mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2025-07-09 03:14:30 -04:00
Fixes for resolving correct company user
This commit is contained in:
David Bomba
parent
ebfee1b573
commit
2b95f2a0d4
@ -606,6 +606,10 @@ class LoginController extends BaseController
|
||||
if (request()->has('code')) {
|
||||
return $this->handleProviderCallback($provider);
|
||||
} else {
|
||||
|
||||
if(!in_array($provider, ['google']))
|
||||
return abort(400, 'Invalid provider');
|
||||
|
||||
return Socialite::driver($provider)->with($parameters)->scopes($scopes)->redirect();
|
||||
}
|
||||
}
|
||||
|
||||
@ -380,7 +380,7 @@ class UserController extends BaseController
|
||||
*/
|
||||
public function update(UpdateUserRequest $request, User $user)
|
||||
{
|
||||
$old_company_user = $user->company_user;
|
||||
$old_company_user = $user->company_user();
|
||||
$old_user = json_encode($user);
|
||||
$old_user_email = $user->getOriginal('email');
|
||||
|
||||
@ -398,8 +398,8 @@ class UserController extends BaseController
|
||||
|
||||
|
||||
if(
|
||||
strcasecmp($old_company_user->permissions, $user->company_user->permissions) != 0 ||
|
||||
$old_company_user->is_admin != $user->company_user->is_admin
|
||||
strcasecmp($old_company_user->permissions, $user->company_user()->permissions) != 0 ||
|
||||
$old_company_user->is_admin != $user->company_user()->is_admin
|
||||
){
|
||||
$user->company_user()->update(["permissions_updated_at" => now()]);
|
||||
}
|
||||
|
||||
@ -30,7 +30,7 @@ class TokenAuth
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if ($request->header('X-API-TOKEN') && ($company_token = CompanyToken::with(['user', 'company'])->where('token', $request->header('X-API-TOKEN'))->first())) {
|
||||
if ($request->header('X-API-TOKEN') && ($company_token = CompanyToken::with(['user', 'company', 'cu'])->where('token', $request->header('X-API-TOKEN'))->first())) {
|
||||
$user = $company_token->user;
|
||||
|
||||
$error = [
|
||||
@ -65,7 +65,7 @@ class TokenAuth
|
||||
});
|
||||
|
||||
//user who once existed, but has been soft deleted
|
||||
if ($company_token->company_user->is_locked) {
|
||||
if ($company_token->cu->is_locked) {
|
||||
$error = [
|
||||
'message' => 'User access locked',
|
||||
'errors' => new stdClass,
|
||||
|
||||
@ -55,4 +55,9 @@ class CompanyToken extends BaseModel
|
||||
->where('company_id', $this->company_id)
|
||||
->where('user_id', $this->user_id);
|
||||
}
|
||||
|
||||
public function cu()
|
||||
{
|
||||
return $this->hasOneThrough(CompanyUser::class, Company::class, 'id', 'company_id', 'company_id', 'id');
|
||||
}
|
||||
}
|
||||
|
||||
@ -142,6 +142,16 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
return $this->hasMany(CompanyToken::class)->orderBy('id', 'ASC');
|
||||
}
|
||||
|
||||
public function token()
|
||||
{
|
||||
if (request()->header('X-API-TOKEN')) {
|
||||
return CompanyToken::with(['company','cu'])->where('token', request()->header('X-API-TOKEN'))->first();
|
||||
}
|
||||
|
||||
|
||||
return $this->tokens()->first();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns all companies a user has access to.
|
||||
*
|
||||
@ -219,17 +229,20 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
|
||||
public function co_user()
|
||||
{
|
||||
return $this->company_user();
|
||||
return $this->token()->cu;
|
||||
// return $this->company_user();
|
||||
}
|
||||
|
||||
public function company_user()
|
||||
{
|
||||
if (! $this->id && auth()->user()) {
|
||||
$this->id = auth()->user()->id;
|
||||
}
|
||||
// if (! $this->id && auth()->user()) {
|
||||
// $this->id = auth()->user()->id;
|
||||
// }
|
||||
|
||||
return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'user_id', 'id', 'user_id')
|
||||
->withTrashed();
|
||||
return $this->token()->cu;
|
||||
|
||||
// return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'user_id', 'id', 'user_id')
|
||||
// ->withTrashed();
|
||||
|
||||
// if (request()->header('X-API-TOKEN')) {
|
||||
|
||||
@ -268,7 +281,9 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
*/
|
||||
public function permissions()
|
||||
{
|
||||
return $this->company_user->permissions;
|
||||
return $this->token()->cu->permissions;
|
||||
|
||||
// return $this->company_user->permissions;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -278,7 +293,9 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
*/
|
||||
public function settings()
|
||||
{
|
||||
return json_decode($this->company_user->settings);
|
||||
return json_decode($this->token()->cu->settings);
|
||||
|
||||
//return json_decode($this->company_user->settings);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -288,12 +305,16 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
*/
|
||||
public function isAdmin() : bool
|
||||
{
|
||||
return $this->company_user->is_admin;
|
||||
return $this->token()->cu->is_admin;
|
||||
|
||||
// return $this->company_user->is_admin;
|
||||
}
|
||||
|
||||
public function isOwner() : bool
|
||||
{
|
||||
return $this->company_user->is_owner;
|
||||
return $this->token()->cu->is_owner;
|
||||
|
||||
// return $this->company_user->is_owner;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -345,8 +366,13 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
|
||||
return $this->isOwner() ||
|
||||
$this->isAdmin() ||
|
||||
(stripos($this->company_user->permissions, $all_permission) !== false) ||
|
||||
(stripos($this->company_user->permissions, $permission) !== false);
|
||||
(stripos($this->token()->cu->permissions, $all_permission) !== false) ||
|
||||
(stripos($this->token()->cu->permissions, $permission) !== false);
|
||||
|
||||
// return $this->isOwner() ||
|
||||
// $this->isAdmin() ||
|
||||
// (stripos($this->company_user->permissions, $all_permission) !== false) ||
|
||||
// (stripos($this->company_user->permissions, $permission) !== false);
|
||||
}
|
||||
|
||||
public function documents()
|
||||
@ -370,9 +396,12 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
|
||||
public function routeNotificationForSlack($notification)
|
||||
{
|
||||
if ($this->company_user->slack_webhook_url) {
|
||||
return $this->company_user->slack_webhook_url;
|
||||
}
|
||||
|
||||
if($this->token()->cu->slack_webhook_url)
|
||||
return $this->token()->cu->slack_webhook_url;
|
||||
// if ($this->company_user->slack_webhook_url) {
|
||||
// return $this->company_user->slack_webhook_url;
|
||||
// }
|
||||
}
|
||||
|
||||
public function routeNotificationForMail($notification)
|
||||
|
||||
@ -200,7 +200,6 @@ class UserRepository extends BaseRepository
|
||||
$user->is_deleted = false;
|
||||
$user->save();
|
||||
$user->restore();
|
||||
// $user->company_user->restore();
|
||||
|
||||
$cu = CompanyUser::withTrashed()
|
||||
->where('user_id', $user->id)
|
||||
|
||||
@ -634,9 +634,11 @@ class HtmlEngine
|
||||
{
|
||||
$country = Country::find($this->settings->country_id);
|
||||
|
||||
if ($country) {
|
||||
return ctrans('texts.country_' . $country->iso_3166_2);
|
||||
}
|
||||
if($country)
|
||||
return $country->iso_3166_2;
|
||||
// if ($country) {
|
||||
// return ctrans('texts.country_' . $country->iso_3166_2);
|
||||
// }
|
||||
|
||||
return ' ';
|
||||
}
|
||||
|
||||
@ -175,7 +175,7 @@ class LoginTest extends TestCase
|
||||
$this->assertTrue($user->companies !== null);
|
||||
$this->assertTrue($user->company_users !== null);
|
||||
$this->assertTrue($user->company_users->first() !== null);
|
||||
$this->assertTrue($user->company_user->account !== null);
|
||||
$this->assertTrue($user->company_user()->account !== null);
|
||||
|
||||
$this->assertEquals($user->email, 'test@example.com');
|
||||
$this->assertTrue(\Hash::check('123456', $user->password));
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user