Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixed searching for non-admins

Browse Source
This commit is contained in:
Hillel Coren 2016-05-08 21:29:49 +03:00
parent 4712780ff6
commit fec948f1e8
4 changed files with 22 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Http/Controllers/AccountController.php
View File

@ -253,8 +253,7 @@ class AccountController extends BaseController
public function getSearchData()
{
$account = Auth::user()->account;
$data = $this->accountRepo->getSearchData($account);
$data = $this->accountRepo->getSearchData(Auth::user());
return Response::json($data);
}

6
app/Http/routes.php
View File

@ -110,6 +110,7 @@ Route::group(['middleware' => 'auth:user'], function() {
Route::get('view_archive/{entity_type}/{visible}', 'AccountController@setTrashVisible');
Route::get('hide_message', 'HomeController@hideMessage');
Route::get('force_inline_pdf', 'UserController@forcePDFJS');
Route::get('account/getSearchData', array('as' => 'getSearchData', 'uses' => 'AccountController@getSearchData'));
Route::get('settings/user_details', 'AccountController@showUserDetails');
Route::post('settings/user_details', 'AccountController@saveUserDetails');
@ -220,11 +221,6 @@ Route::group([
Route::get('settings/{section?}', 'AccountController@showSection');
Route::post('settings/{section?}', 'AccountController@doSection');
//Route::get('api/payment_terms', array('as'=>'api.payment_terms', 'uses'=>'PaymentTermController@getDatatable'));
//Route::resource('payment_terms', 'PaymentTermController');
//Route::post('payment_terms/bulk', 'PaymentTermController@bulk');
Route::get('account/getSearchData', array('as' => 'getSearchData', 'uses' => 'AccountController@getSearchData'));
Route::post('user/setTheme', 'UserController@setTheme');
Route::post('remove_logo', 'AccountController@removeLogo');
Route::post('account/go_pro', 'AccountController@enableProPlan');

2
app/Libraries/Utils.php
View File

@ -140,7 +140,7 @@ class Utils
public static function hasAllPermissions($permission)
{
return Auth::check() && Auth::user()->hasPermissions($permission);
return Auth::check() && Auth::user()->hasPermission($permission);
}
public static function isTrial()

28
app/Ninja/Repositories/AccountRepository.php
View File

@ -75,17 +75,19 @@ class AccountRepository
return $account;
}
public function getSearchData($account)
public function getSearchData($user)
{
$data = $this->getAccountSearchData($account);
$data = $this->getAccountSearchData($user);
$data['navigation'] = $this->getNavigationSearchData();
$data['navigation'] = $user->is_admin ? $this->getNavigationSearchData() : [];
return $data;
}
private function getAccountSearchData($account)
private function getAccountSearchData($user)
{
$account = $user->account;
$data = [
'clients' => [],
'contacts' => [],
@ -100,11 +102,19 @@ class AccountRepository
if ($account->custom_client_label2) {
$data[$account->custom_client_label2] = [];
}
$clients = Client::scope()
->with('contacts', 'invoices')
->get();
if ($user->hasPermission('view_all')) {
$clients = Client::scope()
->with('contacts', 'invoices')
->get();
} else {
$clients = Client::scope()
->where('user_id', '=', $user->id)
->with(['contacts', 'invoices' => function($query) use ($user) {
$query->where('user_id', '=', $user->id);
}])->get();
}
foreach ($clients as $client) {
if ($client->name) {
$data['clients'][] = [