diff --git a/app/Http/Controllers/DashboardController.php b/app/Http/Controllers/DashboardController.php index fb42733162..b66f38615d 100644 --- a/app/Http/Controllers/DashboardController.php +++ b/app/Http/Controllers/DashboardController.php @@ -11,7 +11,9 @@ class DashboardController extends BaseController { public function index() { - + $view_all = !Auth::user()->hasPermission('view_all'); + $user_id = Auth::user()->id; + // total_income, billed_clients, invoice_sent and active_clients $select = DB::raw('COUNT(DISTINCT CASE WHEN invoices.id IS NOT NULL THEN clients.id ELSE null END) billed_clients, SUM(CASE WHEN invoices.invoice_status_id >= '.INVOICE_STATUS_SENT.' THEN 1 ELSE 0 END) invoices_sent, @@ -24,8 +26,19 @@ class DashboardController extends BaseController ->where('clients.is_deleted', '=', false) ->where('invoices.is_deleted', '=', false) ->where('invoices.is_recurring', '=', false) - ->where('invoices.is_quote', '=', false) - ->groupBy('accounts.id') + ->where('invoices.is_quote', '=', false); + + if(!$view_all){ + $metrics = $metrics->where(function($query) use($user_id){ + $query->where('invoices.user_id', '=', $user_id); + $query->orwhere(function($query) use($user_id){ + $query->where('invoices.user_id', '=', null); + $query->where('clients.user_id', '=', $user_id); + }); + }); + } + + $metrics = $metrics->groupBy('accounts.id') ->first(); $select = DB::raw('SUM(clients.paid_to_date) as value, clients.currency_id as currency_id'); @@ -33,8 +46,13 @@ class DashboardController extends BaseController ->select($select) ->leftJoin('clients', 'accounts.id', '=', 'clients.account_id') ->where('accounts.id', '=', Auth::user()->account_id) - ->where('clients.is_deleted', '=', false) - ->groupBy('accounts.id') + ->where('clients.is_deleted', '=', false); + + if(!$view_all){ + $paidToDate = $paidToDate->where('clients.user_id', '=', $user_id); + } + + $paidToDate = $paidToDate->groupBy('accounts.id') ->groupBy(DB::raw('CASE WHEN clients.currency_id IS NULL THEN CASE WHEN accounts.currency_id IS NULL THEN 1 ELSE accounts.currency_id END ELSE clients.currency_id END')) ->get(); @@ -47,8 +65,13 @@ class DashboardController extends BaseController ->where('clients.is_deleted', '=', false) ->where('invoices.is_deleted', '=', false) ->where('invoices.is_quote', '=', false) - ->where('invoices.is_recurring', '=', false) - ->groupBy('accounts.id') + ->where('invoices.is_recurring', '=', false); + + if(!$view_all){ + $averageInvoice = $averageInvoice->where('invoices.user_id', '=', $user_id); + } + + $averageInvoice = $averageInvoice->groupBy('accounts.id') ->groupBy(DB::raw('CASE WHEN clients.currency_id IS NULL THEN CASE WHEN accounts.currency_id IS NULL THEN 1 ELSE accounts.currency_id END ELSE clients.currency_id END')) ->get(); @@ -65,8 +88,7 @@ class DashboardController extends BaseController $activities = Activity::where('activities.account_id', '=', Auth::user()->account_id) ->where('activities.activity_type_id', '>', 0); - if(!Auth::user()->hasPermission('view_all')){ - $user_id = Auth::user()->id; + if(!$view_all){ $activities = $activities->where('activities.user_id', '=', $user_id); } @@ -89,8 +111,7 @@ class DashboardController extends BaseController ->where('contacts.is_primary', '=', true) ->where('invoices.due_date', '<', date('Y-m-d')); - if(!Auth::user()->hasPermission('view_all')){ - $user_id = Auth::user()->id; + if(!$view_all){ $pastDue = $pastDue->where('invoices.user_id', '=', $user_id); } @@ -114,8 +135,7 @@ class DashboardController extends BaseController ->where('invoices.due_date', '>=', date('Y-m-d')) ->orderBy('invoices.due_date', 'asc'); - if(!Auth::user()->hasPermission('view_all')){ - $user_id = Auth::user()->id; + if(!$view_all){ $upcoming = $upcoming->where('invoices.user_id', '=', $user_id); } @@ -134,8 +154,7 @@ class DashboardController extends BaseController ->where('contacts.deleted_at', '=', null) ->where('contacts.is_primary', '=', true); - if(!Auth::user()->hasPermission('view_all')){ - $user_id = Auth::user()->id; + if(!$view_all){ $payments = $payments->where('payments.user_id', '=', $user_id); } diff --git a/app/Http/Controllers/ExpenseController.php b/app/Http/Controllers/ExpenseController.php index eb9fa0c437..b1fd28e419 100644 --- a/app/Http/Controllers/ExpenseController.php +++ b/app/Http/Controllers/ExpenseController.php @@ -45,7 +45,7 @@ class ExpenseController extends BaseController return View::make('list', array( 'entityType' => ENTITY_EXPENSE, 'title' => trans('texts.expenses'), - 'sortCol' => '1', + 'sortCol' => '3', 'columns' => Utils::trans([ 'checkbox', 'vendor', diff --git a/app/Http/Controllers/InvoiceController.php b/app/Http/Controllers/InvoiceController.php index 8c31cce798..dc9cc501db 100644 --- a/app/Http/Controllers/InvoiceController.php +++ b/app/Http/Controllers/InvoiceController.php @@ -52,6 +52,7 @@ class InvoiceController extends BaseController $data = [ 'title' => trans('texts.invoices'), 'entityType' => ENTITY_INVOICE, + 'sortCol' => '3', 'columns' => Utils::trans([ 'checkbox', 'invoice_number', @@ -165,6 +166,10 @@ class InvoiceController extends BaseController $lastSent = ($invoice->is_recurring && $invoice->last_sent_date) ? $invoice->recurring_invoices->last() : null; + if(!Auth::user()->hasPermission('view_all')){ + $clients = $clients->where('clients.user_id', '=', Auth::user()->id); + } + $data = array( 'clients' => $clients->get(), 'entityType' => $entityType, @@ -227,8 +232,13 @@ class InvoiceController extends BaseController $invoice = $account->createInvoice($entityType, $clientId); $invoice->public_id = 0; + $clients = Client::scope()->with('contacts', 'country')->orderBy('name'); + if(!Auth::user()->hasPermission('view_all')){ + $clients = $clients->where('clients.user_id', '=', Auth::user()->id); + } + $data = [ - 'clients' => Client::scope()->with('contacts', 'country')->orderBy('name')->get(), + 'clients' => $clients->get(), 'entityType' => $invoice->getEntityType(), 'invoice' => $invoice, 'method' => 'POST', diff --git a/app/Http/Controllers/PaymentController.php b/app/Http/Controllers/PaymentController.php index 7e675d023f..1ba681ba57 100644 --- a/app/Http/Controllers/PaymentController.php +++ b/app/Http/Controllers/PaymentController.php @@ -48,6 +48,7 @@ class PaymentController extends BaseController return View::make('list', array( 'entityType' => ENTITY_PAYMENT, 'title' => trans('texts.payments'), + 'sortCol' => '6', 'columns' => Utils::trans([ 'checkbox', 'invoice', diff --git a/app/Http/Controllers/QuoteController.php b/app/Http/Controllers/QuoteController.php index 7777c5a9d0..0c2dc3a8a5 100644 --- a/app/Http/Controllers/QuoteController.php +++ b/app/Http/Controllers/QuoteController.php @@ -54,6 +54,7 @@ class QuoteController extends BaseController $data = [ 'title' => trans('texts.quotes'), 'entityType' => ENTITY_QUOTE, + 'sortCol' => '3', 'columns' => Utils::trans([ 'checkbox', 'quote_number', diff --git a/app/Http/Controllers/TaskController.php b/app/Http/Controllers/TaskController.php index 46178f09dd..59f49da251 100644 --- a/app/Http/Controllers/TaskController.php +++ b/app/Http/Controllers/TaskController.php @@ -184,9 +184,7 @@ class TaskController extends BaseController { $action = Input::get('action'); - $input = $request->input(); - - if(!$this->checkUpdatePermission($input, $response)){ + if(!$this->checkUpdatePermission(array('public_id'=>$publicId)/* Hacky, but works */, $response)){ return $response; } diff --git a/app/Services/CreditService.php b/app/Services/CreditService.php index 2a130c5517..2e9220ad05 100644 --- a/app/Services/CreditService.php +++ b/app/Services/CreditService.php @@ -2,6 +2,7 @@ use Utils; use URL; +use Auth; use App\Services\BaseService; use App\Models\Client; use App\Models\Payment; @@ -34,7 +35,7 @@ class CreditService extends BaseService $query = $this->creditRepo->find($clientPublicId, $search); if(!Utils::hasPermission('view_all')){ - $query->where('expenses.user_id', '=', Auth::user()->id); + $query->where('credits.user_id', '=', Auth::user()->id); } return $this->createDatatable(ENTITY_CREDIT, $query, !$clientPublicId); diff --git a/resources/views/invoices/edit.blade.php b/resources/views/invoices/edit.blade.php index ce8160d25c..a12ab9e1f9 100644 --- a/resources/views/invoices/edit.blade.php +++ b/resources/views/invoices/edit.blade.php @@ -74,8 +74,8 @@
@endif - - {!! Former::select('client')->addOption('', '')->data_bind("dropdown: client")->addClass('client-input')->addGroupClass('client_select closer-row') !!} + + {!! Former::select('client')->addOption('', '')->data_bind("dropdown: client")->addClass('client-input')->addGroupClass('client_select closer-row') !!}
diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php index 3e77e91442..542d40b737 100644 --- a/resources/views/users/edit.blade.php +++ b/resources/views/users/edit.blade.php @@ -65,6 +65,7 @@ $('#permissions_view_all').prop('disabled', adminChecked); $('#permissions_create_all').prop('disabled', adminChecked); $('#permissions_edit_all').prop('disabled', adminChecked || !viewChecked); + if(!viewChecked)$('#permissions_edit_all').prop('checked',false) } fixCheckboxes(); @stop \ No newline at end of file