IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixed the accounts routes to be more strict about the types of accounts they accept.

Browse Source
This commit is contained in:
James Cole 2014-08-30 14:25:03 +02:00
parent c4f42a604f
commit b20d84e4b8
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
app/routes.php
View File

@ -1,23 +1,33 @@
<?php <?php
//use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
// models: // models:
Route::bind('account', function($value, $route) Route::bind('account', function($value, $route)
{ {
if(Auth::check()) { if(Auth::check()) {
return Account:: $account = Account::
where('id', $value)-> leftJoin('account_types','account_types.id','=','accounts.account_type_id')->
where('user_id',Auth::user()->id)->first(); where('account_types.editable',1)->
where('accounts.id', $value)->
where('user_id',Auth::user()->id)->
first(['accounts.*']);
if($account) {
return $account;
} }
return null; }
App::abort(404);
}); });
Route::bind('accountname', function($value, $route) Route::bind('accountname', function($value, $route)
{ {
if(Auth::check()) { if(Auth::check()) {
$type = AccountType::where('description','Default account')->first();
return Account:: return Account::
leftJoin('account_types','account_types.id','=','accounts.account_type_id')->
where('account_types.editable',1)->
where('name', $value)-> where('name', $value)->
where('account_type_id',$type->id)->
where('user_id',Auth::user()->id)->first(); where('user_id',Auth::user()->id)->first();
} }
return null; return null;