diff --git a/app/Http/Requests/Payment/StorePaymentRequest.php b/app/Http/Requests/Payment/StorePaymentRequest.php index 000a07d6ac01..fed4c2f9c808 100644 --- a/app/Http/Requests/Payment/StorePaymentRequest.php +++ b/app/Http/Requests/Payment/StorePaymentRequest.php @@ -16,7 +16,6 @@ use App\Http\ValidationRules\Credit\CreditsSumRule; use App\Http\ValidationRules\Credit\ValidCreditsRules; use App\Http\ValidationRules\Payment\ValidInvoicesRules; use App\Http\ValidationRules\PaymentAmountsBalanceRule; -use App\Http\ValidationRules\ValidCreditsPresentRule; use App\Http\ValidationRules\ValidPayableInvoicesRule; use App\Models\Payment; use App\Utils\Traits\MakesHash; @@ -39,6 +38,41 @@ class StorePaymentRequest extends Request return $user->can('create', Payment::class); } + public function rules() + { + /** @var \App\Models\User $user */ + $user = auth()->user(); + + $rules = [ + 'client_id' => ['bail','required',Rule::exists('clients','id')->where('company_id',$user->company()->id)->where('is_deleted', 0)], + 'amount' => ['bail', 'numeric', new PaymentAmountsBalanceRule()], + 'invoices.*.amount' => ['bail','required'], + 'invoices.*.invoice_id' => ['bail','required','distinct',new ValidInvoicesRules($this->all()),Rule::exists('invoices','id')->where('company_id', $user->company()->id)->where('client_id', request()->input('client_id'))], + 'credits.*.credit_id' => ['bail','required','distinct',new ValidCreditsRules($this->all()),Rule::exists('credits','id')->where('company_id', $user->company()->id)->where('client_id', request()->input('client_id'))], + 'credits.*.amount' => ['bail','required', new CreditsSumRule($this->all())], + 'invoices' => ['bail','sometimes','array', new ValidPayableInvoicesRule()], + 'number' => ['bail', 'nullable', Rule::unique('payments')->where('company_id', $user->company()->id)], + 'idempotency_key' => ['nullable', 'bail', 'string','max:64', Rule::unique('payments')->where('company_id', $user->company()->id)], + ]; + + if ($this->file('documents') && is_array($this->file('documents'))) { + $rules['documents.*'] = $this->fileValidation(); + } elseif ($this->file('documents')) { + $rules['documents'] = $this->fileValidation(); + }else { + $rules['documents'] = 'bail|sometimes|array'; + } + + if ($this->file('file') && is_array($this->file('file'))) { + $rules['file.*'] = $this->fileValidation(); + } elseif ($this->file('file')) { + $rules['file'] = $this->fileValidation(); + } + + return $rules; + } + + public function prepareForValidation() { @@ -102,39 +136,5 @@ class StorePaymentRequest extends Request $this->replace($input); } - public function rules() - { - /** @var \App\Models\User $user */ - $user = auth()->user(); - $rules = [ - 'amount' => ['numeric', 'bail', new PaymentAmountsBalanceRule(), new ValidCreditsPresentRule($this->all())], - 'client_id' => 'bail|required|exists:clients,id,company_id,'.$user->company()->id.',is_deleted,0', - 'invoices.*.invoice_id' => 'bail|required|distinct|exists:invoices,id', - 'invoices.*.amount' => 'bail|required', - 'invoices.*.invoice_id' => new ValidInvoicesRules($this->all()), - 'credits.*.credit_id' => 'bail|required|exists:credits,id', - 'credits.*.credit_id' => new ValidCreditsRules($this->all()), - 'credits.*.amount' => ['bail','required', new CreditsSumRule($this->all())], - 'invoices' => new ValidPayableInvoicesRule(), - 'number' => ['nullable', 'bail', Rule::unique('payments')->where('company_id', $user->company()->id)], - 'idempotency_key' => ['nullable', 'bail', 'string','max:64', Rule::unique('payments')->where('company_id', $user->company()->id)], - ]; - - if ($this->file('documents') && is_array($this->file('documents'))) { - $rules['documents.*'] = $this->fileValidation(); - } elseif ($this->file('documents')) { - $rules['documents'] = $this->fileValidation(); - }else { - $rules['documents'] = 'bail|sometimes|array'; - } - - if ($this->file('file') && is_array($this->file('file'))) { - $rules['file.*'] = $this->fileValidation(); - } elseif ($this->file('file')) { - $rules['file'] = $this->fileValidation(); - } - - return $rules; - } } diff --git a/app/Http/Requests/Payment/UpdatePaymentRequest.php b/app/Http/Requests/Payment/UpdatePaymentRequest.php index d24ed6b32d89..67198525aaee 100644 --- a/app/Http/Requests/Payment/UpdatePaymentRequest.php +++ b/app/Http/Requests/Payment/UpdatePaymentRequest.php @@ -13,7 +13,6 @@ namespace App\Http\Requests\Payment; use App\Http\Requests\Request; use App\Http\ValidationRules\PaymentAppliedValidAmount; -use App\Http\ValidationRules\ValidCreditsPresentRule; use App\Utils\Traits\ChecksEntityStatus; use App\Utils\Traits\MakesHash; use Illuminate\Validation\Rule; @@ -41,17 +40,17 @@ class UpdatePaymentRequest extends Request /** @var \App\Models\User $user */ $user = auth()->user(); - + $rules = [ - 'invoices' => ['array', new PaymentAppliedValidAmount($this->all()), new ValidCreditsPresentRule($this->all())], - 'invoices.*.invoice_id' => 'sometimes|distinct', - 'invoices.*.amount' => 'sometimes|numeric|min:0', + 'client_id' => ['sometimes', 'bail', Rule::in([$this->payment->client_id])], + 'number' => ['sometimes', 'bail', Rule::unique('payments')->where('company_id', $user->company()->id)->ignore($this->payment->id)], + 'invoices' => ['sometimes', 'bail', 'array', new PaymentAppliedValidAmount($this->all())], + 'invoices.*.invoice_id' => ['sometimes','distinct',Rule::exists('invoices','id')->where('company_id', $user->company()->id)->where('client_id', request()->input('client_id'))], + 'invoices.*.amount' => ['sometimes','numeric','min:0'], + 'credits.*.credit_id' => ['sometimes','bail','distinct',Rule::exists('credits','id')->where('company_id', $user->company()->id)->where('client_id', request()->input('client_id'))], + 'credits.*.amount' => ['required', 'bail'], ]; - if ($this->number) { - $rules['number'] = Rule::unique('payments')->where('company_id', $user->company()->id)->ignore($this->payment->id); - } - if ($this->file('documents') && is_array($this->file('documents'))) { $rules['documents.*'] = $this->fileValidation(); } elseif ($this->file('documents')) { @@ -75,10 +74,6 @@ class UpdatePaymentRequest extends Request $input = $this->decodePrimaryKeys($input); - if (isset($input['client_id'])) { - unset($input['client_id']); - } - if (isset($input['amount'])) { unset($input['amount']); } diff --git a/app/Http/ValidationRules/ValidCreditsPresentRule.php b/app/Http/ValidationRules/ValidCreditsPresentRule.php index bdec15177c8f..50d3b32af5d0 100644 --- a/app/Http/ValidationRules/ValidCreditsPresentRule.php +++ b/app/Http/ValidationRules/ValidCreditsPresentRule.php @@ -17,6 +17,7 @@ use Illuminate\Contracts\Validation\Rule; /** * Class ValidCreditsPresentRule. + * @deprecated 20-03-2024 */ class ValidCreditsPresentRule implements Rule { @@ -50,11 +51,7 @@ class ValidCreditsPresentRule implements Rule private function validCreditsPresent(): bool { if (array_key_exists('credits', $this->input) && is_array($this->input['credits']) && count($this->input['credits']) > 0) { - $client_id = is_numeric(request()->input('client_id')) ?: $this->decodePrimaryKey(request()->input('client_id')); - // $credit_collection = Credit::query()->where('client_id', $client_id)->whereIn('id', array_column($this->input['credits'], 'credit_id'))->count(); - $credit_collection = Credit::query()->whereIn('id', array_column($this->input['credits'], 'credit_id'))->count(); - return $credit_collection == count($this->input['credits']); } diff --git a/tests/Feature/PaymentTest.php b/tests/Feature/PaymentTest.php index dcadebe4f301..2c662a67fcfa 100644 --- a/tests/Feature/PaymentTest.php +++ b/tests/Feature/PaymentTest.php @@ -62,6 +62,59 @@ class PaymentTest extends TestCase ); } + public function testClientIdValidation() + { + $p = Payment::factory()->create([ + 'company_id' => $this->company->id, + 'user_id' => $this->user->id, + 'client_id' => $this->client->id, + 'status_id' => Payment::STATUS_COMPLETED, + 'amount' => 100 + ]); + + + $data = [ + 'date' => now()->addDay()->format('Y-m-d') + ]; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $this->token, + ])->putJson('/api/v1/payments/'.$p->hashed_id, $data); + + $response->assertStatus(200); + + $data = [ + 'date' => now()->addDay()->format('Y-m-d'), + 'client_id' => $this->client->hashed_id, + ]; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $this->token, + ])->putJson('/api/v1/payments/'.$p->hashed_id, $data); + + $response->assertStatus(200); + + $c = Client::factory()->create([ + 'user_id' => $this->user->id, + 'company_id' => $this->company->id, + ]); + + $data = [ + 'date' => now()->addDay()->format('Y-m-d'), + 'client_id' => $c->hashed_id, + ]; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $this->token, + ])->putJson('/api/v1/payments/'.$p->hashed_id, $data); + + $response->assertStatus(422); + + } + public function testNegativeAppliedAmounts() { $p = Payment::factory()->create([