diff --git a/app/Http/Controllers/BankIntegrationController.php b/app/Http/Controllers/BankIntegrationController.php index 3ec83fb9199b..369c1d08c580 100644 --- a/app/Http/Controllers/BankIntegrationController.php +++ b/app/Http/Controllers/BankIntegrationController.php @@ -15,6 +15,7 @@ use App\Factory\BankIntegrationFactory; use App\Filters\BankIntegrationFilters; use App\Helpers\Bank\Yodlee\Yodlee; use App\Http\Requests\BankIntegration\AdminBankIntegrationRequest; +use App\Http\Requests\BankIntegration\BulkBankIntegrationRequest; use App\Http\Requests\BankIntegration\CreateBankIntegrationRequest; use App\Http\Requests\BankIntegration\DestroyBankIntegrationRequest; use App\Http\Requests\BankIntegration\EditBankIntegrationRequest; @@ -465,21 +466,16 @@ class BankIntegrationController extends BaseController * ), * ) */ - public function bulk() + public function bulk(BulkBankIntegrationRequest $request) { $action = request()->input('action'); - if(!in_array($action, ['archive', 'restore', 'delete'])) - return response()->json(['message' => 'Unsupported action.'], 400); - $ids = request()->input('ids'); $bank_integrations = BankIntegration::withTrashed()->whereIn('id', $this->transformKeys($ids))->company()->get(); $bank_integrations->each(function ($bank_integration, $key) use ($action) { - if (auth()->user()->can('edit', $bank_integration)) { - $this->bank_integration_repo->{$action}($bank_integration); - } + $this->bank_integration_repo->{$action}($bank_integration); }); /* Need to understand which permission are required for the given bulk action ie. view / edit */ diff --git a/app/Http/Controllers/BankTransactionController.php b/app/Http/Controllers/BankTransactionController.php index 31a8dd333d24..a8c1508ec77b 100644 --- a/app/Http/Controllers/BankTransactionController.php +++ b/app/Http/Controllers/BankTransactionController.php @@ -15,6 +15,7 @@ use App\Factory\BankTransactionFactory; use App\Filters\BankTransactionFilters; use App\Helpers\Bank\Yodlee\Yodlee; use App\Http\Requests\BankTransaction\AdminBankTransactionRequest; +use App\Http\Requests\BankTransaction\BulkBankTransactionRequest; use App\Http\Requests\BankTransaction\CreateBankTransactionRequest; use App\Http\Requests\BankTransaction\DestroyBankTransactionRequest; use App\Http\Requests\BankTransaction\EditBankTransactionRequest; @@ -469,12 +470,9 @@ class BankTransactionController extends BaseController * ), * ) */ - public function bulk() + public function bulk(BulkBankTransactionRequest $request) { - $action = request()->input('action'); - - if(!in_array($action, ['archive', 'restore', 'delete', 'convert_matched'])) - return response()->json(['message' => 'Unsupported action.'], 400); + $action = $request->input('action'); $ids = request()->input('ids'); @@ -482,19 +480,14 @@ class BankTransactionController extends BaseController if($action == 'convert_matched') //catch this action { - if(auth()->user()->isAdmin()) - { - $this->bank_transaction_repo->convert_matched($bank_transactions); - } - else - return; + + $this->bank_transaction_repo->convert_matched($bank_transactions); + } else { $bank_transactions->each(function ($bank_transaction, $key) use ($action) { - if (auth()->user()->can('edit', $bank_transaction)) { $this->bank_transaction_repo->{$action}($bank_transaction); - } }); } diff --git a/app/Http/Requests/BankIntegration/BulkBankIntegrationRequest.php b/app/Http/Requests/BankIntegration/BulkBankIntegrationRequest.php new file mode 100644 index 000000000000..146678dfab61 --- /dev/null +++ b/app/Http/Requests/BankIntegration/BulkBankIntegrationRequest.php @@ -0,0 +1,37 @@ +user()->isAdmin(); + } + + public function rules() + { + + return [ + 'ids' => 'required|bail|array', + 'action' => 'in:archive,restore,delete' + ]; + + } +} diff --git a/app/Http/Requests/BankTransaction/BulkBankTransactionRequest.php b/app/Http/Requests/BankTransaction/BulkBankTransactionRequest.php new file mode 100644 index 000000000000..e0e2344e4e7c --- /dev/null +++ b/app/Http/Requests/BankTransaction/BulkBankTransactionRequest.php @@ -0,0 +1,37 @@ +user()->isAdmin(); + } + + public function rules() + { + + return [ + 'ids' => 'required|bail|array', + 'action' => 'in:archive,restore,delete,convert_matched' + ]; + + } +} diff --git a/tests/Feature/Bank/BankTransactionTest.php b/tests/Feature/Bank/BankTransactionTest.php index 8f96ccda2dd7..0a47c4d7404b 100644 --- a/tests/Feature/Bank/BankTransactionTest.php +++ b/tests/Feature/Bank/BankTransactionTest.php @@ -39,6 +39,46 @@ class BankTransactionTest extends TestCase ); } + + public function testBankTransactionBulkActions() + { + $data = [ + 'ids' => [$this->bank_integration->hashed_id], + 'action' => 'archive' + ]; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $this->token, + ])->post('/api/v1/bank_transactions/bulk', $data) + ->assertStatus(200); + + $data = [ + 'ids' => [$this->bank_integration->hashed_id], + 'action' => 'restore' + ]; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $this->token, + ])->post('/api/v1/bank_transactions/bulk', $data) + ->assertStatus(200); + + + $data = [ + 'ids' => [$this->bank_integration->hashed_id], + 'action' => 'delete' + ]; + + $response = $this->withHeaders([ + 'X-API-SECRET' => config('ninja.api_secret'), + 'X-API-TOKEN' => $this->token, + ])->post('/api/v1/bank_transactions/bulk', $data) + ->assertStatus(200); + + + } + public function testLinkExpenseToTransaction() { diff --git a/tests/Feature/BankIntegrationApiTest.php b/tests/Feature/BankIntegrationApiTest.php index 2b4f711b0ad3..13c317ffa74d 100644 --- a/tests/Feature/BankIntegrationApiTest.php +++ b/tests/Feature/BankIntegrationApiTest.php @@ -42,6 +42,21 @@ class BankIntegrationApiTest extends TestCase Model::reguard(); } + + public function testBankIntegrationPost() + { + $data = [ + 'bank_account_name' => 'Nuevo Banko', + ]; + + $response = $this->withHeaders([ + 'X-API-TOKEN' => $this->token, + ])->post('/api/v1/bank_integrations/', $data); + + $response->assertStatus(200); + } + + public function testBankIntegrationGet() { $response = $this->withHeaders([