From 2a7e8cb4b739e0408a0d23099b8531bc73865def Mon Sep 17 00:00:00 2001
From: Joshua Dwire <joshua@joshuadwire.com>
Date: Wed, 23 Mar 2016 21:25:33 -0400
Subject: [PATCH] Add documents placeholder for emails

---
 app/Http/Controllers/DocumentController.php   |  4 +++
 .../Controllers/PublicClientController.php    | 25 +++++++++++++++++++
 app/Http/Middleware/Authenticate.php          |  2 +-
 app/Http/routes.php                           |  1 +
 app/Models/Document.php                       |  4 +++
 app/Ninja/Mailers/ContactMailer.php           | 12 +++++++++
 resources/lang/en/texts.php                   |  3 +++
 .../templates_and_reminders.blade.php         |  8 ++++++
 8 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/DocumentController.php b/app/Http/Controllers/DocumentController.php
index 4bd9be884696..6c824dab61f6 100644
--- a/app/Http/Controllers/DocumentController.php
+++ b/app/Http/Controllers/DocumentController.php
@@ -33,6 +33,10 @@ class DocumentController extends BaseController
             return $response;
         }
         
+        return static::getDownloadResponse($document);
+    }
+    
+    public static function getDownloadResponse($document){
         $direct_url = $document->getDirectUrl();
         if($direct_url){
             return redirect($direct_url);
diff --git a/app/Http/Controllers/PublicClientController.php b/app/Http/Controllers/PublicClientController.php
index c854189ac240..500257fedbbc 100644
--- a/app/Http/Controllers/PublicClientController.php
+++ b/app/Http/Controllers/PublicClientController.php
@@ -414,5 +414,30 @@ class PublicClientController extends BaseController
         
         return $response;
     }
+    
+    
+    public function getDocument($invitationKey, $publicId){
+        if (!$invitation = $this->invoiceRepo->findInvoiceByInvitation($invitationKey)) {
+            return $this->returnError();
+        }
+        
+        Session::put('invitation_key', $invitationKey); // track current invitation
+        
+        $clientId = $invitation->invoice->client_id;
+        $document = Document::scope($publicId, $invitation->account_id)->firstOrFail();
+        
+        $authorized = false;
+        if($document->expense && $document->expense->client_id == $invitation->invoice->client_id){
+            $authorized = true;
+        } else if($document->invoice && $document->invoice->client_id == $invitation->invoice->client_id){
+            $authorized = true;
+        }
+        
+        if(!$authorized){
+            return Response::view('error', array('error'=>'Not authorized'), 403);
+        }        
+        
+        return DocumentController::getDownloadResponse($document);
+    }
 
 }
diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
index a6d1363e4cdd..3a49c762a94f 100644
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@@ -42,7 +42,7 @@ class Authenticate {
 			
 			// Does this account require portal passwords?
 			$account = Account::whereId($account_id)->first();
-			if(!$account->enable_portal_password || !$account->isPro()){
+			if($account && (!$account->enable_portal_password || !$account->isPro())){
 				$authenticated = true;
 			}
 			
diff --git a/app/Http/routes.php b/app/Http/routes.php
index 92f9b11b03d8..a7f8d7b26e9e 100644
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@@ -48,6 +48,7 @@ Route::group(['middleware' => 'auth:client'], function() {
     Route::get('client/payments', 'PublicClientController@paymentIndex');
     Route::get('client/dashboard', 'PublicClientController@dashboard');
     Route::get('client/document/js/{public_id}/{filename}', 'PublicClientController@getDocumentVFSJS');
+    Route::get('client/document/{invitation_key}/{public_id}/{filename?}', 'PublicClientController@getDocument');
 });
 
 Route::get('api/client.quotes', array('as'=>'api.client.quotes', 'uses'=>'PublicClientController@quoteDatatable'));
diff --git a/app/Models/Document.php b/app/Models/Document.php
index aeff8099e5d7..92d3e79439d6 100644
--- a/app/Models/Document.php
+++ b/app/Models/Document.php
@@ -138,6 +138,10 @@ class Document extends EntityModel
         return url('document/'.$this->public_id.'/'.$this->name);
     }
     
+    public function getClientUrl($invitation){
+        return url('client/document/'.$invitation->invitation_key.'/'.$this->public_id.'/'.$this->name);
+    }
+    
     public function getVFSJSUrl(){
         return url('document/js/'.$this->public_id.'/'.$this->name.'.js');
     }
diff --git a/app/Ninja/Mailers/ContactMailer.php b/app/Ninja/Mailers/ContactMailer.php
index 4af83968263c..7f96efb7da87 100644
--- a/app/Ninja/Mailers/ContactMailer.php
+++ b/app/Ninja/Mailers/ContactMailer.php
@@ -1,6 +1,7 @@
 <?php namespace App\Ninja\Mailers;
 
 use Form;
+use HTML;
 use Utils;
 use Event;
 use URL;
@@ -28,6 +29,7 @@ class ContactMailer extends Mailer
         'invoice',
         'quote',
         'password',
+        'documents',
         'viewLink',
         'viewButton',
         'paymentLink',
@@ -281,7 +283,16 @@ class ContactMailer extends Mailer
         $invitation = $data['invitation'];
         $invoice = $invitation->invoice;
         $passwordHTML = isset($data['password'])?'<p>'.trans('texts.password').': '.$data['password'].'<p>':false;
+        $documentsHTML = '';
 
+        if($account->isPro() && count($invoice->documents)){
+            $documentsHTML .= trans('texts.email_documents_header').'<ul>';
+            foreach($invoice->documents as $document){
+                $documentsHTML .= '<li><a href="'.HTML::entities($document->getClientUrl($invitation)).'">'.HTML::entities($document->name).'</a></li>';
+            }
+            $documentsHTML .= '</ul>';
+        }
+        
         $variables = [
             '$footer' => $account->getEmailFooter(),
             '$client' => $client->getDisplayName(),
@@ -303,6 +314,7 @@ class ContactMailer extends Mailer
             '$customClient2' => $account->custom_client_label2,
             '$customInvoice1' => $account->custom_invoice_text_label1,
             '$customInvoice2' => $account->custom_invoice_text_label2,
+            '$documents' => $documentsHTML,
         ];
 
         // Add variables for available payment types
diff --git a/resources/lang/en/texts.php b/resources/lang/en/texts.php
index 32efcdffca46..50b8b66b3cc9 100644
--- a/resources/lang/en/texts.php
+++ b/resources/lang/en/texts.php
@@ -1098,6 +1098,9 @@ $LANG = array(
     'december' => 'December',
     
     // Documents
+    'email_documents_header' => 'Documents:',
+    'email_documents_example_1' => 'Widgets Receipt.pdf',
+    'email_documents_example_2' => 'Final Deliverable.zip',
     'invoice_documents' => 'Attached Documents',
     'document_upload_message' => 'Drop files here or click to upload.',
     'invoice_embed_documents' => 'Embed Documents',
diff --git a/resources/views/accounts/templates_and_reminders.blade.php b/resources/views/accounts/templates_and_reminders.blade.php
index 22a3a8a4a08c..7bf6638167d6 100644
--- a/resources/views/accounts/templates_and_reminders.blade.php
+++ b/resources/views/accounts/templates_and_reminders.blade.php
@@ -201,6 +201,13 @@
 
             var keys = {!! json_encode(\App\Ninja\Mailers\ContactMailer::$variableFields) !!};
             var passwordHtml = "{!! $account->isPro() && $account->enable_portal_password && $account->send_portal_password?'<p>'.trans('texts.password').': 6h2NWNdw6<p>':'' !!}";
+            
+            @if ($account->isPro())
+            var documentsHtml = "{!! trans('texts.email_documents_header').'<ul><li><a>'.trans('texts.email_documents_example_1').'</a></li><li><a>'.trans('texts.email_documents_example_2').'</a></li></ul>' !!}";
+            @else
+            var documentsHtml = "";
+            @endif
+            
             var vals = [
                 {!! json_encode($emailFooter) !!}, 
                 "{{ $account->getDisplayName() }}", 
@@ -213,6 +220,7 @@
                 "0001", 
                 "0001",
                 passwordHtml,
+                documentsHtml,
                 "{{ URL::to('/view/...') }}$password", 
                 '{!! Form::flatButton('view_invoice', '#0b4d78') !!}$password',
                 "{{ URL::to('/payment/...') }}$password",