Merge pull request #6012 from turbo124/v5-develop

Fixes logic for hosted login
2025-07-09 03:14:30 -04:00 · 2021-06-14 17:06:25 +10:00 · 2021-06-14 17:06:25 +10:00 · cdafa4e8a7
commit cdafa4e8a7
parent 9ffa092fb1 1397c9ab1c
3 changed files with 22 additions and 9 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -222,14 +222,9 @@ class LoginController extends BaseController

            });

-            // $cu->first()->account->companies->each(function ($company) use($cu, $request){
-
-            //     if($company->tokens()->where('is_system', true)->count() == 0)
-            //     {
-            //         CreateCompanyToken::dispatchNow($company, $cu->first()->user, $request->server('HTTP_USER_AGENT'));
-            //     }
-
-            // });
+            /*On the hosted platform, only owners can login for free/pro accounts*/
+            if(Ninja::isHosted() && !$cu->first()->is_owner && !$user->account->isEnterpriseClient())
+                return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);

            return $this->timeConstrainedResponse($cu);

@ -318,6 +313,9 @@ class LoginController extends BaseController
        if($request->has('current_company') && $request->input('current_company') == 'true')
          $cu->where("company_id", $company_token->company_id);

+        if(Ninja::isHosted() && !$cu->first()->is_owner && !$cu->first()->user->account->isEnterpriseClient())
+            return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
+
        return $this->refreshResponse($cu);
    }

@ -379,6 +377,9 @@ class LoginController extends BaseController
                    }
                });

+                if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_user->account->isEnterpriseClient())
+                    return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
+
                return $this->timeConstrainedResponse($cu);
                
            }
@ -407,6 +408,9 @@ class LoginController extends BaseController
                    }
                });

+                if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient())
+                    return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
+
                return $this->timeConstrainedResponse($cu);
            }

@ -439,6 +443,9 @@ class LoginController extends BaseController
                    }
                });

+                if(Ninja::isHosted() && !$cu->first()->is_owner && !$existing_login_user->account->isEnterpriseClient())
+                    return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
+
                return $this->timeConstrainedResponse($cu);
            }

@ -478,6 +485,9 @@ class LoginController extends BaseController
                }
            });

+            if(Ninja::isHosted() && !$cu->first()->is_owner && !auth()->user()->account->isEnterpriseClient())
+                return response()->json(['message' => 'Pro / Free accounts only the owner can log in. Please upgrade'], 403);
+
            return $this->timeConstrainedResponse($cu);
        }

--- a/app/Utils/HtmlEngine.php
+++ b/app/Utils/HtmlEngine.php
@ -181,6 +181,7 @@ class HtmlEngine
        $data['$amount_due'] = ['value' => &$data['$total']['value'], 'label' => ctrans('texts.amount_due')];
        $data['$quote.total'] = &$data['$total'];
        $data['$invoice.total'] = ['value' => Number::formatMoney($this->entity_calc->getTotal(), $this->client) ?: '&nbsp;', 'label' => ctrans('texts.invoice_total')];
+        $data['$invoice_total_raw'] = ['value' => $this->entity_calc->getTotal(), 'label' => ctrans('texts.invoice_total')];
        $data['$invoice.amount'] = &$data['$total'];
        $data['$quote.amount'] = ['value' => Number::formatMoney($this->entity_calc->getTotal(), $this->client) ?: '&nbsp;', 'label' => ctrans('texts.quote_total')];
        $data['$credit.total'] = ['value' => Number::formatMoney($this->entity_calc->getTotal(), $this->client) ?: '&nbsp;', 'label' => ctrans('texts.credit_total')];
--- a/tests/Integration/MultiDBUserTest.php
+++ b/tests/Integration/MultiDBUserTest.php
@ -194,6 +194,8 @@ class MultiDBUserTest extends TestCase
                ],
        ];

+        $response = false;
+
        try {
            $response = $this->withHeaders([
                'X-API-SECRET' => config('ninja.api_secret'),
@ -203,7 +205,7 @@ class MultiDBUserTest extends TestCase
        } catch (ValidationException $e) {
            $message = json_decode($e->validator->getMessageBag(), 1);
            $this->assertNotNull($message);
-
+            nlog($message);
        }

        if ($response) {