mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-14 15:13:29 +01:00
Implement logic that changes the response based on user permissions
This commit is contained in:
parent
683d86bb58
commit
c121971636
@ -267,7 +267,7 @@ class BaseController extends Controller
|
|||||||
|
|
||||||
$updated_at = request()->has('updated_at') ? request()->input('updated_at') : 0;
|
$updated_at = request()->has('updated_at') ? request()->input('updated_at') : 0;
|
||||||
|
|
||||||
if ($user->getCompany()->is_large && $updated_at == 0) {
|
if ($user->getCompany()->is_large && $updated_at == 0 && $this->complexPermissionsUser()) {
|
||||||
$updated_at = time();
|
$updated_at = time();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -613,11 +613,27 @@ class BaseController extends Controller
|
|||||||
return $this->response($this->manager->createData($resource)->toArray());
|
return $this->response($this->manager->createData($resource)->toArray());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* In case a user is not an admin and is
|
||||||
|
* able to access multiple companies, then we
|
||||||
|
* need to pass back the mini load only
|
||||||
|
*
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
private function complexPermissionsUser(): bool
|
||||||
|
{
|
||||||
|
//if the user is attached to more than one company AND they are not an admin across all companies
|
||||||
|
if(auth()->user()->company_users()->count() > 1 && (auth()->user()->company_users()->where('is_admin',1)->count() != auth()->user()->company_users()->count()))
|
||||||
|
return true;
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
protected function timeConstrainedResponse($query)
|
protected function timeConstrainedResponse($query)
|
||||||
{
|
{
|
||||||
$user = auth()->user();
|
$user = auth()->user();
|
||||||
|
|
||||||
if ($user->getCompany()->is_large) {
|
if ($user->getCompany()->is_large || $this->complexPermissionsUser()) {
|
||||||
$this->manager->parseIncludes($this->mini_load);
|
$this->manager->parseIncludes($this->mini_load);
|
||||||
|
|
||||||
return $this->miniLoadResponse($query);
|
return $this->miniLoadResponse($query);
|
||||||
|
@ -4951,6 +4951,7 @@ $LANG = array(
|
|||||||
'notify_vendor_when_paid_help' => 'Send an email to the vendor when the expense is marked as paid',
|
'notify_vendor_when_paid_help' => 'Send an email to the vendor when the expense is marked as paid',
|
||||||
'update_payment' => 'Update Payment',
|
'update_payment' => 'Update Payment',
|
||||||
'markup' => 'Markup',
|
'markup' => 'Markup',
|
||||||
|
'unlock_pro' => 'Unlock Pro',
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user