diff --git a/app/Http/Controllers/Auth/Reset.php b/app/Http/Controllers/Auth/Reset.php index 1a3b074db..ea7dcba63 100644 --- a/app/Http/Controllers/Auth/Reset.php +++ b/app/Http/Controllers/Auth/Reset.php @@ -4,6 +4,7 @@ namespace App\Http\Controllers\Auth; use App\Abstracts\Http\Controller; use Illuminate\Foundation\Auth\ResetsPasswords; +use Illuminate\Http\Request as BaseRequest; use App\Http\Requests\Auth\Reset as Request; use Illuminate\Support\Facades\Password; use Illuminate\Support\Str; @@ -29,7 +30,7 @@ class Reset extends Controller $this->middleware('guest'); } - public function create(Request $request, $token = null) + public function create(BaseRequest $request, $token = null) { return view('auth.reset.create')->with( ['token' => $token, 'email' => $request->email] diff --git a/app/Http/Controllers/Auth/Users.php b/app/Http/Controllers/Auth/Users.php index b929ab423..03965e65b 100644 --- a/app/Http/Controllers/Auth/Users.php +++ b/app/Http/Controllers/Auth/Users.php @@ -67,7 +67,13 @@ class Users extends Controller $landing_pages = $u->landing_pages; $roles = Role::all()->reject(function ($r) { - return $r->hasPermission('read-client-portal'); + $status = $r->hasPermission('read-client-portal'); + + if ($r->name == 'employee') { + $status = true; + } + + return $status; })->pluck('display_name', 'id'); $companies = user()->companies()->take(setting('default.select_limit'))->get()->sortBy('name')->pluck('name', 'id'); @@ -129,12 +135,21 @@ class Users extends Controller if ($user->isCustomer()) { // Show only roles with customer permission $roles = Role::all()->reject(function ($r) { - return !$r->hasPermission('read-client-portal'); + return ! $r->hasPermission('read-client-portal'); })->pluck('display_name', 'id'); + } else if ($user->isEmployee()) { + // Show only roles with employee permission + $roles = Role::where('name', 'employee')->get()->pluck('display_name', 'id'); } else { // Don't show roles with customer permission $roles = Role::all()->reject(function ($r) { - return $r->hasPermission('read-client-portal'); + $status = $r->hasPermission('read-client-portal'); + + if ($r->name == 'employee') { + $status = true; + } + + return $status; })->pluck('display_name', 'id'); } diff --git a/app/Jobs/Auth/CreateInvitation.php b/app/Jobs/Auth/CreateInvitation.php index 3d0fb9f2d..10affdbf9 100644 --- a/app/Jobs/Auth/CreateInvitation.php +++ b/app/Jobs/Auth/CreateInvitation.php @@ -23,6 +23,12 @@ class CreateInvitation extends Job public function handle(): UserInvitation { \DB::transaction(function () { + $invitations = UserInvitation::where('user_id', $this->user->id)->get(); + + foreach ($invitations as $invitation) { + $invitation->delete(); + } + $this->invitation = UserInvitation::create([ 'user_id' => $this->user->id, 'token' => (string) Str::uuid(), diff --git a/app/Jobs/Auth/UpdateRole.php b/app/Jobs/Auth/UpdateRole.php index 1248a9697..292f4beae 100644 --- a/app/Jobs/Auth/UpdateRole.php +++ b/app/Jobs/Auth/UpdateRole.php @@ -12,6 +12,10 @@ class UpdateRole extends Job implements ShouldUpdate { public function handle(): Role { + if (in_array($this->model->name, config('roles.defaults', ['admin', 'manager', 'accountant', 'employee']))) { + $this->request->name = $this->model->name; + } + event(new RoleUpdating($this->model, $this->request)); \DB::transaction(function () { diff --git a/app/Models/Auth/User.php b/app/Models/Auth/User.php index 13e0dbe1d..0caf3a9f2 100644 --- a/app/Models/Auth/User.php +++ b/app/Models/Auth/User.php @@ -240,6 +240,28 @@ class User extends Authenticatable implements HasLocalePreference return $query->wherePermissionIs('read-admin-panel'); } + /** + * Scope to only employees. + * + * @param \Illuminate\Database\Eloquent\Builder $query + * @return \Illuminate\Database\Eloquent\Builder + */ + public function scopeIsEmployee($query) + { + return $query->whereHasRole('employee'); + } + + /** + * Scope to only users. + * + * @param \Illuminate\Database\Eloquent\Builder $query + * @return \Illuminate\Database\Eloquent\Builder + */ + public function scopeIsNotEmployee($query) + { + return $query->wherePermissionIs('read-admin-panel'); + } + public function scopeEmail($query, $email) { return $query->where('email', '=', $email); @@ -289,6 +311,26 @@ class User extends Authenticatable implements HasLocalePreference return (bool) $this->can('read-admin-panel'); } + /** + * Determine if user is a employee. + * + * @return bool + */ + public function isEmployee() + { + return (bool) $this->hasRole('employee'); + } + + /** + * Determine if user is not a employee. + * + * @return bool + */ + public function isNotEmployee() + { + return (bool) ! $this->hasRole('employee'); + } + public function scopeSource($query, $source) { return $query->where($this->qualifyColumn('created_from'), $source); diff --git a/app/View/Components/PaymentMethod.php b/app/View/Components/PaymentMethod.php index 0583628a7..c5f625b20 100644 --- a/app/View/Components/PaymentMethod.php +++ b/app/View/Components/PaymentMethod.php @@ -50,7 +50,7 @@ class PaymentMethod extends Component // check here protal or admin panel.. if (empty($type)) { - $type = Str::contains(request()->route()->getName(), 'portal') ? 'customer' : 'all'; + $type = Str::contains(request()?->route()?->getName(), 'portal') ? 'customer' : 'all'; } $payment_methods = Modules::getPaymentMethods($type);