mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2025-05-24 02:14:21 -04:00
ba75a44eb8
* Adopt Laravel coding style The Laravel framework adopts the PSR-2 coding style with some additions. Laravel apps *should* adopt this coding style as well. However, Shift allows you to customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config to your project. You may use [Shift's .php_cs][2] file as a base. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200 * Shift bindings PHP 5.5.9+ adds the new static `class` property which provides the fully qualified class name. This is preferred over using class name strings as these references are checked by the parser. * Shift core files * Shift to Throwable * Add laravel/ui dependency * Unindent vendor mail templates * Shift config files * Default config files In an effort to make upgrading the constantly changing config files easier, Shift defaulted them so you can review the commit diff for changes. Moving forward, you should use ENV variables or create a separate config file to allow the core config files to remain automatically upgradeable. * Shift Laravel dependencies * Shift cleanup * Upgrade to Laravel 7 Co-authored-by: Laravel Shift <shift@laravelshift.com>
116 lines
3.4 KiB
PHP
116 lines
3.4 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\ClientPortal;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\Invoice;
|
|
use App\Utils\Traits\MakesHash;
|
|
use Illuminate\Support\Facades\Hash;
|
|
|
|
class EntityViewController extends Controller
|
|
{
|
|
use MakesHash;
|
|
|
|
/**
|
|
* Available options for viewing.
|
|
*
|
|
* @var array
|
|
*/
|
|
private $entity_types = ['invoice', 'quote'];
|
|
|
|
/**
|
|
* Show the entity outside client portal.
|
|
*
|
|
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function index(string $entity_type, string $invitation_key)
|
|
{
|
|
if (! in_array($entity_type, $this->entity_types)) {
|
|
abort(404);
|
|
}
|
|
|
|
$invitation_entity = sprintf('App\\Models\\%sInvitation', ucfirst($entity_type));
|
|
|
|
$key = $entity_type.'_id';
|
|
|
|
$invitation = $invitation_entity::whereRaw('BINARY `key`= ?', [$invitation_key])->firstOrFail();
|
|
|
|
$contact = $invitation->contact;
|
|
|
|
if (is_null($contact->password) || empty($contact->password)) {
|
|
return redirect("/client/password/reset?email={$contact->email}");
|
|
}
|
|
|
|
$entity_class = sprintf('App\\Models\\%s', ucfirst($entity_type));
|
|
$entity = $entity_class::findOrFail($invitation->{$key});
|
|
|
|
if ((bool) $invitation->contact->client->getSetting('enable_client_portal_password') !== false) {
|
|
session()->flash("{$entity_type}_VIEW_{$entity->hashed_id}", true);
|
|
}
|
|
|
|
if (! session("{$entity_type}_VIEW_{$entity->hashed_id}")) {
|
|
return redirect()->route('client.entity_view.password', compact('entity_type', 'invitation_key'));
|
|
}
|
|
|
|
return $this->render('view_entity.index', [
|
|
'root' => 'themes',
|
|
'entity' => $entity,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Show the form for entering password.
|
|
*
|
|
* @param string $entity_type
|
|
* @param string $invitation_key
|
|
*
|
|
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
|
|
*/
|
|
public function password(string $entity_type, string $invitation_key)
|
|
{
|
|
return $this->render('view_entity.password', [
|
|
'root' => 'themes',
|
|
'entity_type' => $entity_type,
|
|
]);
|
|
}
|
|
|
|
/**`
|
|
* Handle the password check.
|
|
*
|
|
* @param string $entity_type
|
|
* @param string $invitation_key
|
|
*
|
|
* @return \Illuminate\Routing\Redirector|\Illuminate\Http\RedirectResponse|mixed
|
|
*/
|
|
public function handlePassword(string $entity_type, string $invitation_key)
|
|
{
|
|
if (! in_array($entity_type, $this->entity_types)) {
|
|
abort(404);
|
|
}
|
|
|
|
$invitation_entity = sprintf('App\\Models\\%sInvitation', ucfirst($entity_type));
|
|
|
|
$key = $entity_type.'_id';
|
|
|
|
$invitation = $invitation_entity::whereRaw('BINARY `key`= ?', [$invitation_key])->firstOrFail();
|
|
|
|
$contact = $invitation->contact;
|
|
|
|
$check = Hash::check(request()->password, $contact->password);
|
|
|
|
$entity_class = sprintf('App\\Models\\%s', ucfirst($entity_type));
|
|
|
|
$entity = $entity_class::findOrFail($invitation->{$key});
|
|
|
|
if ($check) {
|
|
session()->flash("{$entity_type}_VIEW_{$entity->hashed_id}", true);
|
|
|
|
return redirect()->route('client.entity_view', compact('entity_type', 'invitation_key'));
|
|
}
|
|
|
|
session()->flash('PASSWORD_FAILED', true);
|
|
|
|
return back();
|
|
}
|
|
}
|