Limit bulk emailing

app/Http/Controllers/InvoiceApiController.php

@@ -206,9 +206,11 @@ class InvoiceApiController extends BaseAPIController
                     $invoice = $recurringInvoice;
                 }
                 $reminder = isset($data['email_type']) ? $data['email_type'] : false;
+                if (auth()->user()->isTrusted()) {
                     $this->dispatch(new SendInvoiceEmail($invoice, auth()->user()->id, $reminder));
                 }
             }
+        }
 
         $invoice = Invoice::scope($invoice->public_id)
                         ->with('client', 'invoice_items', 'invitations')
@@ -337,6 +339,10 @@ class InvoiceApiController extends BaseAPIController
 
     public function emailInvoice(InvoiceRequest $request)
     {
+        if (! auth()->user()->isTrusted()) {
+            return $this->errorResponse('Requires paid pro plan', 400);
+        }
+
         $invoice = $request->entity();
 
         if ($invoice->is_recurring && $recurringInvoice = $this->invoiceRepo->createRecurringInvoice($invoice)) {

app/Models/User.php

@@ -138,8 +138,12 @@ class User extends Authenticatable
     /**
      * @return mixed
      */
-    public function isPaidPro()
+    public function isTrusted()
     {
+        if (Utils::isSelfHost()) {
+            true;
+        }
+
         return $this->account->isPro() && ! $this->account->isTrial();
     }
 

app/Ninja/Datatables/InvoiceDatatable.php

@@ -196,7 +196,7 @@ class InvoiceDatatable extends EntityDatatable
                 'label' => mtrans($this->entityType, 'download_' . $this->entityType),
                 'url' => 'javascript:submitForm_'.$this->entityType.'("download")',
             ];
-            if (Utils::isSelfHost() || auth()->user()->isPaidPro()) {
+            if (auth()->user()->isTrusted()) {
                 $actions[] = [
                     'label' => mtrans($this->entityType, 'email_' . $this->entityType),
                     'url' => 'javascript:submitForm_'.$this->entityType.'("emailInvoice")',