Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Check authorized before approving quote

Browse Source
This commit is contained in:
Hillel Coren 2018-02-14 18:20:23 +02:00
parent 62c4275660
commit d1efd7b8aa
4 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/ClientPortalController.php
View File

@ -227,7 +227,7 @@ class ClientPortalController extends BaseController
return $pdfString; return $pdfString;
} }
public function sign($invitationKey) public function authorizeInvoice($invitationKey)
{ {
if (! $invitation = $this->invoiceRepo->findInvoiceByInvitation($invitationKey)) { if (! $invitation = $this->invoiceRepo->findInvoiceByInvitation($invitationKey)) {
return RESULT_FAILURE; return RESULT_FAILURE;

5
app/Http/Controllers/QuoteController.php
View File

@ -148,6 +148,11 @@ class QuoteController extends BaseController
{ {
$invitation = Invitation::with('invoice.invoice_items', 'invoice.invitations')->where('invitation_key', '=', $invitationKey)->firstOrFail(); $invitation = Invitation::with('invoice.invoice_items', 'invoice.invitations')->where('invitation_key', '=', $invitationKey)->firstOrFail();
$invoice = $invitation->invoice; $invoice = $invitation->invoice;
$account = $invoice->account;
if ($account->requiresAuthorization($invoice) && ! session('authorized:' . $invitation->invitation_key)) {
return redirect()->to('view/' . $invitation->invitation_key);
}
if ($invoice->due_date) { if ($invoice->due_date) {
$carbonDueDate = \Carbon::parse($invoice->due_date); $carbonDueDate = \Carbon::parse($invoice->due_date);

2
resources/views/invoices/view.blade.php
View File

@ -324,7 +324,7 @@
var data = false; var data = false;
@endif @endif
$.ajax({ $.ajax({
url: "{{ URL::to('sign/' . $invitation->invitation_key) }}", url: "{{ URL::to('authorize/' . $invitation->invitation_key) }}",
type: 'PUT', type: 'PUT',
data: data, data: data,
success: function(response) { success: function(response) {

2
routes/web.php
View File

@ -19,7 +19,7 @@ Route::group(['middleware' => ['lookup:contact', 'auth:client']], function () {
Route::get('proposal/{proposal_invitation_key}/download', 'ClientPortalProposalController@downloadProposal'); Route::get('proposal/{proposal_invitation_key}/download', 'ClientPortalProposalController@downloadProposal');
Route::get('proposal/{proposal_invitation_key}', 'ClientPortalProposalController@viewProposal'); Route::get('proposal/{proposal_invitation_key}', 'ClientPortalProposalController@viewProposal');
Route::get('download/{invitation_key}', 'ClientPortalController@download'); Route::get('download/{invitation_key}', 'ClientPortalController@download');
Route::put('sign/{invitation_key}', 'ClientPortalController@sign'); Route::put('authorize/{invitation_key}', 'ClientPortalController@authorizeInvoice');
Route::get('view', 'HomeController@viewLogo'); Route::get('view', 'HomeController@viewLogo');
Route::get('approve/{invitation_key}', 'QuoteController@approve'); Route::get('approve/{invitation_key}', 'QuoteController@approve');
Route::get('payment/{invitation_key}/{gateway_type?}/{source_id?}', 'OnlinePaymentController@showPayment'); Route::get('payment/{invitation_key}/{gateway_type?}/{source_id?}', 'OnlinePaymentController@showPayment');