Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Working on permissions in the API

Browse Source
This commit is contained in:
Hillel Coren 2016-05-02 16:45:12 +03:00
parent e7f4368cbb
commit 6acddfc3c7
7 changed files with 90 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/AppController.php
View File

@ -306,7 +306,7 @@ class AppController extends BaseController
public function stats() public function stats()
{ {
if (Input::get('password') != env('RESELLER_PASSWORD')) { if ( ! hash_equals(Input::get('password'), env('RESELLER_PASSWORD'))) {
sleep(3); sleep(3);
return ''; return '';
} }

90
app/Http/Controllers/InvoiceApiController.php
View File

@ -18,6 +18,7 @@ use App\Ninja\Repositories\InvoiceRepository;
use App\Ninja\Mailers\ContactMailer as Mailer; use App\Ninja\Mailers\ContactMailer as Mailer;
use App\Http\Controllers\BaseAPIController; use App\Http\Controllers\BaseAPIController;
use App\Ninja\Transformers\InvoiceTransformer; use App\Ninja\Transformers\InvoiceTransformer;
use App\Http\Requests\InvoiceRequest;
use App\Http\Requests\CreateInvoiceAPIRequest; use App\Http\Requests\CreateInvoiceAPIRequest;
use App\Http\Requests\UpdateInvoiceAPIRequest; use App\Http\Requests\UpdateInvoiceAPIRequest;
use App\Services\InvoiceService; use App\Services\InvoiceService;
@ -82,17 +83,9 @@ class InvoiceApiController extends BaseAPIController
* ) * )
*/ */
public function show($publicId) public function show(InvoiceRequest $request)
{ {
$invoice = Invoice::scope($publicId)->withTrashed()->first(); return $this->itemResponse($request->entity());
if(!$invoice)
return $this->errorResponse(['message'=>'Invoice does not exist!'], 404);
$transformer = new InvoiceTransformer(\Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($invoice, $transformer, 'invoice');
return $this->response($data);
} }
/** /**
@ -187,11 +180,11 @@ class InvoiceApiController extends BaseAPIController
} }
} }
$invoice = Invoice::scope($invoice->public_id)->with('client', 'invoice_items', 'invitations')->first(); $invoice = Invoice::scope($invoice->public_id)
$transformer = new InvoiceTransformer(\Auth::user()->account, Input::get('serializer')); ->with('client', 'invoice_items', 'invitations')
$data = $this->createItem($invoice, $transformer, 'invoice'); ->first();
return $this->response($data); return $this->itemResponse($invoice);
} }
private function prepareData($data, $client) private function prepareData($data, $client)
@ -277,36 +270,21 @@ class InvoiceApiController extends BaseAPIController
$item[$key] = $val; $item[$key] = $val;
} }
} }
return $item; return $item;
} }
public function emailInvoice() public function emailInvoice(InvoiceRequest $request)
{ {
$data = Input::all(); $invoice = $request->entity();
$error = null;
$invoice = Invoice::scope($data['id'])->withTrashed()->first(); $this->mailer->sendInvoice($invoice);
if(!$invoice)
return $this->errorResponse(['message'=>'Invoice does not exist.'], 400);
$this->mailer->sendInvoice($invoice, false, false);
if($error) {
return $this->errorResponse(['message'=>'There was an error sending the invoice'], 400);
}
else {
$response = json_encode(RESULT_SUCCESS, JSON_PRETTY_PRINT);
}
$response = json_encode(RESULT_SUCCESS, JSON_PRETTY_PRINT);
$headers = Utils::getApiHeaders(); $headers = Utils::getApiHeaders();
return Response::make($response, $error ? 400 : 200, $headers); return Response::make($response, 200, $headers);
} }
/** /**
* @SWG\Put( * @SWG\Put(
* path="/invoices", * path="/invoices",
@ -330,43 +308,23 @@ class InvoiceApiController extends BaseAPIController
*/ */
public function update(UpdateInvoiceAPIRequest $request, $publicId) public function update(UpdateInvoiceAPIRequest $request, $publicId)
{ {
if ($request->action == ACTION_ARCHIVE) { if ($request->action == ACTION_CONVERT) {
$invoice = Invoice::scope($publicId)->firstOrFail(); $quote = $request->entity();
$this->invoiceRepo->archive($invoice);
$transformer = new InvoiceTransformer(\Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($invoice, $transformer, 'invoice');
return $this->response($data);
}
else if ($request->action == ACTION_CONVERT) {
$quote = Invoice::scope($publicId)->firstOrFail();
$invoice = $this->invoiceRepo->cloneInvoice($quote, $quote->id); $invoice = $this->invoiceRepo->cloneInvoice($quote, $quote->id);
return $this->itemResponse($invoice);
$transformer = new InvoiceTransformer(\Auth::user()->account, Input::get('serializer')); } elseif ($request->action) {
$data = $this->createItem($invoice, $transformer, 'invoice'); return $this->handleAction($request);
return $this->response($data);
}
else if ($request->action == ACTION_RESTORE) {
$invoice = Invoice::scope($publicId)->withTrashed()->firstOrFail();
$this->invoiceRepo->restore($invoice);
$transformer = new InvoiceTransformer(\Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($invoice, $transformer, 'invoice');
return $this->response($data);
} }
$data = $request->input(); $data = $request->input();
$data['public_id'] = $publicId; $data['public_id'] = $publicId;
$this->invoiceService->save($data); $this->invoiceService->save($data);
$invoice = Invoice::scope($publicId)->with('client', 'invoice_items', 'invitations')->firstOrFail(); $invoice = Invoice::scope($publicId)
$transformer = new InvoiceTransformer(\Auth::user()->account, Input::get('serializer')); ->with('client', 'invoice_items', 'invitations')
$data = $this->createItem($invoice, $transformer, 'invoice'); ->firstOrFail();
return $this->response($data); return $this->itemResponse($invoice);
} }
/** /**

5
app/Http/Controllers/PaymentApiController.php
View File

@ -153,11 +153,6 @@ class PaymentApiController extends BaseAPIController
$this->paymentRepo->delete($payment); $this->paymentRepo->delete($payment);
/*
$invoice = Invoice::scope($invoiceId)->with('client', 'invoice_items', 'invitations')->with(['payments' => function($query) {
$query->withTrashed();
}])->first();
*/
$transformer = new PaymentTransformer(\Auth::user()->account, Input::get('serializer')); $transformer = new PaymentTransformer(\Auth::user()->account, Input::get('serializer'));
$data = $this->createItem($payment, $transformer, 'invoice'); $data = $this->createItem($payment, $transformer, 'invoice');

26
app/Http/Requests/CreateProductRequest.php Normal file
View File

@ -0,0 +1,26 @@
<?php namespace App\Http\Requests;
class CreateProductRequest extends ProductRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return $this->user()->can('create', ENTITY_PRODUCT);
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'product_key' => 'required',
];
}
}

6
app/Http/Requests/ProductRequest.php Normal file
View File

@ -0,0 +1,6 @@
<?php namespace App\Http\Requests;
class ProductRequest extends EntityRequest {
protected $entityType = ENTITY_PRODUCT;
}

7
app/Http/Requests/TaxRateRequest.php Normal file
View File

@ -0,0 +1,7 @@
<?php namespace App\Http\Requests;
class TaxRateRequest extends EntityRequest {
protected $entityType = ENTITY_TAX_RATE;
}

26
app/Http/Requests/UpdateProductRequest.php Normal file
View File

@ -0,0 +1,26 @@
<?php namespace App\Http\Requests;
class UpdateProductRequest extends ProductRequest
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return $this->user()->can('edit', $this->entity());
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'product_key' => 'required',
];
}
}