diff --git a/app/Http/Controllers/BaseController.php b/app/Http/Controllers/BaseController.php index 75126c91a6b2..b3be6c2d793a 100644 --- a/app/Http/Controllers/BaseController.php +++ b/app/Http/Controllers/BaseController.php @@ -267,7 +267,7 @@ class BaseController extends Controller $updated_at = request()->has('updated_at') ? request()->input('updated_at') : 0; - if ($user->getCompany()->is_large && $updated_at == 0) { + if ($user->getCompany()->is_large && $updated_at == 0 && $this->complexPermissionsUser()) { $updated_at = time(); } @@ -613,11 +613,27 @@ class BaseController extends Controller return $this->response($this->manager->createData($resource)->toArray()); } + /** + * In case a user is not an admin and is + * able to access multiple companies, then we + * need to pass back the mini load only + * + * @return bool + */ + private function complexPermissionsUser(): bool + { + //if the user is attached to more than one company AND they are not an admin across all companies + if(auth()->user()->company_users()->count() > 1 && (auth()->user()->company_users()->where('is_admin',1)->count() != auth()->user()->company_users()->count())) + return true; + + return false; + } + protected function timeConstrainedResponse($query) { $user = auth()->user(); - if ($user->getCompany()->is_large) { + if ($user->getCompany()->is_large || $this->complexPermissionsUser()) { $this->manager->parseIncludes($this->mini_load); return $this->miniLoadResponse($query); diff --git a/lang/en/texts.php b/lang/en/texts.php index a4010af54d2e..1766559164fc 100644 --- a/lang/en/texts.php +++ b/lang/en/texts.php @@ -4951,6 +4951,7 @@ $LANG = array( 'notify_vendor_when_paid_help' => 'Send an email to the vendor when the expense is marked as paid', 'update_payment' => 'Update Payment', 'markup' => 'Markup', + 'unlock_pro' => 'Unlock Pro', );