ronald/timebank-cc-public
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Ronald Huynen
2026-03-23 21:37:59 +01:00
commit 2547717edb
2193 changed files with 972171 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
app/Http/Livewire/SingleTransactionTable.php Normal file
View File

@@ -0,0 +1,112 @@
<?php
namespace App\Http\Livewire;
use App\Models\Transaction;
use App\Models\User;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Session;
use Illuminate\Support\Facades\URL;
use Livewire\Component;
class SingleTransactionTable extends Component
{
public $balance = 0;
public $transaction;
public $qrModalVisible = false;
public $transactionId;
protected $queryString = [
'qrModalVisible' => ['except' => false],
];
public function mount($transactionId)
{
$profile = getActiveProfile();
if (!$profile) {
abort(403, 'No active profile');
}
// CRITICAL SECURITY: Validate user has ownership/access to this profile
// This prevents unauthorized access to transaction statements via session manipulation
\App\Helpers\ProfileAuthorizationHelper::authorize($profile);
// Convert string '1' or 'true' to boolean
$this->qrModalVisible = filter_var($this->qrModalVisible, FILTER_VALIDATE_BOOLEAN);
$this->transactionId = $transactionId;
$this->getTransaction($transactionId);
}
public function getTransaction()
{
$results = Transaction::with('accountTo.accountable', 'accountFrom.accountable', 'transactionType')->findOrFail($this->transactionId);
$fromType = get_class($results->accountFrom->accountable);
$toType = get_class($results->accountTo->accountable);
$fromId = $results->accountFrom->accountable->id;
$toId = $results->accountTo->accountable->id;
// Check if the user is authorized to view the transaction
if (
!in_array(Session::get('activeProfileType'), [$fromType, $toType]) ||
!in_array(Session::get('activeProfileId'), [$fromId, $toId])
) {
// TODO: redirect to public custom page with more info
abort(403, 'Unauthorized action.');
}
$transaction[] = [
'trans_id' => $results->id,
'amount' => $results->amount,
'from_account' => $results->accountFrom->name,
'from_profile_path' => URL::to('/') . '/' . __(strtolower(class_basename($fromType))) . '/' . $results->accountFrom->accountable->id,
'from_profile_name' => $results->accountFrom->accountable->name,
'from_profile_full_name' => $results->accountFrom->accountable->full_name,
'from_profile_location' => $results->accountFrom->accountable->getLocationFirst()['name_short'],
'from_profile_photo' => $results->accountFrom->accountable->profile_photo_path,
'to_account' => $results->accountTo->name,
'to_profile_path' => URL::to('/') . '/' . __(strtolower(class_basename($toType))) . '/' . $results->accountTo->accountable->id,
'to_profile_name' => $results->accountTo->accountable->name,
'to_profile_full_name' => $results->accountTo->accountable->full_name,
'to_profile_location' => $results->accountTo->accountable->getLocationFirst()['name_short'],
'to_profile_photo' => $results->accountTo->accountable->profile_photo_path,
'description' => $results->description,
'type_label' => $results->transactionType->label ?? '',
'type_icon' => $results->transactionType->icon ?? '',
'creator_user' => $results->creator_user_id ? $this->getCreatorUser($results->creator_user_id) : '',
'datetime' => $results->created_at,
];
return Arr::collapse($transaction);
}
public function getCreatorUser($id)
{
if($id) {
$model = User::find($id);
$creator = [
'name' => $model->name,
'full_name' => $model->full_name,
'path' => URL::to('/') . '/' . 'user' . '/' . $id,
];
}
return $creator;
}
public function qrModal()
{
$this->qrModalVisible = true;
}
public function render()
{
$this->transaction = $this->getTransaction();
return view('livewire.single-transaction-table');
}
}