Mirrors/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-10 05:02:36 +01:00
Code Issues Releases Activity

Obfuscate primary ID

Browse Source
This commit is contained in:
David Bomba 2019-04-03 11:09:22 +11:00
parent b25f2b72a0
commit 0f19056b8f
23 changed files with 344 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
app/Filters/ProductFilters.php Normal file
View File

@ -0,0 +1,113 @@
<?php
namespace App\Filters;
use App\Models\User;
use Illuminate\Database\Eloquent\Builder;
/**
* ProductFilters
*/
class ProductFilters extends QueryFilters
{
/**
* Filter based on search text
*
* @param string query filter
* @return Illuminate\Database\Query\Builder
* @deprecated
*
*/
public function filter(string $filter = '') : Builder
{
if(strlen($filter) == 0)
return $this->builder;
return $this->builder->where(function ($query) use ($filter) {
$query->where('products.product_key', 'like', '%'.$filter.'%')
->orWhere('products.notes', 'like', '%'.$filter.'%')
->orWhere('products.custom_value1', 'like' , '%'.$filter.'%')
->orWhere('products.custom_value2', 'like' , '%'.$filter.'%')
->orWhere('products.custom_value3', 'like' , '%'.$filter.'%')
->orWhere('products.custom_value4', 'like' , '%'.$filter.'%');
});
}
/**
* Filters the list based on the status
* archived, active, deleted
*
* @param string filter
* @return Illuminate\Database\Query\Builder
*/
public function status(string $filter = '') : Builder
{
if(strlen($filter) == 0)
return $this->builder;
$table = 'products';
$filters = explode(',', $filter);
return $this->builder->where(function ($query) use ($filters, $table) {
$query->whereNull($table . '.id');
if (in_array(parent::STATUS_ACTIVE, $filters)) {
$query->orWhereNull($table . '.deleted_at');
}
if (in_array(parent::STATUS_ARCHIVED, $filters)) {
$query->orWhere(function ($query) use ($table) {
$query->whereNotNull($table . '.deleted_at');
if (! in_array($table, ['users'])) {
$query->where($table . '.is_deleted', '=', 0);
}
});
}
if (in_array(parent::STATUS_DELETED, $filters)) {
$query->orWhere($table . '.is_deleted', '=', 1);
}
});
}
/**
* Sorts the list based on $sort
*
* @param string sort formatted as column|asc
* @return Illuminate\Database\Query\Builder
*/
public function sort(string $sort) : Builder
{
$sort_col = explode("|", $sort);
return $this->builder->orderBy($sort_col[0], $sort_col[1]);
}
/**
* Returns the base query
*
* @param int company_id
* @return Illuminate\Database\Query\Builder
* @deprecated
*/
public function baseQuery(int $company_id, User $user) : Builder
{
}
/**
* Filters the query by the users company ID
*
* @param $company_id The company Id
* @return Illuminate\Database\Query\Builder
*/
public function entityFilter()
{
return $this->builder->whereCompanyId(auth()->user()->company()->id);
}
}

8
app/Filters/QueryFilters.php
View File

@ -50,7 +50,9 @@ abstract class QueryFilters
*/ */
public function __construct(Request $request) public function __construct(Request $request)
{ {
$this->request = $request; $this->request = $request;
} }
/** /**
@ -87,7 +89,9 @@ abstract class QueryFilters
*/ */
public function filters() public function filters()
{ {
return $this->request->all(); return $this->request->all();
} }
/** /**
@ -98,6 +102,7 @@ abstract class QueryFilters
*/ */
public function split($value) : stdClass public function split($value) : stdClass
{ {
$exploded_array = explode(":", $value); $exploded_array = explode(":", $value);
$parts = new stdClass; $parts = new stdClass;
@ -106,6 +111,7 @@ abstract class QueryFilters
$parts->operator = $this->operatorConvertor($exploded_array[1]); $parts->operator = $this->operatorConvertor($exploded_array[1]);
return $parts; return $parts;
} }
/** /**
@ -116,6 +122,7 @@ abstract class QueryFilters
*/ */
private function operatorConvertor(string $operator) : string private function operatorConvertor(string $operator) : string
{ {
switch ($operator) { switch ($operator) {
case 'lt': case 'lt':
return '<'; return '<';
@ -135,6 +142,7 @@ abstract class QueryFilters
default: default:
return '='; return '=';
break; break;
} }
} }
} }

4
app/Helpers/Invoice/InvoiceHelper.php → app/Helpers/Invoice/InvoiceCalc.php
View File

@ -4,10 +4,12 @@ namespace App\Helpers\Invoice;
use App\Models\Invoice; use App\Models\Invoice;
class InvoiceHelper class InvoiceCalc
{ {
public function __construct(Invoice $invoice) public function __construct(Invoice $invoice)
{ {
$this->invoice = $invoice; $this->invoice = $invoice;
} }
} }

4
app/Http/Controllers/AccountController.php
View File

@ -16,7 +16,7 @@ class AccountController extends BaseController
{ {
parent::__construct(); parent::__construct();
$this->middleware('guest'); //$this->middleware('guest');
} }
/** /**
@ -26,7 +26,7 @@ class AccountController extends BaseController
*/ */
public function index() public function index()
{ {
return view('signup.index'); // return view('signup.index');
} }

1
app/Http/Controllers/ClientController.php
View File

@ -54,7 +54,6 @@ class ClientController extends BaseController
} }
/** /**
* @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\JsonResponse|\Illuminate\View\View
*/ */
public function index(ClientFilters $filters) public function index(ClientFilters $filters)
{ {

2
app/Http/Controllers/CompanyController.php
View File

@ -36,7 +36,7 @@ class CompanyController extends BaseController
*/ */
public function index() public function index()
{ {
return view('signup.index'); // return view('signup.index');
} }

97
app/Http/Controllers/ProductController.php Normal file
View File

@ -0,0 +1,97 @@
<?php
namespace App\Http\Controllers;
use App\Filters\ProductFilters;
use App\Models\Product;
use App\Transformers\ProductTransformer;
use App\Utils\Traits\MakesHash;
use Illuminate\Http\Request;
class ProductController extends BaseController
{
use MakesHash;
protected $entityType = Product::class;
protected $entityTransformer = ProductTransformer::class;
/**
*/
public function index(ProductFilters $filters)
{
$products = Product::filter($filters);
return $this->listResponse($products);
}
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\Response
*/
public function create()
{
//
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
//
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function show($id)
{
//
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function edit($id)
{
//
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
* @return \Illuminate\Http\Response
*/
public function update(Request $request, $id)
{
//
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
//
}
}

18
app/Models/Product.php
View File

@ -2,26 +2,30 @@
namespace App\Models; namespace App\Models;
use App\Models\Filterable;
use App\Utils\Traits\MakesHash; use App\Utils\Traits\MakesHash;
use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
class Product extends BaseModel class Product extends BaseModel
{ {
use MakesHash; use MakesHash;
use SoftDeletes;
use Filterable;
protected $guarded = [ protected $guarded = [
'id', 'id',
]; ];
protected $appends = ['product_id']; public function company()
public function getRouteKeyName()
{ {
return 'product_id'; return $this->belongsTo(Company::class);
} }
public function getProductIdAttribute() public function user()
{ {
return $this->encodePrimaryKey($this->id); return $this->belongsTo(User::class);
} }
} }

5
app/Transformers/AccountTransformer.php
View File

@ -4,13 +4,14 @@ namespace App\Transformers;
use App\Models\Account; use App\Models\Account;
use App\Models\Payment; use App\Models\Payment;
use App\Utils\Traits\MakesHash;
/** /**
* Class AccountTransformer. * Class AccountTransformer.
*/ */
class AccountTransformer extends EntityTransformer class AccountTransformer extends EntityTransformer
{ {
use MakesHash;
/** /**
* @SWG\Property(property="account_key", type="string", example="123456") * @SWG\Property(property="account_key", type="string", example="123456")
*/ */
@ -39,7 +40,7 @@ class AccountTransformer extends EntityTransformer
public function transform(Account $account) public function transform(Account $account)
{ {
return [ return [
'id' => $account->id, 'id' => $this->encodePrimaryKey($account->id),
]; ];
} }

4
app/Transformers/ClientContactTransformer.php
View File

@ -3,6 +3,7 @@
namespace App\Transformers; namespace App\Transformers;
use App\Models\ClientContact; use App\Models\ClientContact;
use App\Utils\Traits\MakesHash;
/** /**
* Class ContactTransformer. * Class ContactTransformer.
@ -11,6 +12,7 @@ use App\Models\ClientContact;
*/ */
class ClientContactTransformer extends EntityTransformer class ClientContactTransformer extends EntityTransformer
{ {
use MakesHash;
/** /**
* @param ClientContact $contact * @param ClientContact $contact
* *
@ -20,7 +22,7 @@ class ClientContactTransformer extends EntityTransformer
public function transform(ClientContact $contact) public function transform(ClientContact $contact)
{ {
return [ return [
'id' => (int) $contact->public_id, 'id' => $this->encodePrimaryKey($contact->id),
'first_name' => $contact->first_name ?: '', 'first_name' => $contact->first_name ?: '',
'last_name' => $contact->last_name ?: '', 'last_name' => $contact->last_name ?: '',
'email' => $contact->email ?: '', 'email' => $contact->email ?: '',

4
app/Transformers/ClientTransformer.php
View File

@ -4,12 +4,14 @@ namespace App\Transformers;
use App\Models\Client; use App\Models\Client;
use App\Models\ClientContact; use App\Models\ClientContact;
use App\Utils\Traits\MakesHash;
/** /**
* @SWG\Definition(definition="Client", @SWG\Xml(name="Client")) * @SWG\Definition(definition="Client", @SWG\Xml(name="Client"))
*/ */
class ClientTransformer extends EntityTransformer class ClientTransformer extends EntityTransformer
{ {
use MakesHash;
/** /**
* @SWG\Property(property="id", type="integer", example=1, readOnly=true) * @SWG\Property(property="id", type="integer", example=1, readOnly=true)
*/ */
@ -45,7 +47,7 @@ class ClientTransformer extends EntityTransformer
public function transform(Client $client) public function transform(Client $client)
{ {
return [ return [
'id' => (int) $client->id, 'id' => $this->encodePrimaryKey($client->id),
'name' => $client->name ?: '', 'name' => $client->name ?: '',
'website' => $client->website ?: '', 'website' => $client->website ?: '',
'private_notes' => $client->private_notes ?: '', 'private_notes' => $client->private_notes ?: '',

2
app/Transformers/InvoiceItemTransformer.php
View File

@ -24,7 +24,7 @@ class InvoiceItemTransformer extends EntityTransformer
public function transform($item) public function transform($item)
{ {
return [ return [
'id' => (int) $item->public_id, 'id' => (int) $item->id,
'product_key' => $item->product_key, 'product_key' => $item->product_key,
'updated_at' => $item->updated_at, 'updated_at' => $item->updated_at,
'archived_at' => $item->deleted_at, 'archived_at' => $item->deleted_at,

5
app/Transformers/InvoiceTransformer.php
View File

@ -9,6 +9,7 @@ use App\Models\Invoice;
*/ */
class InvoiceTransformer extends EntityTransformer class InvoiceTransformer extends EntityTransformer
{ {
use MakesHash;
/** /**
* @SWG\Property(property="id", type="integer", example=1, readOnly=true) * @SWG\Property(property="id", type="integer", example=1, readOnly=true)
* @SWG\Property(property="amount", type="number", format="float", example=10, readOnly=true) * @SWG\Property(property="amount", type="number", format="float", example=10, readOnly=true)
@ -75,7 +76,7 @@ class InvoiceTransformer extends EntityTransformer
public function includeInvoiceItems(Invoice $invoice) public function includeInvoiceItems(Invoice $invoice)
{ {
$transformer = new InvoiceItemTransformer($this->account, $this->serializer); $transformer = new InvoiceItemTransformer($this->serializer);
return $this->includeCollection($invoice->invoice_items, $transformer, ENTITY_INVOICE_ITEM); return $this->includeCollection($invoice->invoice_items, $transformer, ENTITY_INVOICE_ITEM);
} }
@ -122,7 +123,7 @@ class InvoiceTransformer extends EntityTransformer
public function transform(Invoice $invoice) public function transform(Invoice $invoice)
{ {
return [ return [
'id' => (int) $invoice->public_id, 'id' => $this->encodePrimaryKey($invoice->id),
'amount' => (float) $invoice->amount, 'amount' => (float) $invoice->amount,
'balance' => (float) $invoice->balance, 'balance' => (float) $invoice->balance,
'client_id' => (int) ($this->client ? $this->client->public_id : $invoice->client->public_id), 'client_id' => (int) ($this->client ? $this->client->public_id : $invoice->client->public_id),

4
app/Transformers/PaymentTransformer.php
View File

@ -6,12 +6,14 @@ use App\Models\Account;
use App\Models\Client; use App\Models\Client;
use App\Models\Invoice; use App\Models\Invoice;
use App\Models\Payment; use App\Models\Payment;
use App\Utils\Traits\MakesHash;
/** /**
* @SWG\Definition(definition="Payment", required={"invoice_id"}, @SWG\Xml(name="Payment")) * @SWG\Definition(definition="Payment", required={"invoice_id"}, @SWG\Xml(name="Payment"))
*/ */
class PaymentTransformer extends EntityTransformer class PaymentTransformer extends EntityTransformer
{ {
use MakesHash;
/** /**
* @SWG\Property(property="id", type="integer", example=1, readOnly=true) * @SWG\Property(property="id", type="integer", example=1, readOnly=true)
* @SWG\Property(property="amount", type="number", format="float", example=10, readOnly=true) * @SWG\Property(property="amount", type="number", format="float", example=10, readOnly=true)
@ -60,7 +62,7 @@ class PaymentTransformer extends EntityTransformer
public function transform(Payment $payment) public function transform(Payment $payment)
{ {
return [ return [
'id' => (int) $payment->id, 'id' => $this->encodePrimaryKey($payment->id),
'amount' => (float) $payment->amount, 'amount' => (float) $payment->amount,
'transaction_reference' => $payment->transaction_reference ?: '', 'transaction_reference' => $payment->transaction_reference ?: '',
'payment_date' => $payment->payment_date ?: '', 'payment_date' => $payment->payment_date ?: '',

44
app/Transformers/ProductTransformer.php Normal file
View File

@ -0,0 +1,44 @@
<?php
namespace App\Transformers;
use App\Models\Product;
use App\Utils\Traits\MakesHash;
/**
* @SWG\Definition(definition="Product", @SWG\Xml(name="Product"))
*/
class ProductTransformer extends EntityTransformer
{
use MakesHash;
/**
* @SWG\Property(property="id", type="integer", example=1, readOnly=true)
* @SWG\Property(property="product_key", type="string", example="Item")
* @SWG\Property(property="notes", type="string", example="Notes...")
* @SWG\Property(property="cost", type="number", format="float", example=10.00)
* @SWG\Property(property="qty", type="number", format="float", example=1)
* @SWG\Property(property="updated_at", type="integer", example=1451160233, readOnly=true)
* @SWG\Property(property="archived_at", type="integer", example=1451160233, readOnly=true)
*/
public function transform(Product $product)
{
return [
'id' => $this->encodePrimaryKey($product->id),
'product_key' => $product->product_key,
'notes' => $product->notes,
'cost' => (float) $product->cost,
'qty' => (float) ($product->qty ?: 0.0),
'tax_name1' => $product->tax_name1 ?: '',
'tax_rate1' => (float) $product->tax_rate1,
'tax_name2' => $product->tax_name2 ?: '',
'tax_rate2' => (float) $product->tax_rate2,
'updated_at' => $product->updated_at,
'archived_at' => $product->deleted_at,
'custom_value1' => $product->custom_value1 ?: '',
'custom_value2' => $product->custom_value2 ?: '',
'custom_value3' => $product->custom_value2 ?: '',
'custom_value4' => $product->custom_value2 ?: '',
'is_deleted' => (bool) $product->is_deleted,
];
}
}

4
app/Transformers/UserTransformer.php
View File

@ -4,12 +4,14 @@ namespace App\Transformers;
use App\Models\Account; use App\Models\Account;
use App\Models\User; use App\Models\User;
use App\Utils\Traits\MakesHash;
/** /**
* @SWG\Definition(definition="User", @SWG\Xml(name="User")) * @SWG\Definition(definition="User", @SWG\Xml(name="User"))
*/ */
class UserTransformer extends EntityTransformer class UserTransformer extends EntityTransformer
{ {
use MakesHash;
/** /**
* @SWG\Property(property="id", type="integer", example=1, readOnly=true) * @SWG\Property(property="id", type="integer", example=1, readOnly=true)
* @SWG\Property(property="first_name", type="string", example="John") * @SWG\Property(property="first_name", type="string", example="John")
@ -48,7 +50,7 @@ class UserTransformer extends EntityTransformer
public function transform(User $user) public function transform(User $user)
{ {
return [ return [
'id' => (int) $user->id, 'id' => $this->encodePrimaryKey($user->id),
'first_name' => $user->first_name, 'first_name' => $user->first_name,
'last_name' => $user->last_name, 'last_name' => $user->last_name,
'email' => $user->email, 'email' => $user->email,

21
database/factories/ProductFactory.php Normal file
View File

@ -0,0 +1,21 @@
<?php
use Faker\Generator as Faker;
$factory->define(App\Models\Product::class, function (Faker $faker) {
return [
'product_key' => $faker->text(7),
'notes' => $faker->text(20),
'cost' => $faker->numberBetween(1,1000),
'qty' => $faker->numberBetween(1,100),
'tax_name1' => 'GST',
'tax_rate1' => 10,
'tax_name2' => 'VAT',
'tax_rate2' => 17.5,
'custom_value1' => $faker->text(20),
'custom_value2' => $faker->text(20),
'custom_value3' => $faker->text(20),
'custom_value4' => $faker->text(20),
'is_deleted' => false,
];
});

10
database/migrations/2014_10_13_000000_create_users_table.php
View File

@ -428,14 +428,20 @@ class CreateUsersTable extends Migration
$t->string('custom_value1')->nullable(); $t->string('custom_value1')->nullable();
$t->string('custom_value2')->nullable(); $t->string('custom_value2')->nullable();
$t->string('custom_value3')->nullable();
$t->string('custom_value4')->nullable();
$t->string('product_key'); $t->string('product_key');
$t->text('notes'); $t->text('notes');
$t->decimal('cost', 13, 2); $t->decimal('cost', 13, 2);
$t->decimal('qty', 13, 2)->nullable(); $t->decimal('qty', 13, 2)->nullable();
$t->unsignedInteger('stock_level'); $t->string('tax_name1')->nullable();
$t->unsignedInteger('min_stock_level'); $t->decimal('tax_rate1', 13, 3);
$t->string('tax_name2')->nullable();
$t->decimal('tax_rate2', 13, 3);
$t->boolean('is_deleted')->default(false);
$t->foreign('company_id')->references('id')->on('companies')->onDelete('cascade'); $t->foreign('company_id')->references('id')->on('companies')->onDelete('cascade');
$t->foreign('user_id')->references('id')->on('users')->onDelete('cascade'); $t->foreign('user_id')->references('id')->on('users')->onDelete('cascade');

3
database/seeds/RandomDataSeeder.php
View File

@ -88,6 +88,9 @@ class RandomDataSeeder extends Seeder
}); });
/** Product Factory */
factory(\App\Models\Product::class,50)->create(['user_id' => $user->id, 'company_id' => $company->id]);
} }
} }

6
routes/api.php
View File

@ -20,7 +20,7 @@ Route::middleware('auth:api')->get('/user', function (Request $request) {
Route::group(['middleware' => ['api_secret_check']], function () { Route::group(['middleware' => ['api_secret_check']], function () {
Route::post('signup', 'AccountController@store')->name('signup.submit'); Route::post('api/v1/signup', 'AccountController@store')->name('signup.submit');
}); });
@ -35,6 +35,10 @@ Route::group(['middleware' => ['db','api_secret_check','token_auth'], 'prefix' =
Route::post('invoices/bulk', 'InvoiceController@bulk')->name('invoices.bulk'); Route::post('invoices/bulk', 'InvoiceController@bulk')->name('invoices.bulk');
Route::resource('products', 'ProductController'); // name = (products. index / create / show / update / destroy / edit
Route::post('products/bulk', 'ProductController@bulk')->name('products.bulk');
Route::resource('quotes', 'QuoteController'); // name = (quotes. index / create / show / update / destroy / edit Route::resource('quotes', 'QuoteController'); // name = (quotes. index / create / show / update / destroy / edit
Route::post('quotes/bulk', 'QuoteController@bulk')->name('quotes.bulk'); Route::post('quotes/bulk', 'QuoteController@bulk')->name('quotes.bulk');

10
routes/web.php
View File

@ -11,9 +11,13 @@ Route::post('logout', 'Auth\LoginController@logout')->name('logout');
* Signup Routes * Signup Routes
*/ */
Route::redirect('/', '/login', 301); //Route::redirect('/', '/login', 301);
Route::get('signup', 'AccountController@index')->name('signup'); //Route::get('signup', 'AccountController@index')->name('signup');
Route::post('signup', 'AccountController@store')->name('signup.submit'); //Route::post('signup', 'AccountController@store')->name('signup.submit');
Auth::routes(['register' => false]);
Route::get('contact/login', 'Auth\ContactLoginController@showLoginForm')->name('contact.login'); Route::get('contact/login', 'Auth\ContactLoginController@showLoginForm')->name('contact.login');
Route::post('contact/login', 'Auth\ContactLoginController@login')->name('contact.login.submit'); Route::post('contact/login', 'Auth\ContactLoginController@login')->name('contact.login.submit');

2
tests/Feature/AccountTest.php
View File

@ -64,7 +64,7 @@ class AccountTest extends TestCase
'last_name' => $this->faker->lastName, 'last_name' => $this->faker->lastName,
'email' => $this->faker->unique()->safeEmail, 'email' => $this->faker->unique()->safeEmail,
'password' => 'ALongAndBrilliantPassword123', 'password' => 'ALongAndBrilliantPassword123',
'_token' => csrf_token(), //'_token' => csrf_token(),
'privacy_policy' => 1, 'privacy_policy' => 1,
'terms_of_service' => 1 'terms_of_service' => 1
]; ];

2
tests/Feature/ClientTest.php
View File

@ -137,7 +137,7 @@ class ClientTest extends TestCase
'X-API-TOKEN' => $token, 'X-API-TOKEN' => $token,
])->get('/api/v1/clients/'.$this->encodePrimaryKey($client->id)); ])->get('/api/v1/clients/'.$this->encodePrimaryKey($client->id));
$response->assertStatus(302); $response->assertStatus(200);
$response = $this->withHeaders([ $response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'), 'X-API-SECRET' => config('ninja.api_secret'),