Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7041 from turbo124/v5-develop

Browse Source 
Fixes for CSRF issues with client portal downloads
This commit is contained in:
David Bomba 2021-12-15 20:28:41 +11:00 committed by GitHub
commit 3673f17a23
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
21 changed files with 323 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/Auth/ContactRegisterController.php
View File

@ -29,7 +29,7 @@ class ContactRegisterController extends Controller
public function showRegisterForm(string $company_key = '')
{
$key = request()->session()->has('key') ? request()->session()->get('key') : $company_key;
$key = request()->session()->has('company_key') ? request()->session()->get('company_key') : $company_key;
$company = Company::where('company_key', $key)->firstOrFail();

6
app/Http/Controllers/ClientPortal/InvoiceController.php
View File

@ -89,6 +89,12 @@ class InvoiceController extends Controller
* @param ProcessInvoicesInBulkRequest $request
* @return mixed
*/
public function catch_bulk()
{
return $this->render('invoices.index');
}
public function bulk(ProcessInvoicesInBulkRequest $request)
{
$transformed_ids = $this->transformKeys($request->invoices);

5
app/Http/Controllers/ClientPortal/PaymentController.php
View File

@ -69,6 +69,11 @@ class PaymentController extends Controller
]);
}
public function catch_process(Request $request)
{
return $this->render('payments.index');
}
/**
* Presents the payment screen for a given
* gateway and payment method.

41
app/Http/Controllers/ClientPortal/QuoteController.php
View File

@ -30,6 +30,7 @@ use Illuminate\View\View;
use Symfony\Component\HttpFoundation\BinaryFileResponse;
use ZipStream\Option\Archive;
use ZipStream\ZipStream;
use Illuminate\Http\Request;
class QuoteController extends Controller
{
@ -58,17 +59,16 @@ class QuoteController extends Controller
'quote' => $quote,
];
$invitation = $quote->invitations()->where('client_contact_id', auth()->user()->id)->first();
$invitation = $quote->invitations()->where('client_contact_id', auth()->user()->id)->first();
if ($invitation && auth()->guard('contact') && ! request()->has('silent') && ! $invitation->viewed_date) {
if ($invitation && auth()->guard('contact') && ! request()->has('silent') && ! $invitation->viewed_date) {
$invitation->markViewed();
$invitation->markViewed();
event(new InvitationWasViewed($quote, $invitation, $quote->company, Ninja::eventVars()));
event(new QuoteWasViewed($invitation, $invitation->company, Ninja::eventVars()));
}
event(new InvitationWasViewed($quote, $invitation, $quote->company, Ninja::eventVars()));
event(new QuoteWasViewed($invitation, $invitation->company, Ninja::eventVars()));
}
if ($request->query('mode') === 'fullscreen') {
return render('quotes.show-fullscreen', $data);
@ -82,7 +82,7 @@ class QuoteController extends Controller
$transformed_ids = $this->transformKeys($request->quotes);
if ($request->action == 'download') {
return $this->downloadQuotePdf((array) $transformed_ids);
return $this->downloadQuotes((array) $transformed_ids);
}
if ($request->action = 'approve') {
@ -92,10 +92,32 @@ class QuoteController extends Controller
return back();
}
public function downloadQuotes($ids)
{
$data['quotes'] = Quote::whereIn('id', $ids)
->whereClientId(auth()->user()->client->id)
->withTrashed()
->get();
if(count($data['quotes']) == 0)
return back()->with(['message' => ctrans('texts.no_items_selected')]);
return $this->render('quotes.download', $data);
}
public function download(Request $request)
{
$transformed_ids = $this->transformKeys($request->quotes);
return $this->downloadQuotePdf((array) $transformed_ids);
}
protected function downloadQuotePdf(array $ids)
{
$quotes = Quote::whereIn('id', $ids)
->whereClientId(auth()->user()->client->id)
->withTrashed()
->get();
if (! $quotes || $quotes->count() == 0) {
@ -136,6 +158,7 @@ class QuoteController extends Controller
->where('client_id', auth('contact')->user()->client->id)
->where('company_id', auth('contact')->user()->client->company_id)
->where('status_id', Quote::STATUS_SENT)
->withTrashed()
->get();
if (!$quotes || $quotes->count() == 0) {

8
app/Http/Middleware/ContactRegister.php
View File

@ -37,7 +37,7 @@ class ContactRegister
if(! $company->client_can_register)
abort(400, 'Registration disabled');
session()->put('key', $company->company_key);
session()->put('company_key', $company->company_key);
return $next($request);
}
@ -56,7 +56,7 @@ class ContactRegister
abort(400, 'Registration disabled');
// $request->merge(['key' => $company->company_key]);
session()->put('key', $company->company_key);
session()->put('company_key', $company->company_key);
return $next($request);
}
@ -71,7 +71,7 @@ class ContactRegister
abort(400, 'Registration disabled');
//$request->merge(['key' => $company->company_key]);
session()->put('key', $company->company_key);
session()->put('company_key', $company->company_key);
return $next($request);
}
@ -85,7 +85,7 @@ class ContactRegister
abort(400, 'Registration disabled');
//$request->merge(['key' => $company->company_key]);
session()->put('key', $company->company_key);
session()->put('company_key', $company->company_key);
return $next($request);
}

3
app/Http/Requests/Gateways/GoCardless/IbpRequest.php
View File

@ -18,6 +18,7 @@ use App\Models\CompanyGateway;
use App\Models\PaymentHash;
use App\Utils\Traits\MakesHash;
use Illuminate\Foundation\Http\FormRequest;
use App\Libraries\MultiDB;
class IbpRequest extends FormRequest
{
@ -30,6 +31,8 @@ class IbpRequest extends FormRequest
*/
public function authorize()
{
MultiDB::findAndSetDbByCompanyKey($this->company_key);
return true;
}

2
app/Http/Requests/Payments/PaymentWebhookRequest.php
View File

@ -47,7 +47,7 @@ class PaymentWebhookRequest extends Request
*/
public function getCompanyGateway()
{
return CompanyGateway::findOrFail($this->decodePrimaryKey($this->company_gateway_id));
return CompanyGateway::withTrashed()->findOrFail($this->decodePrimaryKey($this->company_gateway_id));
}
/**

2
app/Import/Transformers/Csv/InvoiceTransformer.php
View File

@ -126,8 +126,6 @@ class InvoiceTransformer extends BaseTransformer {
}
$transformed['line_items'] = $line_items;
nlog($transformed);
return $transformed;
}
}

10
app/Jobs/Ninja/SendReminders.php
View File

@ -28,6 +28,7 @@ use Illuminate\Foundation\Bus\Dispatchable;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\SerializesModels;
use Illuminate\Support\Carbon;
use Illuminate\Support\Facades\App;
//@DEPRECATED
class SendReminders implements ShouldQueue
@ -284,6 +285,11 @@ class SendReminders implements ShouldQueue
*/
private function setLateFee($invoice, $amount, $percent) :Invoice
{
App::forgetInstance('translator');
$t = app('translator');
$t->replace(Ninja::transformTranslations($invoice->client->getMergedSettings()));
App::setLocale($invoice->client->locale());
$temp_invoice_balance = $invoice->balance;
if ($amount <= 0 && $percent <= 0) {
@ -313,8 +319,8 @@ class SendReminders implements ShouldQueue
/**Refresh Invoice values*/
$invoice = $invoice->calc()->getInvoice();
$this->invoice->client->service()->updateBalance($this->invoice->balance - $temp_invoice_balance)->save();
$this->invoice->ledger()->updateInvoiceBalance($this->invoice->balance - $temp_invoice_balance, "Late Fee Adjustment for invoice {$this->invoice->number}");
$invoice->client->service()->updateBalance($invoice->balance - $temp_invoice_balance)->save();
$invoice->ledger()->updateInvoiceBalance($invoice->balance - $temp_invoice_balance, "Late Fee Adjustment for invoice {$invoice->number}");
return $invoice;
}

47
app/Jobs/RecurringInvoice/SendRecurring.php
View File

@ -83,8 +83,6 @@ class SendRecurring implements ShouldQueue
//->createInvitations() //need to only link invitations to those in the recurring invoice
->fillDefaults()
->save();
$invoice = $this->createRecurringInvitations($invoice);
}
else{
@ -94,6 +92,8 @@ class SendRecurring implements ShouldQueue
->save();
}
$invoice = $this->createRecurringInvitations($invoice);
nlog("updating recurring invoice dates");
/* Set next date here to prevent a recurring loop forming */
$this->recurring_invoice->next_send_date = $this->recurring_invoice->nextSendDate();
@ -122,27 +122,30 @@ class SendRecurring implements ShouldQueue
event('eloquent.created: App\Models\Invoice', $invoice);
//Admin notification for recurring invoice sent.
if ($invoice->invitations->count() >= 1 ) {
$invoice->entityEmailEvent($invoice->invitations->first(), 'invoice', 'email_template_invoice');
}
nlog("Invoice {$invoice->number} created");
$invoice->invitations->each(function ($invitation) use ($invoice) {
if ($invitation->contact && !$invitation->contact->trashed() && strlen($invitation->contact->email) >=1 && $invoice->client->getSetting('auto_email_invoice')) {
try{
EmailEntity::dispatch($invitation, $invoice->company)->delay(now()->addSeconds(1));
}
catch(\Exception $e) {
nlog($e->getMessage());
}
nlog("Firing email for invoice {$invoice->number}");
if($invoice->client->getSetting('auto_email_invoice'))
{
//Admin notification for recurring invoice sent.
if ($invoice->invitations->count() >= 1 ) {
$invoice->entityEmailEvent($invoice->invitations->first(), 'invoice', 'email_template_invoice');
}
});
nlog("Invoice {$invoice->number} created");
$invoice->invitations->each(function ($invitation) use ($invoice) {
if ($invitation->contact && !$invitation->contact->trashed() && strlen($invitation->contact->email) >=1 && $invoice->client->getSetting('auto_email_invoice')) {
try{
EmailEntity::dispatch($invitation, $invoice->company)->delay(now()->addSeconds(1));
}
catch(\Exception $e) {
nlog($e->getMessage());
}
nlog("Firing email for invoice {$invoice->number}");
}
});
}
if ($invoice->client->getSetting('auto_bill_date') == 'on_send_date' && $invoice->auto_bill_enabled) {
nlog("attempting to autobill {$invoice->number}");
$invoice->service()->autoBill();

2
app/Jobs/Util/ReminderJob.php
View File

@ -152,9 +152,11 @@ class ReminderJob implements ShouldQueue
*/
private function setLateFee($invoice, $amount, $percent) :Invoice
{
App::forgetInstance('translator');
$t = app('translator');
$t->replace(Ninja::transformTranslations($invoice->client->getMergedSettings()));
App::setLocale($invoice->client->locale());
$temp_invoice_balance = $invoice->balance;

11
app/Repositories/BaseRepository.php
View File

@ -222,17 +222,6 @@ class BaseRepository
if (array_key_exists('documents', $data))
$this->saveDocuments($data['documents'], $model);
/* Marks whether the client contact should receive emails based on the send_email property */
// if (isset($data['client_contacts'])) {
// foreach ($data['client_contacts'] as $contact) {
// if ($contact['send_email'] == 1 && is_string($contact['id'])) {
// $client_contact = ClientContact::find($this->decodePrimaryKey($contact['id']));
// $client_contact->send_email = true;
// $client_contact->save();
// }
// }
// }
/* If invitations are present we need to filter existing invitations with the new ones */
if (isset($data['invitations'])) {
$invitations = collect($data['invitations']);

1
app/Services/Invoice/AddGatewayFee.php
View File

@ -77,6 +77,7 @@ class AddGatewayFee extends AbstractService
App::forgetInstance('translator');
$t = app('translator');
$t->replace(Ninja::transformTranslations($this->invoice->company->settings));
App::setLocale($this->invoice->client->locale());
$invoice_item = new InvoiceItem;
$invoice_item->type_id = '3';

5
app/Services/PdfMaker/Design.php
View File

@ -621,12 +621,13 @@ class Design extends BaseDesign
$variables = $this->context['pdf_variables']['total_columns'];
/* 'labels' is a protected value - if the user enters labels it attempts to replace this string again - we need to set labels are a protected text label and remove it from the string */
$elements = [
['element' => 'div', 'properties' => ['style' => 'display: flex; flex-direction: column;'], 'elements' => [
['element' => 'p', 'content' => strtr($_variables['values']['$entity.public_notes'], $_variables), 'properties' => ['data-ref' => 'total_table-public_notes', 'style' => 'text-align: left;']],
['element' => 'p', 'content' => strtr(str_replace("labels", "", $_variables['values']['$entity.public_notes']), $_variables), 'properties' => ['data-ref' => 'total_table-public_notes', 'style' => 'text-align: left;']],
['element' => 'p', 'content' => '', 'properties' => ['style' => 'text-align: left; display: flex; flex-direction: column;'], 'elements' => [
['element' => 'span', 'content' => '$entity.terms_label: ', 'properties' => ['hidden' => $this->entityVariableCheck('$entity.terms'), 'data-ref' => 'total_table-terms-label', 'style' => 'font-weight: bold; text-align: left; margin-top: 1rem;']],
['element' => 'span', 'content' => strtr($_variables['values']['$entity.terms'], $_variables['labels']), 'properties' => ['data-ref' => 'total_table-terms', 'style' => 'text-align: left;']],
['element' => 'span', 'content' => strtr(str_replace("labels", "", $_variables['values']['$entity.terms']), $_variables['labels']), 'properties' => ['data-ref' => 'total_table-terms', 'style' => 'text-align: left;']],
]],
['element' => 'img', 'properties' => ['style' => 'max-width: 50%; height: auto;', 'src' => '$contact.signature', 'id' => 'contact-signature']],
['element' => 'div', 'properties' => ['style' => 'margin-top: 1.5rem; display: flex; align-items: flex-start;'], 'elements' => [

2
config/ninja.php
View File

@ -38,7 +38,7 @@ return [
'trusted_proxies' => env('TRUSTED_PROXIES', false),
'is_docker' => env('IS_DOCKER', false),
'local_download' => env('LOCAL_DOWNLOAD', false),
'sentry_dsn' => env('SENTRY_LARAVEL_DSN', 'https://32f01ea994744fa08a0f688769cef78a@sentry.invoicing.co/9'),
'sentry_dsn' => env('SENTRY_LARAVEL_DSN', 'https://39389664f3f14969b4c43dadda00a40b@sentry2.invoicing.co/5'),
'environment' => env('NINJA_ENVIRONMENT', 'selfhost'), // 'hosted', 'development', 'selfhost', 'reseller'
'preconfigured_install' => env('PRECONFIGURED_INSTALL',false),
'update_secret' => env('UPDATE_SECRET', ''),

108
phpunit.yml Normal file
View File

@ -0,0 +1,108 @@
on:
push:
branches:
- v5-develop
pull_request:
branches:
- v5-develop
name: phpunit
jobs:
run:
runs-on: ${{ matrix.operating-system }}
strategy:
matrix:
operating-system: ['ubuntu-18.04', 'ubuntu-20.04']
php-versions: ['7.3','7.4','8.0']
phpunit-versions: ['latest']
env:
DB_DATABASE1: ninja
DB_USERNAME1: root
DB_PASSWORD1: ninja
DB_HOST1: '127.0.0.1'
DB_DATABASE: ninja
DB_USERNAME: root
DB_PASSWORD: ninja
DB_HOST: '127.0.0.1'
BROADCAST_DRIVER: log
CACHE_DRIVER: file
QUEUE_CONNECTION: sync
SESSION_DRIVER: file
NINJA_ENVIRONMENT: hosted
MULTI_DB_ENABLED: false
NINJA_LICENSE: 123456
TRAVIS: true
MAIL_MAILER: log
services:
mariadb:
image: mariadb:latest
ports:
- 32768:3306
env:
MYSQL_ALLOW_EMPTY_PASSWORD: yes
MYSQL_USER: ninja
MYSQL_PASSWORD: ninja
MYSQL_DATABASE: ninja
MYSQL_ROOT_PASSWORD: ninja
options: --health-cmd="mysqladmin ping" --health-interval=5s --health-timeout=2s --health-retries=3
steps:
- name: Start mysql service
run: |
sudo systemctl start mysql.service
- name: Verify MariaDB connection
env:
DB_PORT: ${{ job.services.mariadb.ports[3306] }}
DB_PORT1: ${{ job.services.mariadb.ports[3306] }}
run: |
while ! mysqladmin ping -h"127.0.0.1" -P"$DB_PORT" --silent; do
sleep 1
done
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
extensions: mysql, mysqlnd, sqlite3, bcmath, gmp, gd, curl, zip, openssl, mbstring, xml
- uses: actions/checkout@v1
with:
ref: v5-develop
fetch-depth: 1
- name: Copy .env
run: |
cp .env.ci .env
- name: Install composer dependencies
run: |
composer config -g github-oauth.github.com ${{ secrets.GITHUB_TOKEN }}
composer install
- name: Prepare Laravel Application
run: |
php artisan key:generate
php artisan optimize
php artisan cache:clear
php artisan config:cache
- name: Create DB and schemas
run: |
mkdir -p database
touch database/database.sqlite
- name: Migrate Database
run: |
php artisan migrate:fresh --seed --force && php artisan db:seed --force
- name: Prepare JS/CSS assets
run: |
npm i
npm run production
- name: Run Testsuite
run: |
cat .env
vendor/bin/phpunit --testdox
env:
DB_PORT: ${{ job.services.mysql.ports[3306] }}
- name: Run php-cs-fixer
run: |
vendor/bin/php-cs-fixer fix

13
resources/lang/en/texts.php
View File

@ -4340,7 +4340,18 @@ $LANG = array(
'no_available_methods' => 'We can\'t find any credit cards on your device. <a href="https://invoiceninja.github.io/docs/payments#apple-pay-google-pay-microsoft-pay" target="_blank" class="underline">Read more about this.</a>',
'gocardless_mandate_not_ready' => 'Payment mandate is not ready. Please try again later.',
'payment_type_instant_bank_pay' => 'Instant Bank Pay',
'payment_type_iDEAL' => 'iDEAL',
'payment_type_Przelewy24' => 'Przelewy24',
'payment_type_Mollie Bank Transfer' => 'Bank Transfer',
'payment_type_KBC/CBC' => 'KBC/CBC',
'payment_type_Instant Bank Pay' => 'Instant Bank Pay',
'payment_type_Hosted Page' => 'Hosted Page',
'payment_type_GiroPay' => 'GiroPay',
'payment_type_EPS' => 'EPS',
'payment_type_Direct Debit' => 'Direct Debit',
'payment_type_Bancontact' => 'Bancontact',
'payment_type_BECS' => 'BECS',
'payment_type_ACSS' => 'ACSS',
);
return $LANG;

26
resources/views/pdf-designs/modern.html
View File

@ -49,8 +49,8 @@
#header, #header-spacer {
height: 160px;
padding: 3rem;
margin-bottom: 3rem;
padding: 1rem;
margin-bottom: 1rem;
}
.company-name {
@ -73,7 +73,7 @@
}
.logo-client-wrapper {
margin: 0 2rem 3rem;
margin: 0 2rem 0rem;
display: grid;
grid-template-columns: 1.5fr 1fr;
}
@ -92,7 +92,7 @@
}
.table-wrapper {
margin: 3rem 2rem;
margin: 0rem 2rem;
}
[data-ref="table"] {
@ -149,8 +149,8 @@
#footer, #footer-spacer {
height: 220px;
padding: 1rem 1.5rem;
margin-top: 1rem;
padding: 0rem 0rem;
margin-top: 0rem;
}
.footer-content {
@ -161,11 +161,13 @@
color: #fff4e9;
max-height: 140px;
justify-content: space-between;
margin-top: 0.5rem;
margin-left: 0.5rem;
}
.footer-company-details-address-wrapper {
display: flex;
gap: 5px;
gap: 0px;
margin-right: 60px;
}
@ -173,8 +175,8 @@
#company-details {
display: flex;
flex-direction: column;
margin-top: 2rem;
margin-bottom: 2rem;
margin-top: 0.5rem;
margin-bottom: 0rem;
}
#company-address > *,
@ -226,8 +228,8 @@
}
[data-ref="total_table-footer"] {
margin-top: 2rem;
margin-bottom: 2rem;
margin-top: 1rem;
margin-bottom: 1rem;
}
table {
@ -348,7 +350,7 @@ $entity_images
<div id="footer">
<div class="footer-content">
<div style="width: 90%">
<div style="width: 70%">
<p data-ref="total_table-footer">$entity_footer</p>
<script>

47
resources/views/portal/ninja2020/invoices/download.blade.php Normal file
View File

@ -0,0 +1,47 @@
@extends('portal.ninja2020.layout.app')
@section('meta_title', ctrans('texts.view_invoice'))
@push('head')
@endpush
@section('body')
<div class="container mx-auto">
<div class="grid grid-cols-6 gap-4">
<div class="flex float-right">
<form action="{{ route('client.invoices.download') }}" method="post" id="bulkActions">
@foreach($invoices as $invoice)
<input type="hidden" name="invoices[]" value="{{ $invoice->hashed_id }}">
@endforeach
@csrf
<button type="submit" onclick="setTimeout(() => this.disabled = true, 0); setTimeout(() => this.disabled = true, 5000); return true;" class="button button-primary bg-primary" name="action" value="download">{{ ctrans('texts.download') }}</button>
</form>
</div>
</div>
@foreach($invoices as $invoice)
<div>
<dl>
@if(!empty($invoice->number) && !is_null($invoice->number))
<div class="px-4 py-5 bg-white sm:grid sm:grid-cols-3 sm:gap-4 sm:px-6">
<dt class="text-sm font-medium leading-5 text-gray-500">
{{ ctrans('texts.invoice_number') }}
</dt>
<dd class="mt-1 text-sm leading-5 text-gray-900 sm:mt-0 sm:col-span-2">
{{ $invoice->number }}
</dd>
</div>
@endif
</dl>
</div>
@endforeach
</div>
@endsection
@section('footer')
@endsection

46
resources/views/portal/ninja2020/quotes/download.blade.php Normal file
View File

@ -0,0 +1,46 @@
@extends('portal.ninja2020.layout.app')
@section('meta_title', ctrans('texts.view_quote'))
@push('head')
@endpush
@section('body')
<div class="container mx-auto">
<div class="grid grid-cols-6 gap-4">
<div class="flex float-right">
<form action="{{ route('client.quotes.download') }}" method="post" id="bulkActions">
@foreach($quotes as $quote)
<input type="hidden" name="quotes[]" value="{{ $quote->hashed_id }}">
@endforeach
@csrf
<button type="submit" onclick="setTimeout(() => this.disabled = true, 0); setTimeout(() => this.disabled = true, 5000); return true;" class="button button-primary bg-primary" name="action" value="download">{{ ctrans('texts.download') }}</button>
</form>
</div>
</div>
@foreach($quotes as $quote)
<div>
<dl>
@if(!empty($quote->number) && !is_null($quote->number))
<div class="px-4 py-5 bg-white sm:grid sm:grid-cols-3 sm:gap-4 sm:px-6">
<dt class="text-sm font-medium leading-5 text-gray-500">
{{ ctrans('texts.quote_number') }}
</dt>
<dd class="mt-1 text-sm leading-5 text-gray-900 sm:mt-0 sm:col-span-2">
{{ $quote->number }}
</dd>
</div>
@endif
</dl>
</div>
@endforeach
</div>
@endsection
@section('footer')
@endsection

4
routes/client.php
View File

@ -35,6 +35,7 @@ Route::group(['middleware' => ['auth:contact', 'locale', 'check_client_existence
Route::get('invoices', 'ClientPortal\InvoiceController@index')->name('invoices.index')->middleware('portal_enabled');
Route::post('invoices/payment', 'ClientPortal\InvoiceController@bulk')->name('invoices.bulk');
Route::get('invoices/payment', 'ClientPortal\InvoiceController@catch_bulk')->name('invoices.catch_bulk');
Route::post('invoices/download', 'ClientPortal\InvoiceController@download')->name('invoices.download');
Route::get('invoices/{invoice}', 'ClientPortal\InvoiceController@show')->name('invoice.show');
Route::get('invoices/{invoice_invitation}', 'ClientPortal\InvoiceController@show')->name('invoice.show_invitation');
@ -44,6 +45,8 @@ Route::group(['middleware' => ['auth:contact', 'locale', 'check_client_existence
Route::get('recurring_invoices/{recurring_invoice}/request_cancellation', 'ClientPortal\RecurringInvoiceController@requestCancellation')->name('recurring_invoices.request_cancellation');
Route::post('payments/process', 'ClientPortal\PaymentController@process')->name('payments.process');
Route::get('payments/process', 'ClientPortal\PaymentController@catch_process')->name('payments.catch_process');
Route::post('payments/credit_response', 'ClientPortal\PaymentController@credit_response')->name('payments.credit_response');
Route::get('payments', 'ClientPortal\PaymentController@index')->name('payments.index')->middleware('portal_enabled');
@ -67,6 +70,7 @@ Route::group(['middleware' => ['auth:contact', 'locale', 'check_client_existence
Route::get('quotes', 'ClientPortal\QuoteController@index')->name('quotes.index')->middleware('portal_enabled');
Route::get('quotes/{quote}', 'ClientPortal\QuoteController@show')->name('quote.show');
Route::get('quotes/{quote_invitation}', 'ClientPortal\QuoteController@show')->name('quote.show_invitation');
Route::post('quotes/download', 'ClientPortal\QuoteController@download')->name('quotes.download');
Route::get('credits', 'ClientPortal\CreditController@index')->name('credits.index');
Route::get('credits/{credit}', 'ClientPortal\CreditController@show')->name('credit.show');