From 552b72a4bce0ecf7a5def2f6460705d1d0cb36c3 Mon Sep 17 00:00:00 2001
From: Hillel Coren <hillelcoren@gmail.com>
Date: Thu, 15 Mar 2018 22:57:46 +0200
Subject: [PATCH] Prevent duplicate payment terms

---
 .../Controllers/PaymentTermApiController.php  |  4 +--
 .../Controllers/PaymentTermController.php     |  6 ++--
 ...quest.php => CreatePaymentTermRequest.php} |  5 ++--
 .../Requests/UpdatePaymentTermRequest.php     | 29 +++++++++++++++++--
 4 files changed, 36 insertions(+), 8 deletions(-)
 rename app/Http/Requests/{CreatePaymentTermAPIRequest.php => CreatePaymentTermRequest.php} (71%)

diff --git a/app/Http/Controllers/PaymentTermApiController.php b/app/Http/Controllers/PaymentTermApiController.php
index ef11a64e19f5..35e8a2fe5271 100644
--- a/app/Http/Controllers/PaymentTermApiController.php
+++ b/app/Http/Controllers/PaymentTermApiController.php
@@ -2,7 +2,7 @@
 
 namespace App\Http\Controllers;
 
-use App\Http\Requests\CreatePaymentTermAPIRequest;
+use App\Http\Requests\CreatePaymentTermRequest;
 use App\Http\Requests\PaymentTermRequest;
 use App\Http\Requests\UpdatePaymentTermRequest;
 use App\Libraries\Utils;
@@ -110,7 +110,7 @@ class PaymentTermApiController extends BaseAPIController
          *   )
          * )
          */
-    public function store(CreatePaymentTermAPIRequest $request)
+    public function store(CreatePaymentTermRequest $request)
     {
 
         $paymentTerm = PaymentTerm::createNew();
diff --git a/app/Http/Controllers/PaymentTermController.php b/app/Http/Controllers/PaymentTermController.php
index e92e53035675..13a67f15ead8 100644
--- a/app/Http/Controllers/PaymentTermController.php
+++ b/app/Http/Controllers/PaymentTermController.php
@@ -2,6 +2,8 @@
 
 namespace App\Http\Controllers;
 
+use App\Http\Requests\CreatePaymentTermRequest;
+use App\Http\Requests\UpdatePaymentTermRequest;
 use App\Models\PaymentTerm;
 use App\Services\PaymentTermService;
 use Auth;
@@ -84,7 +86,7 @@ class PaymentTermController extends BaseController
     /**
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store()
+    public function store(CreatePaymentTermRequest $request)
     {
         return $this->save();
     }
@@ -94,7 +96,7 @@ class PaymentTermController extends BaseController
      *
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update($publicId)
+    public function update(UpdatePaymentTermRequest $request, $publicId)
     {
         return $this->save($publicId);
     }
diff --git a/app/Http/Requests/CreatePaymentTermAPIRequest.php b/app/Http/Requests/CreatePaymentTermRequest.php
similarity index 71%
rename from app/Http/Requests/CreatePaymentTermAPIRequest.php
rename to app/Http/Requests/CreatePaymentTermRequest.php
index 44002ecf90ee..e839b873804c 100644
--- a/app/Http/Requests/CreatePaymentTermAPIRequest.php
+++ b/app/Http/Requests/CreatePaymentTermRequest.php
@@ -4,7 +4,7 @@ namespace App\Http\Requests;
 
 use App\Models\Invoice;
 
-class CreatePaymentTermAPIRequest extends Request
+class CreatePaymentTermRequest extends PaymentTermRequest
 {
     /**
      * Determine if the user is authorized to make this request.
@@ -27,7 +27,8 @@ class CreatePaymentTermAPIRequest extends Request
     {
 
         $rules = [
-            'num_days' => 'required|numeric|unique:payment_terms',
+            'num_days' => 'required|numeric|unique:payment_terms,num_days,,id,account_id,' . $this->user()->account_id . ',deleted_at,NULL'
+                . '|unique:payment_terms,num_days,,id,account_id,0,deleted_at,NULL',
         ];
 
 
diff --git a/app/Http/Requests/UpdatePaymentTermRequest.php b/app/Http/Requests/UpdatePaymentTermRequest.php
index 022a65087d39..b1d33fb91ca2 100644
--- a/app/Http/Requests/UpdatePaymentTermRequest.php
+++ b/app/Http/Requests/UpdatePaymentTermRequest.php
@@ -2,16 +2,41 @@
 
 namespace App\Http\Requests;
 
-class UpdatePaymentTermRequest extends EntityRequest
+use App\Models\Invoice;
+
+class UpdatePaymentTermRequest extends PaymentTermRequest
 {
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+
+    public function authorize()
+    {
+        return $this->entity() && $this->user()->can('edit', $this->entity());
+    }
 
     /**
      * Get the validation rules that apply to the request.
      *
      * @return array
      */
+
     public function rules()
     {
-        return [];
+        if (! $this->entity()) {
+            return [];
+        }
+
+        $paymentTermId = $this->entity()->id;
+
+        $rules = [
+            'num_days' => 'required|numeric|unique:payment_terms,num_days,' . $paymentTermId . ',id,account_id,' . $this->user()->account_id . ',deleted_at,NULL'
+                . '|unique:payment_terms,num_days,' . $paymentTermId . ',id,account_id,0,deleted_at,NULL',
+        ];
+
+
+        return $rules;
     }
 }