From bfb4267f434fdbc41e66d7e2e355d7beaa6eea50 Mon Sep 17 00:00:00 2001 From: Joshua Dwire Date: Fri, 6 May 2016 14:29:44 -0400 Subject: [PATCH 1/3] Fix permissions bug for recurring invoices --- app/Ninja/Repositories/InvoiceRepository.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Ninja/Repositories/InvoiceRepository.php b/app/Ninja/Repositories/InvoiceRepository.php index b84536e88c9d..bb84c096b833 100644 --- a/app/Ninja/Repositories/InvoiceRepository.php +++ b/app/Ninja/Repositories/InvoiceRepository.php @@ -125,7 +125,8 @@ class InvoiceRepository extends BaseRepository 'contacts.last_name', 'contacts.email', 'invoices.deleted_at', - 'invoices.is_deleted' + 'invoices.is_deleted', + 'invoices.user_id' ); if ($clientPublicId) { From 475f5430f3d109f06fd36add11d4d83222d53345 Mon Sep 17 00:00:00 2001 From: Joshua Dwire Date: Fri, 6 May 2016 14:54:58 -0400 Subject: [PATCH 2/3] Update BaseService.php --- app/Services/BaseService.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Services/BaseService.php b/app/Services/BaseService.php index 90a7359910c2..ab1dcba74ecc 100644 --- a/app/Services/BaseService.php +++ b/app/Services/BaseService.php @@ -2,6 +2,7 @@ use Illuminate\Foundation\Bus\DispatchesJobs; use App\Services\DatatableService; +use Auth; class BaseService { From c4b17fedd8be517a25181f68195c3a985675fc8f Mon Sep 17 00:00:00 2001 From: Joshua Dwire Date: Fri, 6 May 2016 15:05:28 -0400 Subject: [PATCH 3/3] Fix permissions bugs --- app/Policies/AccountGatewayPolicy.php | 13 +++++++++++++ app/Policies/BankAccountPolicy.php | 13 +++++++++++++ app/Policies/PaymentTermPolicy.php | 13 +++++++++++++ app/Policies/ProductPolicy.php | 4 ++++ app/Policies/TaxRatePolicy.php | 4 ++++ app/Policies/TokenPolicy.php | 13 +++++++++++++ app/Providers/AuthServiceProvider.php | 7 ++++++- 7 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 app/Policies/AccountGatewayPolicy.php create mode 100644 app/Policies/BankAccountPolicy.php create mode 100644 app/Policies/PaymentTermPolicy.php create mode 100644 app/Policies/TokenPolicy.php diff --git a/app/Policies/AccountGatewayPolicy.php b/app/Policies/AccountGatewayPolicy.php new file mode 100644 index 000000000000..1e98caf04e92 --- /dev/null +++ b/app/Policies/AccountGatewayPolicy.php @@ -0,0 +1,13 @@ +hasPermission('admin'); + } + + public static function create($user) { + return $user->hasPermission('admin'); + } +} \ No newline at end of file diff --git a/app/Policies/BankAccountPolicy.php b/app/Policies/BankAccountPolicy.php new file mode 100644 index 000000000000..fa5eeff84856 --- /dev/null +++ b/app/Policies/BankAccountPolicy.php @@ -0,0 +1,13 @@ +hasPermission('admin'); + } + + public static function create($user) { + return $user->hasPermission('admin'); + } +} \ No newline at end of file diff --git a/app/Policies/PaymentTermPolicy.php b/app/Policies/PaymentTermPolicy.php new file mode 100644 index 000000000000..7acf8bb9ab44 --- /dev/null +++ b/app/Policies/PaymentTermPolicy.php @@ -0,0 +1,13 @@ +hasPermission('admin'); + } + + public static function create($user) { + return $user->hasPermission('admin'); + } +} \ No newline at end of file diff --git a/app/Policies/ProductPolicy.php b/app/Policies/ProductPolicy.php index d9dd62c34e9b..45ae97e961d7 100644 --- a/app/Policies/ProductPolicy.php +++ b/app/Policies/ProductPolicy.php @@ -6,4 +6,8 @@ class VendorPolicy extends EntityPolicy { public static function edit($user, $item) { return $user->hasPermission('admin'); } + + public static function create($user) { + return $user->hasPermission('admin'); + } } \ No newline at end of file diff --git a/app/Policies/TaxRatePolicy.php b/app/Policies/TaxRatePolicy.php index eb872e51f850..4de8e6ac7ec6 100644 --- a/app/Policies/TaxRatePolicy.php +++ b/app/Policies/TaxRatePolicy.php @@ -6,4 +6,8 @@ class TaxRatePolicy extends EntityPolicy { public static function edit($user, $item) { return $user->hasPermission('admin'); } + + public static function create($user) { + return $user->hasPermission('admin'); + } } \ No newline at end of file diff --git a/app/Policies/TokenPolicy.php b/app/Policies/TokenPolicy.php new file mode 100644 index 000000000000..36e37e313a69 --- /dev/null +++ b/app/Policies/TokenPolicy.php @@ -0,0 +1,13 @@ +hasPermission('admin'); + } + + public static function create($user) { + return $user->hasPermission('admin'); + } +} \ No newline at end of file diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 884c2587503d..084304a81de9 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -21,8 +21,13 @@ class AuthServiceProvider extends ServiceProvider \App\Models\Payment::class => \App\Policies\PaymentPolicy::class, \App\Models\Task::class => \App\Policies\TaskPolicy::class, \App\Models\Vendor::class => \App\Policies\VendorPolicy::class, + \App\Models\AccountGateway::class => \App\Policies\AccountGatewayPolicy::class, + \App\Models\Token::class => \App\Policies\TokenPolicy::class, + \App\Models\BankAccount::class => \App\Policies\BankAccountPolicy::class, + \App\Models\PaymentTerm::class => \App\Policies\PaymentTermPolicy::class, + ]; - + /** * Register any application authentication / authorization services. *