From bf4c4d0ce556f504f49ca81cc1fcb63070b9d8e1 Mon Sep 17 00:00:00 2001 From: Hillel Coren Date: Tue, 3 May 2016 11:53:00 +0300 Subject: [PATCH] Add user permissions to API delete --- app/Http/Controllers/BaseAPIController.php | 3 +++ app/Http/Controllers/ClientApiController.php | 17 +++++------------ app/Http/Controllers/InvoiceApiController.php | 13 ++++--------- app/Http/Controllers/PaymentApiController.php | 18 +++++++----------- 4 files changed, 19 insertions(+), 32 deletions(-) diff --git a/app/Http/Controllers/BaseAPIController.php b/app/Http/Controllers/BaseAPIController.php index a1983ed2b5f0..db99a3beaf1d 100644 --- a/app/Http/Controllers/BaseAPIController.php +++ b/app/Http/Controllers/BaseAPIController.php @@ -202,6 +202,9 @@ class BaseAPIController extends Controller if ($include == 'invoices') { $data[] = 'invoices.invoice_items'; $data[] = 'invoices.user'; + } elseif ($include == 'client') { + $data[] = 'client.contacts'; + $data[] = 'client.user'; } elseif ($include == 'clients') { $data[] = 'clients.contacts'; $data[] = 'clients.user'; diff --git a/app/Http/Controllers/ClientApiController.php b/app/Http/Controllers/ClientApiController.php index 557daa29fff6..dd82e9116131 100644 --- a/app/Http/Controllers/ClientApiController.php +++ b/app/Http/Controllers/ClientApiController.php @@ -143,20 +143,13 @@ class ClientApiController extends BaseAPIController * ) */ - public function destroy($publicId) + public function destroy(UpdateClientRequest $request) { - $client = Client::scope($publicId)->withTrashed()->first(); + $client = $request->entity(); + $this->clientRepo->delete($client); - $client = Client::scope($publicId) - ->with('country', 'contacts', 'industry', 'size', 'currency') - ->withTrashed() - ->first(); - - $transformer = new ClientTransformer(Auth::user()->account, Input::get('serializer')); - $data = $this->createItem($client, $transformer, ENTITY_CLIENT); - - return $this->response($data); + return $this->itemResponse($client); } - + } \ No newline at end of file diff --git a/app/Http/Controllers/InvoiceApiController.php b/app/Http/Controllers/InvoiceApiController.php index da8bc2b7a6cf..1361aad9e9a3 100644 --- a/app/Http/Controllers/InvoiceApiController.php +++ b/app/Http/Controllers/InvoiceApiController.php @@ -349,18 +349,13 @@ class InvoiceApiController extends BaseAPIController * ) */ - public function destroy($publicId) + public function destroy(UpdateInvoiceAPIRequest $request) { - $data['public_id'] = $publicId; - $invoice = Invoice::scope($publicId)->firstOrFail(); - + $invoice = $request->entity(); + $this->invoiceRepo->delete($invoice); - $transformer = new InvoiceTransformer(\Auth::user()->account, Input::get('serializer')); - $data = $this->createItem($invoice, $transformer, 'invoice'); - - return $this->response($data); - + return $this->itemResponse($invoice); } } diff --git a/app/Http/Controllers/PaymentApiController.php b/app/Http/Controllers/PaymentApiController.php index b41100acfad9..0dd8de50803b 100644 --- a/app/Http/Controllers/PaymentApiController.php +++ b/app/Http/Controllers/PaymentApiController.php @@ -49,7 +49,7 @@ class PaymentApiController extends BaseAPIController { $payments = Payment::scope() ->withTrashed() - ->with(['client.contacts', 'invitation', 'user', 'invoice']) + ->with(['invoice']) ->orderBy('created_at', 'desc'); return $this->listResponse($payments); @@ -145,17 +145,13 @@ class PaymentApiController extends BaseAPIController * ) */ - public function destroy($publicId) + public function destroy(UpdatePaymentRequest $request) { + $payment = $request->entity(); + + $this->clientRepo->delete($payment); - $payment = Payment::scope($publicId)->withTrashed()->first(); - $invoiceId = $payment->invoice->public_id; - - $this->paymentRepo->delete($payment); - - $transformer = new PaymentTransformer(\Auth::user()->account, Input::get('serializer')); - $data = $this->createItem($payment, $transformer, 'invoice'); - - return $this->response($data); + return $this->itemResponse($payment); } + }