From ad0b2b8ec32eef3de6c9352f003cbf498716cb9c Mon Sep 17 00:00:00 2001 From: David Bomba Date: Sun, 11 Jul 2021 10:16:27 +1000 Subject: [PATCH] Prevent ninja company from being deleted --- app/Factory/ExpenseCategoryFactory.php | 2 +- app/Factory/TaskStatusFactory.php | 2 +- app/Http/Controllers/CompanyController.php | 4 ++++ app/Http/Controllers/MigrationController.php | 6 ++++++ app/Http/Middleware/UrlSetDb.php | 7 ++++++- app/Http/Requests/Expense/StoreExpenseRequest.php | 2 +- .../ExpenseCategory/StoreExpenseCategoryRequest.php | 2 +- .../ExpenseCategory/UpdateExpenseCategoryRequest.php | 2 +- app/Http/Requests/Project/StoreProjectRequest.php | 2 +- app/Http/Requests/Project/UpdateProjectRequest.php | 2 +- app/Http/Requests/Task/UpdateTaskRequest.php | 2 +- app/Http/Requests/TaskStatus/StoreTaskStatusRequest.php | 2 +- app/Http/Requests/TaskStatus/UpdateTaskStatusRequest.php | 2 +- tests/Unit/CreditBalanceTest.php | 4 ++++ 14 files changed, 30 insertions(+), 11 deletions(-) diff --git a/app/Factory/ExpenseCategoryFactory.php b/app/Factory/ExpenseCategoryFactory.php index a2bd3d0bd407..cd7254ba8ee7 100644 --- a/app/Factory/ExpenseCategoryFactory.php +++ b/app/Factory/ExpenseCategoryFactory.php @@ -22,7 +22,7 @@ class ExpenseCategoryFactory $expense->company_id = $company_id; $expense->name = ''; $expense->is_deleted = false; - $expense->color = '#fff'; + $expense->color = ''; return $expense; } diff --git a/app/Factory/TaskStatusFactory.php b/app/Factory/TaskStatusFactory.php index 8d9b4742341e..aa5ea60d4714 100644 --- a/app/Factory/TaskStatusFactory.php +++ b/app/Factory/TaskStatusFactory.php @@ -21,7 +21,7 @@ class TaskStatusFactory $task_status->user_id = $user_id; $task_status->company_id = $company_id; $task_status->name = ''; - $task_status->color = '#fff'; + $task_status->color = ''; $task_status->status_order = 9999; return $task_status; diff --git a/app/Http/Controllers/CompanyController.php b/app/Http/Controllers/CompanyController.php index b85793ffe940..a22091a218bf 100644 --- a/app/Http/Controllers/CompanyController.php +++ b/app/Http/Controllers/CompanyController.php @@ -474,6 +474,10 @@ class CompanyController extends BaseController */ public function destroy(DestroyCompanyRequest $request, Company $company) { + + if(Ninja::isHosted() && config('ninja.ninja_default_company_id') == $company->id) + return response()->json(['message' => 'Cannot purge this company'], 400); + $company_count = $company->account->companies->count(); $account = $company->account; $account_key = $account->key; diff --git a/app/Http/Controllers/MigrationController.php b/app/Http/Controllers/MigrationController.php index 370dd080d403..94ab88c5123d 100644 --- a/app/Http/Controllers/MigrationController.php +++ b/app/Http/Controllers/MigrationController.php @@ -82,6 +82,9 @@ class MigrationController extends BaseController */ public function purgeCompany(Company $company) { + if(Ninja::isHosted() && config('ninja.ninja_default_company_id') == $company->id) + return response()->json(['message' => 'Cannot purge this company'], 400); + $account = $company->account; $company_id = $company->id; @@ -102,6 +105,9 @@ class MigrationController extends BaseController private function purgeCompanyWithForceFlag(Company $company) { + if(Ninja::isHosted() && config('ninja.ninja_default_company_id') == $company->id) + return response()->json(['message' => 'Cannot purge this company'], 400); + $account = $company->account; $company_id = $company->id; diff --git a/app/Http/Middleware/UrlSetDb.php b/app/Http/Middleware/UrlSetDb.php index 9e9fe306d323..e93ac08440ab 100644 --- a/app/Http/Middleware/UrlSetDb.php +++ b/app/Http/Middleware/UrlSetDb.php @@ -30,17 +30,22 @@ class UrlSetDb */ public function handle($request, Closure $next) { + if (config('ninja.db.multi_db_enabled')) { - $hashids = new Hashids('', 10); //decoded output is _always_ an array. + $hashids = new Hashids(config('ninja.hash_salt'), 10); //parse URL hash and set DB $segments = explode('-', $request->route('confirmation_code')); + if(!is_array($segments)) + return response()->json(['message' => 'Invalid confirmation code'], 403); + $hashed_db = $hashids->decode($segments[0]); MultiDB::setDB(MultiDB::DB_PREFIX.str_pad($hashed_db[0], 2, '0', STR_PAD_LEFT)); } return $next($request); + } } diff --git a/app/Http/Requests/Expense/StoreExpenseRequest.php b/app/Http/Requests/Expense/StoreExpenseRequest.php index 926ae7886d7d..1cb2e64624f8 100644 --- a/app/Http/Requests/Expense/StoreExpenseRequest.php +++ b/app/Http/Requests/Expense/StoreExpenseRequest.php @@ -59,7 +59,7 @@ class StoreExpenseRequest extends Request } if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/app/Http/Requests/ExpenseCategory/StoreExpenseCategoryRequest.php b/app/Http/Requests/ExpenseCategory/StoreExpenseCategoryRequest.php index b09a903bdbad..a896e8388927 100644 --- a/app/Http/Requests/ExpenseCategory/StoreExpenseCategoryRequest.php +++ b/app/Http/Requests/ExpenseCategory/StoreExpenseCategoryRequest.php @@ -43,7 +43,7 @@ class StoreExpenseCategoryRequest extends Request $input = $this->decodePrimaryKeys($input); if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/app/Http/Requests/ExpenseCategory/UpdateExpenseCategoryRequest.php b/app/Http/Requests/ExpenseCategory/UpdateExpenseCategoryRequest.php index 2b8e5a7449a7..921c5b14de3a 100644 --- a/app/Http/Requests/ExpenseCategory/UpdateExpenseCategoryRequest.php +++ b/app/Http/Requests/ExpenseCategory/UpdateExpenseCategoryRequest.php @@ -47,7 +47,7 @@ class UpdateExpenseCategoryRequest extends Request $input = $this->all(); if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/app/Http/Requests/Project/StoreProjectRequest.php b/app/Http/Requests/Project/StoreProjectRequest.php index 9cc666e76c2d..b42dda0f62b5 100644 --- a/app/Http/Requests/Project/StoreProjectRequest.php +++ b/app/Http/Requests/Project/StoreProjectRequest.php @@ -51,7 +51,7 @@ class StoreProjectRequest extends Request if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/app/Http/Requests/Project/UpdateProjectRequest.php b/app/Http/Requests/Project/UpdateProjectRequest.php index d5fa2f0f52ea..0217de8264b1 100644 --- a/app/Http/Requests/Project/UpdateProjectRequest.php +++ b/app/Http/Requests/Project/UpdateProjectRequest.php @@ -49,7 +49,7 @@ class UpdateProjectRequest extends Request } if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/app/Http/Requests/Task/UpdateTaskRequest.php b/app/Http/Requests/Task/UpdateTaskRequest.php index 4b62444bd623..03f87b52a199 100644 --- a/app/Http/Requests/Task/UpdateTaskRequest.php +++ b/app/Http/Requests/Task/UpdateTaskRequest.php @@ -51,7 +51,7 @@ class UpdateTaskRequest extends Request } if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/app/Http/Requests/TaskStatus/StoreTaskStatusRequest.php b/app/Http/Requests/TaskStatus/StoreTaskStatusRequest.php index 8e476c5bb0a1..d3ba8750dab0 100644 --- a/app/Http/Requests/TaskStatus/StoreTaskStatusRequest.php +++ b/app/Http/Requests/TaskStatus/StoreTaskStatusRequest.php @@ -33,7 +33,7 @@ class StoreTaskStatusRequest extends Request $input = $this->all(); if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/app/Http/Requests/TaskStatus/UpdateTaskStatusRequest.php b/app/Http/Requests/TaskStatus/UpdateTaskStatusRequest.php index cbde21ac4e81..817e48d6a3e4 100644 --- a/app/Http/Requests/TaskStatus/UpdateTaskStatusRequest.php +++ b/app/Http/Requests/TaskStatus/UpdateTaskStatusRequest.php @@ -46,7 +46,7 @@ class UpdateTaskStatusRequest extends Request $input = $this->all(); if(array_key_exists('color', $input) && is_null($input['color'])) - $input['color'] = '#fff'; + $input['color'] = ''; $this->replace($input); } diff --git a/tests/Unit/CreditBalanceTest.php b/tests/Unit/CreditBalanceTest.php index 307a50f45370..84c941c75742 100644 --- a/tests/Unit/CreditBalanceTest.php +++ b/tests/Unit/CreditBalanceTest.php @@ -16,6 +16,7 @@ use App\Models\Company; use App\Models\Credit; use App\Models\CreditInvitation; use App\Models\User; +use App\Utils\Traits\AppSetup; use Tests\MockUnitData; use Tests\TestCase; @@ -25,6 +26,7 @@ use Tests\TestCase; class CreditBalanceTest extends TestCase { use MockUnitData; + use AppSetup; public function setUp() :void { @@ -35,6 +37,8 @@ class CreditBalanceTest extends TestCase }); $this->makeTestData(); + + $this->buildCache(true); } public function testCreditBalance()