Guards for hosted - reports access

app/Http/Requests/Report/GenericReportRequest.php

@@ -11,10 +11,14 @@
 
 namespace App\Http\Requests\Report;
 
+use App\Utils\Ninja;
 use App\Http\Requests\Request;
+use Illuminate\Auth\Access\AuthorizationException;
 
 class GenericReportRequest extends Request
 {
+    private string $error_message = '';
+
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -22,11 +26,7 @@ class GenericReportRequest extends Request
      */
     public function authorize(): bool
     {
-        /** @var \App\Models\User $user */
-        $user = auth()->user();
-
-        return $user->isAdmin() || $user->hasPermission('view_reports');
-
+        return $this->checkAuthority();
     }
 
     public function rules()
@@ -70,4 +70,25 @@ class GenericReportRequest extends Request
 
         $this->replace($input);
     }
+
+    private function checkAuthority()
+    {
+        $this->error_message = ctrans('texts.authorization_failure');
+
+        /** @var \App\Models\User $user */
+        $user = auth()->user();
+        
+        if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
+            $this->error_message = ctrans('texts.upgrade_to_view_reports');
+            return false;
+        }
+
+        return $user->isAdmin() || $user->hasPermission('view_reports');
+
+    }
+
+    protected function failedAuthorization()
+    {
+        throw new AuthorizationException($this->error_message);
+    }
 }

app/Http/Requests/Report/ProductSalesReportRequest.php

@@ -18,6 +18,8 @@ class ProductSalesReportRequest extends Request
 {
     use MakesHash;
 
+    private string $error_message = '';
+
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -25,7 +27,7 @@ class ProductSalesReportRequest extends Request
      */
     public function authorize(): bool
     {
-        return auth()->user()->isAdmin();
+        return $this->checkAuthority();
     }
 
     public function rules()
@@ -67,4 +69,26 @@ class ProductSalesReportRequest extends Request
 
         $this->replace($input);
     }
+
+    private function checkAuthority()
+    {
+        $this->error_message = ctrans('texts.authorization_failure');
+
+        /** @var \App\Models\User $user */
+        $user = auth()->user();
+        
+        if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
+            $this->error_message = ctrans('texts.upgrade_to_view_reports');
+            return false;
+        }
+
+        return $user->isAdmin() || $user->hasPermission('view_reports');
+
+    }
+
+    protected function failedAuthorization()
+    {
+        throw new AuthorizationException($this->error_message);
+    }
+
 }

app/Http/Requests/Report/ProfitLossRequest.php

@@ -12,9 +12,13 @@
 namespace App\Http\Requests\Report;
 
 use App\Http\Requests\Request;
+use Illuminate\Auth\Access\AuthorizationException;
 
 class ProfitLossRequest extends Request
 {
+
+    private string $error_message = '';
+
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -22,10 +26,7 @@ class ProfitLossRequest extends Request
      */
     public function authorize(): bool
     {
-        /** @var \App\Models\User $user */
-        $user = auth()->user();
-
-        return $user->isAdmin();
+        return $this->checkAuthority();
     }
 
     public function rules()
@@ -51,4 +52,26 @@ class ProfitLossRequest extends Request
 
         $this->replace($input);
     }
+
+        private function checkAuthority()
+    {
+        $this->error_message = ctrans('texts.authorization_failure');
+
+        /** @var \App\Models\User $user */
+        $user = auth()->user();
+        
+        if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
+            $this->error_message = ctrans('texts.upgrade_to_view_reports');
+            return false;
+        }
+
+        return $user->isAdmin() || $user->hasPermission('view_reports');
+
+    }
+
+    protected function failedAuthorization()
+    {
+        throw new AuthorizationException($this->error_message);
+    }
+
 }

app/Http/Requests/Report/ReportPreviewRequest.php

@@ -11,10 +11,14 @@
 
 namespace App\Http\Requests\Report;
 
+use App\Utils\Ninja;
 use App\Http\Requests\Request;
+use Illuminate\Auth\Access\AuthorizationException;
 
 class ReportPreviewRequest extends Request
 {
+    private string $error_message = '';
+
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -22,11 +26,7 @@ class ReportPreviewRequest extends Request
      */
     public function authorize(): bool
     {
-        /** @var \App\Models\User $user */
-        $user = auth()->user();
-
-        return $user->isAdmin() || $user->hasPermission('view_reports');
-
+        return $this->checkAuthority();
     }
 
     public function rules()
@@ -38,4 +38,26 @@ class ReportPreviewRequest extends Request
     public function prepareForValidation()
     {
     }
+
+    private function checkAuthority()
+    {
+        $this->error_message = ctrans('texts.authorization_failure');
+
+        /** @var \App\Models\User $user */
+        $user = auth()->user();
+        
+        if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
+            $this->error_message = ctrans('texts.upgrade_to_view_reports');
+            return false;
+        }
+
+        return $user->isAdmin() || $user->hasPermission('view_reports');
+
+    }
+
+    protected function failedAuthorization()
+    {
+        throw new AuthorizationException($this->error_message);
+    }
+
 }

app/Services/Template/TemplateAction.php

@@ -108,8 +108,8 @@ class TemplateAction implements ShouldQueue
             ->where('company_id', $this->company->id)
             ->get();
 
+        /** Set a global currency_code */
         $first_entity = $result->first();
-
         if($first_entity->client)
             $currency_code = $first_entity->client->currency()->code;
         elseif($first_entity instanceof Client)