mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2025-07-09 03:14:30 -04:00
Merge pull request #4991 from turbo124/v5-develop
User verified middleware
This commit is contained in:
commit
4b3c7ec771
@ -1 +1 @@
|
|||||||
5.1.9
|
5.1.10
|
@ -652,13 +652,12 @@ class CompanySettings extends BaseSettings
|
|||||||
'total_columns' => [
|
'total_columns' => [
|
||||||
'$subtotal',
|
'$subtotal',
|
||||||
'$discount',
|
'$discount',
|
||||||
'$total_taxes',
|
|
||||||
'$line_taxes',
|
|
||||||
'$custom_surcharge1',
|
'$custom_surcharge1',
|
||||||
'$custom_surcharge2',
|
'$custom_surcharge2',
|
||||||
'$custom_surcharge3',
|
'$custom_surcharge3',
|
||||||
'$custom_surcharge4',
|
'$custom_surcharge4',
|
||||||
'$total',
|
'$total_taxes',
|
||||||
|
'$line_taxes',
|
||||||
'$paid_to_date',
|
'$paid_to_date',
|
||||||
'$outstanding',
|
'$outstanding',
|
||||||
],
|
],
|
||||||
|
@ -13,6 +13,7 @@ namespace App\Http\Controllers;
|
|||||||
|
|
||||||
use App\Events\Credit\CreditWasEmailed;
|
use App\Events\Credit\CreditWasEmailed;
|
||||||
use App\Events\Quote\QuoteWasEmailed;
|
use App\Events\Quote\QuoteWasEmailed;
|
||||||
|
use App\Http\Middleware\UserVerified;
|
||||||
use App\Http\Requests\Email\SendEmailRequest;
|
use App\Http\Requests\Email\SendEmailRequest;
|
||||||
use App\Jobs\Entity\EmailEntity;
|
use App\Jobs\Entity\EmailEntity;
|
||||||
use App\Jobs\Mail\EntitySentMailer;
|
use App\Jobs\Mail\EntitySentMailer;
|
||||||
@ -130,7 +131,8 @@ class EmailController extends BaseController
|
|||||||
|
|
||||||
$entity_obj->service()->markSent()->save();
|
$entity_obj->service()->markSent()->save();
|
||||||
|
|
||||||
EmailEntity::dispatch($invitation, $invitation->company, $template, $data)->delay(now()->addSeconds(5));
|
EmailEntity::dispatch($invitation, $invitation->company, $template, $data)
|
||||||
|
->delay(now()->addSeconds(5));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -78,10 +78,8 @@ class PostMarkController extends BaseController
|
|||||||
|
|
||||||
$this->invitation = $this->discoverInvitation($request->input('MessageID'));
|
$this->invitation = $this->discoverInvitation($request->input('MessageID'));
|
||||||
|
|
||||||
if($this->invitation){
|
if($this->invitation)
|
||||||
$this->invitation->email_error = $request->input('Details');
|
$this->invitation->email_error = $request->input('Details');
|
||||||
$this->invitation->save();
|
|
||||||
}
|
|
||||||
else
|
else
|
||||||
return response()->json(['message' => 'Message not found']);
|
return response()->json(['message' => 'Message not found']);
|
||||||
|
|
||||||
@ -122,6 +120,9 @@ class PostMarkController extends BaseController
|
|||||||
// }
|
// }
|
||||||
private function processDelivery($request)
|
private function processDelivery($request)
|
||||||
{
|
{
|
||||||
|
$this->invitation->email_status = 'delivered';
|
||||||
|
$this->invitation->save();
|
||||||
|
|
||||||
SystemLogger::dispatch($request->all(), SystemLog::CATEGORY_MAIL, SystemLog::EVENT_MAIL_DELIVERY, SystemLog::TYPE_WEBHOOK_RESPONSE, $this->invitation->contact->client);
|
SystemLogger::dispatch($request->all(), SystemLog::CATEGORY_MAIL, SystemLog::EVENT_MAIL_DELIVERY, SystemLog::TYPE_WEBHOOK_RESPONSE, $this->invitation->contact->client);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -153,6 +154,9 @@ class PostMarkController extends BaseController
|
|||||||
|
|
||||||
private function processBounce($request)
|
private function processBounce($request)
|
||||||
{
|
{
|
||||||
|
$this->invitation->email_status = 'bounced';
|
||||||
|
$this->invitation->save();
|
||||||
|
|
||||||
SystemLogger::dispatch($request->all(), SystemLog::CATEGORY_MAIL, SystemLog::EVENT_MAIL_BOUNCED, SystemLog::TYPE_WEBHOOK_RESPONSE, $this->invitation->contact->client);
|
SystemLogger::dispatch($request->all(), SystemLog::CATEGORY_MAIL, SystemLog::EVENT_MAIL_BOUNCED, SystemLog::TYPE_WEBHOOK_RESPONSE, $this->invitation->contact->client);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -183,6 +187,10 @@ class PostMarkController extends BaseController
|
|||||||
// }
|
// }
|
||||||
private function processSpamComplaint($request)
|
private function processSpamComplaint($request)
|
||||||
{
|
{
|
||||||
|
|
||||||
|
$this->invitation->email_status = 'spam';
|
||||||
|
$this->invitation->save();
|
||||||
|
|
||||||
SystemLogger::dispatch($request->all(), SystemLog::CATEGORY_MAIL, SystemLog::EVENT_MAIL_SPAM_COMPLAINT, SystemLog::TYPE_WEBHOOK_RESPONSE, $this->invitation->contact->client);
|
SystemLogger::dispatch($request->all(), SystemLog::CATEGORY_MAIL, SystemLog::EVENT_MAIL_SPAM_COMPLAINT, SystemLog::TYPE_WEBHOOK_RESPONSE, $this->invitation->contact->client);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -386,6 +386,7 @@ class UserController extends BaseController
|
|||||||
/* When changing email address we store the former email in case we need to rollback */
|
/* When changing email address we store the former email in case we need to rollback */
|
||||||
if ($old_user_email != $new_email) {
|
if ($old_user_email != $new_email) {
|
||||||
$user->last_confirmed_email_address = $old_user_email;
|
$user->last_confirmed_email_address = $old_user_email;
|
||||||
|
$user->email_verified_at = null;
|
||||||
$user->save();
|
$user->save();
|
||||||
UserEmailChanged::dispatch($new_user, json_decode($old_user), auth()->user()->company());
|
UserEmailChanged::dispatch($new_user, json_decode($old_user), auth()->user()->company());
|
||||||
}
|
}
|
||||||
|
@ -38,6 +38,7 @@ use App\Http\Middleware\TokenAuth;
|
|||||||
use App\Http\Middleware\TrimStrings;
|
use App\Http\Middleware\TrimStrings;
|
||||||
use App\Http\Middleware\TrustProxies;
|
use App\Http\Middleware\TrustProxies;
|
||||||
use App\Http\Middleware\UrlSetDb;
|
use App\Http\Middleware\UrlSetDb;
|
||||||
|
use App\Http\Middleware\UserVerified;
|
||||||
use App\Http\Middleware\VerifyCsrfToken;
|
use App\Http\Middleware\VerifyCsrfToken;
|
||||||
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
|
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
|
||||||
use Illuminate\Auth\Middleware\Authorize;
|
use Illuminate\Auth\Middleware\Authorize;
|
||||||
@ -157,5 +158,6 @@ class Kernel extends HttpKernel
|
|||||||
'phantom_secret' => PhantomSecret::class,
|
'phantom_secret' => PhantomSecret::class,
|
||||||
'contact_key_login' => ContactKeyLogin::class,
|
'contact_key_login' => ContactKeyLogin::class,
|
||||||
'check_client_existence' => CheckClientExistence::class,
|
'check_client_existence' => CheckClientExistence::class,
|
||||||
|
'user_verified' => UserVerified::class,
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -53,6 +53,7 @@ class PasswordProtection
|
|||||||
|
|
||||||
/* Cannot allow duplicates! */
|
/* Cannot allow duplicates! */
|
||||||
if ($existing_user = MultiDB::hasUser($query)) {
|
if ($existing_user = MultiDB::hasUser($query)) {
|
||||||
|
Cache::add(auth()->user()->email.'_logged_in', Str::random(64), now()->addMinutes(30));
|
||||||
return $next($request);
|
return $next($request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
52
app/Http/Middleware/UserVerified.php
Normal file
52
app/Http/Middleware/UserVerified.php
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Invoice Ninja (https://invoiceninja.com).
|
||||||
|
*
|
||||||
|
* @link https://github.com/invoiceninja/invoiceninja source repository
|
||||||
|
*
|
||||||
|
* @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
|
||||||
|
*
|
||||||
|
* @license https://opensource.org/licenses/AAL
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace App\Http\Middleware;
|
||||||
|
|
||||||
|
use App\Libraries\MultiDB;
|
||||||
|
use App\Models\User;
|
||||||
|
use Closure;
|
||||||
|
use Hashids\Hashids;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class UserVerified.
|
||||||
|
*/
|
||||||
|
class UserVerified
|
||||||
|
{
|
||||||
|
public $user;
|
||||||
|
|
||||||
|
public function __construct(?User $user)
|
||||||
|
{
|
||||||
|
$this->user = $user ?: auth()->user();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handle an incoming request.
|
||||||
|
*
|
||||||
|
* @param Request $request
|
||||||
|
* @param Closure $next
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function handle($request, Closure $next)
|
||||||
|
{
|
||||||
|
|
||||||
|
$error = [
|
||||||
|
'message' => 'Email confirmation required.',
|
||||||
|
'errors' => new \stdClass,
|
||||||
|
];
|
||||||
|
|
||||||
|
if ($this->user && !$this->user->isVerified())
|
||||||
|
return response()->json($error, 403);
|
||||||
|
|
||||||
|
return $next($request);
|
||||||
|
}
|
||||||
|
}
|
@ -110,8 +110,7 @@ class CreateAccount
|
|||||||
|
|
||||||
NinjaMailerJob::dispatch($nmo);
|
NinjaMailerJob::dispatch($nmo);
|
||||||
|
|
||||||
|
// NinjaMailerJob::dispatchNow($nmo);
|
||||||
NinjaMailerJob::dispatchNow($nmo);
|
|
||||||
|
|
||||||
VersionCheck::dispatchNow();
|
VersionCheck::dispatchNow();
|
||||||
|
|
||||||
|
@ -80,6 +80,7 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
'custom_value3',
|
'custom_value3',
|
||||||
'custom_value4',
|
'custom_value4',
|
||||||
'is_deleted',
|
'is_deleted',
|
||||||
|
'google_2fa_secret',
|
||||||
];
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -338,6 +339,11 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||||||
return $this->morphMany(Document::class, 'documentable');
|
return $this->morphMany(Document::class, 'documentable');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function isVerified()
|
||||||
|
{
|
||||||
|
return is_null($this->email_verified_at) ? false : true;
|
||||||
|
}
|
||||||
|
|
||||||
public function getEmailVerifiedAt()
|
public function getEmailVerifiedAt()
|
||||||
{
|
{
|
||||||
if ($this->email_verified_at) {
|
if ($this->email_verified_at) {
|
||||||
|
@ -31,6 +31,8 @@ class CreditInvitationTransformer extends EntityTransformer
|
|||||||
'updated_at' => (int) $invitation->updated_at,
|
'updated_at' => (int) $invitation->updated_at,
|
||||||
'archived_at' => (int) $invitation->deleted_at,
|
'archived_at' => (int) $invitation->deleted_at,
|
||||||
'created_at' => (int) $invitation->created_at,
|
'created_at' => (int) $invitation->created_at,
|
||||||
|
'email_status' => $invitation->email_status,
|
||||||
|
'email_error' => (string)$invitation->email_error,
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -30,7 +30,9 @@ class InvoiceInvitationTransformer extends EntityTransformer
|
|||||||
'opened_date' => $invitation->opened_date ?: '',
|
'opened_date' => $invitation->opened_date ?: '',
|
||||||
'updated_at' => (int) $invitation->updated_at,
|
'updated_at' => (int) $invitation->updated_at,
|
||||||
'archived_at' => (int) $invitation->deleted_at,
|
'archived_at' => (int) $invitation->deleted_at,
|
||||||
'created_at' => (int) $invitation->created_at,
|
'created_at' => (int) $invitation->created_at,
|
||||||
|
'email_status' => $invitation->email_status,
|
||||||
|
'email_error' => (string)$invitation->email_error,
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -31,6 +31,8 @@ class QuoteInvitationTransformer extends EntityTransformer
|
|||||||
'updated_at' => (int) $invitation->updated_at,
|
'updated_at' => (int) $invitation->updated_at,
|
||||||
'archived_at' => (int) $invitation->deleted_at,
|
'archived_at' => (int) $invitation->deleted_at,
|
||||||
'created_at' => (int) $invitation->created_at,
|
'created_at' => (int) $invitation->created_at,
|
||||||
|
'email_status' => $invitation->email_status,
|
||||||
|
'email_error' => (string)$invitation->email_error,
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -31,6 +31,8 @@ class RecurringInvoiceInvitationTransformer extends EntityTransformer
|
|||||||
'updated_at' => (int) $invitation->updated_at,
|
'updated_at' => (int) $invitation->updated_at,
|
||||||
'archived_at' => (int) $invitation->deleted_at,
|
'archived_at' => (int) $invitation->deleted_at,
|
||||||
'created_at' => (int) $invitation->created_at,
|
'created_at' => (int) $invitation->created_at,
|
||||||
|
'email_status' => $invitation->email_status,
|
||||||
|
'email_error' => (string)$invitation->email_error,
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -59,6 +59,7 @@ class UserTransformer extends EntityTransformer
|
|||||||
'custom_value4' => $user->custom_value4 ?: '',
|
'custom_value4' => $user->custom_value4 ?: '',
|
||||||
'oauth_provider_id' => (string) $user->oauth_provider_id,
|
'oauth_provider_id' => (string) $user->oauth_provider_id,
|
||||||
'last_confirmed_email_address' => (string) $user->last_confirmed_email_address ?: '',
|
'last_confirmed_email_address' => (string) $user->last_confirmed_email_address ?: '',
|
||||||
|
'google_2fa_secret' => (bool) $user->google_2fa_secret,
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -248,7 +248,6 @@ class HtmlEngine
|
|||||||
$data['$client.currency'] = ['value' => $this->client->currency()->code, 'label' => ''];
|
$data['$client.currency'] = ['value' => $this->client->currency()->code, 'label' => ''];
|
||||||
|
|
||||||
$data['$client.balance'] = ['value' => Number::formatMoney($this->client->balance, $this->client), 'label' => ctrans('texts.account_balance')];
|
$data['$client.balance'] = ['value' => Number::formatMoney($this->client->balance, $this->client), 'label' => ctrans('texts.account_balance')];
|
||||||
$data['$outstanding'] = ['value' => Number::formatMoney($this->client->balance, $this->client), 'label' => ctrans('texts.account_balance')];
|
|
||||||
$data['$client_balance'] = ['value' => Number::formatMoney($this->client->balance, $this->client), 'label' => ctrans('texts.account_balance')];
|
$data['$client_balance'] = ['value' => Number::formatMoney($this->client->balance, $this->client), 'label' => ctrans('texts.account_balance')];
|
||||||
$data['$paid_to_date'] = ['value' => Number::formatMoney($this->client->paid_to_date, $this->client), 'label' => ctrans('texts.paid_to_date')];
|
$data['$paid_to_date'] = ['value' => Number::formatMoney($this->client->paid_to_date, $this->client), 'label' => ctrans('texts.paid_to_date')];
|
||||||
|
|
||||||
|
@ -13,7 +13,7 @@ return [
|
|||||||
'require_https' => env('REQUIRE_HTTPS', true),
|
'require_https' => env('REQUIRE_HTTPS', true),
|
||||||
'app_url' => rtrim(env('APP_URL', ''), '/'),
|
'app_url' => rtrim(env('APP_URL', ''), '/'),
|
||||||
'app_domain' => env('APP_DOMAIN', ''),
|
'app_domain' => env('APP_DOMAIN', ''),
|
||||||
'app_version' => '5.1.9',
|
'app_version' => '5.1.10',
|
||||||
'minimum_client_version' => '5.0.16',
|
'minimum_client_version' => '5.0.16',
|
||||||
'terms_version' => '1.0.1',
|
'terms_version' => '1.0.1',
|
||||||
'api_secret' => env('API_SECRET', false),
|
'api_secret' => env('API_SECRET', false),
|
||||||
|
@ -0,0 +1,42 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
use Illuminate\Database\Migrations\Migration;
|
||||||
|
use Illuminate\Database\Schema\Blueprint;
|
||||||
|
use Illuminate\Support\Facades\Schema;
|
||||||
|
|
||||||
|
class EnumInvitationsEmailStatus extends Migration
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Run the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function up()
|
||||||
|
{
|
||||||
|
Schema::table('invoice_invitations', function(Blueprint $table){
|
||||||
|
$table->enum('email_status', ['delivered', 'bounced', 'spam'])->nullable();
|
||||||
|
});
|
||||||
|
|
||||||
|
Schema::table('quote_invitations', function(Blueprint $table){
|
||||||
|
$table->enum('email_status', ['delivered', 'bounced', 'spam'])->nullable();
|
||||||
|
});
|
||||||
|
|
||||||
|
Schema::table('credit_invitations', function(Blueprint $table){
|
||||||
|
$table->enum('email_status', ['delivered', 'bounced', 'spam'])->nullable();
|
||||||
|
});
|
||||||
|
|
||||||
|
Schema::table('recurring_invoice_invitations', function(Blueprint $table){
|
||||||
|
$table->enum('email_status', ['delivered', 'bounced', 'spam'])->nullable();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reverse the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function down()
|
||||||
|
{
|
||||||
|
//
|
||||||
|
}
|
||||||
|
}
|
@ -65,7 +65,7 @@ Route::group(['middleware' => ['api_db', 'token_auth', 'locale'], 'prefix' => 'a
|
|||||||
Route::get('documents/{document}/download', 'DocumentController@download')->name('documents.download');
|
Route::get('documents/{document}/download', 'DocumentController@download')->name('documents.download');
|
||||||
Route::post('documents/bulk', 'DocumentController@bulk')->name('documents.bulk');
|
Route::post('documents/bulk', 'DocumentController@bulk')->name('documents.bulk');
|
||||||
|
|
||||||
Route::post('emails', 'EmailController@send')->name('email.send');
|
Route::post('emails', 'EmailController@send')->name('email.send')->middleware('user_verified');
|
||||||
|
|
||||||
Route::resource('expenses', 'ExpenseController'); // name = (expenses. index / create / show / update / destroy / edit
|
Route::resource('expenses', 'ExpenseController'); // name = (expenses. index / create / show / update / destroy / edit
|
||||||
Route::put('expenses/{expense}/upload', 'ExpenseController@upload');
|
Route::put('expenses/{expense}/upload', 'ExpenseController@upload');
|
||||||
|
Loading…
x
Reference in New Issue
Block a user