Skip to content

Commit

Permalink
Disable options for other peoples clients.
Browse files Browse the repository at this point in the history
  • Loading branch information
@JC5
JC5 committed Oct 24, 2021
1 parent b3f424f commit e9e9a35
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 2 deletions.
19 changes: 19 additions & 0 deletions app/Support/Twig/General.php
View file
Expand Up @@ -49,6 +49,7 @@ public function getFilters(): array
$this->mimeIcon(),
$this->markdown(),
$this->floatval(),
$this->phpHostName(),
];
}

Expand Down Expand Up @@ -91,6 +92,24 @@ static function (?Account $account): string {
);
}

/**
* Show URL host name
*
* @return TwigFilter
*/
protected function phpHostName(): TwigFilter
{
return new TwigFilter(
'phphost',
static function (string $string): string {
$proto = (string)parse_url($string, PHP_URL_SCHEME);
$host = (string)parse_url($string, PHP_URL_HOST);

return e(sprintf('%s://%s', $proto, $host));
}
);
}

/**
* Used to convert 1024 to 1kb etc.
*
Expand Down
4 changes: 3 additions & 1 deletion resources/lang/en_US/firefly.php
View file
Expand Up @@ -232,7 +232,9 @@

// API access
'authorization_request' => 'Firefly III v:version Authorization Request',
'authorization_request_intro' => '<strong>:client</strong> is requesting permission to access your financial administration. Would you like to authorize <strong>:client</strong> to access these records?',
'authorization_request_intro' => 'Application "<strong>:client</strong>" is requesting permission to access your financial administration. Would you like to authorize <strong>:client</strong> to access these records?',
'authorization_request_site' => 'You will be redirected to <code>:url</code> which will then be able to access your Firefly III data.',
'authorization_request_invalid' => 'This access request is invalid. Please never follow this link again.',
'scopes_will_be_able' => 'This application will be able to:',
'button_authorize' => 'Authorize',
'none_in_select_list' => '(none)',
Expand Down
15 changes: 14 additions & 1 deletion resources/views/vendor/passport/authorize.twig
View file
Expand Up @@ -56,10 +56,21 @@
{{ trans('firefly.authorization_request', {version: config('firefly.version')}) }}
</div>
<div class="panel-body">
<!-- Introduction -->
{% if client.user.id == user.id %}
<p>
{{ trans('firefly.authorization_request_intro', {client: client.name|escape})|raw }}
</p>
<p>
{{ trans('firefly.authorization_request_site', {url: client.redirect|phphost})|raw }}
</p>
{% endif %}

{% if client.user.id != user.id %}
<p class="text-danger">
{{ 'authorization_request_invalid'|_ }}

</p>
{% endif %}
<!-- Scope List -->
{% if scopes|length > 0 %}
<div class="scopes">
Expand All @@ -75,13 +86,15 @@

<div class="buttons">
<!-- Authorize Button -->
{% if client.user.id == user.id %}
<form method="post" action="{{ route('index') }}/oauth/authorize">
{{ csrf_field() }}

<input type="hidden" name="state" value="{{ request.state }}">
<input type="hidden" name="client_id" value="{{ client.id }}">
<button type="submit" class="btn btn-success btn-approve">{{ 'button_authorize'|_ }}</button>
</form>
{% endif %}

<!-- Cancel Button -->
<form method="post" action="{{ route('index') }}/oauth/authorize">
Expand Down

0 comments on commit e9e9a35

Please sign in to comment.