mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-10 21:22:58 +01:00
f712b789ca
* fix typo * php-cs traits * CS fixer pass * Password protect User routes * Implement checks to prevent editing a deleted record * Clean up payment flows * Fixes for tests
468 lines
17 KiB
PHP
468 lines
17 KiB
PHP
<?php
|
|
/**
|
|
* Invoice Ninja (https://invoiceninja.com)
|
|
*
|
|
* @link https://github.com/invoiceninja/invoiceninja source repository
|
|
*
|
|
* @copyright Copyright (c) 2019. Invoice Ninja LLC (https://invoiceninja.com)
|
|
*
|
|
* @license https://opensource.org/licenses/AAL
|
|
*/
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\DataMapper\DefaultSettings;
|
|
use App\Http\Requests\Company\CreateCompanyRequest;
|
|
use App\Http\Requests\Company\DestroyCompanyRequest;
|
|
use App\Http\Requests\Company\EditCompanyRequest;
|
|
use App\Http\Requests\Company\ShowCompanyRequest;
|
|
use App\Http\Requests\Company\StoreCompanyRequest;
|
|
use App\Http\Requests\Company\UpdateCompanyRequest;
|
|
use App\Http\Requests\SignupRequest;
|
|
use App\Jobs\Company\CreateCompany;
|
|
use App\Jobs\Company\CreateCompanyToken;
|
|
use App\Jobs\RegisterNewAccount;
|
|
use App\Jobs\Util\UploadAvatar;
|
|
use App\Models\Account;
|
|
use App\Models\Company;
|
|
use App\Models\CompanyUser;
|
|
use App\Repositories\CompanyRepository;
|
|
use App\Transformers\AccountTransformer;
|
|
use App\Transformers\CompanyTransformer;
|
|
use App\Transformers\CompanyUserTransformer;
|
|
use App\Utils\Traits\MakesHash;
|
|
use App\Utils\Traits\Uploadable;
|
|
use Illuminate\Foundation\Bus\DispatchesJobs;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Hash;
|
|
|
|
/**
|
|
* Class CompanyController
|
|
* @package App\Http\Controllers
|
|
*/
|
|
class CompanyController extends BaseController
|
|
{
|
|
use DispatchesJobs;
|
|
use MakesHash;
|
|
use Uploadable;
|
|
|
|
protected $entity_type = Company::class;
|
|
|
|
protected $entity_transformer = CompanyTransformer::class;
|
|
|
|
protected $company_repo;
|
|
|
|
public $forced_includes = [];
|
|
|
|
/**
|
|
* CompanyController constructor.
|
|
*/
|
|
public function __construct(CompanyRepository $company_repo)
|
|
{
|
|
parent::__construct();
|
|
|
|
$this->company_repo = $company_repo;
|
|
}
|
|
|
|
/**
|
|
* Display a listing of the resource.
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*
|
|
* @OA\Get(
|
|
* path="/api/v1/companies",
|
|
* operationId="getCompanies",
|
|
* tags={"companies"},
|
|
* summary="Gets a list of companies",
|
|
* description="Lists companies, search and filters allow fine grained lists to be generated.
|
|
|
|
Query parameters can be added to performed more fine grained filtering of the companies, these are handled by the CompanyFilters class which defines the methods available",
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
|
* @OA\Response(
|
|
* response=200,
|
|
* description="A list of companies",
|
|
* @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
|
|
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
|
|
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
|
|
* @OA\JsonContent(ref="#/components/schemas/Company"),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=422,
|
|
* description="Validation error",
|
|
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
|
|
|
|
* ),
|
|
* @OA\Response(
|
|
* response="default",
|
|
* description="Unexpected Error",
|
|
* @OA\JsonContent(ref="#/components/schemas/Error"),
|
|
* ),
|
|
* )
|
|
*
|
|
*/
|
|
public function index()
|
|
{
|
|
$companies = Company::whereAccountId(auth()->user()->company()->account->id);
|
|
|
|
return $this->listResponse($companies);
|
|
}
|
|
|
|
/**
|
|
* Show the form for creating a new resource.
|
|
*
|
|
* @return \Illuminate\Http\Response
|
|
*
|
|
*
|
|
*
|
|
* @OA\Get(
|
|
* path="/api/v1/companies/create",
|
|
* operationId="getCompaniesCreate",
|
|
* tags={"companies"},
|
|
* summary="Gets a new blank company object",
|
|
* description="Returns a blank object with default values",
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
|
* @OA\Response(
|
|
* response=200,
|
|
* description="A blank company object",
|
|
* @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
|
|
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
|
|
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
|
|
* @OA\JsonContent(ref="#/components/schemas/Company"),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=422,
|
|
* description="Validation error",
|
|
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
|
|
*
|
|
* ),
|
|
* @OA\Response(
|
|
* response="default",
|
|
* description="Unexpected Error",
|
|
* @OA\JsonContent(ref="#/components/schemas/Error"),
|
|
* ),
|
|
* )
|
|
*
|
|
*/
|
|
public function create(CreateCompanyRequest $request)
|
|
{
|
|
$company = CompanyFactory::create(auth()->user()->company()->account->id);
|
|
|
|
return $this->itemResponse($company);
|
|
}
|
|
|
|
/**
|
|
* Store a newly created resource in storage.
|
|
*
|
|
* @param \App\Http\Requests\SignupRequest $request
|
|
* @return \Illuminate\Http\Response
|
|
*
|
|
*
|
|
* @OA\Post(
|
|
* path="/api/v1/companies",
|
|
* operationId="storeCompany",
|
|
* tags={"companies"},
|
|
* summary="Adds a company",
|
|
* description="Adds an company to the system",
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
|
* @OA\Response(
|
|
* response=200,
|
|
* description="Returns the saved company object",
|
|
* @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
|
|
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
|
|
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
|
|
* @OA\JsonContent(ref="#/components/schemas/Company"),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=422,
|
|
* description="Validation error",
|
|
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
|
|
*
|
|
* ),
|
|
* @OA\Response(
|
|
* response="default",
|
|
* description="Unexpected Error",
|
|
* @OA\JsonContent(ref="#/components/schemas/Error"),
|
|
* ),
|
|
* )
|
|
*
|
|
*/
|
|
public function store(StoreCompanyRequest $request)
|
|
{
|
|
$this->forced_includes = ['company_user'];
|
|
|
|
$company = CreateCompany::dispatchNow($request->all(), auth()->user()->company()->account);
|
|
|
|
$company = $this->company_repo->save($request->all(), $company);
|
|
|
|
$company->saveSettings($request->input('settings'), $company);
|
|
|
|
$this->uploadLogo($request->file('company_logo'), $company, $company);
|
|
|
|
auth()->user()->companies()->attach($company->id, [
|
|
'account_id' => $company->account->id,
|
|
'is_owner' => 1,
|
|
'is_admin' => 1,
|
|
'is_locked' => 0,
|
|
'permissions' => json_encode([]),
|
|
'settings' => json_encode(DefaultSettings::userSettings()),
|
|
]);
|
|
|
|
/*
|
|
* Required dependencies
|
|
*/
|
|
auth()->user()->setCompany($company);
|
|
|
|
/*
|
|
* Create token
|
|
*/
|
|
$user_agent = request()->input('token_name') ?: request()->server('HTTP_USER_AGENT');
|
|
|
|
$company_token = CreateCompanyToken::dispatchNow($company, auth()->user(), $user_agent);
|
|
|
|
$this->entity_transformer = CompanyUserTransformer::class;
|
|
$this->entity_type = CompanyUser::class;
|
|
|
|
$ct = CompanyUser::whereUserId(auth()->user()->id)->whereCompanyId($company->id);
|
|
|
|
return $this->listResponse($ct);
|
|
}
|
|
|
|
/**
|
|
* Display the specified resource.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*
|
|
*
|
|
* @OA\Get(
|
|
* path="/api/v1/companies/{id}",
|
|
* operationId="showCompany",
|
|
* tags={"companies"},
|
|
* summary="Shows an company",
|
|
* description="Displays an company by id",
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
|
* @OA\Parameter(
|
|
* name="id",
|
|
* in="path",
|
|
* description="The Company Hashed ID",
|
|
* example="D2J234DFA",
|
|
* required=true,
|
|
* @OA\Schema(
|
|
* type="string",
|
|
* format="string",
|
|
* ),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=200,
|
|
* description="Returns the company object",
|
|
* @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
|
|
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
|
|
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
|
|
* @OA\JsonContent(ref="#/components/schemas/Company"),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=422,
|
|
* description="Validation error",
|
|
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
|
|
*
|
|
* ),
|
|
* @OA\Response(
|
|
* response="default",
|
|
* description="Unexpected Error",
|
|
* @OA\JsonContent(ref="#/components/schemas/Error"),
|
|
* ),
|
|
* )
|
|
*
|
|
*/
|
|
public function show(ShowCompanyRequest $request, Company $company)
|
|
{
|
|
return $this->itemResponse($company);
|
|
}
|
|
|
|
/**
|
|
* Show the form for editing the specified resource.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*
|
|
*
|
|
* @OA\Get(
|
|
* path="/api/v1/companies/{id}/edit",
|
|
* operationId="editCompany",
|
|
* tags={"companies"},
|
|
* summary="Shows an company for editting",
|
|
* description="Displays an company by id",
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
|
* @OA\Parameter(
|
|
* name="id",
|
|
* in="path",
|
|
* description="The Company Hashed ID",
|
|
* example="D2J234DFA",
|
|
* required=true,
|
|
* @OA\Schema(
|
|
* type="string",
|
|
* format="string",
|
|
* ),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=200,
|
|
* description="Returns the company object",
|
|
* @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
|
|
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
|
|
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
|
|
* @OA\JsonContent(ref="#/components/schemas/Company"),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=422,
|
|
* description="Validation error",
|
|
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
|
|
*
|
|
* ),
|
|
* @OA\Response(
|
|
* response="default",
|
|
* description="Unexpected Error",
|
|
* @OA\JsonContent(ref="#/components/schemas/Error"),
|
|
* ),
|
|
* )
|
|
*
|
|
*/
|
|
public function edit(EditCompanyRequest $request, Company $company)
|
|
{
|
|
return $this->itemResponse($company);
|
|
}
|
|
|
|
/**
|
|
* Update the specified resource in storage.
|
|
*
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*
|
|
*
|
|
* @OA\Put(
|
|
* path="/api/v1/companies/{id}",
|
|
* operationId="updateCompany",
|
|
* tags={"companies"},
|
|
* summary="Updates an company",
|
|
* description="Handles the updating of an company by id",
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
|
* @OA\Parameter(
|
|
* name="id",
|
|
* in="path",
|
|
* description="The Company Hashed ID",
|
|
* example="D2J234DFA",
|
|
* required=true,
|
|
* @OA\Schema(
|
|
* type="string",
|
|
* format="string",
|
|
* ),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=200,
|
|
* description="Returns the company object",
|
|
* @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
|
|
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
|
|
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
|
|
* @OA\JsonContent(ref="#/components/schemas/Company"),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=422,
|
|
* description="Validation error",
|
|
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
|
|
*
|
|
* ),
|
|
* @OA\Response(
|
|
* response="default",
|
|
* description="Unexpected Error",
|
|
* @OA\JsonContent(ref="#/components/schemas/Error"),
|
|
* ),
|
|
* )
|
|
*
|
|
*/
|
|
public function update(UpdateCompanyRequest $request, Company $company)
|
|
{
|
|
$company = $this->company_repo->save($request->all(), $company);
|
|
|
|
$company->saveSettings($request->input('settings'), $company);
|
|
|
|
$this->uploadLogo($request->file('company_logo'), $company, $company);
|
|
|
|
return $this->itemResponse($company);
|
|
}
|
|
|
|
/**
|
|
* Remove the specified resource from storage.
|
|
*
|
|
* @param int $id
|
|
* @return \Illuminate\Http\Response
|
|
*
|
|
*
|
|
* @OA\Delete(
|
|
* path="/api/v1/companies/{id}",
|
|
* operationId="deleteCompany",
|
|
* tags={"companies"},
|
|
* summary="Deletes a company",
|
|
* description="Handles the deletion of an company by id",
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Api-Token"),
|
|
* @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
|
|
* @OA\Parameter(ref="#/components/parameters/include"),
|
|
* @OA\Parameter(
|
|
* name="id",
|
|
* in="path",
|
|
* description="The Company Hashed ID",
|
|
* example="D2J234DFA",
|
|
* required=true,
|
|
* @OA\Schema(
|
|
* type="string",
|
|
* format="string",
|
|
* ),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=200,
|
|
* description="Returns a HTTP status",
|
|
* @OA\Header(header="X-API-Version", ref="#/components/headers/X-API-Version"),
|
|
* @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
|
|
* @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit"),
|
|
* ),
|
|
* @OA\Response(
|
|
* response=422,
|
|
* description="Validation error",
|
|
* @OA\JsonContent(ref="#/components/schemas/ValidationError"),
|
|
*
|
|
* ),
|
|
* @OA\Response(
|
|
* response="default",
|
|
* description="Unexpected Error",
|
|
* @OA\JsonContent(ref="#/components/schemas/Error"),
|
|
* ),
|
|
* )
|
|
*
|
|
*/
|
|
public function destroy(DestroyCompanyRequest $request, Company $company)
|
|
{
|
|
$company->delete();
|
|
|
|
return response()->json([], 200);
|
|
}
|
|
}
|