Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for incorrectly implemented guards

Browse Source
This commit is contained in:
David Bomba 2022-02-16 09:13:23 +11:00
parent c1a39a6ea0
commit 1efe0fb992
7 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/ClientPortal/DocumentController.php
View File

@ -75,7 +75,7 @@ class DocumentController extends Controller
->get();
$documents->map(function ($document) {
if (auth()->user('contact')->client->id != $document->documentable->id) {
if (auth()->guard('contact')->user()->client->id != $document->documentable->id) {
abort(401, 'Permission denied');
}
});

2
app/Http/Livewire/Profile/Settings/General.php
View File

@ -37,7 +37,7 @@ class General extends Component
public function mount()
{
$profile = auth()->user('contact');
$profile = auth()->guard('contact')->user();
$this->fill([
'profile' => $profile,

10
app/Http/Livewire/Profile/Settings/NameWebsiteLogo.php
View File

@ -25,11 +25,11 @@ class NameWebsiteLogo extends Component
public function mount()
{
$this->fill([
'profile' => auth()->user('contact')->client,
'name' => auth()->user('contact')->client->present()->name,
'vat_number' => auth()->user('contact')->client->present()->vat_number,
'website' => auth()->user('contact')->client->present()->website,
'phone' => auth()->user('contact')->client->present()->phone,
'profile' => auth()->guard('contact')->user()->client,
'name' => auth()->guard('contact')->user()->client->present()->name,
'vat_number' => auth()->guard('contact')->user()->client->present()->vat_number,
'website' => auth()->guard('contact')->user()->client->present()->website,
'phone' => auth()->guard('contact')->user()->client->present()->phone,
'saved' => ctrans('texts.save'),
]);
}

14
app/Http/Livewire/Profile/Settings/PersonalAddress.php
View File

@ -31,13 +31,13 @@ class PersonalAddress extends Component
public function mount($countries)
{
$this->fill([
'profile' => auth()->user('contact')->client,
'address1' => auth()->user('contact')->client->address1,
'address2' => auth()->user('contact')->client->address2,
'city' => auth()->user('contact')->client->city,
'state' => auth()->user('contact')->client->state,
'postal_code' => auth()->user('contact')->client->postal_code,
'country_id' => auth()->user('contact')->client->country_id,
'profile' => auth()->guard('contact')->user()->client,
'address1' => auth()->guard('contact')->user()->client->address1,
'address2' => auth()->guard('contact')->user()->client->address2,
'city' => auth()->guard('contact')->user()->client->city,
'state' => auth()->guard('contact')->user()->client->state,
'postal_code' => auth()->guard('contact')->user()->client->postal_code,
'country_id' => auth()->guard('contact')->user()->client->country_id,
'countries' => $countries,
'saved' => ctrans('texts.save'),

14
app/Http/Livewire/Profile/Settings/ShippingAddress.php
View File

@ -31,13 +31,13 @@ class ShippingAddress extends Component
public function mount($countries)
{
$this->fill([
'profile' => auth()->user('contact')->client,
'shipping_address1' => auth()->user('contact')->client->shipping_address1,
'shipping_address2' => auth()->user('contact')->client->shipping_address2,
'shipping_city' => auth()->user('contact')->client->shipping_city,
'shipping_state' => auth()->user('contact')->client->shipping_state,
'shipping_postal_code' => auth()->user('contact')->client->shipping_postal_code,
'shipping_country_id' => auth()->user('contact')->client->shipping_country_id,
'profile' => auth()->guard('contact')->user()->client,
'shipping_address1' => auth()->guard('contact')->user()->client->shipping_address1,
'shipping_address2' => auth()->guard('contact')->user()->client->shipping_address2,
'shipping_city' => auth()->guard('contact')->user()->client->shipping_city,
'shipping_state' => auth()->guard('contact')->user()->client->shipping_state,
'shipping_postal_code' => auth()->guard('contact')->user()->client->shipping_postal_code,
'shipping_country_id' => auth()->guard('contact')->user()->client->shipping_country_id,
'countries' => $countries,
'saved' => ctrans('texts.save'),

6
app/Http/Requests/ClientPortal/Documents/ShowDocumentRequest.php
View File

@ -27,9 +27,9 @@ class ShowDocumentRequest extends FormRequest
*/
public function authorize()
{
return auth()->user('contact')->client->id == $this->document->documentable_id
|| $this->document->documentable->client_id == auth()->user('contact')->client->id
|| $this->document->company_id == auth()->user('contact')->company->id;
return auth()->guard('contact')->user()->client_id == $this->document->documentable_id
|| $this->document->documentable->client_id == auth()->guard('contact')->user()->client_id
|| $this->document->company_id == auth()->guard('contact')->user()->company_id;
}
/**

2
app/Http/Requests/ClientPortal/Tasks/ShowTasksRequest.php
View File

@ -23,7 +23,7 @@ class ShowTasksRequest extends FormRequest
*/
public function authorize()
{
return (bool)auth()->user('contact')->client->getSetting('enable_client_portal_tasks');
return (bool)auth()->guard('contact')->user()->client->getSetting('enable_client_portal_tasks');
}
/**