Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-31 10:04:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixes logic for hosted login

Browse Source
This commit is contained in:
David Bomba 2021-06-14 17:04:15 +10:00
parent c67998219e
commit 1397c9ab1c
2 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
app/Http/Controllers/Auth/LoginController.php
View File

@ -222,14 +222,9 @@ class LoginController extends BaseController
}); });
// $cu->first()->account->companies->each(function ($company) use($cu, $request){ /*On the hosted platform, only owners can login for free/pro accounts*/
if(Ninja::isHosted() && !$cu->first()->is_owner && !$user->account->isEnterpriseClient())
// if($company->tokens()->where('is_system', true)->count() == 0) return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
// {
// CreateCompanyToken::dispatchNow($company, $cu->first()->user, $request->server('HTTP_USER_AGENT'));
// }
// });
return $this->timeConstrainedResponse($cu); return $this->timeConstrainedResponse($cu);
@ -318,6 +313,9 @@ class LoginController extends BaseController
if($request->has('current_company') && $request->input('current_company') == 'true') if($request->has('current_company') && $request->input('current_company') == 'true')
$cu->where("company_id", $company_token->company_id); $cu->where("company_id", $company_token->company_id);
if(Ninja::isHosted() && !$cu->first()->is_owner && !$cu->first()->user->account->isEnterpriseClient())
return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
return $this->refreshResponse($cu); return $this->refreshResponse($cu);
} }
@ -379,6 +377,9 @@ class LoginController extends BaseController
} }
}); });
if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_user->account->isEnterpriseClient())
return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
return $this->timeConstrainedResponse($cu); return $this->timeConstrainedResponse($cu);
} }
@ -407,6 +408,9 @@ class LoginController extends BaseController
} }
}); });
if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient())
return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
return $this->timeConstrainedResponse($cu); return $this->timeConstrainedResponse($cu);
} }
@ -439,6 +443,9 @@ class LoginController extends BaseController
} }
}); });
if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient())
return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
return $this->timeConstrainedResponse($cu); return $this->timeConstrainedResponse($cu);
} }
@ -478,6 +485,9 @@ class LoginController extends BaseController
} }
}); });
if(Ninja::isHosted() && !$cu->first()->is_owner && !auth()->user()->account->isEnterpriseClient())
return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
return $this->timeConstrainedResponse($cu); return $this->timeConstrainedResponse($cu);
} }

4
tests/Integration/MultiDBUserTest.php
View File

@ -194,6 +194,8 @@ class MultiDBUserTest extends TestCase
], ],
]; ];
$response = false;
try { try {
$response = $this->withHeaders([ $response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'), 'X-API-SECRET' => config('ninja.api_secret'),
@ -203,7 +205,7 @@ class MultiDBUserTest extends TestCase
} catch (ValidationException $e) { } catch (ValidationException $e) {
$message = json_decode($e->validator->getMessageBag(), 1); $message = json_decode($e->validator->getMessageBag(), 1);
$this->assertNotNull($message); $this->assertNotNull($message);
nlog($message);
} }
if ($response) { if ($response) {