From 7a267b44066be6191381ed843a584b054df33d99 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Sat, 23 Oct 2021 10:16:43 +1100
Subject: [PATCH 1/4] Custom validation rule for amount

---
 app/Http/ValidationRules/ValidAmount.php | 39 ++++++++++++++++++++++++
 resources/lang/en/texts.php              |  1 +
 2 files changed, 40 insertions(+)
 create mode 100644 app/Http/ValidationRules/ValidAmount.php

diff --git a/app/Http/ValidationRules/ValidAmount.php b/app/Http/ValidationRules/ValidAmount.php
new file mode 100644
index 000000000000..dc57b308eb42
--- /dev/null
+++ b/app/Http/ValidationRules/ValidAmount.php
@@ -0,0 +1,39 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://www.elastic.co/licensing/elastic-license
+ */
+
+namespace App\Http\ValidationRules;
+
+use App\Libraries\MultiDB;
+use Illuminate\Contracts\Validation\Rule;
+
+/**
+ * Class ValidAmount.
+ */
+class ValidAmount implements Rule
+{
+    /**
+     * @param string $attribute
+     * @param mixed $value
+     * @return bool
+     */
+    public function passes($attribute, $value)
+    {
+        return (bool) is_float($value) || is_int($value);
+    }
+
+    /**
+     * @return string
+     */
+    public function message()
+    {
+        return ctrans('texts.invalid_amount');
+    }
+}
diff --git a/resources/lang/en/texts.php b/resources/lang/en/texts.php
index e8c367e9d0f9..441e7382691c 100644
--- a/resources/lang/en/texts.php
+++ b/resources/lang/en/texts.php
@@ -4334,6 +4334,7 @@ $LANG = array(
     'clone_to_expense' => 'Clone to expense',
     'checkout' => 'Checkout',
     'acss' => 'Pre-authorized debit payments',
+    'invalid_amount' => 'Invalid amount. Number/Decimal values only.'
 );
 
 return $LANG;

From f270fbe2d6ea10294ce58d87fec1273cb2d46d17 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Sat, 23 Oct 2021 11:45:22 +1100
Subject: [PATCH 2/4] Throw exception on paytrace failure

---
 app/Http/ValidationRules/ValidAmount.php     | 2 +-
 app/PaymentDrivers/PaytracePaymentDriver.php | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/Http/ValidationRules/ValidAmount.php b/app/Http/ValidationRules/ValidAmount.php
index dc57b308eb42..4f5fe1700de3 100644
--- a/app/Http/ValidationRules/ValidAmount.php
+++ b/app/Http/ValidationRules/ValidAmount.php
@@ -26,7 +26,7 @@ class ValidAmount implements Rule
      */
     public function passes($attribute, $value)
     {
-        return (bool) is_float($value) || is_int($value);
+        return (bool) is_float($value) || preg_match('#[^0-9]#',$value);
     }
 
     /**
diff --git a/app/PaymentDrivers/PaytracePaymentDriver.php b/app/PaymentDrivers/PaytracePaymentDriver.php
index 3b164f4a64b8..f834791c4311 100644
--- a/app/PaymentDrivers/PaytracePaymentDriver.php
+++ b/app/PaymentDrivers/PaytracePaymentDriver.php
@@ -11,6 +11,7 @@
 
 namespace App\PaymentDrivers;
 
+use App\Exceptions\SystemError;
 use App\Jobs\Util\SystemLogger;
 use App\Models\ClientGatewayToken;
 use App\Models\GatewayType;
@@ -192,7 +193,7 @@ class PaytracePaymentDriver extends BaseDriver
         $auth_data = json_decode($response);
 
         if(!property_exists($auth_data, 'access_token'))
-            throw new \Exception('Error authenticating with PayTrace');
+            throw new SystemError('Error authenticating with PayTrace');
 
             $headers = [];
             $headers[] = 'Content-type: application/json';

From 8dcdccb9c77b99a2d3fcb0693c56b0713559fa85 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Sat, 23 Oct 2021 12:07:54 +1100
Subject: [PATCH 3/4] Tests for custom validation rules

---
 app/Http/ValidationRules/ValidAmount.php      |   3 +-
 .../Validation/AmountValidationRuleTest.php   | 143 ++++++++++++++++++
 2 files changed, 145 insertions(+), 1 deletion(-)
 create mode 100644 tests/Integration/Validation/AmountValidationRuleTest.php

diff --git a/app/Http/ValidationRules/ValidAmount.php b/app/Http/ValidationRules/ValidAmount.php
index 4f5fe1700de3..d2832e83a046 100644
--- a/app/Http/ValidationRules/ValidAmount.php
+++ b/app/Http/ValidationRules/ValidAmount.php
@@ -26,7 +26,8 @@ class ValidAmount implements Rule
      */
     public function passes($attribute, $value)
     {
-        return (bool) is_float($value) || preg_match('#[^0-9]#',$value);
+        return trim($value, '-1234567890.,') === '';
+
     }
 
     /**
diff --git a/tests/Integration/Validation/AmountValidationRuleTest.php b/tests/Integration/Validation/AmountValidationRuleTest.php
new file mode 100644
index 000000000000..82a9b06c0a69
--- /dev/null
+++ b/tests/Integration/Validation/AmountValidationRuleTest.php
@@ -0,0 +1,143 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://opensource.org/licenses/AAL
+ */
+namespace Tests\Integration\Validation;
+
+use App\Http\ValidationRules\ValidAmount;
+use Tests\TestCase;
+
+/**
+ * @test
+ */
+class AmountValidationRuleTest extends TestCase
+{
+
+    public function setUp() :void
+    {
+        parent::setUp();
+
+    }
+
+    public function testSimpleAmountValid()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => 1,
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertTrue($v->passes());
+    }
+
+    public function testInvalidAmountValid()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => "aa",
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertFalse($v->passes());
+    }
+
+    public function testIllegalChars()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => "5+5",
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertFalse($v->passes());
+    }
+
+    public function testIllegalCharsNaked()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => 5+5, //resolves as 10 - but in practice, i believe this amount is wrapped in quotes so interpreted as a string
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertTrue($v->passes());
+    }
+
+
+    public function testinValidScenario1()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => "-10x",
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertFalse($v->passes());
+    }
+
+    public function testValidScenario2()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => -10,
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertTrue($v->passes());
+    }
+
+
+    public function testValidScenario3()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => "-10",
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertTrue($v->passes());
+    }
+
+    public function testInValidScenario4()
+    {
+        $rules = [
+            'amount' => [new ValidAmount()]
+        ];
+        
+        $data = [
+            'amount' => "-0 1",
+        ];
+        
+        $v = $this->app['validator']->make($data, $rules);
+        $this->assertFalse($v->passes());
+    }    
+}
+
+

From 31ef397dba9e6e679e7692e7398001cb09446a66 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Sat, 23 Oct 2021 15:04:20 +1100
Subject: [PATCH 4/4] Return early

---
 app/Http/Controllers/ClientPortal/SwitchCompanyController.php | 2 +-
 app/Mail/Admin/EntityViewedObject.php                         | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/ClientPortal/SwitchCompanyController.php b/app/Http/Controllers/ClientPortal/SwitchCompanyController.php
index 627dd6e18d28..2867541476d6 100644
--- a/app/Http/Controllers/ClientPortal/SwitchCompanyController.php
+++ b/app/Http/Controllers/ClientPortal/SwitchCompanyController.php
@@ -27,7 +27,7 @@ class SwitchCompanyController extends Controller
             ->where('id', $this->transformKeys($contact))
             ->first();
 
-        Auth::guard('contact')->login($client_contact, true);
+        auth()->guard('contact')->user()->login($client_contact, true);
 
         return redirect('/client/dashboard');
     }
diff --git a/app/Mail/Admin/EntityViewedObject.php b/app/Mail/Admin/EntityViewedObject.php
index 90a7588eeebc..4c1004aabb39 100644
--- a/app/Mail/Admin/EntityViewedObject.php
+++ b/app/Mail/Admin/EntityViewedObject.php
@@ -42,6 +42,9 @@ class EntityViewedObject
     public function build()
     {
 
+        if(!$this->entity)
+            return;
+
         App::forgetInstance('translator');
         /* Init a new copy of the translator*/
         $t = app('translator');