diff --git a/app/Http/Controllers/QuoteController.php b/app/Http/Controllers/QuoteController.php index a8ea0beaa476..58807ba4a9eb 100644 --- a/app/Http/Controllers/QuoteController.php +++ b/app/Http/Controllers/QuoteController.php @@ -113,16 +113,16 @@ class QuoteController extends BaseController $rates = TaxRate::scope()->orderBy('name')->get(); $options = []; $defaultTax = false; - + foreach ($rates as $rate) { - $options[$rate->rate . ' ' . $rate->name] = $rate->name . ' ' . ($rate->rate+0) . '%'; - + $options[$rate->rate . ' ' . $rate->name] = $rate->name . ' ' . ($rate->rate+0) . '%'; + // load default invoice tax if ($rate->id == $account->default_tax_rate_id) { $defaultTax = $rate; } - } - + } + return [ 'entityType' => ENTITY_QUOTE, 'account' => Auth::user()->account, @@ -130,7 +130,7 @@ class QuoteController extends BaseController 'taxRateOptions' => $options, 'defaultTax' => $defaultTax, 'countries' => Cache::get('countries'), - 'clients' => Client::scope()->with('contacts', 'country')->orderBy('name')->get(), + 'clients' => Client::scope()->viewable()->with('contacts', 'country')->orderBy('name')->get(), 'taxRates' => TaxRate::scope()->orderBy('name')->get(), 'currencies' => Cache::get('currencies'), 'sizes' => Cache::get('sizes'), diff --git a/app/Models/EntityModel.php b/app/Models/EntityModel.php index 95e85e6acef4..4b724d3953ee 100644 --- a/app/Models/EntityModel.php +++ b/app/Models/EntityModel.php @@ -30,7 +30,7 @@ class EntityModel extends Eloquent } else { $lastEntity = $className::scope(false, $entity->account_id); } - + $lastEntity = $lastEntity->orderBy('public_id', 'DESC') ->first(); @@ -86,6 +86,15 @@ class EntityModel extends Eloquent return $query; } + public function scopeViewable($query) + { + if (Auth::check() && ! Auth::user()->hasPermission('view_all')) { + $query->where($this->getEntityType(). 's.user_id', '=', Auth::user()->id); + } + + return $query; + } + public function scopeWithArchived($query) { return $query->withTrashed()->where('is_deleted', '=', false); @@ -110,7 +119,7 @@ class EntityModel extends Eloquent { return 'App\\Ninja\\Transformers\\' . ucwords(Utils::toCamelCase($entityType)) . 'Transformer'; } - + public function setNullValues() { foreach ($this->fillable as $field) {