Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-24 02:14:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for permissions to view tax rates

Browse Source
This commit is contained in:
David Bomba 2023-07-27 11:14:59 +10:00
parent 3229ae871a
commit 2417e2aecd
6 changed files with 54 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Http/Controllers/BaseController.php
View File

@ -951,6 +951,9 @@ class BaseController extends Controller
if ($this->entity_type == BankIntegration::class && !$user->isSuperUser() && $user->hasIntersectPermissions(['create_bank_transaction','edit_bank_transaction','view_bank_transaction'])) {
$query->exclude(["balance"]);
} //allows us to selective display bank integrations back to the user if they can view / create bank transactions but without the bank balance being present in the response
elseif($this->entity_type == TaxRate::class && $user->hasIntersectPermissions(['create_invoice','edit_invoice','create_quote','edit_quote','create_purchase_order','edit_purchase_order'])){
// need to show tax rates if the user has the ability to create documents.
}
else {
$query->where('user_id', '=', $user->id);
}
@ -980,9 +983,6 @@ class BaseController extends Controller
$resource = new Collection($query, $transformer, $this->entity_type);
$resource->setPaginator(new IlluminatePaginatorAdapter($paginator));
}
// else {
// $resource = new Collection($query, $transformer, $this->entity_type);
// }
return $this->response($this->manager->createData($resource)->toArray());
}

4
app/Http/Controllers/ExpenseController.php
View File

@ -49,7 +49,7 @@ class ExpenseController extends BaseController
protected $entity_transformer = ExpenseTransformer::class;
/**
* @var ExpensRepository
* @var ExpenseRepository
*/
protected $expense_repo;
@ -72,7 +72,7 @@ class ExpenseController extends BaseController
* summary="Gets a list of expenses",
* description="Lists expenses, search and filters allow fine grained lists to be generated.
Query parameters can be added to performed more fine grained filtering of the expenses, these are handled by the ExpenseFilters class which defines the methods available",
* Query parameters can be added to performed more fine grained filtering of the expenses, these are handled by the ExpenseFilters class which defines the methods available",
* @OA\Parameter(ref="#/components/parameters/X-API-TOKEN"),
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
* @OA\Parameter(ref="#/components/parameters/include"),

56
app/Http/Controllers/TwilioController.php
View File

@ -11,13 +11,13 @@
namespace App\Http\Controllers;
use App\Models\User;
use Twilio\Rest\Client;
use App\Libraries\MultiDB;
use App\Http\Requests\Twilio\Confirm2faRequest;
use App\Http\Requests\Twilio\ConfirmSmsRequest;
use App\Http\Requests\Twilio\Generate2faRequest;
use App\Http\Requests\Twilio\GenerateSmsRequest;
use App\Libraries\MultiDB;
use App\Models\User;
use Twilio\Rest\Client;
class TwilioController extends BaseController
{
@ -29,11 +29,14 @@ class TwilioController extends BaseController
/**
* Display a listing of the resource.
*
* @return void
* @return \Illuminate\Http\JsonResponse;
*/
public function generate(GenerateSmsRequest $request)
{
$account = auth()->user()->company()->account;
/** @var \App\Models\User $user */
$user = auth()->user();
$account = $user->company()->account;
if (MultiDB::hasPhoneNumber($request->phone)) {
return response()->json(['message' => 'This phone number has already been verified with another account'], 400);
@ -65,11 +68,14 @@ class TwilioController extends BaseController
/**
* Show the form for creating a new resource.
*
* @return void
* @return \Illuminate\Http\JsonResponse;
*/
public function confirm(ConfirmSmsRequest $request)
{
$account = auth()->user()->company()->account;
/** @var \App\Models\User $user */
$user = auth()->user();
$account = $user->company()->account;
$sid = config('ninja.twilio_account_sid');
$token = config('ninja.twilio_auth_token');
@ -90,8 +96,9 @@ class TwilioController extends BaseController
$account->account_sms_verified = true;
$account->save();
//on confirmation we set the users phone number.
/** @var \App\Models\User $user */
$user = auth()->user();
$user->phone = $account->account_sms_verification_number;
$user->verified_phone_number = true;
$user->save();
@ -102,7 +109,12 @@ class TwilioController extends BaseController
return response()->json(['message' => 'SMS not verified'], 400);
}
/**
* generate2faResetCode
*
* @return \Illuminate\Http\JsonResponse;
*/
public function generate2faResetCode(Generate2faRequest $request)
{
$user = User::where('email', $request->email)->first();
@ -131,7 +143,13 @@ class TwilioController extends BaseController
return response()->json(['message' => 'Code sent.'], 200);
}
/**
* confirm2faResetCode
*
* @param Confirm2faRequest $request
* @return \Illuminate\Http\JsonResponse;
*/
public function confirm2faResetCode(Confirm2faRequest $request)
{
$user = User::where('email', $request->email)->first();
@ -171,16 +189,16 @@ class TwilioController extends BaseController
return response()->json(['message' => 'SMS not verified.'], 400);
}
public function validatePhoneNumber()
{
$sid = config('ninja.twilio_account_sid');
$token = config('ninja.twilio_auth_token');
// public function validatePhoneNumber()
// {
// $sid = config('ninja.twilio_account_sid');
// $token = config('ninja.twilio_auth_token');
$twilio = new Client($sid, $token);
// $twilio = new Client($sid, $token);
$phone_number = $twilio->lookups->v1->phoneNumbers("0417918829")
->fetch(["countryCode" => "AU"]);
// $phone_number = $twilio->lookups->v1->phoneNumbers("0417918829")
// ->fetch(["countryCode" => "AU"]);
print($phone_number);
}
// print($phone_number);
// }
}

4
app/Http/Requests/RecurringInvoice/UpdateRecurringInvoiceRequest.php
View File

@ -74,6 +74,10 @@ class UpdateRecurringInvoiceRequest extends Request
$input['due_date_days'] = 'terms';
}
if(!isset($input['next_send_date']) || $input['next_send_date'] == '') {
$input['next_send_date'] = now()->format('Y-m-d');
}
if (array_key_exists('next_send_date', $input) && is_string($input['next_send_date'])) {
$input['next_send_date_client'] = $input['next_send_date'];
}

4
app/Models/User.php
View File

@ -57,7 +57,7 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
* @property int|null $avatar_width
* @property int|null $avatar_height
* @property int|null $avatar_size
* @property int $is_deleted
* @property bool $is_deleted
* @property string|null $last_login
* @property string|null $signature
* @property string $password
@ -74,7 +74,7 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
* @property int $has_password
* @property Carbon|null $oauth_user_token_expiry
* @property string|null $sms_verification_code
* @property int $verified_phone_number
* @property bool $verified_phone_number
* @property-read \App\Models\Account $account
* @property-read \App\Models\Company $company
* @property-read mixed $hashed_id

6
app/Services/Payment/DeletePayment.php
View File

@ -14,6 +14,7 @@ namespace App\Services\Payment;
use App\Models\Credit;
use App\Models\Invoice;
use App\Models\Payment;
use App\Models\BankTransaction;
use Illuminate\Contracts\Container\BindingResolutionException;
class DeletePayment
@ -56,6 +57,11 @@ class DeletePayment
$this->payment->is_deleted = true;
$this->payment->delete();
// BankTransaction::where('payment_id', $this->payment->id)->cursor()->each(function ($bt){
// $bt->payment_id = null;
// $bt->save();
// });
return $this;
}