Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-24 02:14:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Minor fixes for permissions

Browse Source
This commit is contained in:
David Bomba 2023-02-28 22:07:58 +11:00
parent 1cf953a080
commit bf85ea60e4
5 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Http/Controllers/BankTransactionController.php
View File

@ -83,7 +83,7 @@ class BankTransactionController extends BaseController
* response="default",
* description="Unexpected Error",
* @OA\JsonContent(ref="#/components/schemas/Error"),
* ),
* ),zz
* )
* @param BankTransactionFilters $filter
* @return Response|mixed
@ -531,7 +531,6 @@ class BankTransactionController extends BaseController
*/
public function match(MatchBankTransactionRequest $request)
{
// MatchBankTransactions::dispatch(auth()->user()->company()->id, auth()->user()->company()->db, $request->all());
$bts = (new MatchBankTransactions(auth()->user()->company()->id, auth()->user()->company()->db, $request->all()))->handle();

3
app/Http/Requests/BankTransaction/MatchBankTransactionRequest.php
View File

@ -12,6 +12,7 @@
namespace App\Http\Requests\BankTransaction;
use App\Http\Requests\Request;
use App\Models\BankTransaction;
use App\Models\Expense;
use App\Models\Payment;
@ -24,7 +25,7 @@ class MatchBankTransactionRequest extends Request
*/
public function authorize() : bool
{
return auth()->user()->isAdmin();
return auth()->user()->isAdmin() || auth()->user()->can('create', BankTransaction::class || auth()->user()->hasPermission('edit_bank_transaction'));
}
public function rules()

2
app/Http/Requests/Preview/PreviewInvoiceRequest.php
View File

@ -31,7 +31,7 @@ class PreviewInvoiceRequest extends Request
*/
public function authorize() : bool
{
return auth()->user()->can('create', Invoice::class) || auth()->user()->can('create', Quote::class) || auth()->user()->can('create', RecurringInvoice::class) || auth()->user()->can('create', Credit::class);
return auth()->user()->hasIntersectPermissionsOrAdmin(['view_invoice', 'view_quote', 'view_recurring_invoice', 'view_credit', 'create_invoice', 'create_quote', 'create_recurring_invoice', 'create_credit','edit_invoice', 'edit_quote', 'edit_recurring_invoice', 'edit_credit']);
}
public function rules()

2
app/Http/Requests/Preview/PreviewPurchaseOrderRequest.php
View File

@ -28,7 +28,7 @@ class PreviewPurchaseOrderRequest extends Request
*/
public function authorize() : bool
{
return auth()->user()->can('create', PurchaseOrder::class);
return auth()->user()->hasIntersectPermissionsOrAdmin(['create_purchase_order', 'edit_purchase_order', 'view_purchase_order']);
}
public function rules()

2
app/Http/Requests/Product/UpdateProductRequest.php
View File

@ -26,7 +26,7 @@ class UpdateProductRequest extends Request
*/
public function authorize() : bool
{
return auth()->user()->can('create', Product::class);
return auth()->user()->can('edit', $this->product);
}
public function rules()