mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2025-07-09 03:14:30 -04:00
Fixes for resolving correct company user
This commit is contained in:
David Bomba
parent
ebfee1b573
commit
2b95f2a0d4
@ -606,6 +606,10 @@ class LoginController extends BaseController
|
|||||||
if (request()->has('code')) {
|
if (request()->has('code')) {
|
||||||
return $this->handleProviderCallback($provider);
|
return $this->handleProviderCallback($provider);
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
|
if(!in_array($provider, ['google']))
|
||||||
|
return abort(400, 'Invalid provider');
|
||||||
|
|
||||||
return Socialite::driver($provider)->with($parameters)->scopes($scopes)->redirect();
|
return Socialite::driver($provider)->with($parameters)->scopes($scopes)->redirect();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -380,7 +380,7 @@ class UserController extends BaseController
|
|||||||
*/
|
*/
|
||||||
public function update(UpdateUserRequest $request, User $user)
|
public function update(UpdateUserRequest $request, User $user)
|
||||||
{
|
{
|
||||||
$old_company_user = $user->company_user;
|
$old_company_user = $user->company_user();
|
||||||
$old_user = json_encode($user);
|
$old_user = json_encode($user);
|
||||||
$old_user_email = $user->getOriginal('email');
|
$old_user_email = $user->getOriginal('email');
|
||||||
|
|
||||||
@ -398,8 +398,8 @@ class UserController extends BaseController
|
|||||||
|
|
||||||
|
|
||||||
if(
|
if(
|
||||||
strcasecmp($old_company_user->permissions, $user->company_user->permissions) != 0 ||
|
strcasecmp($old_company_user->permissions, $user->company_user()->permissions) != 0 ||
|
||||||
$old_company_user->is_admin != $user->company_user->is_admin
|
$old_company_user->is_admin != $user->company_user()->is_admin
|
||||||
){
|
){
|
||||||
$user->company_user()->update(["permissions_updated_at" => now()]);
|
$user->company_user()->update(["permissions_updated_at" => now()]);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -30,7 +30,7 @@ class TokenAuth
|
|||||||
*/
|
*/
|
||||||
public function handle($request, Closure $next)
|
public function handle($request, Closure $next)
|
||||||
{
|
{
|
||||||
if ($request->header('X-API-TOKEN') && ($company_token = CompanyToken::with(['user', 'company'])->where('token', $request->header('X-API-TOKEN'))->first())) {
|
if ($request->header('X-API-TOKEN') && ($company_token = CompanyToken::with(['user', 'company', 'cu'])->where('token', $request->header('X-API-TOKEN'))->first())) {
|
||||||
$user = $company_token->user;
|
$user = $company_token->user;
|
||||||
|
|
||||||
$error = [
|
$error = [
|
||||||
@ -65,7 +65,7 @@ class TokenAuth
|
|||||||
});
|
});
|
||||||
|
|
||||||
//user who once existed, but has been soft deleted
|
//user who once existed, but has been soft deleted
|
||||||
if ($company_token->company_user->is_locked) {
|
if ($company_token->cu->is_locked) {
|
||||||
$error = [
|
$error = [
|
||||||
'message' => 'User access locked',
|
'message' => 'User access locked',
|
||||||
'errors' => new stdClass,
|
'errors' => new stdClass,
|
||||||
|
|||||||
@ -55,4 +55,9 @@ class CompanyToken extends BaseModel
|
|||||||
->where('company_id', $this->company_id)
|
->where('company_id', $this->company_id)
|
||||||
->where('user_id', $this->user_id);
|
->where('user_id', $this->user_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function cu()
|
||||||
|
{
|
||||||
|
return $this->hasOneThrough(CompanyUser::class, Company::class, 'id', 'company_id', 'company_id', 'id');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -142,6 +142,16 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
return $this->hasMany(CompanyToken::class)->orderBy('id', 'ASC');
|
return $this->hasMany(CompanyToken::class)->orderBy('id', 'ASC');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function token()
|
||||||
|
{
|
||||||
|
if (request()->header('X-API-TOKEN')) {
|
||||||
|
return CompanyToken::with(['company','cu'])->where('token', request()->header('X-API-TOKEN'))->first();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
return $this->tokens()->first();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns all companies a user has access to.
|
* Returns all companies a user has access to.
|
||||||
*
|
*
|
||||||
@ -219,17 +229,20 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
|
|
||||||
public function co_user()
|
public function co_user()
|
||||||
{
|
{
|
||||||
return $this->company_user();
|
return $this->token()->cu;
|
||||||
|
// return $this->company_user();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function company_user()
|
public function company_user()
|
||||||
{
|
{
|
||||||
if (! $this->id && auth()->user()) {
|
// if (! $this->id && auth()->user()) {
|
||||||
$this->id = auth()->user()->id;
|
// $this->id = auth()->user()->id;
|
||||||
}
|
// }
|
||||||
|
|
||||||
return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'user_id', 'id', 'user_id')
|
return $this->token()->cu;
|
||||||
->withTrashed();
|
|
||||||
|
// return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'user_id', 'id', 'user_id')
|
||||||
|
// ->withTrashed();
|
||||||
|
|
||||||
// if (request()->header('X-API-TOKEN')) {
|
// if (request()->header('X-API-TOKEN')) {
|
||||||
|
|
||||||
@ -268,7 +281,9 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
*/
|
*/
|
||||||
public function permissions()
|
public function permissions()
|
||||||
{
|
{
|
||||||
return $this->company_user->permissions;
|
return $this->token()->cu->permissions;
|
||||||
|
|
||||||
|
// return $this->company_user->permissions;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -278,7 +293,9 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
*/
|
*/
|
||||||
public function settings()
|
public function settings()
|
||||||
{
|
{
|
||||||
return json_decode($this->company_user->settings);
|
return json_decode($this->token()->cu->settings);
|
||||||
|
|
||||||
|
//return json_decode($this->company_user->settings);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -288,12 +305,16 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
*/
|
*/
|
||||||
public function isAdmin() : bool
|
public function isAdmin() : bool
|
||||||
{
|
{
|
||||||
return $this->company_user->is_admin;
|
return $this->token()->cu->is_admin;
|
||||||
|
|
||||||
|
// return $this->company_user->is_admin;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function isOwner() : bool
|
public function isOwner() : bool
|
||||||
{
|
{
|
||||||
return $this->company_user->is_owner;
|
return $this->token()->cu->is_owner;
|
||||||
|
|
||||||
|
// return $this->company_user->is_owner;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -345,8 +366,13 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
|
|
||||||
return $this->isOwner() ||
|
return $this->isOwner() ||
|
||||||
$this->isAdmin() ||
|
$this->isAdmin() ||
|
||||||
(stripos($this->company_user->permissions, $all_permission) !== false) ||
|
(stripos($this->token()->cu->permissions, $all_permission) !== false) ||
|
||||||
(stripos($this->company_user->permissions, $permission) !== false);
|
(stripos($this->token()->cu->permissions, $permission) !== false);
|
||||||
|
|
||||||
|
// return $this->isOwner() ||
|
||||||
|
// $this->isAdmin() ||
|
||||||
|
// (stripos($this->company_user->permissions, $all_permission) !== false) ||
|
||||||
|
// (stripos($this->company_user->permissions, $permission) !== false);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function documents()
|
public function documents()
|
||||||
@ -370,9 +396,12 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
|
|
||||||
public function routeNotificationForSlack($notification)
|
public function routeNotificationForSlack($notification)
|
||||||
{
|
{
|
||||||
if ($this->company_user->slack_webhook_url) {
|
|
||||||
return $this->company_user->slack_webhook_url;
|
if($this->token()->cu->slack_webhook_url)
|
||||||
}
|
return $this->token()->cu->slack_webhook_url;
|
||||||
|
// if ($this->company_user->slack_webhook_url) {
|
||||||
|
// return $this->company_user->slack_webhook_url;
|
||||||
|
// }
|
||||||
}
|
}
|
||||||
|
|
||||||
public function routeNotificationForMail($notification)
|
public function routeNotificationForMail($notification)
|
||||||
|
|||||||
@ -200,7 +200,6 @@ class UserRepository extends BaseRepository
|
|||||||
$user->is_deleted = false;
|
$user->is_deleted = false;
|
||||||
$user->save();
|
$user->save();
|
||||||
$user->restore();
|
$user->restore();
|
||||||
// $user->company_user->restore();
|
|
||||||
|
|
||||||
$cu = CompanyUser::withTrashed()
|
$cu = CompanyUser::withTrashed()
|
||||||
->where('user_id', $user->id)
|
->where('user_id', $user->id)
|
||||||
|
|||||||
@ -634,9 +634,11 @@ class HtmlEngine
|
|||||||
{
|
{
|
||||||
$country = Country::find($this->settings->country_id);
|
$country = Country::find($this->settings->country_id);
|
||||||
|
|
||||||
if ($country) {
|
if($country)
|
||||||
return ctrans('texts.country_' . $country->iso_3166_2);
|
return $country->iso_3166_2;
|
||||||
}
|
// if ($country) {
|
||||||
|
// return ctrans('texts.country_' . $country->iso_3166_2);
|
||||||
|
// }
|
||||||
|
|
||||||
return ' ';
|
return ' ';
|
||||||
}
|
}
|
||||||
|
|||||||
@ -175,7 +175,7 @@ class LoginTest extends TestCase
|
|||||||
$this->assertTrue($user->companies !== null);
|
$this->assertTrue($user->companies !== null);
|
||||||
$this->assertTrue($user->company_users !== null);
|
$this->assertTrue($user->company_users !== null);
|
||||||
$this->assertTrue($user->company_users->first() !== null);
|
$this->assertTrue($user->company_users->first() !== null);
|
||||||
$this->assertTrue($user->company_user->account !== null);
|
$this->assertTrue($user->company_user()->account !== null);
|
||||||
|
|
||||||
$this->assertEquals($user->email, 'test@example.com');
|
$this->assertEquals($user->email, 'test@example.com');
|
||||||
$this->assertTrue(\Hash::check('123456', $user->password));
|
$this->assertTrue(\Hash::check('123456', $user->password));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user