Updates for chart permissions

2024-11-10 05:02:36 +01:00 · 2023-05-16 15:35:29 +10:00 · 2023-05-16 15:35:29 +10:00 · 4767c1a14a
commit 4767c1a14a
parent a35934f7b1
2 changed files with 23 additions and 12 deletions
--- a/app/Http/Controllers/ChartController.php
+++ b/app/Http/Controllers/ChartController.php
@ -13,8 +13,6 @@ namespace App\Http\Controllers;

 use App\Http\Requests\Chart\ShowChartRequest;
 use App\Services\Chart\ChartService;
-use Illuminate\Http\Request;
-use Illuminate\Http\Response;

 class ChartController extends BaseController
 {
@ -67,14 +65,19 @@ class ChartController extends BaseController
     */
    public function totals(ShowChartRequest $request)
    {
-        $cs = new ChartService(auth()->user()->company());
+        /** @var \App\Models\User auth()->user() */
+        $user = auth()->user();
+        $cs = new ChartService($user->company(), $user, $user->isAdmin());

        return response()->json($cs->totals($request->input('start_date'), $request->input('end_date')), 200);
    }

    public function chart_summary(ShowChartRequest $request)
    {
-        $cs = new ChartService(auth()->user()->company());
+
+        /** @var \App\Models\User auth()->user() */
+        $user = auth()->user();
+        $cs = new ChartService($user->company(), $user, $user->isAdmin());

        return response()->json($cs->chart_summary($request->input('start_date'), $request->input('end_date')), 200);
    }
--- a/app/Services/Chart/ChartService.php
+++ b/app/Services/Chart/ChartService.php
@ -11,6 +11,7 @@

 namespace App\Services\Chart;

+use App\Models\User;
 use App\Models\Client;
 use App\Models\Company;
 use App\Models\Expense;
@ -20,11 +21,8 @@ class ChartService
 {
    use ChartQueries;

-    public Company $company;
-
-    public function __construct(Company $company)
+    public function __construct(public Company $company, private User $user, private bool $is_admin)
    {
-        $this->company = $company;
    }

    /**
@ -37,8 +35,12 @@ class ChartService
        $currencies = Client::withTrashed()
            ->where('company_id', $this->company->id)
            ->where('is_deleted', 0)
-            ->distinct()
-            ->pluck('settings->currency_id as id');
+            ->distinct();
+
+            if(!$this->is_admin)
+                $currencies->where('user_id', $this->user->id);
+
+        $currencies->pluck('settings->currency_id as id');

        /* Push the company currency on also */
        $currencies->push((int) $this->company->settings->currency_id);
@ -47,8 +49,14 @@ class ChartService
        $expense_currencies = Expense::withTrashed()
            ->where('company_id', $this->company->id)
            ->where('is_deleted', 0)
-            ->distinct()
-            ->pluck('currency_id as id');
+            ->distinct();
+
+            
+        if (!$this->is_admin) {
+            $expense_currencies->where('user_id', $this->user->id);
+        }
+
+        $expense_currencies->pluck('currency_id as id');

        /* Merge and filter by unique */
        $currencies = $currencies->merge($expense_currencies)->unique();