hledger-web: actually add transaction to the selected journal file

[erictapen]

[Fix for #1229]

The hledger-web interface currently allows for selecting a file on which to append a transaction, but currently that data isn't used anywhere. It just writes to the default file, regardless of the selection.

My solution is somewhat of a hack; I use the tsourcepos metadata in the Transaction type to carry the preffered journal file around.

Also this currently has the security implication, that it allows users to append transactions to arbitrary files. It probably would make sense to only restrict this to the files that are discovered by hledger, but I'm not familiar with the logic.

[simonmichael]

it allows users to append transactions to arbitrary files

Thanks for the PR and for calling out the above, which does sound like a blocker.

[crocodile-code-review]

Review on Crocodile

[erictapen]

Thanks for the PR and for calling out the above, which does sound like a blocker.

Do you have any pointer to where I could get a list of allowed files from? I'm a bit lost in the code base currently.

[simonmichael]

Sure, hledger-lib:Hledger.Journal.Data.journalFilePaths will list all the journal's files.

[simonmichael]

PS, this worked once - possible some spelunking in code history is useful ?

[erictapen]

I implemented the check for the journal file. Didn't look at the code history though, so I have no idea what broke this.

I also quickly tested this on my setup and it seems to work. Adding to legitimate files still works, but forging the file path to a different one produces the desired error message without appending to the file.

[simonmichael]

We went with a different fix, see #1229.