mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-09 20:52:56 +01:00
Force DB to be set only on company table
This commit is contained in:
David Bomba
parent
1c3f0c590c
commit
caf653ed69
@ -14,13 +14,32 @@ class SetDb
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if (config('ninja.db.multi_db_enabled'))
|
||||
|
||||
$error['error'] = ['message' => 'Database could not be set'];
|
||||
|
||||
|
||||
if( $request->header('X-API-TOKEN') && ($user = CompanyToken::whereRaw("BINARY `token`= ?",[$request->header('X-API-TOKEN')])->first()->user ) && config('ninja.db.multi_db_enabled'))
|
||||
{
|
||||
MultiDB::setDB(auth()->user()->db);
|
||||
|
||||
if(! MultiDB::findAndSetDb($request->header('X-API-TOKEN')))
|
||||
{
|
||||
|
||||
return response()->json(json_encode($error, JSON_PRETTY_PRINT) ,403);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
|
||||
return response()->json(json_encode($error, JSON_PRETTY_PRINT) ,403);
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -42,9 +42,9 @@ class CreateCompany
|
||||
$company->name = $this->request['first_name'] . ' ' . $this->request['last_name'];
|
||||
$company->account_id = $this->account->id;
|
||||
$company->company_key = $this->createHash();
|
||||
$company->db = config('database.default');
|
||||
$company->ip = request()->ip();
|
||||
$company->settings = CompanySettings::defaults();
|
||||
$company->db = config('database.default');
|
||||
$company->save();
|
||||
|
||||
|
||||
|
||||
@ -47,7 +47,6 @@ class CreateUser
|
||||
$user->password = bcrypt($this->request['password']);
|
||||
$user->accepted_terms_version = config('ninja.terms_version');
|
||||
$user->confirmation_code = $this->createDbHash(config('database.default'));
|
||||
$user->db = config('database.default');
|
||||
$user->fill($this->request);
|
||||
$user->save();
|
||||
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Libraries;
|
||||
|
||||
use App\Models\CompanyToken;
|
||||
use App\Models\User;
|
||||
|
||||
/**
|
||||
@ -74,6 +75,23 @@ class MultiDB
|
||||
return false;
|
||||
}
|
||||
|
||||
public static function findAndSetDb($token) :bool
|
||||
{
|
||||
|
||||
foreach (self::$dbs as $db)
|
||||
{
|
||||
|
||||
if($ct = CompanyToken::on($db)->whereRaw("BINARY `token`= ?", [$token])->first())
|
||||
{
|
||||
|
||||
self::setDb($ct->company->db);
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $database
|
||||
|
||||
@ -27,13 +27,14 @@ class SendVerificationNotification
|
||||
* @return void
|
||||
*/
|
||||
public function handle($event)
|
||||
{
|
||||
//send confirmation email using $event->user
|
||||
{//todo handle the change of DB locaiton to Company Token table
|
||||
/*send confirmation email using $event->user
|
||||
MultiDB::setDB($event->user->db);
|
||||
|
||||
Mail::to($event->user->email)
|
||||
//->cc('')
|
||||
//->bcc('')
|
||||
->queue(new VerifyUser($event->user));
|
||||
*/
|
||||
}
|
||||
}
|
||||
|
||||
@ -92,7 +92,6 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||
|
||||
return $ct->company;
|
||||
|
||||
// return $this->companies()->where('company_id', $this->getCurrentCompanyId())->first();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -22,6 +22,5 @@ $factory->define(App\Models\User::class, function (Faker $faker) {
|
||||
'email_verified_at' => now(),
|
||||
'password' => bcrypt(config('ninja.testvars.password')), // secret
|
||||
'remember_token' => str_random(10),
|
||||
'db' => config('database.default')
|
||||
];
|
||||
});
|
||||
|
||||
@ -204,7 +204,6 @@ class CreateUsersTable extends Migration
|
||||
$table->unsignedInteger('avatar_width')->nullable();
|
||||
$table->unsignedInteger('avatar_height')->nullable();
|
||||
$table->unsignedInteger('avatar_size')->nullable();
|
||||
$table->string('db', 100);
|
||||
$table->text('signature');
|
||||
$table->string('password');
|
||||
$table->rememberToken();
|
||||
@ -224,6 +223,7 @@ class CreateUsersTable extends Migration
|
||||
$table->unsignedInteger('user_id')->index();
|
||||
$table->string('token')->nullable();
|
||||
$table->string('name')->nullable();
|
||||
$table->string('db', 100)->nullable();
|
||||
|
||||
$table->foreign('company_id')->references('id')->on('companies')->onDelete('cascade');
|
||||
$table->foreign('account_id')->references('id')->on('accounts')->onDelete('cascade');
|
||||
|
||||
@ -25,7 +25,7 @@ Route::group(['middleware' => ['api_secret_check']], function () {
|
||||
});
|
||||
|
||||
|
||||
Route::group(['middleware' => ['api_secret_check','token_auth']], function () {
|
||||
Route::group(['middleware' => ['db','api_secret_check','token_auth']], function () {
|
||||
|
||||
Route::resource('clients', 'ClientController'); // name = (clients. index / create / show / update / destroy / edit
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user