Restrict client list

app/Http/Controllers/CreditController.php

@@ -64,7 +64,7 @@ class CreditController extends BaseController
             'method' => 'POST',
             'url' => 'credits',
             'title' => trans('texts.new_credit'),
-            'clients' => Client::scope()->with('contacts')->orderBy('name')->get(), 
+            'clients' => Client::scope()->viewable()->with('contacts')->orderBy('name')->get(), 
         );
 
         return View::make('credits.edit', $data);
@@ -74,9 +74,9 @@ class CreditController extends BaseController
     public function edit($publicId)
     {
         $credit = Credit::scope($publicId)->firstOrFail();
-        
+
         $this->authorize('edit', $credit);
-        
+
         $credit->credit_date = Utils::fromSqlDate($credit->credit_date);
 
         $data = array(
@@ -90,7 +90,7 @@ class CreditController extends BaseController
         return View::make('credit.edit', $data);
     }
     */
-    
+
     public function store(CreateCreditRequest $request)
     {
         $credit = $this->creditRepo->save($request->input());

app/Http/Controllers/PaymentController.php

@@ -35,7 +35,7 @@ use App\Http\Requests\UpdatePaymentRequest;
 class PaymentController extends BaseController
 {
     protected $entityType = ENTITY_PAYMENT;
-    
+
     public function __construct(PaymentRepository $paymentRepo, InvoiceRepository $invoiceRepo, AccountRepository $accountRepo, ContactMailer $contactMailer, PaymentService $paymentService, UserMailer $userMailer)
     {
         // parent::__construct();
@@ -77,6 +77,7 @@ class PaymentController extends BaseController
     public function create(PaymentRequest $request)
     {
         $invoices = Invoice::scope()
+                    ->viewable()
                     ->invoiceType(INVOICE_TYPE_STANDARD)
                     ->where('is_recurring', '=', false)
                     ->where('invoices.balance', '>', 0)
@@ -94,7 +95,7 @@ class PaymentController extends BaseController
             'title' => trans('texts.new_payment'),
             'paymentTypes' => Cache::get('paymentTypes'),
             'paymentTypeId' => Input::get('paymentTypeId'),
-            'clients' => Client::scope()->with('contacts')->orderBy('name')->get(), );
+            'clients' => Client::scope()->viewable()->with('contacts')->orderBy('name')->get(), );
 
         return View::make('payments.edit', $data);
     }
@@ -102,7 +103,7 @@ class PaymentController extends BaseController
     public function edit(PaymentRequest $request)
     {
         $payment = $request->entity();
-                
+
         $payment->payment_date = Utils::fromSqlDate($payment->payment_date);
 
         $data = array(
@@ -691,7 +692,7 @@ class PaymentController extends BaseController
                     Session::flash('error', $message);
                 }
                 return Redirect::to($invitation->getLink());
-            } elseif (method_exists($gateway, 'completePurchase') 
+            } elseif (method_exists($gateway, 'completePurchase')
                 && !$accountGateway->isGateway(GATEWAY_TWO_CHECKOUT)
                 && !$accountGateway->isGateway(GATEWAY_CHECKOUT_COM)) {
                 $details = $this->paymentService->getPaymentDetails($invitation, $accountGateway, array());
@@ -723,7 +724,7 @@ class PaymentController extends BaseController
     public function store(CreatePaymentRequest $request)
     {
         $input = $request->input();
-                
+
         $input['invoice_id'] = Invoice::getPrivateId($input['invoice']);
         $input['client_id'] = Client::getPrivateId($input['client']);
         $payment = $this->paymentRepo->save($input);
@@ -790,7 +791,7 @@ class PaymentController extends BaseController
         } elseif (!empty($data)) {
             return response()->json($data);
         }
-        
+
         return response()->json([
             'message' => 'Bank not found',
         ], 404);

app/Http/Controllers/TaskApiController.php

@@ -40,11 +40,11 @@ class TaskApiController extends BaseAPIController
      */
     public function index()
     {
-        $payments = Task::scope()
+        $tasks = Task::scope()
                         ->withTrashed()
                         ->orderBy('created_at', 'desc');
 
-        return $this->listResponse($payments);
+        return $this->listResponse($tasks);
     }
 
     /**

app/Http/Controllers/TaskController.php

@@ -117,7 +117,7 @@ class TaskController extends BaseController
         $this->checkTimezone();
 
         $task = $request->entity();
-        
+
         $actions = [];
         if ($task->invoice) {
             $actions[] = ['url' => URL::to("invoices/{$task->invoice->public_id}/edit"), 'label' => trans("texts.view_invoice")];
@@ -167,14 +167,14 @@ class TaskController extends BaseController
     public function update(UpdateTaskRequest $request)
     {
         $task = $request->entity();
-        
+
         return $this->save($task->public_id);
     }
 
     private static function getViewModel()
     {
         return [
-            'clients' => Client::scope()->with('contacts')->orderBy('name')->get(),
+            'clients' => Client::scope()->viewable()->with('contacts')->orderBy('name')->get(),
             'account' => Auth::user()->account,
         ];
     }
@@ -182,7 +182,7 @@ class TaskController extends BaseController
     private function save($publicId = null)
     {
         $action = Input::get('action');
-        
+
         if (in_array($action, ['archive', 'delete', 'restore'])) {
             return self::bulk();
         }
@@ -210,7 +210,7 @@ class TaskController extends BaseController
             $tasks = Task::scope($ids)->with('client')->get();
             $clientPublicId = false;
             $data = [];
-            
+
             foreach ($tasks as $task) {
                 if ($task->client) {
                     if (!$clientPublicId) {
@@ -228,7 +228,7 @@ class TaskController extends BaseController
                     Session::flash('error', trans('texts.task_error_invoiced'));
                     return Redirect::to('tasks');
                 }
-                
+
                 $account = Auth::user()->account;
                 $data[] = [
                     'publicId' => $task->public_id,