diff --git a/app/Http/routes.php b/app/Http/routes.php index 9f97eea1e9d1..ae0cec077a2b 100644 --- a/app/Http/routes.php +++ b/app/Http/routes.php @@ -190,7 +190,7 @@ Route::group(['middleware' => 'auth:user'], function() { Route::resource('expenses', 'ExpenseController'); Route::get('expenses/create/{vendor_id?}/{client_id?}', 'ExpenseController@create'); Route::get('api/expense', array('as'=>'api.expenses', 'uses'=>'ExpenseController@getDatatable')); - Route::get('api/expenseVendor/{id}', array('as'=>'api.expense', 'uses'=>'ExpenseController@getDatatableVendor')); + Route::get('api/vendor_expense/{id}', array('as'=>'api.expense', 'uses'=>'ExpenseController@getDatatableVendor')); Route::post('expenses/bulk', 'ExpenseController@bulk'); }); diff --git a/app/Ninja/Datatables/ExpenseDatatable.php b/app/Ninja/Datatables/ExpenseDatatable.php index 70cc771afe2b..29bbbe0c087d 100644 --- a/app/Ninja/Datatables/ExpenseDatatable.php +++ b/app/Ninja/Datatables/ExpenseDatatable.php @@ -24,7 +24,8 @@ class ExpenseDatatable extends EntityDatatable } else { return ''; } - } + }, + ! $this->hideClient ], [ 'client_name', @@ -39,7 +40,8 @@ class ExpenseDatatable extends EntityDatatable } else { return ''; } - } + }, + ! $this->hideClient ], [ 'expense_date', diff --git a/app/Ninja/Repositories/ExpenseRepository.php b/app/Ninja/Repositories/ExpenseRepository.php index 0ce0e155cf50..2d782298a2e7 100644 --- a/app/Ninja/Repositories/ExpenseRepository.php +++ b/app/Ninja/Repositories/ExpenseRepository.php @@ -36,22 +36,8 @@ class ExpenseRepository extends BaseRepository public function findVendor($vendorPublicId) { $vendorId = Vendor::getPrivateId($vendorPublicId); - $accountid = \Auth::user()->account_id; - $query = DB::table('expenses') - ->join('accounts', 'accounts.id', '=', 'expenses.account_id') - ->where('expenses.account_id', '=', $accountid) - ->where('expenses.vendor_id', '=', $vendorId) - ->select( - 'expenses.id', - 'expenses.expense_date', - 'expenses.amount', - 'expenses.public_notes', - 'expenses.public_id', - 'expenses.deleted_at', - 'expenses.should_be_invoiced', - 'expenses.created_at', - 'expenses.user_id' - ); + + $query = $this->find()->where('expenses.vendor_id', '=', $vendorId); return $query; } diff --git a/app/Services/ExpenseService.php b/app/Services/ExpenseService.php index 94bfd7d8c87a..a16bff7dd3f1 100644 --- a/app/Services/ExpenseService.php +++ b/app/Services/ExpenseService.php @@ -55,12 +55,15 @@ class ExpenseService extends BaseService public function getDatatableVendor($vendorPublicId) { + $datatable = new ExpenseDatatable(false, true); + $query = $this->expenseRepo->findVendor($vendorPublicId); - return $this->datatableService->createDatatable(ENTITY_EXPENSE, - $query, - $this->getDatatableColumnsVendor(ENTITY_EXPENSE,false), - $this->getDatatableActionsVendor(ENTITY_EXPENSE), - false); + + if(!Utils::hasPermission('view_all')){ + $query->where('expenses.user_id', '=', Auth::user()->id); + } + + return $this->datatableService->createDatatable($datatable, $query); } diff --git a/resources/views/vendors/show.blade.php b/resources/views/vendors/show.blade.php index 37572ee4c5bc..eca43f233662 100644 --- a/resources/views/vendors/show.blade.php +++ b/resources/views/vendors/show.blade.php @@ -152,7 +152,7 @@ trans('texts.expense_date'), trans('texts.amount'), trans('texts.public_notes')) - ->setUrl(url('api/expenseVendor/' . $vendor->public_id)) + ->setUrl(url('api/vendor_expense/' . $vendor->public_id)) ->setCustomValues('entityType', 'expenses') ->setOptions('sPaginationType', 'bootstrap') ->setOptions('bFilter', false)