Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-07 18:54:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Working on permissions in the API

Browse Source
This commit is contained in:
Hillel Coren 2016-05-02 11:38:01 +03:00
parent 1b92f66482
commit 1d6011caad
14 changed files with 107 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Http/Controllers/AccountApiController.php
View File

@ -34,6 +34,13 @@ class AccountApiController extends BaseAPIController
$this->accountRepo = $accountRepo; $this->accountRepo = $accountRepo;
} }
public function ping()
{
$headers = Utils::getApiHeaders();
return Response::make(RESULT_SUCCESS, 200, $headers);
}
public function register(RegisterRequest $request) public function register(RegisterRequest $request)
{ {

25
app/Http/Controllers/BaseAPIController.php
View File

@ -68,7 +68,19 @@ class BaseAPIController extends Controller
} }
} }
protected function returnList($query) protected function handleAction($request)
{
$entity = $request->entity();
$action = $request->action;
$repo = Utils::toCamelCase($this->entityType) . 'Repo';
$this->$repo->$action($entity);
return $this->itemResponse($entity);
}
protected function listResponse($query)
{ {
//\DB::enableQueryLog(); //\DB::enableQueryLog();
if ($clientPublicId = Input::get('client_id')) { if ($clientPublicId = Input::get('client_id')) {
@ -95,6 +107,16 @@ class BaseAPIController extends Controller
return $this->response($data); return $this->response($data);
} }
protected function itemResponse($item)
{
$transformerClass = EntityModel::getTransformerName($this->entityType);
$transformer = new $transformerClass(Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($item, $transformer, $this->entityType);
return $this->response($data);
}
protected function createItem($data, $transformer, $entityType) protected function createItem($data, $transformer, $entityType)
{ {
if ($this->serializer && $this->serializer != API_SERIALIZER_JSON) { if ($this->serializer && $this->serializer != API_SERIALIZER_JSON) {
@ -155,7 +177,6 @@ class BaseAPIController extends Controller
} }
protected function getIncluded() protected function getIncluded()
{ {
$data = ['user']; $data = ['user'];

69
app/Http/Controllers/ClientApiController.php
View File

@ -10,29 +10,19 @@ use App\Ninja\Repositories\ClientRepository;
use App\Http\Requests\CreateClientRequest; use App\Http\Requests\CreateClientRequest;
use App\Http\Controllers\BaseAPIController; use App\Http\Controllers\BaseAPIController;
use App\Ninja\Transformers\ClientTransformer; use App\Ninja\Transformers\ClientTransformer;
use App\Services\ClientService;
use App\Http\Requests\UpdateClientRequest; use App\Http\Requests\UpdateClientRequest;
class ClientApiController extends BaseAPIController class ClientApiController extends BaseAPIController
{ {
protected $clientRepo; protected $clientRepo;
protected $clientService;
protected $entityType = ENTITY_CLIENT; protected $entityType = ENTITY_CLIENT;
public function __construct(ClientRepository $clientRepo, ClientService $clientService) public function __construct(ClientRepository $clientRepo)
{ {
parent::__construct(); parent::__construct();
$this->clientRepo = $clientRepo; $this->clientRepo = $clientRepo;
$this->clientService = $clientService;
}
public function ping()
{
$headers = Utils::getApiHeaders();
return Response::make('', 200, $headers);
} }
/** /**
@ -65,7 +55,7 @@ class ClientApiController extends BaseAPIController
}); });
} }
return $this->returnList($clients); return $this->listResponse($clients);
} }
/** /**
@ -93,14 +83,7 @@ class ClientApiController extends BaseAPIController
{ {
$client = $this->clientRepo->save($request->input()); $client = $this->clientRepo->save($request->input());
$client = Client::scope($client->public_id) return $this->itemResponse($client);
->with('country', 'contacts', 'industry', 'size', 'currency')
->first();
$transformer = new ClientTransformer(Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($client, $transformer, ENTITY_CLIENT);
return $this->response($data);
} }
/** /**
@ -127,51 +110,15 @@ class ClientApiController extends BaseAPIController
public function update(UpdateClientRequest $request, $publicId) public function update(UpdateClientRequest $request, $publicId)
{ {
if ($request->action == ACTION_ARCHIVE) { if ($request->action) {
return $this->handleAction($request);
$client = Client::scope($publicId)->withTrashed()->first();
if(!$client)
return $this->errorResponse(['message'=>'Record not found'], 400);
$this->clientRepo->archive($client);
$transformer = new ClientTransformer(Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($client, $transformer, ENTITY_CLIENT);
return $this->response($data);
} }
else if ($request->action == ACTION_RESTORE){
$client = Client::scope($publicId)->withTrashed()->first();
if(!$client)
return $this->errorResponse(['message'=>'Client not found.'], 400);
$this->clientRepo->restore($client);
$transformer = new ClientTransformer(Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($client, $transformer, ENTITY_CLIENT);
return $this->response($data);
}
$data = $request->input(); $data = $request->input();
$data['public_id'] = $publicId; $data['public_id'] = $publicId;
$this->clientRepo->save($data); $client = $this->clientRepo->save($data);
$client = Client::scope($publicId) return $this->itemResponse($client);
->with('country', 'contacts', 'industry', 'size', 'currency')
->first();
if(!$client)
return $this->errorResponse(['message'=>'Client not found.'],400);
$transformer = new ClientTransformer(Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($client, $transformer, ENTITY_CLIENT);
return $this->response($data);
} }

2
app/Http/Controllers/ExpenseApiController.php
View File

@ -32,7 +32,7 @@ class ExpenseApiController extends BaseAPIController
->withTrashed() ->withTrashed()
->orderBy('created_at','desc'); ->orderBy('created_at','desc');
return $this->returnList($expenses); return $this->listResponse($expenses);
} }
public function update() public function update()

2
app/Http/Controllers/InvoiceApiController.php
View File

@ -62,7 +62,7 @@ class InvoiceApiController extends BaseAPIController
->with(array_merge(['invoice_items'], $this->getIncluded())) ->with(array_merge(['invoice_items'], $this->getIncluded()))
->orderBy('created_at', 'desc'); ->orderBy('created_at', 'desc');
return $this->returnList($invoices); return $this->listResponse($invoices);
} }
/** /**

78
app/Http/Controllers/PaymentApiController.php
View File

@ -12,6 +12,8 @@ use App\Ninja\Repositories\PaymentRepository;
use App\Http\Controllers\BaseAPIController; use App\Http\Controllers\BaseAPIController;
use App\Ninja\Transformers\PaymentTransformer; use App\Ninja\Transformers\PaymentTransformer;
use App\Ninja\Transformers\InvoiceTransformer; use App\Ninja\Transformers\InvoiceTransformer;
use App\Http\Requests\UpdatePaymentRequest;
use App\Http\Requests\CreatePaymentAPIRequest;
class PaymentApiController extends BaseAPIController class PaymentApiController extends BaseAPIController
{ {
@ -50,7 +52,7 @@ class PaymentApiController extends BaseAPIController
->with(array_merge(['client.contacts', 'invitation', 'user', 'invoice'], $this->getIncluded())) ->with(array_merge(['client.contacts', 'invitation', 'user', 'invoice'], $this->getIncluded()))
->orderBy('created_at', 'desc'); ->orderBy('created_at', 'desc');
return $this->returnList($payments); return $this->listResponse($payments);
} }
/** /**
@ -75,39 +77,17 @@ class PaymentApiController extends BaseAPIController
* ) * )
*/ */
public function update(Request $request, $publicId) public function update(UpdatePaymentRequest $request, $publicId)
{ {
$data = Input::all(); if ($request->action) {
$data['public_id'] = $publicId; return $this->handleAction($request);
$error = false;
if ($request->action == ACTION_ARCHIVE) {
$payment = Payment::scope($publicId)->withTrashed()->firstOrFail();
$this->paymentRepo->archive($payment);
$transformer = new PaymentTransformer(\Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($payment, $transformer, 'invoice');
return $this->response($data);
} }
$data = $request->input();
$data['public_id'] = $publicId;
$payment = $this->paymentRepo->save($data); $payment = $this->paymentRepo->save($data);
if ($error) { return $this->itemResponse($payment);
return $error;
}
/*
$invoice = Invoice::scope($data['invoice_id'])->with('client', 'invoice_items', 'invitations')->with(['payments' => function($query) {
$query->withTrashed();
}])->withTrashed()->first();
*/
$transformer = new PaymentTransformer(\Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($payment, $transformer, 'invoice');
return $this->response($data);
} }
@ -132,49 +112,15 @@ class PaymentApiController extends BaseAPIController
* ) * )
* ) * )
*/ */
public function store() public function store(CreatePaymentAPIRequest $request)
{ {
$data = Input::all(); $payment = $this->paymentRepo->save($request->input());
$error = false;
if (isset($data['invoice_id'])) {
$invoice = Invoice::scope($data['invoice_id'])->with('client')->first();
if ($invoice) {
$data['invoice_id'] = $invoice->id;
$data['client_id'] = $invoice->client->id;
} else {
$error = trans('validation.not_in', ['attribute' => 'invoice_id']);
}
} else {
$error = trans('validation.not_in', ['attribute' => 'invoice_id']);
}
if (!isset($data['transaction_reference'])) {
$data['transaction_reference'] = '';
}
if ($error) {
return $error;
}
$payment = $this->paymentRepo->save($data);
if (Input::get('email_receipt')) { if (Input::get('email_receipt')) {
$this->contactMailer->sendPaymentConfirmation($payment); $this->contactMailer->sendPaymentConfirmation($payment);
} }
/* return $this->itemResponse($payment);
$invoice = Invoice::scope($invoice->public_id)->with('client', 'invoice_items', 'invitations')->with(['payments' => function($query) {
$query->withTrashed();
}])->first();
*/
$transformer = new PaymentTransformer(\Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($payment, $transformer, 'invoice');
return $this->response($data);
} }
/** /**

2
app/Http/Controllers/ProductApiController.php
View File

@ -38,7 +38,7 @@ class ProductApiController extends BaseAPIController
->withTrashed() ->withTrashed()
->orderBy('created_at', 'desc'); ->orderBy('created_at', 'desc');
return $this->returnList($products); return $this->listResponse($products);
} }
public function getDatatable() public function getDatatable()

2
app/Http/Controllers/TaskApiController.php
View File

@ -45,7 +45,7 @@ class TaskApiController extends BaseAPIController
->with($this->getIncluded()) ->with($this->getIncluded())
->orderBy('created_at', 'desc'); ->orderBy('created_at', 'desc');
return $this->returnList($payments); return $this->listResponse($payments);
} }
/** /**

2
app/Http/Controllers/TaxRateApiController.php
View File

@ -30,7 +30,7 @@ class TaxRateApiController extends BaseAPIController
->withTrashed() ->withTrashed()
->orderBy('created_at', 'desc'); ->orderBy('created_at', 'desc');
return $this->returnList($taxRates); return $this->listResponse($taxRates);
} }
public function store(CreateTaxRateRequest $request) public function store(CreateTaxRateRequest $request)

2
app/Http/Controllers/UserApiController.php
View File

@ -30,7 +30,7 @@ class UserApiController extends BaseAPIController
->withTrashed() ->withTrashed()
->orderBy('created_at', 'desc'); ->orderBy('created_at', 'desc');
return $this->returnList($users); return $this->listResponse($users);
} }
/* /*

2
app/Http/Controllers/VendorApiController.php
View File

@ -53,7 +53,7 @@ class VendorApiController extends BaseAPIController
->withTrashed() ->withTrashed()
->orderBy('created_at', 'desc'); ->orderBy('created_at', 'desc');
return $this->returnList($vendors); return $this->listResponse($vendors);
} }
/** /**

48
app/Http/Requests/CreatePaymentAPIRequest.php Normal file
View File

@ -0,0 +1,48 @@
<?php namespace App\Http\Requests;
use App\Models\Invoice;
class CreatePaymentAPIRequest extends PaymentRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return $this->user()->can('create', ENTITY_PAYMENT);
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
if ( ! $this->invoice_id || ! $this->amount) {
return [
'invoice_id' => 'required',
'amount' => 'required',
];
}
$invoice = Invoice::scope($this->invoice_id)->firstOrFail();
$this->merge([
'invoice_id' => $invoice->id,
'client_id' => $invoice->client->id,
]);
$rules = array(
'amount' => "required|less_than:{$invoice->balance}|positive",
);
if ($this->payment_type_id == PAYMENT_TYPE_CREDIT) {
$rules['payment_type_id'] = 'has_credit:' . $invoice->client->public_id . ',' . $this->amount;
}
return $rules;
}
}

2
app/Http/routes.php
View File

@ -246,7 +246,7 @@ Route::group([
// Route groups for API // Route groups for API
Route::group(['middleware' => 'api', 'prefix' => 'api/v1'], function() Route::group(['middleware' => 'api', 'prefix' => 'api/v1'], function()
{ {
Route::get('ping', 'ClientApiController@ping'); Route::get('ping', 'AccountApiController@ping');
Route::post('login', 'AccountApiController@login'); Route::post('login', 'AccountApiController@login');
Route::post('register', 'AccountApiController@register'); Route::post('register', 'AccountApiController@register');
Route::get('static', 'AccountApiController@getStaticData'); Route::get('static', 'AccountApiController@getStaticData');

2
app/Models/EntityModel.php
View File

@ -110,7 +110,7 @@ class EntityModel extends Eloquent
{ {
return 'App\\Ninja\\Transformers\\' . ucwords(Utils::toCamelCase($entityType)) . 'Transformer'; return 'App\\Ninja\\Transformers\\' . ucwords(Utils::toCamelCase($entityType)) . 'Transformer';
} }
public function setNullValues() public function setNullValues()
{ {
foreach ($this->fillable as $field) { foreach ($this->fillable as $field) {