mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2025-06-04 16:34:40 -04:00
Fixes for permissions to view tax rates
This commit is contained in:
David Bomba
parent
3229ae871a
commit
2417e2aecd
@ -951,6 +951,9 @@ class BaseController extends Controller
|
|||||||
if ($this->entity_type == BankIntegration::class && !$user->isSuperUser() && $user->hasIntersectPermissions(['create_bank_transaction','edit_bank_transaction','view_bank_transaction'])) {
|
if ($this->entity_type == BankIntegration::class && !$user->isSuperUser() && $user->hasIntersectPermissions(['create_bank_transaction','edit_bank_transaction','view_bank_transaction'])) {
|
||||||
$query->exclude(["balance"]);
|
$query->exclude(["balance"]);
|
||||||
} //allows us to selective display bank integrations back to the user if they can view / create bank transactions but without the bank balance being present in the response
|
} //allows us to selective display bank integrations back to the user if they can view / create bank transactions but without the bank balance being present in the response
|
||||||
|
elseif($this->entity_type == TaxRate::class && $user->hasIntersectPermissions(['create_invoice','edit_invoice','create_quote','edit_quote','create_purchase_order','edit_purchase_order'])){
|
||||||
|
// need to show tax rates if the user has the ability to create documents.
|
||||||
|
}
|
||||||
else {
|
else {
|
||||||
$query->where('user_id', '=', $user->id);
|
$query->where('user_id', '=', $user->id);
|
||||||
}
|
}
|
||||||
@ -980,9 +983,6 @@ class BaseController extends Controller
|
|||||||
$resource = new Collection($query, $transformer, $this->entity_type);
|
$resource = new Collection($query, $transformer, $this->entity_type);
|
||||||
$resource->setPaginator(new IlluminatePaginatorAdapter($paginator));
|
$resource->setPaginator(new IlluminatePaginatorAdapter($paginator));
|
||||||
}
|
}
|
||||||
// else {
|
|
||||||
// $resource = new Collection($query, $transformer, $this->entity_type);
|
|
||||||
// }
|
|
||||||
|
|
||||||
return $this->response($this->manager->createData($resource)->toArray());
|
return $this->response($this->manager->createData($resource)->toArray());
|
||||||
}
|
}
|
||||||
|
|||||||
@ -49,7 +49,7 @@ class ExpenseController extends BaseController
|
|||||||
protected $entity_transformer = ExpenseTransformer::class;
|
protected $entity_transformer = ExpenseTransformer::class;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var ExpensRepository
|
* @var ExpenseRepository
|
||||||
*/
|
*/
|
||||||
protected $expense_repo;
|
protected $expense_repo;
|
||||||
|
|
||||||
@ -72,7 +72,7 @@ class ExpenseController extends BaseController
|
|||||||
* summary="Gets a list of expenses",
|
* summary="Gets a list of expenses",
|
||||||
* description="Lists expenses, search and filters allow fine grained lists to be generated.
|
* description="Lists expenses, search and filters allow fine grained lists to be generated.
|
||||||
|
|
||||||
Query parameters can be added to performed more fine grained filtering of the expenses, these are handled by the ExpenseFilters class which defines the methods available",
|
* Query parameters can be added to performed more fine grained filtering of the expenses, these are handled by the ExpenseFilters class which defines the methods available",
|
||||||
* @OA\Parameter(ref="#/components/parameters/X-API-TOKEN"),
|
* @OA\Parameter(ref="#/components/parameters/X-API-TOKEN"),
|
||||||
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
||||||
* @OA\Parameter(ref="#/components/parameters/include"),
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
||||||
|
|||||||
@ -11,13 +11,13 @@
|
|||||||
|
|
||||||
namespace App\Http\Controllers;
|
namespace App\Http\Controllers;
|
||||||
|
|
||||||
|
use App\Models\User;
|
||||||
|
use Twilio\Rest\Client;
|
||||||
|
use App\Libraries\MultiDB;
|
||||||
use App\Http\Requests\Twilio\Confirm2faRequest;
|
use App\Http\Requests\Twilio\Confirm2faRequest;
|
||||||
use App\Http\Requests\Twilio\ConfirmSmsRequest;
|
use App\Http\Requests\Twilio\ConfirmSmsRequest;
|
||||||
use App\Http\Requests\Twilio\Generate2faRequest;
|
use App\Http\Requests\Twilio\Generate2faRequest;
|
||||||
use App\Http\Requests\Twilio\GenerateSmsRequest;
|
use App\Http\Requests\Twilio\GenerateSmsRequest;
|
||||||
use App\Libraries\MultiDB;
|
|
||||||
use App\Models\User;
|
|
||||||
use Twilio\Rest\Client;
|
|
||||||
|
|
||||||
class TwilioController extends BaseController
|
class TwilioController extends BaseController
|
||||||
{
|
{
|
||||||
@ -29,11 +29,14 @@ class TwilioController extends BaseController
|
|||||||
/**
|
/**
|
||||||
* Display a listing of the resource.
|
* Display a listing of the resource.
|
||||||
*
|
*
|
||||||
* @return void
|
* @return \Illuminate\Http\JsonResponse;
|
||||||
*/
|
*/
|
||||||
public function generate(GenerateSmsRequest $request)
|
public function generate(GenerateSmsRequest $request)
|
||||||
{
|
{
|
||||||
$account = auth()->user()->company()->account;
|
/** @var \App\Models\User $user */
|
||||||
|
$user = auth()->user();
|
||||||
|
|
||||||
|
$account = $user->company()->account;
|
||||||
|
|
||||||
if (MultiDB::hasPhoneNumber($request->phone)) {
|
if (MultiDB::hasPhoneNumber($request->phone)) {
|
||||||
return response()->json(['message' => 'This phone number has already been verified with another account'], 400);
|
return response()->json(['message' => 'This phone number has already been verified with another account'], 400);
|
||||||
@ -65,11 +68,14 @@ class TwilioController extends BaseController
|
|||||||
/**
|
/**
|
||||||
* Show the form for creating a new resource.
|
* Show the form for creating a new resource.
|
||||||
*
|
*
|
||||||
* @return void
|
* @return \Illuminate\Http\JsonResponse;
|
||||||
*/
|
*/
|
||||||
public function confirm(ConfirmSmsRequest $request)
|
public function confirm(ConfirmSmsRequest $request)
|
||||||
{
|
{
|
||||||
$account = auth()->user()->company()->account;
|
/** @var \App\Models\User $user */
|
||||||
|
$user = auth()->user();
|
||||||
|
|
||||||
|
$account = $user->company()->account;
|
||||||
|
|
||||||
$sid = config('ninja.twilio_account_sid');
|
$sid = config('ninja.twilio_account_sid');
|
||||||
$token = config('ninja.twilio_auth_token');
|
$token = config('ninja.twilio_auth_token');
|
||||||
@ -90,8 +96,9 @@ class TwilioController extends BaseController
|
|||||||
$account->account_sms_verified = true;
|
$account->account_sms_verified = true;
|
||||||
$account->save();
|
$account->save();
|
||||||
|
|
||||||
//on confirmation we set the users phone number.
|
/** @var \App\Models\User $user */
|
||||||
$user = auth()->user();
|
$user = auth()->user();
|
||||||
|
|
||||||
$user->phone = $account->account_sms_verification_number;
|
$user->phone = $account->account_sms_verification_number;
|
||||||
$user->verified_phone_number = true;
|
$user->verified_phone_number = true;
|
||||||
$user->save();
|
$user->save();
|
||||||
@ -102,7 +109,12 @@ class TwilioController extends BaseController
|
|||||||
|
|
||||||
return response()->json(['message' => 'SMS not verified'], 400);
|
return response()->json(['message' => 'SMS not verified'], 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* generate2faResetCode
|
||||||
|
*
|
||||||
|
* @return \Illuminate\Http\JsonResponse;
|
||||||
|
*/
|
||||||
public function generate2faResetCode(Generate2faRequest $request)
|
public function generate2faResetCode(Generate2faRequest $request)
|
||||||
{
|
{
|
||||||
$user = User::where('email', $request->email)->first();
|
$user = User::where('email', $request->email)->first();
|
||||||
@ -131,7 +143,13 @@ class TwilioController extends BaseController
|
|||||||
|
|
||||||
return response()->json(['message' => 'Code sent.'], 200);
|
return response()->json(['message' => 'Code sent.'], 200);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* confirm2faResetCode
|
||||||
|
*
|
||||||
|
* @param Confirm2faRequest $request
|
||||||
|
* @return \Illuminate\Http\JsonResponse;
|
||||||
|
*/
|
||||||
public function confirm2faResetCode(Confirm2faRequest $request)
|
public function confirm2faResetCode(Confirm2faRequest $request)
|
||||||
{
|
{
|
||||||
$user = User::where('email', $request->email)->first();
|
$user = User::where('email', $request->email)->first();
|
||||||
@ -171,16 +189,16 @@ class TwilioController extends BaseController
|
|||||||
return response()->json(['message' => 'SMS not verified.'], 400);
|
return response()->json(['message' => 'SMS not verified.'], 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function validatePhoneNumber()
|
// public function validatePhoneNumber()
|
||||||
{
|
// {
|
||||||
$sid = config('ninja.twilio_account_sid');
|
// $sid = config('ninja.twilio_account_sid');
|
||||||
$token = config('ninja.twilio_auth_token');
|
// $token = config('ninja.twilio_auth_token');
|
||||||
|
|
||||||
$twilio = new Client($sid, $token);
|
// $twilio = new Client($sid, $token);
|
||||||
|
|
||||||
$phone_number = $twilio->lookups->v1->phoneNumbers("0417918829")
|
// $phone_number = $twilio->lookups->v1->phoneNumbers("0417918829")
|
||||||
->fetch(["countryCode" => "AU"]);
|
// ->fetch(["countryCode" => "AU"]);
|
||||||
|
|
||||||
print($phone_number);
|
// print($phone_number);
|
||||||
}
|
// }
|
||||||
}
|
}
|
||||||
|
|||||||
@ -74,6 +74,10 @@ class UpdateRecurringInvoiceRequest extends Request
|
|||||||
$input['due_date_days'] = 'terms';
|
$input['due_date_days'] = 'terms';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!isset($input['next_send_date']) || $input['next_send_date'] == '') {
|
||||||
|
$input['next_send_date'] = now()->format('Y-m-d');
|
||||||
|
}
|
||||||
|
|
||||||
if (array_key_exists('next_send_date', $input) && is_string($input['next_send_date'])) {
|
if (array_key_exists('next_send_date', $input) && is_string($input['next_send_date'])) {
|
||||||
$input['next_send_date_client'] = $input['next_send_date'];
|
$input['next_send_date_client'] = $input['next_send_date'];
|
||||||
}
|
}
|
||||||
|
|||||||
@ -57,7 +57,7 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
|
|||||||
* @property int|null $avatar_width
|
* @property int|null $avatar_width
|
||||||
* @property int|null $avatar_height
|
* @property int|null $avatar_height
|
||||||
* @property int|null $avatar_size
|
* @property int|null $avatar_size
|
||||||
* @property int $is_deleted
|
* @property bool $is_deleted
|
||||||
* @property string|null $last_login
|
* @property string|null $last_login
|
||||||
* @property string|null $signature
|
* @property string|null $signature
|
||||||
* @property string $password
|
* @property string $password
|
||||||
@ -74,7 +74,7 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
|
|||||||
* @property int $has_password
|
* @property int $has_password
|
||||||
* @property Carbon|null $oauth_user_token_expiry
|
* @property Carbon|null $oauth_user_token_expiry
|
||||||
* @property string|null $sms_verification_code
|
* @property string|null $sms_verification_code
|
||||||
* @property int $verified_phone_number
|
* @property bool $verified_phone_number
|
||||||
* @property-read \App\Models\Account $account
|
* @property-read \App\Models\Account $account
|
||||||
* @property-read \App\Models\Company $company
|
* @property-read \App\Models\Company $company
|
||||||
* @property-read mixed $hashed_id
|
* @property-read mixed $hashed_id
|
||||||
|
|||||||
@ -14,6 +14,7 @@ namespace App\Services\Payment;
|
|||||||
use App\Models\Credit;
|
use App\Models\Credit;
|
||||||
use App\Models\Invoice;
|
use App\Models\Invoice;
|
||||||
use App\Models\Payment;
|
use App\Models\Payment;
|
||||||
|
use App\Models\BankTransaction;
|
||||||
use Illuminate\Contracts\Container\BindingResolutionException;
|
use Illuminate\Contracts\Container\BindingResolutionException;
|
||||||
|
|
||||||
class DeletePayment
|
class DeletePayment
|
||||||
@ -56,6 +57,11 @@ class DeletePayment
|
|||||||
$this->payment->is_deleted = true;
|
$this->payment->is_deleted = true;
|
||||||
$this->payment->delete();
|
$this->payment->delete();
|
||||||
|
|
||||||
|
// BankTransaction::where('payment_id', $this->payment->id)->cursor()->each(function ($bt){
|
||||||
|
// $bt->payment_id = null;
|
||||||
|
// $bt->save();
|
||||||
|
// });
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user