Update various routes

This commit is contained in:
James Cole 2022-02-09 17:31:30 +01:00
parent eb0281e47f
commit 1f3badb731
No known key found for this signature in database
GPG Key ID: BDE6667570EADBD5
3 changed files with 25 additions and 3 deletions

View File

@ -77,7 +77,7 @@ class ShowController extends Controller
$pageSize = (int)app('preferences')->getForUser(auth()->user(), 'listPageSize', 50)->data; $pageSize = (int)app('preferences')->getForUser(auth()->user(), 'listPageSize', 50)->data;
// get list of budgets. Count it and split it. // get list of budgets. Count it and split it.
$collection = $this->repository->getAll(); $collection = $this->repository->get();
$count = $collection->count(); $count = $collection->count();
$piggyBanks = $collection->slice(($this->parameters->get('page') - 1) * $pageSize, $pageSize); $piggyBanks = $collection->slice(($this->parameters->get('page') - 1) * $pageSize, $pageSize);

View File

@ -28,6 +28,7 @@ use FireflyIII\Rules\IsBoolean;
use FireflyIII\Support\Request\ChecksLogin; use FireflyIII\Support\Request\ChecksLogin;
use FireflyIII\Support\Request\ConvertsDataTypes; use FireflyIII\Support\Request\ConvertsDataTypes;
use Illuminate\Foundation\Http\FormRequest; use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Validator;
/** /**
* Class UserUpdateRequest * Class UserUpdateRequest
@ -43,7 +44,7 @@ class UserUpdateRequest extends FormRequest
*/ */
public function authorize(): bool public function authorize(): bool
{ {
return auth()->check() && auth()->user()->hasRole('owner'); return auth()->check();
} }
/** /**
@ -83,4 +84,25 @@ class UserUpdateRequest extends FormRequest
]; ];
} }
/**
* Configure the validator instance.
*
* @param Validator $validator
*
* @return void
*/
public function withValidator(Validator $validator): void
{
$current = $this->route()->parameter('user');
$validator->after(
static function (Validator $validator) use($current) {
$isAdmin = auth()->user()->hasRole('owner');
// not admin, and not own user?
if (auth()->check() && false === $isAdmin && $current?->id !== auth()->user()->id) {
$validator->errors()->add('email', (string) trans('validation.invalid_selection'));
}
}
);
}
} }

View File

@ -525,7 +525,7 @@ Route::group(
); );
// Users API routes: // Users API routes:
Route::group( Route::group(
['middleware' => ['auth:api', 'bindings', IsAdmin::class], 'namespace' => 'FireflyIII\Api\V1\Controllers\System', 'prefix' => 'users', ['middleware' => ['auth:api,sanctum', 'bindings'], 'namespace' => 'FireflyIII\Api\V1\Controllers\System', 'prefix' => 'users',
'as' => 'api.v1.users.',], 'as' => 'api.v1.users.',],
static function () { static function () {