission_name) }}
|
||||
<input type="checkbox" name="{{ $perm->permission_name }}" class="permission-cb" data-perm-id="{{ $perm->permission_id }}" @if($perm->has_permission) checked @endif autocomplete="off">
|
||||
{{ $__t($perm->permission_name) }}
|
||||
</label>
|
||||
<div id="permission-sub-{{ $perm->permission_name }}">
|
||||
<ul>
|
||||
@foreach($perm->uihelper_user_permissionsList(array('user_id' => $user->id))->via('parent') as $p)
|
||||
<li>
|
||||
@include('components.userpermission_select', array(
|
||||
'perm' => $p
|
||||
))
|
||||
</li>
|
||||
@endforeach
|
||||
</ul>
|
||||
<ul>
|
||||
@foreach($perm->uihelper_user_permissionsList(array('user_id' => $user->id))->via('parent') as $p)
|
||||
<li>
|
||||
@include('components.userpermission_select', array(
|
||||
'perm' => $p
|
||||
))
|
||||
</li>
|
||||
@endforeach
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
@ -3,9 +3,9 @@
|
||||
@section('title', $__t('Unauthorized'))
|
||||
|
||||
@section('content')
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-danger">{{ $__t('You are not allowed to view this page') }}</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-danger">{{ $__t('You are not allowed to view this page') }}</div>
|
||||
</div>
|
||||
</div>
|
||||
@stop
|
||||
|
||||
@ -3,11 +3,11 @@
|
||||
@section('title', $__t('Page not found'))
|
||||
|
||||
@section('content')
|
||||
<meta http-equiv="refresh" content="5;url={{$U('/')}}">
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-danger">{{ $__t('This page does not exists') }}</div>
|
||||
<div>{{ $__t('You will be redirected to the default page in %s seconds', '5') }}</div>
|
||||
</div>
|
||||
</div>
|
||||
<meta http-equiv="refresh" content="5;url={{$U('/')}}">
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-danger">{{ $__t('This page does not exists') }}</div>
|
||||
<div>{{ $__t('You will be redirected to the default page in %s seconds', '5') }}</div>
|
||||
</div>
|
||||
</div>
|
||||
@stop
|
||||
|
||||
@ -3,9 +3,9 @@
|
||||
@section('title', $__t('Server error'))
|
||||
|
||||
@section('content')
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-danger">{{ $__t('A server error occured while processing your request') }}</div>
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="alert alert-danger">{{ $__t('A server error occured while processing your request') }}</div>
|
||||
<div class="alert alert-warning">
|
||||
{{ $__t('If you think this is a bug, please report it') }}<br>
|
||||
→ <a target="_blank" href="https://github.com/grocy/grocy/issues">https://github.com/grocy/grocy/issues</a>
|
||||
|
||||
@ -1,20 +1,20 @@
|
||||
@extends('layout.default')
|
||||
|
||||
@section('content')
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div>
|
||||
<h6>{{ $__t('Error source') }}</h6>
|
||||
<pre><code>{!! $exception->getFile() !!}:{!! $exception->getLine() !!}</code></pre>
|
||||
</div>
|
||||
<div>
|
||||
<h6>{{ $__t('Error message') }}</h6>
|
||||
<pre><code>{!! $exception->getMessage() !!}</code></pre>
|
||||
</div>
|
||||
<div>
|
||||
<h6>{{ $__t('Stack trace') }}</h6>
|
||||
<pre><code>{!! $exception->getTraceAsString() !!}</code></pre>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div>
|
||||
<h6>{{ $__t('Error source') }}</h6>
|
||||
<pre><code>{!! $exception->getFile() !!}:{!! $exception->getLine() !!}</code></pre>
|
||||
</div>
|
||||
<div>
|
||||
<h6>{{ $__t('Error message') }}</h6>
|
||||
<pre><code>{!! $exception->getMessage() !!}</code></pre>
|
||||
</div>
|
||||
<div>
|
||||
<h6>{{ $__t('Stack trace') }}</h6>
|
||||
<pre><code>{!! $exception->getTraceAsString() !!}</code></pre>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@stop
|
||||
|
||||
@ -5,9 +5,9 @@
|
||||
@section('viewJsName', 'userpermissions')
|
||||
|
||||
@push('pageScripts')
|
||||
<script>
|
||||
Grocy.EditObjectId = {{ $user->id }};
|
||||
</script>
|
||||
<script>
|
||||
Grocy.EditObjectId = {{ $user->id }};
|
||||
</script>
|
||||
@endpush
|
||||
|
||||
@section('content')
|
||||
@ -20,15 +20,15 @@
|
||||
<div class="row mt-3">
|
||||
<div class="col">
|
||||
<ul>
|
||||
@foreach($permissions as $perm)
|
||||
<li>
|
||||
@include('components.userpermission_select', array(
|
||||
'permission' => $perm
|
||||
))
|
||||
</li>
|
||||
@endforeach
|
||||
</ul>
|
||||
<button id="permission-save" class="btn btn-success" type="submit">{{ $__t('Save') }}</button>
|
||||
@foreach($permissions as $perm)
|
||||
<li>
|
||||
@include('components.userpermission_select', array(
|
||||
'permission' => $perm
|
||||
))
|
||||
</li>
|
||||
@endforeach
|
||||
</ul>
|
||||
<button id="permission-save" class="btn btn-success" type="submit">{{ $__t('Save') }}</button>
|
||||
</div>
|
||||
</div>
|
||||
@endsection
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user