Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-07 15:44:33 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7285 from turbo124/v5-develop

Browse Source 
Fixes for resolving correct company user
This commit is contained in:
David Bomba 2022-03-13 21:19:06 +11:00 committed by GitHub
commit 58ac813130
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 173 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/Auth/LoginController.php
View File

@ -606,6 +606,10 @@ class LoginController extends BaseController
if (request()->has('code')) {
return $this->handleProviderCallback($provider);
} else {
if(!in_array($provider, ['google']))
return abort(400, 'Invalid provider');
return Socialite::driver($provider)->with($parameters)->scopes($scopes)->redirect();
}
}

2
app/Http/Controllers/BaseController.php
View File

@ -19,6 +19,7 @@ use App\Transformers\EntityTransformer;
use App\Utils\Ninja;
use App\Utils\Statics;
use App\Utils\Traits\AppSetup;
use App\Utils\TruthSource;
use Illuminate\Contracts\Container\BindingResolutionException;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Http\Request;
@ -610,6 +611,7 @@ class BaseController extends Controller
protected function listResponse($query)
{
$this->buildManager();
$transformer = new $this->entity_transformer(request()->input('serializer'));

6
app/Http/Controllers/UserController.php
View File

@ -380,7 +380,7 @@ class UserController extends BaseController
*/
public function update(UpdateUserRequest $request, User $user)
{
$old_company_user = $user->company_user;
$old_company_user = $user->company_user();
$old_user = json_encode($user);
$old_user_email = $user->getOriginal('email');
@ -398,8 +398,8 @@ class UserController extends BaseController
if(
strcasecmp($old_company_user->permissions, $user->company_user->permissions) != 0 ||
$old_company_user->is_admin != $user->company_user->is_admin
strcasecmp($old_company_user->permissions, $user->company_user()->permissions) != 0 ||
$old_company_user->is_admin != $user->company_user()->is_admin
){
$user->company_user()->update(["permissions_updated_at" => now()]);
}

12
app/Http/Middleware/TokenAuth.php
View File

@ -15,6 +15,7 @@ use App\Events\User\UserLoggedIn;
use App\Models\CompanyToken;
use App\Models\User;
use App\Utils\Ninja;
use App\Utils\TruthSource;
use Closure;
use Illuminate\Http\Request;
use stdClass;
@ -30,7 +31,7 @@ class TokenAuth
*/
public function handle($request, Closure $next)
{
if ($request->header('X-API-TOKEN') && ($company_token = CompanyToken::with(['user', 'company'])->where('token', $request->header('X-API-TOKEN'))->first())) {
if ($request->header('X-API-TOKEN') && ($company_token = CompanyToken::with(['user', 'company', 'cu'])->where('token', $request->header('X-API-TOKEN'))->first())) {
$user = $company_token->user;
$error = [
@ -52,6 +53,13 @@ class TokenAuth
return response()->json($error, 403);
}
$truth = app()->make(TruthSource::class);
$truth->setCompanyUser($company_token->cu);
$truth->setUser($company_token->user);
$truth->setCompany($company_token->company);
$truth->setCompanyToken($company_token);
/*
|
| Necessary evil here: As we are authenticating on CompanyToken,
@ -65,7 +73,7 @@ class TokenAuth
});
//user who once existed, but has been soft deleted
if ($company_token->company_user->is_locked) {
if ($company_token->cu->is_locked) {
$error = [
'message' => 'User access locked',
'errors' => new stdClass,

5
app/Models/CompanyToken.php
View File

@ -55,4 +55,9 @@ class CompanyToken extends BaseModel
->where('company_id', $this->company_id)
->where('user_id', $this->user_id);
}
public function cu()
{
return $this->hasOneThrough(CompanyUser::class, Company::class, 'id', 'company_id', 'company_id', 'id');
}
}

95
app/Models/User.php
View File

@ -21,6 +21,7 @@ use App\Services\User\UserService;
use App\Utils\Traits\MakesHash;
use App\Utils\Traits\UserSessionAttributes;
use App\Utils\Traits\UserSettings;
use App\Utils\TruthSource;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
@ -30,8 +31,8 @@ use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Carbon;
use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Auth;
use Laracasts\Presenter\PresentableTrait;
use Illuminate\Support\Facades\Cache;
use Laracasts\Presenter\PresentableTrait;
class User extends Authenticatable implements MustVerifyEmail
{
@ -142,6 +143,22 @@ class User extends Authenticatable implements MustVerifyEmail
return $this->hasMany(CompanyToken::class)->orderBy('id', 'ASC');
}
public function token()
{
$truth = app()->make(TruthSource::class);
if($truth->getCompanyToken()){
return $truth->getCompanyToken();
}
if (request()->header('X-API-TOKEN')) {
return CompanyToken::with(['cu'])->where('token', request()->header('X-API-TOKEN'))->first();
}
return $this->tokens()->first();
}
/**
* Returns all companies a user has access to.
*
@ -170,12 +187,16 @@ class User extends Authenticatable implements MustVerifyEmail
*/
public function getCompany()
{
$truth = app()->make(TruthSource::class);
if ($this->company){
return $this->company;
}
elseif($truth->getCompany()){
return $truth->getCompany();
}
elseif (request()->header('X-API-TOKEN')) {
$company_token = CompanyToken::with(['company'])->where('token', request()->header('X-API-TOKEN'))->first();
@ -219,31 +240,33 @@ class User extends Authenticatable implements MustVerifyEmail
public function co_user()
{
return $this->company_user();
$truth = app()->make(TruthSource::class);
if($truth->getCompanyUser()){
return $truth->getCompanyUser();
}
return $this->token()->cu;
// return $this->company_user();
}
public function company_user()
{
if (! $this->id && auth()->user()) {
$this->id = auth()->user()->id;
// if (! $this->id && auth()->user()) {
// $this->id = auth()->user()->id;
// }
// return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'user_id', 'id', 'user_id')
// ->withTrashed();
$truth = app()->make(TruthSource::class);
if($truth->getCompanyUser()){
return $truth->getCompanyUser();
}
return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'user_id', 'id', 'user_id')
->withTrashed();
return $this->token()->cu;
// if (request()->header('X-API-TOKEN')) {
// nlog("with an API token");
// nlog(request()->header('X-API-TOKEN'));
// return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'company_id', 'id', 'company_id')
// ->where('company_tokens.token', request()->header('X-API-TOKEN'))
// ->withTrashed();
// } else {
// return $this->hasOneThrough(CompanyUser::class, CompanyToken::class, 'user_id', 'company_id', 'id', 'company_id')
// ->where('company_user.user_id', $this->id)
// ->withTrashed();
// }
}
/**
@ -268,7 +291,9 @@ class User extends Authenticatable implements MustVerifyEmail
*/
public function permissions()
{
return $this->company_user->permissions;
return $this->token()->cu->permissions;
// return $this->company_user->permissions;
}
/**
@ -278,7 +303,9 @@ class User extends Authenticatable implements MustVerifyEmail
*/
public function settings()
{
return json_decode($this->company_user->settings);
return json_decode($this->token()->cu->settings);
//return json_decode($this->company_user->settings);
}
/**
@ -288,12 +315,16 @@ class User extends Authenticatable implements MustVerifyEmail
*/
public function isAdmin() : bool
{
return $this->company_user->is_admin;
return $this->token()->cu->is_admin;
// return $this->company_user->is_admin;
}
public function isOwner() : bool
{
return $this->company_user->is_owner;
return $this->token()->cu->is_owner;
// return $this->company_user->is_owner;
}
/**
@ -345,8 +376,13 @@ class User extends Authenticatable implements MustVerifyEmail
return $this->isOwner() ||
$this->isAdmin() ||
(stripos($this->company_user->permissions, $all_permission) !== false) ||
(stripos($this->company_user->permissions, $permission) !== false);
(stripos($this->token()->cu->permissions, $all_permission) !== false) ||
(stripos($this->token()->cu->permissions, $permission) !== false);
// return $this->isOwner() ||
// $this->isAdmin() ||
// (stripos($this->company_user->permissions, $all_permission) !== false) ||
// (stripos($this->company_user->permissions, $permission) !== false);
}
public function documents()
@ -370,9 +406,12 @@ class User extends Authenticatable implements MustVerifyEmail
public function routeNotificationForSlack($notification)
{
if ($this->company_user->slack_webhook_url) {
return $this->company_user->slack_webhook_url;
}
if($this->token()->cu->slack_webhook_url)
return $this->token()->cu->slack_webhook_url;
// if ($this->company_user->slack_webhook_url) {
// return $this->company_user->slack_webhook_url;
// }
}
public function routeNotificationForMail($notification)

4
app/Providers/AppServiceProvider.php
View File

@ -15,6 +15,7 @@ use App\Http\Middleware\SetDomainNameDb;
use App\Models\Invoice;
use App\Models\Proposal;
use App\Utils\Ninja;
use App\Utils\TruthSource;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Database\Eloquent\Relations\Relation;
use Illuminate\Queue\Events\JobProcessing;
@ -71,6 +72,9 @@ class AppServiceProvider extends ServiceProvider
// \Log::error('Event Job '.$event->job->getJobId);
// // \Log::info('Event Job '.$event->job->payload());
// });
app()->instance(TruthSource::class, new TruthSource());
}
/**

1
app/Repositories/UserRepository.php
View File

@ -200,7 +200,6 @@ class UserRepository extends BaseRepository
$user->is_deleted = false;
$user->save();
$user->restore();
// $user->company_user->restore();
$cu = CompanyUser::withTrashed()
->where('user_id', $user->id)

8
app/Utils/HtmlEngine.php
View File

@ -634,9 +634,11 @@ class HtmlEngine
{
$country = Country::find($this->settings->country_id);
if ($country) {
return ctrans('texts.country_' . $country->iso_3166_2);
}
if($country)
return $country->iso_3166_2;
// if ($country) {
// return ctrans('texts.country_' . $country->iso_3166_2);
// }
return ' ';
}

70
app/Utils/TruthSource.php Normal file
View File

@ -0,0 +1,70 @@
<?php
/**
* Invoice Ninja (https://invoiceninja.com).
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
* @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
*
* @license https://www.elastic.co/licensing/elastic-license
*/
namespace App\Utils;
class TruthSource
{
public $company;
public $user;
public $company_user;
public $company_token;
public function setCompanyUser($company_user)
{
$this->company_user = $company_user;
return $this;
}
public function setUser($user){
$this->user = $user;
return $this;
}
public function setCompany($company)
{
$this->company = $company;
return $this;
}
public function setCompanyToken($company_token)
{
$this->company_token = $company_token;
return $this;
}
public function getCompany()
{
return $this->company;
}
public function getCompanyUser()
{
return $this->company_user;
}
public function getUser()
{
return $this->user;
}
public function getCompanyToken()
{
return $this->company_token;
}
}

2
tests/Feature/LoginTest.php
View File

@ -175,7 +175,7 @@ class LoginTest extends TestCase
$this->assertTrue($user->companies !== null);
$this->assertTrue($user->company_users !== null);
$this->assertTrue($user->company_users->first() !== null);
$this->assertTrue($user->company_user->account !== null);
$this->assertTrue($user->company_user()->account !== null);
$this->assertEquals($user->email, 'test@example.com');
$this->assertTrue(\Hash::check('123456', $user->password));