Fix Model Policies from matching user_id's and account_id's, and other minor cosmetic fixes

app/Http/Kernel.php

@@ -36,7 +36,6 @@ class Kernel extends HttpKernel
             \Illuminate\View\Middleware\ShareErrorsFromSession::class,
             \App\Http\Middleware\VerifyCsrfToken::class,
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
-            // \App\Http\Middleware\SetSite::class,
             \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
         ],
 

app/Http/Middleware/Role.php

@@ -10,7 +10,7 @@ class Role
 	public function handle($request, Closure $next, $role)
 	{
 		if ($role AND ! Auth::user())
-			return abort(303,'Not Authenticated');
+			abort(403,'Not Authenticated');
 
 		switch ($role) {
 			case 'wholesaler':

app/Mail/InvoiceEmail.php

@@ -3,9 +3,9 @@
 namespace App\Mail;
 
 use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Mail\Mailable;
 use Illuminate\Queue\SerializesModels;
-use Illuminate\Contracts\Queue\ShouldQueue;
 
 use App\Models\Invoice;
 

app/Mail/OrderRequestApprove.php

@@ -13,8 +13,8 @@ class OrderRequestApprove extends Mailable
 {
     use Queueable, SerializesModels;
 
-	public $service;
-	public $notes;
+	public Service $service;
+	public string $notes;
 
 	/**
 	 * Create a new message instance.
@@ -22,7 +22,7 @@ class OrderRequestApprove extends Mailable
 	 * @param Service $o
 	 * @param string  $notes
 	 */
-    public function __construct(Service $o,$notes='')
+    public function __construct(Service $o,string $notes='')
     {
 		$this->service = $o;
 		$this->notes = $notes;
@@ -35,8 +35,7 @@ class OrderRequestApprove extends Mailable
      */
     public function build()
     {
-		switch ($this->service->category)
-		{
+		switch ($this->service->category) {
 			case 'ADSL': $subject = sprintf('%s: %s',$this->service->category,$this->service->service_adsl->service_address);
 				break;
 

app/Mail/OrderRequestReject.php

@@ -13,15 +13,15 @@ class OrderRequestReject extends Mailable
 {
     use Queueable, SerializesModels;
 
-	public $service;
-	public $reason;
+	public Service $service;
+	public string $reason;
 
     /**
      * Create a new message instance.
      *
      * @return void
      */
-    public function __construct(Service $o,$reason)
+    public function __construct(Service $o,string $reason)
     {
 		$this->service = $o;
 		$this->reason = $reason;

app/Mail/SocialLink.php

@@ -12,14 +12,13 @@ class SocialLink extends Mailable
 {
 	use Queueable, SerializesModels;
 
-	public $token;
-	public $user;
+	public string $token;
+	public User $user;
 
 	/**
 	 * Create a new message instance.
 	 *
-	 * @param User		$o
-	 * @param string	$token
+	 * @param AccountOauth $o
 	 */
 	public function __construct(AccountOauth $o)
 	{

app/Mail/TestEmail.php

@@ -11,31 +11,33 @@ use App\Models\User;
 
 class TestEmail extends Mailable
 {
-    use Queueable, SerializesModels;
+	use Queueable, SerializesModels;
 
-    /**
-     * Create a new message instance.
-     *
-     * @return void
-     */
-    public function __construct(User $o)
-    {
-        $this->user = $o;
-    }
+	public User $user;
 
-    /**
-     * Build the message.
-     *
-     * @return $this
-     */
-    public function build()
-    {
-	    return $this
-		    ->markdown('email.system.test_email')
-		    ->subject('Just a test...')
-		    ->with([
-			    'site'=>$this->user->site,
-			    'user'=>$this->user,
-		    ]);
-    }
+	/**
+	 * Create a new message instance.
+	 *
+	 * @return void
+	 */
+	public function __construct(User $o)
+	{
+		$this->user = $o;
+	}
+
+	/**
+	 * Build the message.
+	 *
+	 * @return $this
+	 */
+	public function build()
+	{
+		return $this
+			->markdown('email.system.test_email')
+			->subject('Just a test...')
+			->with([
+				'site'=>$this->user->site,
+				'user'=>$this->user,
+			]);
+	}
 }

app/Mail/TrafficMismatch.php

@@ -2,19 +2,21 @@
 
 namespace App\Mail;
 
-use App\Models\Site;
 use Carbon\Carbon;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Mail\Mailable;
 use Illuminate\Queue\SerializesModels;
 
-use App\Models\AdslSupplier;
+use App\Models\{AdslSupplier,Site};
 
 class TrafficMismatch extends Mailable
 {
 	use Queueable, SerializesModels;
 
+	public AdslSupplier $aso;
+	public Carbon $date;
+
 	/**
 	 * Create a new message instance.
 	 *

app/Models/AccountOauth.php

@@ -39,7 +39,7 @@ class AccountOauth extends Model
 	/**
 	 * Get a link token to use when validating account.
 	 */
-	public function getLinkTokenAttribute()
+	public function getLinkTokenAttribute(): string
 	{
 		return strtoupper(substr(md5($this->id.$this->date_last),0,8));
 	}

app/Models/Policies/AccountPolicy.php

@@ -13,29 +13,29 @@ class AccountPolicy
 	/**
 	 * Determine whether the user can view the service.
 	 *
-	 * @param User $user
-	 * @param Account $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Account $ao
+	 * @return bool
 	 */
-	public function view(User $user, Account $o)
+	public function view(User $uo,Account $ao): bool
 	{
 		// If this is a service for an account managed by a user.
-		return ($user->accounts->pluck('id')->search($o->id) !== FALSE)
+		return ($uo->accounts->pluck('id')->search($ao->id) !== FALSE)
 
-		// The user is the wholesaler
-			OR $user->isWholesaler()
+			// The user is the wholesaler
+			OR $uo->isWholesaler()
 
-		// The user is the reseller
-			OR $user->all_accounts()->pluck('id')->search($o->id);
+			// The user is the reseller
+			OR ($uo->all_accounts()->pluck('id')->search($ao->id) !== FALSE);
 	}
 
 	/**
 	 * Determine whether the user can create services.
 	 *
-	 * @param User $user
-	 * @return mixed
+	 * @param User $uo
+	 * @return bool
 	 */
-	public function create(User $user)
+	public function create(User $uo): bool
 	{
 		return TRUE;
 	}
@@ -43,48 +43,48 @@ class AccountPolicy
 	/**
 	 * Determine whether the user can update the service.
 	 *
-	 * @param User $user
-	 * @param Account $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Account $ao
+	 * @return bool
 	 */
-	public function update(User $user, Account $o)
+	public function update(User $uo,Account $ao): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can delete the service.
 	 *
-	 * @param User $user
-	 * @param Account $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Account $ao
+	 * @return bool
 	 */
-	public function delete(User $user, Account $o)
+	public function delete(User $uo,Account $ao): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can restore the service.
 	 *
-	 * @param User $user
-	 * @param Account $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Account $ao
+	 * @return bool
 	 */
-	public function restore(User $user, Account $o)
+	public function restore(User $uo,Account $ao): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can permanently delete the service.
 	 *
-	 * @param User $user
-	 * @param Account $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Account $ao
+	 * @return bool
 	 */
-	public function forceDelete(User $user, Account $o)
+	public function forceDelete(User $uo,Account $ao): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 }

app/Models/Policies/InvoicePolicy.php

@@ -13,78 +13,78 @@ class InvoicePolicy
 	/**
 	 * Determine whether the user can view the service.
 	 *
-	 * @param User    $user
-	 * @param Invoice $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Invoice $io
+	 * @return bool
 	 */
-	public function view(User $user, Invoice $o)
+	public function view(User $uo,Invoice $io): bool
 	{
 		// If this is a service for an account managed by a user.
-		return ($user->invoices->pluck('id')->search($o->id) !== FALSE)
+		return ($uo->invoices->pluck('id')->search($io->id) !== FALSE)
 
-		// The user is the wholesaler
-			OR $user->isWholesaler()
+			// The user is the wholesaler
+			OR $uo->isWholesaler()
 
-		// The user is the reseller
-			OR $user->all_accounts()->pluck('id')->search($o->account_id);
+			// The user is the reseller
+			OR ($uo->all_accounts()->pluck('id')->search($io->account_id) !== FALSE);
 	}
 
 	/**
 	 * Determine whether the user can create services.
 	 *
-	 * @param User $user
-	 * @return mixed
+	 * @param User $uo
+	 * @return bool
 	 */
-	public function create(User $user)
+	public function create(User $uo): bool
 	{
-		return TRUE;
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can update the service.
 	 *
-	 * @param User    $user
-	 * @param Invoice $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Invoice $io
+	 * @return bool
 	 */
-	public function update(User $user, Invoice $o)
+	public function update(User $uo,Invoice $io): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can delete the service.
 	 *
-	 * @param User    $user
-	 * @param Invoice $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Invoice $io
+	 * @return bool
 	 */
-	public function delete(User $user, Invoice $o)
+	public function delete(User $uo,Invoice $io): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can restore the service.
 	 *
-	 * @param User    $user
-	 * @param Invoice $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Invoice $io
+	 * @return bool
 	 */
-	public function restore(User $user, Invoice $o)
+	public function restore(User $uo,Invoice $io): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can permanently delete the service.
 	 *
-	 * @param User    $user
-	 * @param Invoice $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Invoice $io
+	 * @return bool
 	 */
-	public function forceDelete(User $user, Invoice $o)
+	public function forceDelete(User $uo,Invoice $io): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 }

app/Models/Policies/ServicePolicy.php

@@ -13,29 +13,29 @@ class ServicePolicy
 	/**
 	 * Determine whether the user can view the service.
 	 *
-	 * @param User    $user
-	 * @param Service $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Service $so
+	 * @return bool
 	 */
-	public function view(User $user, Service $o)
+	public function view(User $uo, Service $so): bool
 	{
 		// If this is a service for an account managed by a user.
-		return ($user->services->pluck('id')->search($o->id) !== FALSE)
+		return ($uo->services->pluck('id')->search($so->id) !== FALSE)
 
 			// The user is the wholesaler
-			OR $user->isWholesaler()
+			OR $uo->isWholesaler()
 
 			// The user is the reseller
-			OR $user->all_accounts()->pluck('id')->search($o->account_id);
+			OR ($uo->all_accounts()->pluck('id')->search($so->account_id) !== FALSE);
 	}
 
 	/**
 	 * Determine whether the user can create services.
 	 *
-	 * @param User $user
-	 * @return mixed
+	 * @param User $uo
+	 * @return bool
 	 */
-	public function create(User $user)
+	public function create(User $uo): bool
 	{
 		return TRUE;
 	}
@@ -43,61 +43,61 @@ class ServicePolicy
 	/**
 	 * Can the user progress an order status
 	 *
-	 * @param User    $user
-	 * @param Service $o
-	 * @param string  $next
+	 * @param User    $uo
+	 * @param Service $so
+	 * @param string  $stage
 	 * @return bool
 	 */
-	public function progress(User $user, Service $o,string $next)
+	public function progress(User $uo,Service $so,string $stage): bool
 	{
-		return $o->actions()->has($next);
+		return $so->actions()->has($stage);
 	}
 
 	/**
 	 * Determine whether the user can update the service.
 	 *
-	 * @param User    $user
-	 * @param Service $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Service $so
+	 * @return bool
 	 */
-	public function update(User $user, Service $o)
+	public function update(User $uo, Service $so): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can delete the service.
 	 *
-	 * @param User    $user
-	 * @param Service $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Service $so
+	 * @return bool
 	 */
-	public function delete(User $user, Service $o)
+	public function delete(User $uo, Service $so): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can restore the service.
 	 *
-	 * @param User    $user
-	 * @param Service $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Service $so
+	 * @return bool
 	 */
-	public function restore(User $user, Service $o)
+	public function restore(User $uo, Service $so): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can permanently delete the service.
 	 *
-	 * @param User    $user
-	 * @param Service $o
-	 * @return mixed
+	 * @param User    $uo
+	 * @param Service $so
+	 * @return bool
 	 */
-	public function forceDelete(User $user, Service $o)
+	public function forceDelete(User $uo, Service $so): bool
 	{
-		return $user->isWholesaler();
+		return $uo->isWholesaler();
 	}
 }

app/Models/Policies/UserPolicy.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Models\Policies;
 
 use Illuminate\Auth\Access\HandlesAuthorization;
 
@@ -13,78 +13,78 @@ class UserPolicy
 	/**
 	 * Determine whether the user can view the service.
 	 *
-	 * @param User $user
+	 * @param User $uo
 	 * @param User $o
-	 * @return mixed
+	 * @return bool
 	 */
-	public function view(User $user, User $o)
+	public function view(User $uo,User $o): bool
 	{
 		// If this is a service for an account managed by a user.
-		return ($user->id == $o->id)
+		return ($uo->id == $o->id)
 
 			// The user is the wholesaler
-			OR $user->isWholesaler()
+			OR $uo->isWholesaler()
 
 			// The user is the reseller
-			OR $user->all_clients()->pluck('id')->search($o->id);
+			OR ($uo->all_clients()->pluck('id')->search($o->id) !== FALSE);
 	}
 
 	/**
 	 * Determine whether the user can create services.
 	 *
-	 * @param User $user
-	 * @return mixed
+	 * @param User $uo
+	 * @return bool
 	 */
-	public function create(User $user)
+	public function create(User $uo): bool
 	{
-		//
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can update the service.
 	 *
-	 * @param User $user
+	 * @param User $uo
 	 * @param User $o
-	 * @return mixed
+	 * @return bool
 	 */
-	public function update(User $user, User $o)
+	public function update(User $uo, User $o): bool
 	{
-		//
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can delete the service.
 	 *
-	 * @param User $user
+	 * @param User $uo
 	 * @param User $o
-	 * @return mixed
+	 * @return bool
 	 */
-	public function delete(User $user, User $o)
+	public function delete(User $uo, User $o): bool
 	{
-		//
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can restore the service.
 	 *
-	 * @param User $user
+	 * @param User $uo
 	 * @param User $o
-	 * @return mixed
+	 * @return bool
 	 */
-	public function restore(User $user, User $o)
+	public function restore(User $uo, User $o): bool
 	{
-		//
+		return $uo->isWholesaler();
 	}
 
 	/**
 	 * Determine whether the user can permanently delete the service.
 	 *
-	 * @param User $user
+	 * @param User $uo
 	 * @param User $o
-	 * @return mixed
+	 * @return bool
 	 */
-	public function forceDelete(User $user, User $o)
+	public function forceDelete(User $uo, User $o): bool
 	{
-		//
+		return $uo->isWholesaler();
 	}
 }

app/Models/User.php

@@ -330,14 +330,14 @@ class User extends Authenticatable
 	/* GENERAL METHODS */
 
 	/**
-	 * Determine if the user is an admin of the account with $id
+	 * Determine if the user is an admin of the user with $id
 	 *
 	 * @param $id
 	 * @return bool
 	 */
 	public function isAdmin($id): bool
 	{
-		return $id AND $this->isReseller() AND in_array($id,$this->all_accounts()->pluck('id')->toArray());
+		return $id AND $this->isReseller() AND in_array($id,$this->all_accounts()->pluck('user_id')->toArray());
 	}
 
 	/**