From d46e6c44aca9813501c26254d8f6080f21339223 Mon Sep 17 00:00:00 2001
From: denisdulici <denisdulici@gmail.com>
Date: Fri, 13 Mar 2020 14:55:50 +0300
Subject: [PATCH] prevent change/delete for reconciled records

---
 app/Jobs/Banking/DeleteTransaction.php |  6 ++++++
 app/Jobs/Banking/UpdateTransaction.php | 16 ++++++++++++++++
 app/Jobs/Purchase/DeleteBill.php       | 16 ++++++++++++++++
 app/Jobs/Sale/DeleteInvoice.php        | 16 ++++++++++++++++
 app/Models/Banking/Transaction.php     | 22 ++++++++++++++++++++++
 resources/lang/en-GB/messages.php      |  2 ++
 6 files changed, 78 insertions(+)

diff --git a/app/Jobs/Banking/DeleteTransaction.php b/app/Jobs/Banking/DeleteTransaction.php
index 91908b481..1b7895d13 100644
--- a/app/Jobs/Banking/DeleteTransaction.php
+++ b/app/Jobs/Banking/DeleteTransaction.php
@@ -41,6 +41,12 @@ class DeleteTransaction extends Job
      */
     public function authorize()
     {
+        if ($this->transaction->reconciled) {
+            $message = trans('messages.warning.reconciled_tran');
+
+            throw new \Exception($message);
+        }
+
         if ($this->transaction->category->id == Category::transfer()) {
             throw new \Exception('Unauthorized');
         }
diff --git a/app/Jobs/Banking/UpdateTransaction.php b/app/Jobs/Banking/UpdateTransaction.php
index 4b9d7824a..131a16320 100644
--- a/app/Jobs/Banking/UpdateTransaction.php
+++ b/app/Jobs/Banking/UpdateTransaction.php
@@ -30,6 +30,8 @@ class UpdateTransaction extends Job
      */
     public function handle()
     {
+        $this->authorize();
+
         $this->transaction->update($this->request->all());
 
         // Upload attachment
@@ -44,4 +46,18 @@ class UpdateTransaction extends Job
 
         return $this->transaction;
     }
+
+    /**
+     * Determine if this action is applicable.
+     *
+     * @return void
+     */
+    public function authorize()
+    {
+        if ($this->transaction->reconciled) {
+            $message = trans('messages.warning.reconciled_tran');
+
+            throw new \Exception($message);
+        }
+    }
 }
diff --git a/app/Jobs/Purchase/DeleteBill.php b/app/Jobs/Purchase/DeleteBill.php
index f90048303..7822fd302 100644
--- a/app/Jobs/Purchase/DeleteBill.php
+++ b/app/Jobs/Purchase/DeleteBill.php
@@ -27,6 +27,8 @@ class DeleteBill extends Job
      */
     public function handle()
     {
+        $this->authorize();
+
         Transaction::mute();
 
         $this->deleteRelationships($this->bill, [
@@ -39,4 +41,18 @@ class DeleteBill extends Job
 
         return true;
     }
+
+    /**
+     * Determine if this action is applicable.
+     *
+     * @return void
+     */
+    public function authorize()
+    {
+        if ($this->bill->transactions()->isReconciled()->count()) {
+            $message = trans('messages.warning.reconciled_doc', ['type' => trans_choice('general.bills', 1)]);
+
+            throw new \Exception($message);
+        }
+    }
 }
diff --git a/app/Jobs/Sale/DeleteInvoice.php b/app/Jobs/Sale/DeleteInvoice.php
index decf06677..ff0ad5de7 100644
--- a/app/Jobs/Sale/DeleteInvoice.php
+++ b/app/Jobs/Sale/DeleteInvoice.php
@@ -27,6 +27,8 @@ class DeleteInvoice extends Job
      */
     public function handle()
     {
+        $this->authorize();
+
         Transaction::mute();
 
         $this->deleteRelationships($this->invoice, [
@@ -39,4 +41,18 @@ class DeleteInvoice extends Job
 
         return true;
     }
+
+    /**
+     * Determine if this action is applicable.
+     *
+     * @return void
+     */
+    public function authorize()
+    {
+        if ($this->invoice->transactions()->isReconciled()->count()) {
+            $message = trans('messages.warning.reconciled_doc', ['type' => trans_choice('general.invoices', 1)]);
+
+            throw new \Exception($message);
+        }
+    }
 }
diff --git a/app/Models/Banking/Transaction.php b/app/Models/Banking/Transaction.php
index c33afb47c..6f85c8255 100644
--- a/app/Models/Banking/Transaction.php
+++ b/app/Models/Banking/Transaction.php
@@ -174,6 +174,28 @@ class Transaction extends Model
         return $query->sum('amount');
     }
 
+    /**
+     * Get only reconciled.
+     *
+     * @param \Illuminate\Database\Eloquent\Builder $query
+     * @return \Illuminate\Database\Eloquent\Builder
+     */
+    public function scopeIsReconciled($query)
+    {
+        return $query->where('reconciled', 1);
+    }
+
+    /**
+     * Get only not reconciled.
+     *
+     * @param \Illuminate\Database\Eloquent\Builder $query
+     * @return \Illuminate\Database\Eloquent\Builder
+     */
+    public function scopeIsNotReconciled($query)
+    {
+        return $query->where('reconciled', 0);
+    }
+
     /**
      * Convert amount to double.
      *
diff --git a/resources/lang/en-GB/messages.php b/resources/lang/en-GB/messages.php
index 815a9518e..e14d19be0 100644
--- a/resources/lang/en-GB/messages.php
+++ b/resources/lang/en-GB/messages.php
@@ -28,6 +28,8 @@ return [
     'warning' => [
         'deleted'           => 'Warning: You are not allowed to delete <b>:name</b> because it has :text related.',
         'disabled'          => 'Warning: You are not allowed to disable <b>:name</b> because it has :text related.',
+        'reconciled_tran'   => 'Warning: You are not allowed to change/delete transaction because it is reconciled!',
+        'reconciled_doc'    => 'Warning: You are not allowed to change/delete :type because it has reconciled transactions!',
         'disable_code'      => 'Warning: You are not allowed to disable or change the currency of <b>:name</b> because it has :text related.',
         'payment_cancel'    => 'Warning: You have cancelled your recent :method payment!',
     ],