Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-31 07:24:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for cascading rules

Browse Source
This commit is contained in:
David Bomba 2019-06-12 09:24:42 +10:00
parent 79907e6206
commit d9c216433a
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/Policies/UserPolicy.php
View File

@ -28,17 +28,17 @@ class UserPolicy extends EntityPolicy
*/ */
public function create(User $user) : bool public function create(User $user) : bool
{ {
return $user->isAdmin() || $user->hasPermission('create_user'); return $user->isAdmin() || $user->hasPermission('create_user');
} }
//we need to override as User does not have the company_id property!!!!! //we need to override as User does not have the company_id property!!!!!
public function edit(User $user, $entity) : bool public function edit(User $user, $user_entity) : bool
{ {
return ($user->isAdmin() && $entity->company_id == $user->companyId()) return ($user->isAdmin() && $user_entity->companyId() == $user->companyId());;
|| ($user->hasPermission('edit_' . strtolower(class_basename($entity))) && $entity->company_id == $user->companyId())
|| $user->owns($entity);
} }

2
database/migrations/2014_10_13_000000_create_users_table.php
View File

@ -248,8 +248,10 @@ class CreateUsersTable extends Migration
$table->unsignedInteger('user_id')->index(); $table->unsignedInteger('user_id')->index();
$table->string('token')->nullable(); $table->string('token')->nullable();
$table->string('name')->nullable(); $table->string('name')->nullable();
$table->foreign('company_id')->references('id')->on('companies')->onDelete('cascade'); $table->foreign('company_id')->references('id')->on('companies')->onDelete('cascade');
$table->foreign('account_id')->references('id')->on('accounts')->onDelete('cascade'); $table->foreign('account_id')->references('id')->on('accounts')->onDelete('cascade');
$table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
}); });
Schema::create('clients', function (Blueprint $table) { Schema::create('clients', function (Blueprint $table) {