diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index 3a320ef237bf..280de3a43110 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -438,14 +438,6 @@ class LoginController extends BaseController $cu = CompanyUser::query() ->where('user_id', auth()->user()->id); - // $cu->first()->account->companies->each(function ($company) use($cu){ - - // if($company->tokens()->where('is_system', true)->count() == 0) - // { - // CreateCompanyToken::dispatchNow($company, $cu->first()->user, request()->server('HTTP_USER_AGENT')); - // } - // }); - if($existing_login_user->company_users()->count() != $existing_login_user->tokens()->count()) { diff --git a/app/Http/Controllers/BaseController.php b/app/Http/Controllers/BaseController.php index 32b0b398a02a..6d5196d536c3 100644 --- a/app/Http/Controllers/BaseController.php +++ b/app/Http/Controllers/BaseController.php @@ -624,7 +624,7 @@ class BaseController extends Controller // 10-01-2022 need to ensure we snake case properly here to ensure permissions work as expected // if (auth()->user() && ! auth()->user()->hasPermission('view_'.lcfirst(class_basename($this->entity_type)))) { - if (auth()->user() && ! auth()->user()->hasPermission('view'.lcfirst(class_basename(Str::snake($this->entity_type))))) { + if (auth()->user() && ! auth()->user()->hasPermission('view_'.lcfirst(class_basename(Str::snake($this->entity_type))))) { $query->where('user_id', '=', auth()->user()->id); } diff --git a/app/Models/CompanyToken.php b/app/Models/CompanyToken.php index 2a4e941d2939..24a992623944 100644 --- a/app/Models/CompanyToken.php +++ b/app/Models/CompanyToken.php @@ -59,13 +59,9 @@ class CompanyToken extends BaseModel public function cu() { - return $this->hasOne(CompanyUser::class, 'user_id', 'user_id') - ->where('company_id', $this->company_id) - ->where('user_id', $this->user_id); - - // return $this->company_user; - // return $this->belongsTo(CompanyUser::class)->where('user_id', $this->user_id); - - // return $this->hasOneThrough(CompanyUser::class, Company::class, 'id', 'company_id', 'company_id', 'id'); + return $this->hasOne(CompanyUser::class, 'user_id', 'user_id') + ->where('company_id', $this->company_id) + ->where('user_id', $this->user_id); + } } diff --git a/app/Models/User.php b/app/Models/User.php index bf2195fb372e..7288f94a7e67 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -156,7 +156,6 @@ class User extends Authenticatable implements MustVerifyEmail return CompanyToken::with(['cu'])->where('token', request()->header('X-API-TOKEN'))->first(); } - return $this->tokens()->first(); } @@ -371,9 +370,10 @@ class User extends Authenticatable implements MustVerifyEmail return $this->isOwner() || $this->isAdmin() || - (stripos($this->token()->cu->permissions, $all_permission) !== false) || - (stripos($this->token()->cu->permissions, $permission) !== false); + (is_int(stripos($this->token()->cu->permissions, $all_permission))) || + (is_int(stripos($this->token()->cu->permissions, $permission))); + //23-03-2021 - stripos return an int if true and bool false, but 0 is also interpreted as false, so we simply use is_int() to verify state // return $this->isOwner() || // $this->isAdmin() || // (stripos($this->company_user->permissions, $all_permission) !== false) || @@ -404,9 +404,6 @@ class User extends Authenticatable implements MustVerifyEmail if($this->token()->cu->slack_webhook_url) return $this->token()->cu->slack_webhook_url; - // if ($this->company_user->slack_webhook_url) { - // return $this->company_user->slack_webhook_url; - // } } public function routeNotificationForMail($notification)