From 49ecde8a38780ad6232bf2b1ae3648d6bb2b102f Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Mon, 11 Nov 2019 08:12:21 +1100
Subject: [PATCH] Fixes for group settings id put/post hashing (#3052)

---
 app/Http/Requests/Client/StoreClientRequest.php  |  8 ++++++++
 app/Http/Requests/Client/UpdateClientRequest.php |  8 +++++++-
 app/Models/Invoice.php                           | 11 ++++-------
 app/Transformers/ClientTransformer.php           |  3 +--
 app/Transformers/CompanyTransformer.php          |  3 +++
 app/Transformers/InvoiceTransformer.php          |  1 +
 6 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/app/Http/Requests/Client/StoreClientRequest.php b/app/Http/Requests/Client/StoreClientRequest.php
index e02194dc59b2..e9270b81163d 100644
--- a/app/Http/Requests/Client/StoreClientRequest.php
+++ b/app/Http/Requests/Client/StoreClientRequest.php
@@ -15,10 +15,13 @@ use App\DataMapper\ClientSettings;
 use App\Http\Requests\Request;
 use App\Http\ValidationRules\ValidSettingsRule;
 use App\Models\Client;
+use App\Utils\Traits\MakesHash;
 use Illuminate\Support\Facades\Log;
 
 class StoreClientRequest extends Request
 {
+    use MakesHash;
+
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -64,8 +67,13 @@ class StoreClientRequest extends Request
         
         $input['settings'] = ClientSettings::defaults();
         
+        if(isset($input['group_settings_id']))
+            $input['group_settings_id'] = $this->decodePrimaryKey($input['group_settings_id']);
+
         $this->replace($input);   
 
+        return $this->all();
+
     }
 
     public function messages()
diff --git a/app/Http/Requests/Client/UpdateClientRequest.php b/app/Http/Requests/Client/UpdateClientRequest.php
index 3ce792eddd11..ae08539fd626 100644
--- a/app/Http/Requests/Client/UpdateClientRequest.php
+++ b/app/Http/Requests/Client/UpdateClientRequest.php
@@ -13,11 +13,13 @@ namespace App\Http\Requests\Client;
 
 use App\Http\Requests\Request;
 use App\Http\ValidationRules\ValidSettingsRule;
+use App\Utils\Traits\MakesHash;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Validation\Rule;
 
 class UpdateClientRequest extends Request
 {
+    use MakesHash;
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -32,6 +34,7 @@ class UpdateClientRequest extends Request
     public function rules()
     {
         /* Ensure we have a client name, and that all emails are unique*/
+        $this->sanitize();
 
         $rules['company_logo'] = 'mimes:jpeg,jpg,png,gif|max:10000';
         $rules['industry_id'] = 'integer|nullable';
@@ -74,7 +77,10 @@ class UpdateClientRequest extends Request
     {
         $input = $this->all();
 
-        //        $this->replace($input);
+        if(isset($input['group_settings_id']))
+            $input['group_settings_id'] = $this->decodePrimaryKey($input['group_settings_id']);
+
+        $this->replace($input);
 
         return $this->all();
     }
diff --git a/app/Models/Invoice.php b/app/Models/Invoice.php
index 3f7b1d6db758..b8a82407a682 100644
--- a/app/Models/Invoice.php
+++ b/app/Models/Invoice.php
@@ -48,7 +48,6 @@ class Invoice extends BaseModel
         'client_id',
         'company_id',
         'backup',
-        'settings',
     ];
 
     protected $fillable = [
@@ -76,13 +75,11 @@ class Invoice extends BaseModel
         'custom_value3',
         'custom_value4',
         'line_items',
-        'settings',
         'client_id',
         'footer',
     ];
 
     protected $casts = [
-        'settings' => 'object',
         'line_items' => 'object',
         'updated_at' => 'timestamp',
         'created_at' => 'timestamp',
@@ -261,8 +258,8 @@ class Invoice extends BaseModel
      */
     public function design() :string
     {
-        if(property_exists($this->settings,'design'))
-            return File::exists(resource_path($this->settings->design)) ? File::get(resource_path($this->settings->design)) : File::get(resource_path('views/pdf/design1.blade.php'));
+        if($this->client->getSetting('design'))
+            return File::exists(resource_path($this->client->getSetting('design'))) ? File::get(resource_path($this->client->getSetting('design'))) : File::get(resource_path('views/pdf/design1.blade.php'));
         else
             return File::get(resource_path('views/pdf/design1.blade.php'));
     }
@@ -277,9 +274,9 @@ class Invoice extends BaseModel
         $invoice_calc = null;
 
         if($this->uses_inclusive_taxes)
-            $invoice_calc = new InvoiceSumInclusive($this, $this->settings);
+            $invoice_calc = new InvoiceSumInclusive($this);
         else
-            $invoice_calc = new InvoiceSum($this, $this->settings);
+            $invoice_calc = new InvoiceSum($this, $this);
         
         return $invoice_calc->build();
 
diff --git a/app/Transformers/ClientTransformer.php b/app/Transformers/ClientTransformer.php
index 40ac8da74cd0..4556e9568065 100644
--- a/app/Transformers/ClientTransformer.php
+++ b/app/Transformers/ClientTransformer.php
@@ -69,8 +69,7 @@ class ClientTransformer extends EntityTransformer
             'website' => $client->website ?: '',
             'private_notes' => $client->private_notes ?: '',
             'balance' => (float) $client->balance,
-//            'currency_id' => (string)$client->currency_id ?: '',
-            'group_settings_id' => (string)$client->group_settings_id ?: '',
+            'group_settings_id' => isset($client->group_settings_id) ? (string)$this->encodePrimaryKey($client->group_settings_id) : '',
             'paid_to_date' => (float) $client->paid_to_date,
             'last_login' => (int)$client->last_login,
             'address1' => $client->address1 ?: '',
diff --git a/app/Transformers/CompanyTransformer.php b/app/Transformers/CompanyTransformer.php
index cd1199a90d47..3d4bc4744b3d 100644
--- a/app/Transformers/CompanyTransformer.php
+++ b/app/Transformers/CompanyTransformer.php
@@ -78,6 +78,9 @@ class CompanyTransformer extends EntityTransformer
             'custom_surcharge_taxes2' => (bool)$company->custom_surcharge_taxes2,
             'custom_surcharge_taxes3' => (bool)$company->custom_surcharge_taxes3,
             'custom_surcharge_taxes4' => (bool)$company->custom_surcharge_taxes4,
+            'enable_product_cost' => (bool)$company->enable_product_cost,
+            'enable_product_quantity' => (bool)$company->enable_product_quantity,
+            'default_quantity' => (bool)$company->default_quantity,
             'custom_fields' => (string) $company->custom_fields,
             'size_id' => (string) $company->size_id ?: '',
             'industry_id' => (string) $company->industry_id ?: '',
diff --git a/app/Transformers/InvoiceTransformer.php b/app/Transformers/InvoiceTransformer.php
index cccb2b4c5f9f..52a01e273aae 100644
--- a/app/Transformers/InvoiceTransformer.php
+++ b/app/Transformers/InvoiceTransformer.php
@@ -101,6 +101,7 @@ class InvoiceTransformer extends EntityTransformer
             'public_notes' => $invoice->public_notes ?: '',
             'private_notes' => $invoice->private_notes ?: '',
             'is_deleted' => (bool) $invoice->is_deleted,
+            'uses_inclusive_taxes' => (bool) $invoice->uses_inclusive_taxes,
             'invoice_type_id' => (string) $invoice->invoice_type_id ?: '',
             'tax_name1' => $invoice->tax_name1 ? $invoice->tax_name1 : '',
             'tax_rate1' => (float) $invoice->tax_rate1,