mirror of
				https://github.com/invoiceninja/invoiceninja.git
				synced 2025-10-26 02:12:53 -04:00 
			
		
		
		
	* Tests for client contact passwords * test for client API * Client Tests for password quality * Final tests for client contact password * Implement feature permissions * Minor fixes
		
			
				
	
	
		
			164 lines
		
	
	
		
			4.4 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			164 lines
		
	
	
		
			4.4 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| /**
 | |
|  * Invoice Ninja (https://invoiceninja.com)
 | |
|  *
 | |
|  * @link https://github.com/invoiceninja/invoiceninja source repository
 | |
|  *
 | |
|  * @copyright Copyright (c) 2020. Invoice Ninja LLC (https://invoiceninja.com)
 | |
|  *
 | |
|  * @license https://opensource.org/licenses/AAL
 | |
|  */
 | |
| 
 | |
| namespace App\Http\Controllers;
 | |
| 
 | |
| use App\Exceptions\ModelNotFoundException;
 | |
| use App\Http\Requests\CompanyUser\UpdateCompanyUserRequest;
 | |
| use App\Models\CompanyUser;
 | |
| use App\Models\User;
 | |
| use App\Transformers\CompanyUserTransformer;
 | |
| use Illuminate\Http\Request;
 | |
| 
 | |
| class CompanyUserController extends BaseController
 | |
| {
 | |
| 
 | |
|     protected $entity_type = CompanyUser::class;
 | |
| 
 | |
|     protected $entity_transformer = CompanyUserTransformer::class;
 | |
| 
 | |
|     public function __construct()
 | |
|     {
 | |
|         parent::__construct();
 | |
| 
 | |
|         //$this->middleware('guest');
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Display a listing of the resource.
 | |
|      *
 | |
|      * @return \Illuminate\Http\Response
 | |
|      */
 | |
|     public function index()
 | |
|     {
 | |
|         // return view('signup.index');
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Show the form for creating a new resource.
 | |
|      *
 | |
|      * @return \Illuminate\Http\Response
 | |
|      */
 | |
|     public function create()
 | |
|     {
 | |
|         //
 | |
|     }
 | |
| 
 | |
|     
 | |
|     public function store(CreateAccountRequest $request)
 | |
|     {
 | |
| 
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Display the specified resource.
 | |
|      *
 | |
|      * @param  int  $id
 | |
|      * @return \Illuminate\Http\Response
 | |
|      */
 | |
|     public function show($id)
 | |
|     {
 | |
|         //
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Show the form for editing the specified resource.
 | |
|      *
 | |
|      * @param  int  $id
 | |
|      * @return \Illuminate\Http\Response
 | |
|      */
 | |
|     public function edit($id)
 | |
|     {
 | |
|         //
 | |
|     }
 | |
| 
 | |
| 
 | |
|     /**
 | |
|      * Store a newly created resource in storage.
 | |
|      *
 | |
|      *
 | |
|      * @OA\Post(
 | |
|      *      path="/api/v1/company_users",
 | |
|      *      operationId="updateCompanyUser",
 | |
|      *      tags={"company_user"},
 | |
|      *      summary="Update a company user record",
 | |
|      *      description="Attempts to update a company user record. A company user can modify only their settings fields. Full access for Admin users",
 | |
|      *      @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
 | |
|      *      @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
 | |
|      *      @OA\Parameter(
 | |
|      *          name="id",
 | |
|      *          in="path",
 | |
|      *          description="The Invoice Hashed ID",
 | |
|      *          example="D2J234DFA",
 | |
|      *          required=true,
 | |
|      *          @OA\Schema(
 | |
|      *              type="string",
 | |
|      *              format="string",
 | |
|      *          ),
 | |
|      *      ),
 | |
|      *      @OA\Response(
 | |
|      *          response=200,
 | |
|      *          description="The Company User response",
 | |
|      *          @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
 | |
|      *          @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
 | |
|      *          @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
 | |
|      *          @OA\JsonContent(ref="#/components/schemas/CompanyUser"),
 | |
|      *       ),
 | |
|      *       @OA\Response(
 | |
|      *          response=422,
 | |
|      *          description="Validation error",
 | |
|      *          @OA\JsonContent(ref="#/components/schemas/ValidationError"),
 | |
| 
 | |
|      *       ),
 | |
|      *       @OA\Response(
 | |
|      *           response="default",
 | |
|      *           description="Unexpected Error",
 | |
|      *           @OA\JsonContent(ref="#/components/schemas/Error"),
 | |
|      *       ),
 | |
|      *     )
 | |
|      */
 | |
|     public function update(UpdateCompanyUserRequest $request, User $user)
 | |
|     {
 | |
|             $company = auth()->user()->company();
 | |
| 
 | |
|             
 | |
|             $company_user = CompanyUser::whereUserId($user->id)->whereCompanyId($company->id)->first();
 | |
| 
 | |
|             if(!$company_user){
 | |
|                 throw new ModelNotFoundException("Company User record not found");
 | |
|                 return;
 | |
|             }
 | |
| 
 | |
|             if(auth()->user()->isAdmin()){
 | |
|                 $company_user->fill($request->input('company_user'));
 | |
|             }
 | |
|             else {
 | |
|                 $company_user->fill($request->input('company_user')['settings']);
 | |
|                 $company_user->fill($request->input('company_user')['notifications']);
 | |
|             }
 | |
|             
 | |
|             $company_user->save();
 | |
| 
 | |
|             return $this->itemResponse($company_user->fresh());
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Remove the specified resource from storage.
 | |
|      *
 | |
|      * @param  int  $id
 | |
|      * @return \Illuminate\Http\Response
 | |
|      */
 | |
|     public function destroy($id)
 | |
|     {
 | |
|         //
 | |
|     }
 | |
| }
 |