From c705d3d409af4e1c07b6497a85af8e0d87c5cb0f Mon Sep 17 00:00:00 2001 From: David Bomba Date: Fri, 29 Jul 2022 13:12:23 +1000 Subject: [PATCH 1/4] Throttle verify routes --- routes/api.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/routes/api.php b/routes/api.php index 8edbb699e0..7ee9da8414 100644 --- a/routes/api.php +++ b/routes/api.php @@ -104,7 +104,7 @@ Route::group(['middleware' => ['throttle:10,1','api_secret_check','email_db']], Route::post('api/v1/reset_password', [ForgotPasswordController::class, 'sendResetLinkEmail']); }); -Route::group(['middleware' => ['throttle:100,1', 'api_db', 'token_auth', 'locale'], 'prefix' => 'api/v1', 'as' => 'api.'], function () { +Route::group(['middleware' => ['throttle:300,1', 'api_db', 'token_auth', 'locale'], 'prefix' => 'api/v1', 'as' => 'api.'], function () { Route::put('accounts/{account}', [AccountController::class, 'update'])->name('account.update'); Route::post('check_subdomain', [SubdomainController::class, 'index'])->name('check_subdomain'); Route::get('ping', [PingController::class, 'index'])->name('ping'); @@ -239,7 +239,7 @@ Route::group(['middleware' => ['throttle:100,1', 'api_db', 'token_auth', 'locale Route::post('recurring_quotes/bulk', [RecurringQuoteController::class, 'bulk'])->name('recurring_quotes.bulk'); Route::put('recurring_quotes/{recurring_quote}/upload', [RecurringQuoteController::class, 'upload']); - Route::post('refresh', [LoginController::class, 'refresh'])->middleware('throttle:300,3'); + Route::post('refresh', [LoginController::class, 'refresh'])->middleware('throttle:300,2'); Route::post('reports/clients', ClientReportController::class); Route::post('reports/contacts', ClientContactReportController::class); @@ -287,7 +287,7 @@ Route::group(['middleware' => ['throttle:100,1', 'api_db', 'token_auth', 'locale Route::post('settings/disable_two_factor', [TwoFactorController::class, 'disableTwoFactor']); - Route::post('verify', [TwilioController::class, 'generate'])->name('verify.generate'); + Route::post('verify', [TwilioController::class, 'generate'])->name('verify.generate')->middleware('throttle:5,1'); Route::post('verify/confirm', [TwilioController::class, 'confirm'])->name('verify.confirm'); Route::resource('vendors', VendorController::class); // name = (vendors. index / create / show / update / destroy / edit From 97310541251ec8090c4e1b78756898878e6dcda1 Mon Sep 17 00:00:00 2001 From: David Bomba Date: Fri, 29 Jul 2022 15:05:47 +1000 Subject: [PATCH 2/4] client contact login --- app/Http/Controllers/Auth/ContactLoginController.php | 4 ++++ routes/client.php | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/app/Http/Controllers/Auth/ContactLoginController.php b/app/Http/Controllers/Auth/ContactLoginController.php index 7e18829e4c..4589bf548a 100644 --- a/app/Http/Controllers/Auth/ContactLoginController.php +++ b/app/Http/Controllers/Auth/ContactLoginController.php @@ -46,6 +46,10 @@ class ContactLoginController extends Controller MultiDB::findAndSetDbByCompanyKey($request->session()->get('company_key')); $company = Company::where('company_key', $request->input('company_key'))->first(); } + elseif($request->has('company_key')){ + MultiDB::findAndSetDbByCompanyKey($request->input('company_key')); + $company = Company::where('company_key', $request->input('company_key'))->first(); + } if ($company) { $account = $company->account; diff --git a/routes/client.php b/routes/client.php index c0d3e8492f..0da85644fd 100644 --- a/routes/client.php +++ b/routes/client.php @@ -18,8 +18,8 @@ use Illuminate\Support\Facades\Route; Route::get('client', [ContactLoginController::class, 'showLoginForm'])->name('client.catchall')->middleware(['domain_db', 'contact_account','locale']); //catch all -Route::get('client/login', [ContactLoginController::class, 'showLoginForm'])->name('client.login')->middleware(['domain_db', 'contact_account','locale']); -Route::post('client/login', [ContactLoginController::class, 'login'])->name('client.login.submit'); +Route::get('client/login/{company_key?}', [ContactLoginController::class, 'showLoginForm'])->name('client.login')->middleware(['domain_db', 'contact_account','locale']); +Route::post('client/login/{company_key?}', [ContactLoginController::class, 'login'])->name('client.login.submit'); Route::get('client/register/{company_key?}', [ContactRegisterController::class, 'showRegisterForm'])->name('client.register')->middleware(['domain_db', 'contact_account', 'contact_register','locale']); Route::post('client/register/{company_key?}', [ContactRegisterController::class, 'register'])->middleware(['domain_db', 'contact_account', 'contact_register', 'locale', 'throttle:10,1']); From b4dfabd684757a16ab221f0d039185c98e0e18e7 Mon Sep 17 00:00:00 2001 From: David Bomba Date: Fri, 29 Jul 2022 19:14:18 +1000 Subject: [PATCH 3/4] fixes for company table types --- app/Transformers/CompanyTransformer.php | 2 +- ...5_correction_for_companies_table_types.php | 38 +++++++++++++++++++ 2 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 database/migrations/2022_07_29_091235_correction_for_companies_table_types.php diff --git a/app/Transformers/CompanyTransformer.php b/app/Transformers/CompanyTransformer.php index f35a75f510..d4870fb568 100644 --- a/app/Transformers/CompanyTransformer.php +++ b/app/Transformers/CompanyTransformer.php @@ -177,7 +177,7 @@ class CompanyTransformer extends EntityTransformer 'inventory_notification_threshold' => (int) $company->inventory_notification_threshold, 'track_inventory' => (bool) $company->track_inventory, 'enable_applying_payments' => (bool) $company->enable_applying_payments, - 'enabled_expense_tax_rates' => (bool) $company->enabled_expense_tax_rates, + 'enabled_expense_tax_rates' => (int) $company->enabled_expense_tax_rates, ]; } diff --git a/database/migrations/2022_07_29_091235_correction_for_companies_table_types.php b/database/migrations/2022_07_29_091235_correction_for_companies_table_types.php new file mode 100644 index 0000000000..45564710b6 --- /dev/null +++ b/database/migrations/2022_07_29_091235_correction_for_companies_table_types.php @@ -0,0 +1,38 @@ +unsignedInteger('enabled_expense_tax_rates')->default(0)->change(); + }); + + Company::query()->where('enabled_item_tax_rates', true)->cursor()->each(function ($company){ + + $company->enabled_expense_tax_rates = $company->enabled_item_tax_rates; + $company->save(); + + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + // + } +}; From ed5e9cfd9232dce4460ab77e1e72a422049ad649 Mon Sep 17 00:00:00 2001 From: David Bomba Date: Fri, 29 Jul 2022 19:14:37 +1000 Subject: [PATCH 4/4] v5.4.4 --- VERSION.txt | 2 +- config/ninja.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/VERSION.txt b/VERSION.txt index d2ff458a01..0413736d69 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -5.5.3 \ No newline at end of file +5.5.4 \ No newline at end of file diff --git a/config/ninja.php b/config/ninja.php index 220d495a67..6a4e82e422 100644 --- a/config/ninja.php +++ b/config/ninja.php @@ -14,8 +14,8 @@ return [ 'require_https' => env('REQUIRE_HTTPS', true), 'app_url' => rtrim(env('APP_URL', ''), '/'), 'app_domain' => env('APP_DOMAIN', 'invoicing.co'), - 'app_version' => '5.5.3', - 'app_tag' => '5.5.3', + 'app_version' => '5.5.4', + 'app_tag' => '5.5.4', 'minimum_client_version' => '5.0.16', 'terms_version' => '1.0.1', 'api_secret' => env('API_SECRET', ''),