diff --git a/app/Api/V1/Controllers/Webhook/AttemptController.php b/app/Api/V1/Controllers/Webhook/AttemptController.php index 11cf4eb4db..5027171eff 100644 --- a/app/Api/V1/Controllers/Webhook/AttemptController.php +++ b/app/Api/V1/Controllers/Webhook/AttemptController.php @@ -36,6 +36,7 @@ use Illuminate\Support\Facades\Log; use League\Fractal\Pagination\IlluminatePaginatorAdapter; use League\Fractal\Resource\Collection as FractalCollection; use League\Fractal\Resource\Item; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class AttemptController @@ -69,7 +70,12 @@ class AttemptController extends Controller if ($message->webhook_id !== $webhook->id) { throw new FireflyException('200040: Webhook and webhook message are no match'); } + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } Log::channel('audit')->info(sprintf('User lists webhook attempts of webhook #%d and message #%d.', $webhook->id, $message->id)); + + $manager = $this->getManager(); $pageSize = $this->parameters->get('limit'); $collection = $this->repository->getAttempts($message); @@ -107,6 +113,12 @@ class AttemptController extends Controller throw new FireflyException('200041: Webhook message and webhook attempt are no match'); } + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + + Log::channel('audit')->info(sprintf('User views single webhook attempt #%d of webhook #%d and message #%d.', $attempt->id, $webhook->id, $message->id)); + $manager = $this->getManager(); /** @var WebhookAttemptTransformer $transformer */ diff --git a/app/Api/V1/Controllers/Webhook/DestroyController.php b/app/Api/V1/Controllers/Webhook/DestroyController.php index e2f3aec20c..e64c00a038 100644 --- a/app/Api/V1/Controllers/Webhook/DestroyController.php +++ b/app/Api/V1/Controllers/Webhook/DestroyController.php @@ -32,6 +32,7 @@ use FireflyIII\Models\WebhookMessage; use FireflyIII\Repositories\Webhook\WebhookRepositoryInterface; use Illuminate\Http\JsonResponse; use Illuminate\Support\Facades\Log; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class DestroyController @@ -61,6 +62,10 @@ class DestroyController extends Controller */ public function destroy(Webhook $webhook): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + Log::channel('audit')->info(sprintf('User destroys webhook #%d.', $webhook->id)); $this->repository->destroy($webhook); app('preferences')->mark(); @@ -84,8 +89,14 @@ class DestroyController extends Controller if ($attempt->webhook_message_id !== $message->id) { throw new FireflyException('200041: Webhook message and webhook attempt are no match'); } + + if (false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + Log::channel('audit')->info(sprintf('User destroys webhook #%d, message #%d, attempt #%d.', $webhook->id, $message->id, $attempt->id)); + $this->repository->destroyAttempt($attempt); app('preferences')->mark(); @@ -106,6 +117,11 @@ class DestroyController extends Controller if ($message->webhook_id !== $webhook->id) { throw new FireflyException('200040: Webhook and webhook message are no match'); } + + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + $this->repository->destroyMessage($message); app('preferences')->mark(); diff --git a/app/Api/V1/Controllers/Webhook/MessageController.php b/app/Api/V1/Controllers/Webhook/MessageController.php index 0ebd546636..2b375dc62d 100644 --- a/app/Api/V1/Controllers/Webhook/MessageController.php +++ b/app/Api/V1/Controllers/Webhook/MessageController.php @@ -35,6 +35,7 @@ use Illuminate\Support\Facades\Log; use League\Fractal\Pagination\IlluminatePaginatorAdapter; use League\Fractal\Resource\Collection as FractalCollection; use League\Fractal\Resource\Item; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class MessageController @@ -65,6 +66,9 @@ class MessageController extends Controller */ public function index(Webhook $webhook): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } Log::channel('audit')->info(sprintf('User views messages of webhook #%d.', $webhook->id)); $manager = $this->getManager(); $pageSize = $this->parameters->get('limit'); @@ -100,6 +104,10 @@ class MessageController extends Controller if ($message->webhook_id !== $webhook->id) { throw new FireflyException('200040: Webhook and webhook message are no match'); } + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + Log::channel('audit')->info(sprintf('User views message #%d of webhook #%d.', $message->id, $webhook->id)); $manager = $this->getManager(); diff --git a/app/Api/V1/Controllers/Webhook/ShowController.php b/app/Api/V1/Controllers/Webhook/ShowController.php index bc724a3fe9..c51bd5bf1a 100644 --- a/app/Api/V1/Controllers/Webhook/ShowController.php +++ b/app/Api/V1/Controllers/Webhook/ShowController.php @@ -38,6 +38,7 @@ use Illuminate\Support\Facades\Log; use League\Fractal\Pagination\IlluminatePaginatorAdapter; use League\Fractal\Resource\Collection as FractalCollection; use League\Fractal\Resource\Item; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class ShowController @@ -70,6 +71,10 @@ class ShowController extends Controller */ public function index(): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + Log::channel('audit')->info('User views all webhooks.'); $manager = $this->getManager(); $collection = $this->repository->all(); @@ -99,6 +104,10 @@ class ShowController extends Controller */ public function show(Webhook $webhook): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + Log::channel('audit')->info(sprintf('User views webhook #%d.', $webhook->id)); $manager = $this->getManager(); @@ -118,6 +127,10 @@ class ShowController extends Controller */ public function triggerTransaction(Webhook $webhook, TransactionGroup $group): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + app('log')->debug(sprintf('Now in triggerTransaction(%d, %d)', $webhook->id, $group->id)); Log::channel('audit')->info(sprintf('User triggers webhook #%d on transaction group #%d.', $webhook->id, $group->id)); diff --git a/app/Api/V1/Controllers/Webhook/StoreController.php b/app/Api/V1/Controllers/Webhook/StoreController.php index 5972dcb434..75d73adbea 100644 --- a/app/Api/V1/Controllers/Webhook/StoreController.php +++ b/app/Api/V1/Controllers/Webhook/StoreController.php @@ -30,6 +30,7 @@ use FireflyIII\Transformers\WebhookTransformer; use Illuminate\Http\JsonResponse; use Illuminate\Support\Facades\Log; use League\Fractal\Resource\Item; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class StoreController @@ -58,6 +59,10 @@ class StoreController extends Controller */ public function store(CreateRequest $request): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + $data = $request->getData(); $webhook = $this->repository->store($data); $manager = $this->getManager(); diff --git a/app/Api/V1/Controllers/Webhook/SubmitController.php b/app/Api/V1/Controllers/Webhook/SubmitController.php index 9fba515ffd..524f7bc5a6 100644 --- a/app/Api/V1/Controllers/Webhook/SubmitController.php +++ b/app/Api/V1/Controllers/Webhook/SubmitController.php @@ -29,6 +29,7 @@ use FireflyIII\Models\Webhook; use FireflyIII\Repositories\Webhook\WebhookRepositoryInterface; use Illuminate\Http\JsonResponse; use Illuminate\Support\Facades\Log; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class SubmitController @@ -56,6 +57,10 @@ class SubmitController extends Controller */ public function submit(Webhook $webhook): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + Log::channel('audit')->info(sprintf('User submits webhook #%d', $webhook->id)); // count messages that can be sent. $messages = $this->repository->getReadyMessages($webhook); diff --git a/app/Api/V1/Controllers/Webhook/UpdateController.php b/app/Api/V1/Controllers/Webhook/UpdateController.php index dd392dc72d..13601c4fe6 100644 --- a/app/Api/V1/Controllers/Webhook/UpdateController.php +++ b/app/Api/V1/Controllers/Webhook/UpdateController.php @@ -31,6 +31,7 @@ use FireflyIII\Transformers\WebhookTransformer; use Illuminate\Http\JsonResponse; use Illuminate\Support\Facades\Log; use League\Fractal\Resource\Item; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class UpdateController @@ -58,6 +59,10 @@ class UpdateController extends Controller */ public function update(Webhook $webhook, UpdateRequest $request): JsonResponse { + if(false === config('firefly.allow_webhooks')) { + throw new NotFoundHttpException('Webhooks are not enabled.'); + } + $data = $request->getData(); $webhook = $this->repository->update($webhook, $data); $manager = $this->getManager();