diff --git a/app/Http/Controllers/ServiceController.php b/app/Http/Controllers/ServiceController.php index 9f0744d..384e1d0 100644 --- a/app/Http/Controllers/ServiceController.php +++ b/app/Http/Controllers/ServiceController.php @@ -274,7 +274,7 @@ class ServiceController extends Controller public function domain_list(): View { $o = Service\Domain::ServiceActive() - ->serviceUserAuthorised(Auth::user()) + ->AccountUserAuthorised('services') ->select('service_domain.*') ->join('services',['services.id'=>'service_domain.service_id']) ->with(['service.account','registrar']) @@ -287,7 +287,7 @@ class ServiceController extends Controller public function email_list(): View { $o = Service\Email::ServiceActive() - ->serviceUserAuthorised(Auth::user()) + ->AccountUserAuthorised('services') ->select('service_email.*') ->join('services',['services.id'=>'service_email.service_id']) ->with(['service.account','service.product.type.supplied.supplier_detail.supplier','tld']) @@ -313,7 +313,7 @@ class ServiceController extends Controller public function hosting_list(): View { $o = Service\Host::ServiceActive() - ->serviceUserAuthorised(Auth::user()) + ->AccountUserAuthorised('services') ->select('service_host.*') ->join('services',['services.id'=>'service_host.service_id']) ->with(['service.account','service.product.type.supplied.supplier_detail.supplier','tld']) diff --git a/app/Http/Requests/ServiceChangeRequest.php b/app/Http/Requests/ServiceChangeRequest.php index 91a074b..6c563de 100644 --- a/app/Http/Requests/ServiceChangeRequest.php +++ b/app/Http/Requests/ServiceChangeRequest.php @@ -15,7 +15,9 @@ class ServiceChangeRequest extends FormRequest */ public function authorize() { - return $this->route('o')->serviceUserAuthorised(Auth::user()); + return $this + ->route('o') + ->AccountUserAuthorised(); } /** diff --git a/app/Models/Payment.php b/app/Models/Payment.php index 92bb404..7d1ebdc 100644 --- a/app/Models/Payment.php +++ b/app/Models/Payment.php @@ -7,7 +7,7 @@ use Illuminate\Support\Facades\DB; use Leenooks\Traits\ScopeActive; use App\Interfaces\IDs; -use App\Traits\{ProviderRef,PushNew,SiteID}; +use App\Traits\{ProviderRef,PushNew,ScopeAccountUserAuthorised,SiteID}; /** * Class Payment @@ -24,7 +24,7 @@ use App\Traits\{ProviderRef,PushNew,SiteID}; */ class Payment extends Model implements IDs { - use PushNew,ScopeActive,ProviderRef,SiteID; + use ProviderRef,PushNew,ScopeActive,ScopeAccountUserAuthorised,SiteID; protected $casts = [ 'paid_at'=>'datetime:Y-m-d', diff --git a/app/Models/Policies/PaymentPolicy.php b/app/Models/Policies/PaymentPolicy.php new file mode 100644 index 0000000..124a04b --- /dev/null +++ b/app/Models/Policies/PaymentPolicy.php @@ -0,0 +1,83 @@ +accounts_all->pluck('id')->contains($o->account_id) || $uo->isWholesaler(); + } + + /** + * Determine whether the user can create services. + * + * @param User $uo + * @return bool + */ + public function create(User $uo): bool + { + return $uo->isWholesaler(); + } + + /** + * Determine whether the user can update the service. + * + * @param User $uo + * @param Payment $o + * @return bool + */ + public function update(User $uo,Payment $o): bool + { + return $uo->isWholesaler(); + } + + /** + * Determine whether the user can delete the service. + * + * @param User $uo + * @param Payment $o + * @return bool + */ + public function delete(User $uo,Payment $o): bool + { + return $uo->isWholesaler(); + } + + /** + * Determine whether the user can restore the service. + * + * @param User $uo + * @param Payment $o + * @return bool + */ + public function restore(User $uo,Payment $o): bool + { + return $uo->isWholesaler(); + } + + /** + * Determine whether the user can permanently delete the service. + * + * @param User $uo + * @param Payment $o + * @return bool + */ + public function forceDelete(User $uo,Payment $o): bool + { + return $uo->isWholesaler(); + } +} \ No newline at end of file diff --git a/app/Models/Service.php b/app/Models/Service.php index 40d1623..b8ea279 100644 --- a/app/Models/Service.php +++ b/app/Models/Service.php @@ -16,7 +16,7 @@ use Leenooks\Casts\LeenooksCarbon; use App\Models\Product\Type; use App\Interfaces\IDs; -use App\Traits\{ScopeServiceActive,ScopeServiceUserAuthorised}; +use App\Traits\{ScopeAccountUserAuthorised,ScopeServiceActive}; /** * Class Service @@ -52,7 +52,7 @@ use App\Traits\{ScopeServiceActive,ScopeServiceUserAuthorised}; */ class Service extends Model implements IDs { - use HasFactory,ScopeServiceActive,ScopeServiceUserAuthorised; + use HasFactory,ScopeAccountUserAuthorised,ScopeServiceActive; protected $casts = [ 'order_info' => AsCollection::class, @@ -280,7 +280,7 @@ class Service extends Model implements IDs { return (new self) ->ServiceActive() - ->ServiceUserAuthorised($uo) + ->AccountUserAuthorised(NULL,$uo) ->where('order_status','!=','ACTIVE') ->with(['account','product']) ->get(); diff --git a/app/Models/Service/Type.php b/app/Models/Service/Type.php index 3aada86..8968b5a 100644 --- a/app/Models/Service/Type.php +++ b/app/Models/Service/Type.php @@ -9,11 +9,11 @@ use Leenooks\Carbon as LeenooksCarbon; use App\Interfaces\ServiceItem; use App\Models\{Account,Service}; use App\Models\Supplier\Type as SupplierType; -use App\Traits\{ScopeServiceActive,ScopeServiceUserAuthorised}; +use App\Traits\{ScopeAccountUserAuthorised,ScopeServiceActive}; abstract class Type extends Model implements ServiceItem { - use ScopeServiceActive,ScopeServiceUserAuthorised; + use ScopeAccountUserAuthorised,ScopeServiceActive; protected $casts = [ 'connect_at' => 'datetime:Y-m-d', diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index 82dba85..17bbec5 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -3,6 +3,7 @@ namespace App\Providers; use Illuminate\Support\Facades\Gate; +use Illuminate\Support\Facades\Route; use Illuminate\Support\ServiceProvider; use Intuit\Traits\IntuitSocialite; @@ -31,5 +32,8 @@ class AppServiceProvider extends ServiceProvider }); $this->bootIntuitSocialite(); + + Route::model('co',\App\Models\Checkout::class); + Route::model('po',\App\Models\Payment::class); } } \ No newline at end of file diff --git a/app/Traits/ScopeAccountUserAuthorised.php b/app/Traits/ScopeAccountUserAuthorised.php new file mode 100644 index 0000000..5a964e3 --- /dev/null +++ b/app/Traits/ScopeAccountUserAuthorised.php @@ -0,0 +1,29 @@ +getTable(); + + return $query + ->whereIN($table.'.account_id',$uo->accounts_all->pluck('id')); + } +} \ No newline at end of file diff --git a/app/Traits/ScopeServiceUserAuthorised.php b/app/Traits/ScopeServiceUserAuthorised.php deleted file mode 100644 index e419af4..0000000 --- a/app/Traits/ScopeServiceUserAuthorised.php +++ /dev/null @@ -1,21 +0,0 @@ -whereIN('services.account_id',$uo->accounts_all->pluck('id')); - } -} \ No newline at end of file diff --git a/resources/views/theme/backend/adminlte/payment/unapplied.blade.php b/resources/views/theme/backend/adminlte/payment/unapplied.blade.php index f736fcc..bc5b320 100644 --- a/resources/views/theme/backend/adminlte/payment/unapplied.blade.php +++ b/resources/views/theme/backend/adminlte/payment/unapplied.blade.php @@ -34,7 +34,7 @@ - @foreach(Payment::active()->unapplied()->with(['account.user','checkout','items'])->get() as $o) + @foreach(Payment::AccountUserAuthorised()->active()->unapplied()->with(['account.user','checkout','items'])->get() as $o) @continue(! $o->balance) {{ $o->id }} diff --git a/routes/web.php b/routes/web.php index 997ca33..1787416 100644 --- a/routes/web.php +++ b/routes/web.php @@ -82,7 +82,6 @@ Route::group(['middleware'=>['auth','role:wholesaler'],'prefix'=>'a'],function() Route::post('setup',[AdminController::class,'setup']); // Checkout Setup (Payments) - Route::model('co',\App\Models\Checkout::class); Route::view('checkout','theme.backend.adminlte.checkout.choose'); Route::view('checkout/new','theme.backend.adminlte.checkout.view'); Route::view('checkout/{co}','theme.backend.adminlte.checkout.view') @@ -144,6 +143,7 @@ Route::group(['middleware'=>['auth','role:reseller'],'prefix'=>'r'],function() { // Reseller Reports Route::group(['prefix'=>'report'],function() { + Route::view('charge/pending','theme.backend.adminlte.charge.pending'); Route::get('domain',[ServiceController::class,'domain_list']); Route::get('email',[ServiceController::class,'email_list']); Route::get('hosting',[ServiceController::class,'hosting_list']); @@ -158,9 +158,9 @@ Route::group(['middleware'=>['auth','role:reseller'],'prefix'=>'r'],function() { Route::post('charge/edit',[ChargeController::class,'edit']); // Payments - Route::model('po',\App\Models\Payment::class); Route::view('payment/new','theme.backend.adminlte.payment.view'); Route::view('payment/{po}','theme.backend.adminlte.payment.view') + ->middleware('can:update,po') ->where('po','[0-9]+'); Route::post('payment/{o?}',[PaymentController::class,'addedit']) ->where('o','[0-9]+'); @@ -169,49 +169,46 @@ Route::group(['middleware'=>['auth','role:reseller'],'prefix'=>'r'],function() { // Reseller API calls Route::post('service_change_charges/{o}',[ServiceController::class,'service_change_charges_display']) ->where('o','[0-9]+'); - - // Charges - Route::view('report/charge/pending','theme.backend.adminlte.charge.pending'); }); // Our User Routes Route::group(['middleware'=>['auth'],'prefix'=>'u'],function() { Route::get('home',[HomeController::class,'home']); Route::get('home/{o}',[HomeController::class,'home']) - ->where('o','[0-9]+') - ->middleware('can:view,o'); + ->middleware('can:view,o') + ->where('o','[0-9]+'); Route::view('checkout/cart','theme.backend.adminlte.checkout.cart'); Route::get('checkout/cart/{o}',[CheckoutController::class,'cart_invoice']) - ->where('o','[0-9]+') - ->middleware('can:view,o'); + ->middleware('can:view,o') + ->where('o','[0-9]+'); Route::post('checkout/cart/remove',[CheckoutController::class,'cart_remove']); Route::post('checkout/fee',[CheckoutController::class,'fee']); Route::post('checkout/pay',[CheckoutController::class,'pay']); Route::get('invoice/{o}',[InvoiceController::class,'view']) - ->where('o','[0-9]+') - ->middleware('can:view,o'); + ->middleware('can:view,o') + ->where('o','[0-9]+'); Route::get('invoice/{o}/pdf',[InvoiceController::class,'pdf']) - ->where('o','[0-9]+') - ->middleware('can:view,o'); + ->middleware('can:view,o') + ->where('o','[0-9]+'); Route::get('service/{o}',[ServiceController::class,'home']) - ->where('o','[0-9]+') - ->middleware('can:view,o'); + ->middleware('can:view,o') + ->where('o','[0-9]+'); Route::match(['get','post'],'service/{o}/cancel-request',[ServiceController::class,'cancel_request']) - ->where('o','[0-9]+') - ->middleware('can:progress,o,"cancel-request"'); + ->middleware('can:progress,o,"cancel-request"') + ->where('o','[0-9]+'); Route::match(['get','post'],'service/{o}/change-request',[ServiceController::class,'change_request']) - ->where('o','[0-9]+') - ->middleware('can:progress,o,"change-request"'); + ->middleware('can:progress,o,"change-request"') + ->where('o','[0-9]+'); // @todo This shouldnt be a user privilege. Route::match(['get','post'],'service/{o}/change-pending',[ServiceController::class,'change_pending']) - ->where('o','[0-9]+') - ->middleware('can:progress,o,"change-pending"'); + ->middleware('can:progress,o,"change-pending"') + ->where('o','[0-9]+'); Route::get('service/{o}/change/{status}',[ServiceController::class,'change']) - ->where('o','[0-9]+') - ->middleware('can:progress,o,status'); + ->middleware('can:progress,o,status') + ->where('o','[0-9]+'); // User settings Route::view('settings','theme.backend.adminlte.user.settings');