invoiceninja/app/Http/Requests/InvoiceRequest.php

<?php

namespace App\Http\Requests;

use App\Models\Invoice;

class InvoiceRequest extends EntityRequest
{
    protected $entityType = ENTITY_INVOICE;

        /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {

        $invoice = parent::entity();

        if ($invoice && $invoice->isQuote())
            $standardOrRecurringInvoice = ENTITY_QUOTE;
        elseif($invoice && $invoice->is_recurring)
            $standardOrRecurringInvoice = ENTITY_RECURRING_INVOICE;
        else
            $standardOrRecurringInvoice = ENTITY_INVOICE;

        if(request()->is('invoices/create') && !$this->user()->can('create', ENTITY_INVOICE))
            return false;

        if(request()->is('recurring_invoices/create') && !$this->user()->can('create', ENTITY_RECURRING_INVOICE))
            return false;

        if(request()->is('quotes/create') && !$this->user()->can('create', ENTITY_QUOTE))
            return false;

        if(request()->is('invoices/*/edit') && request()->isMethod('put') && !$this->user()->can('edit', $standardOrRecurringInvoice))
            return false;

        if(request()->is('quotes/*/edit') && request()->isMethod('put') && !$this->user()->can('edit', ENTITY_QUOTE))
            return false;

        if(request()->is('invoices/*') && request()->isMethod('get') && !$this->user()->can('view', $standardOrRecurringInvoice))
            return false;

        if(request()->is('quotes/*') && request()->isMethod('get') && !$this->user()->can('view', ENTITY_QUOTE))
            return false;

        return true;
    }
    
    public function entity()
    {
        $invoice = parent::entity();

        // support loading an invoice by its invoice number
        if ($this->invoice_number && ! $invoice) {
            $invoice = Invoice::scope()
                        ->whereInvoiceNumber($this->invoice_number)
                        ->withTrashed()
                        ->first();

            if (! $invoice) {
                abort(404);
            }
        }

        // eager load the invoice items
        if ($invoice && ! $invoice->relationLoaded('invoice_items')) {
            $invoice->load('invoice_items');
        }

        return $invoice;
    }
}
php-cs-fixer cleanup 2017-01-30 20:40:43 +01:00			`<?php`

			`namespace App\Http\Requests;`
Working on form requests 2016-05-01 21:30:39 +02:00
Added support for searching by invoice number in the API 2016-06-06 18:04:24 +02:00			`use App\Models\Invoice;`

php-cs-fixer clean up 2017-01-30 17:05:31 +01:00			`class InvoiceRequest extends EntityRequest`
			`{`
Working on form requests 2016-05-01 21:30:39 +02:00			`protected $entityType = ENTITY_INVOICE;`

Update InvoiceRequest.php 2018-07-24 14:30:54 +02:00			`/**`
			`* Determine if the user is authorized to make this request.`
			`*`
			`* @return bool`
			`*/`
			`public function authorize()`
			`{`

			`$invoice = parent::entity();`

			`if ($invoice && $invoice->isQuote())`
			`$standardOrRecurringInvoice = ENTITY_QUOTE;`
			`elseif($invoice && $invoice->is_recurring)`
			`$standardOrRecurringInvoice = ENTITY_RECURRING_INVOICE;`
			`else`
			`$standardOrRecurringInvoice = ENTITY_INVOICE;`

			`if(request()->is('invoices/create') && !$this->user()->can('create', ENTITY_INVOICE))`
			`return false;`

			`if(request()->is('recurring_invoices/create') && !$this->user()->can('create', ENTITY_RECURRING_INVOICE))`
			`return false;`

			`if(request()->is('quotes/create') && !$this->user()->can('create', ENTITY_QUOTE))`
			`return false;`

			`if(request()->is('invoices/*/edit') && request()->isMethod('put') && !$this->user()->can('edit', $standardOrRecurringInvoice))`
			`return false;`

			`if(request()->is('quotes/*/edit') && request()->isMethod('put') && !$this->user()->can('edit', ENTITY_QUOTE))`
			`return false;`

			`if(request()->is('invoices/*') && request()->isMethod('get') && !$this->user()->can('view', $standardOrRecurringInvoice))`
			`return false;`

			`if(request()->is('quotes/*') && request()->isMethod('get') && !$this->user()->can('view', ENTITY_QUOTE))`
			`return false;`

			`return true;`
			`}`

Working on form requests 2016-05-01 21:30:39 +02:00			`public function entity()`
			`{`
Refactored API index methods 2016-05-01 22:55:13 +02:00			`$invoice = parent::entity();`
Added support for searching by invoice number in the API 2016-06-06 18:04:24 +02:00
			`// support loading an invoice by its invoice number`
			`if ($this->invoice_number && ! $invoice) {`
			`$invoice = Invoice::scope()`
			`->whereInvoiceNumber($this->invoice_number)`
			`->withTrashed()`
Merge Zapier and trans_choice fixes 2017-03-20 12:55:38 +01:00			`->first();`

			`if (! $invoice) {`
			`abort(404);`
			`}`
Added support for searching by invoice number in the API 2016-06-06 18:04:24 +02:00			`}`

Added relationLoaded checks to optimize queries 2016-05-05 09:15:51 +02:00			`// eager load the invoice items`
			`if ($invoice && ! $invoice->relationLoaded('invoice_items')) {`
Refactored API index methods 2016-05-01 22:55:13 +02:00			`$invoice->load('invoice_items');`
Working on form requests 2016-05-01 21:30:39 +02:00			`}`
Added support for searching by invoice number in the API 2016-06-06 18:04:24 +02:00
Refactored API index methods 2016-05-01 22:55:13 +02:00			`return $invoice;`
Working on form requests 2016-05-01 21:30:39 +02:00			`}`
Added support for searching by invoice number in the API 2016-06-06 18:04:24 +02:00			`}`