Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-11-03 23:07:32 -05:00
Code Issues Packages Projects Releases Wiki Activity

Minor fixes for permissions

Browse Source
This commit is contained in:
David Bomba 2023-02-28 22:07:58 +11:00
parent 1cf953a080
commit bf85ea60e4
5 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Http/Controllers/BankTransactionController.php
View File

@ -83,7 +83,7 @@ class BankTransactionController extends BaseController
* response="default", * response="default",
* description="Unexpected Error", * description="Unexpected Error",
* @OA\JsonContent(ref="#/components/schemas/Error"), * @OA\JsonContent(ref="#/components/schemas/Error"),
* ), * ),zz
* ) * )
* @param BankTransactionFilters $filter * @param BankTransactionFilters $filter
* @return Response|mixed * @return Response|mixed
@ -531,7 +531,6 @@ class BankTransactionController extends BaseController
*/ */
public function match(MatchBankTransactionRequest $request) public function match(MatchBankTransactionRequest $request)
{ {
// MatchBankTransactions::dispatch(auth()->user()->company()->id, auth()->user()->company()->db, $request->all());
$bts = (new MatchBankTransactions(auth()->user()->company()->id, auth()->user()->company()->db, $request->all()))->handle(); $bts = (new MatchBankTransactions(auth()->user()->company()->id, auth()->user()->company()->db, $request->all()))->handle();

3
app/Http/Requests/BankTransaction/MatchBankTransactionRequest.php
View File

@ -12,6 +12,7 @@
namespace App\Http\Requests\BankTransaction; namespace App\Http\Requests\BankTransaction;
use App\Http\Requests\Request; use App\Http\Requests\Request;
use App\Models\BankTransaction;
use App\Models\Expense; use App\Models\Expense;
use App\Models\Payment; use App\Models\Payment;
@ -24,7 +25,7 @@ class MatchBankTransactionRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->isAdmin(); return auth()->user()->isAdmin() || auth()->user()->can('create', BankTransaction::class || auth()->user()->hasPermission('edit_bank_transaction'));
} }
public function rules() public function rules()

2
app/Http/Requests/Preview/PreviewInvoiceRequest.php
View File

@ -31,7 +31,7 @@ class PreviewInvoiceRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->can('create', Invoice::class) || auth()->user()->can('create', Quote::class) || auth()->user()->can('create', RecurringInvoice::class) || auth()->user()->can('create', Credit::class); return auth()->user()->hasIntersectPermissionsOrAdmin(['view_invoice', 'view_quote', 'view_recurring_invoice', 'view_credit', 'create_invoice', 'create_quote', 'create_recurring_invoice', 'create_credit','edit_invoice', 'edit_quote', 'edit_recurring_invoice', 'edit_credit']);
} }
public function rules() public function rules()

2
app/Http/Requests/Preview/PreviewPurchaseOrderRequest.php
View File

@ -28,7 +28,7 @@ class PreviewPurchaseOrderRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->can('create', PurchaseOrder::class); return auth()->user()->hasIntersectPermissionsOrAdmin(['create_purchase_order', 'edit_purchase_order', 'view_purchase_order']);
} }
public function rules() public function rules()

2
app/Http/Requests/Product/UpdateProductRequest.php
View File

@ -26,7 +26,7 @@ class UpdateProductRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->can('create', Product::class); return auth()->user()->can('edit', $this->product);
} }
public function rules() public function rules()