diff --git a/app/Http/Controllers/DocumentController.php b/app/Http/Controllers/DocumentController.php
index 4bd9be884696..6c824dab61f6 100644
--- a/app/Http/Controllers/DocumentController.php
+++ b/app/Http/Controllers/DocumentController.php
@@ -33,6 +33,10 @@ class DocumentController extends BaseController
return $response;
}
+ return static::getDownloadResponse($document);
+ }
+
+ public static function getDownloadResponse($document){
$direct_url = $document->getDirectUrl();
if($direct_url){
return redirect($direct_url);
diff --git a/app/Http/Controllers/PublicClientController.php b/app/Http/Controllers/PublicClientController.php
index c854189ac240..500257fedbbc 100644
--- a/app/Http/Controllers/PublicClientController.php
+++ b/app/Http/Controllers/PublicClientController.php
@@ -414,5 +414,30 @@ class PublicClientController extends BaseController
return $response;
}
+
+
+ public function getDocument($invitationKey, $publicId){
+ if (!$invitation = $this->invoiceRepo->findInvoiceByInvitation($invitationKey)) {
+ return $this->returnError();
+ }
+
+ Session::put('invitation_key', $invitationKey); // track current invitation
+
+ $clientId = $invitation->invoice->client_id;
+ $document = Document::scope($publicId, $invitation->account_id)->firstOrFail();
+
+ $authorized = false;
+ if($document->expense && $document->expense->client_id == $invitation->invoice->client_id){
+ $authorized = true;
+ } else if($document->invoice && $document->invoice->client_id == $invitation->invoice->client_id){
+ $authorized = true;
+ }
+
+ if(!$authorized){
+ return Response::view('error', array('error'=>'Not authorized'), 403);
+ }
+
+ return DocumentController::getDownloadResponse($document);
+ }
}
diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
index a6d1363e4cdd..3a49c762a94f 100644
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@@ -42,7 +42,7 @@ class Authenticate {
// Does this account require portal passwords?
$account = Account::whereId($account_id)->first();
- if(!$account->enable_portal_password || !$account->isPro()){
+ if($account && (!$account->enable_portal_password || !$account->isPro())){
$authenticated = true;
}
diff --git a/app/Http/routes.php b/app/Http/routes.php
index 92f9b11b03d8..a7f8d7b26e9e 100644
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@@ -48,6 +48,7 @@ Route::group(['middleware' => 'auth:client'], function() {
Route::get('client/payments', 'PublicClientController@paymentIndex');
Route::get('client/dashboard', 'PublicClientController@dashboard');
Route::get('client/document/js/{public_id}/{filename}', 'PublicClientController@getDocumentVFSJS');
+ Route::get('client/document/{invitation_key}/{public_id}/{filename?}', 'PublicClientController@getDocument');
});
Route::get('api/client.quotes', array('as'=>'api.client.quotes', 'uses'=>'PublicClientController@quoteDatatable'));
diff --git a/app/Models/Document.php b/app/Models/Document.php
index aeff8099e5d7..92d3e79439d6 100644
--- a/app/Models/Document.php
+++ b/app/Models/Document.php
@@ -138,6 +138,10 @@ class Document extends EntityModel
return url('document/'.$this->public_id.'/'.$this->name);
}
+ public function getClientUrl($invitation){
+ return url('client/document/'.$invitation->invitation_key.'/'.$this->public_id.'/'.$this->name);
+ }
+
public function getVFSJSUrl(){
return url('document/js/'.$this->public_id.'/'.$this->name.'.js');
}
diff --git a/app/Ninja/Mailers/ContactMailer.php b/app/Ninja/Mailers/ContactMailer.php
index 4af83968263c..7f96efb7da87 100644
--- a/app/Ninja/Mailers/ContactMailer.php
+++ b/app/Ninja/Mailers/ContactMailer.php
@@ -1,6 +1,7 @@
invoice;
$passwordHTML = isset($data['password'])?''.trans('texts.password').': '.$data['password'].'
':false;
+ $documentsHTML = '';
+ if($account->isPro() && count($invoice->documents)){
+ $documentsHTML .= trans('texts.email_documents_header').'
';
+ }
+
$variables = [
'$footer' => $account->getEmailFooter(),
'$client' => $client->getDisplayName(),
@@ -303,6 +314,7 @@ class ContactMailer extends Mailer
'$customClient2' => $account->custom_client_label2,
'$customInvoice1' => $account->custom_invoice_text_label1,
'$customInvoice2' => $account->custom_invoice_text_label2,
+ '$documents' => $documentsHTML,
];
// Add variables for available payment types
diff --git a/resources/lang/en/texts.php b/resources/lang/en/texts.php
index 32efcdffca46..50b8b66b3cc9 100644
--- a/resources/lang/en/texts.php
+++ b/resources/lang/en/texts.php
@@ -1098,6 +1098,9 @@ $LANG = array(
'december' => 'December',
// Documents
+ 'email_documents_header' => 'Documents:',
+ 'email_documents_example_1' => 'Widgets Receipt.pdf',
+ 'email_documents_example_2' => 'Final Deliverable.zip',
'invoice_documents' => 'Attached Documents',
'document_upload_message' => 'Drop files here or click to upload.',
'invoice_embed_documents' => 'Embed Documents',
diff --git a/resources/views/accounts/templates_and_reminders.blade.php b/resources/views/accounts/templates_and_reminders.blade.php
index 22a3a8a4a08c..7bf6638167d6 100644
--- a/resources/views/accounts/templates_and_reminders.blade.php
+++ b/resources/views/accounts/templates_and_reminders.blade.php
@@ -201,6 +201,13 @@
var keys = {!! json_encode(\App\Ninja\Mailers\ContactMailer::$variableFields) !!};
var passwordHtml = "{!! $account->isPro() && $account->enable_portal_password && $account->send_portal_password?''.trans('texts.password').': 6h2NWNdw6
':'' !!}";
+
+ @if ($account->isPro())
+ var documentsHtml = "{!! trans('texts.email_documents_header').'
' !!}";
+ @else
+ var documentsHtml = "";
+ @endif
+
var vals = [
{!! json_encode($emailFooter) !!},
"{{ $account->getDisplayName() }}",
@@ -213,6 +220,7 @@
"0001",
"0001",
passwordHtml,
+ documentsHtml,
"{{ URL::to('/view/...') }}$password",
'{!! Form::flatButton('view_invoice', '#0b4d78') !!}$password',
"{{ URL::to('/payment/...') }}$password",