Guards for hosted - reports access

This commit is contained in:
David Bomba 2024-03-25 15:17:16 +11:00
parent fc624682ba
commit 4aaf3bab52
5 changed files with 106 additions and 16 deletions

View File

@ -11,10 +11,14 @@
namespace App\Http\Requests\Report; namespace App\Http\Requests\Report;
use App\Utils\Ninja;
use App\Http\Requests\Request; use App\Http\Requests\Request;
use Illuminate\Auth\Access\AuthorizationException;
class GenericReportRequest extends Request class GenericReportRequest extends Request
{ {
private string $error_message = '';
/** /**
* Determine if the user is authorized to make this request. * Determine if the user is authorized to make this request.
* *
@ -22,11 +26,7 @@ class GenericReportRequest extends Request
*/ */
public function authorize(): bool public function authorize(): bool
{ {
/** @var \App\Models\User $user */ return $this->checkAuthority();
$user = auth()->user();
return $user->isAdmin() || $user->hasPermission('view_reports');
} }
public function rules() public function rules()
@ -70,4 +70,25 @@ class GenericReportRequest extends Request
$this->replace($input); $this->replace($input);
} }
private function checkAuthority()
{
$this->error_message = ctrans('texts.authorization_failure');
/** @var \App\Models\User $user */
$user = auth()->user();
if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
$this->error_message = ctrans('texts.upgrade_to_view_reports');
return false;
}
return $user->isAdmin() || $user->hasPermission('view_reports');
}
protected function failedAuthorization()
{
throw new AuthorizationException($this->error_message);
}
} }

View File

@ -18,6 +18,8 @@ class ProductSalesReportRequest extends Request
{ {
use MakesHash; use MakesHash;
private string $error_message = '';
/** /**
* Determine if the user is authorized to make this request. * Determine if the user is authorized to make this request.
* *
@ -25,7 +27,7 @@ class ProductSalesReportRequest extends Request
*/ */
public function authorize(): bool public function authorize(): bool
{ {
return auth()->user()->isAdmin(); return $this->checkAuthority();
} }
public function rules() public function rules()
@ -67,4 +69,26 @@ class ProductSalesReportRequest extends Request
$this->replace($input); $this->replace($input);
} }
private function checkAuthority()
{
$this->error_message = ctrans('texts.authorization_failure');
/** @var \App\Models\User $user */
$user = auth()->user();
if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
$this->error_message = ctrans('texts.upgrade_to_view_reports');
return false;
}
return $user->isAdmin() || $user->hasPermission('view_reports');
}
protected function failedAuthorization()
{
throw new AuthorizationException($this->error_message);
}
} }

View File

@ -12,9 +12,13 @@
namespace App\Http\Requests\Report; namespace App\Http\Requests\Report;
use App\Http\Requests\Request; use App\Http\Requests\Request;
use Illuminate\Auth\Access\AuthorizationException;
class ProfitLossRequest extends Request class ProfitLossRequest extends Request
{ {
private string $error_message = '';
/** /**
* Determine if the user is authorized to make this request. * Determine if the user is authorized to make this request.
* *
@ -22,10 +26,7 @@ class ProfitLossRequest extends Request
*/ */
public function authorize(): bool public function authorize(): bool
{ {
/** @var \App\Models\User $user */ return $this->checkAuthority();
$user = auth()->user();
return $user->isAdmin();
} }
public function rules() public function rules()
@ -51,4 +52,26 @@ class ProfitLossRequest extends Request
$this->replace($input); $this->replace($input);
} }
private function checkAuthority()
{
$this->error_message = ctrans('texts.authorization_failure');
/** @var \App\Models\User $user */
$user = auth()->user();
if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
$this->error_message = ctrans('texts.upgrade_to_view_reports');
return false;
}
return $user->isAdmin() || $user->hasPermission('view_reports');
}
protected function failedAuthorization()
{
throw new AuthorizationException($this->error_message);
}
} }

View File

@ -11,10 +11,14 @@
namespace App\Http\Requests\Report; namespace App\Http\Requests\Report;
use App\Utils\Ninja;
use App\Http\Requests\Request; use App\Http\Requests\Request;
use Illuminate\Auth\Access\AuthorizationException;
class ReportPreviewRequest extends Request class ReportPreviewRequest extends Request
{ {
private string $error_message = '';
/** /**
* Determine if the user is authorized to make this request. * Determine if the user is authorized to make this request.
* *
@ -22,11 +26,7 @@ class ReportPreviewRequest extends Request
*/ */
public function authorize(): bool public function authorize(): bool
{ {
/** @var \App\Models\User $user */ return $this->checkAuthority();
$user = auth()->user();
return $user->isAdmin() || $user->hasPermission('view_reports');
} }
public function rules() public function rules()
@ -38,4 +38,26 @@ class ReportPreviewRequest extends Request
public function prepareForValidation() public function prepareForValidation()
{ {
} }
private function checkAuthority()
{
$this->error_message = ctrans('texts.authorization_failure');
/** @var \App\Models\User $user */
$user = auth()->user();
if(Ninja::isHosted() && $user->account->isFreeHostedClient()){
$this->error_message = ctrans('texts.upgrade_to_view_reports');
return false;
}
return $user->isAdmin() || $user->hasPermission('view_reports');
}
protected function failedAuthorization()
{
throw new AuthorizationException($this->error_message);
}
} }

View File

@ -108,8 +108,8 @@ class TemplateAction implements ShouldQueue
->where('company_id', $this->company->id) ->where('company_id', $this->company->id)
->get(); ->get();
/** Set a global currency_code */
$first_entity = $result->first(); $first_entity = $result->first();
if($first_entity->client) if($first_entity->client)
$currency_code = $first_entity->client->currency()->code; $currency_code = $first_entity->client->currency()->code;
elseif($first_entity instanceof Client) elseif($first_entity instanceof Client)