Sultan
/
invoiceninja
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #10551 from turbo124/v5-develop 

Prevent destructive commands in production
This commit is contained in:
David Bomba 2025-01-20 09:44:45 +11:00 committed by GitHub
parent 72c35b9031 bfb771f6aa
commit 18d20c3d3e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 162 additions and 255 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/phpunit.yml vendored
View File

@ -120,7 +120,7 @@ jobs:
- name: Migrate Database
run: |
php artisan migrate:fresh --seed --force && php artisan db:seed --force
php artisan migrate && php artisan db:seed
- name: Run Testsuite
run: |

2
app/Console/Commands/DemoMode.php
View File

@ -78,7 +78,7 @@ class DemoMode extends Command
{
set_time_limit(0);
if (config('ninja.is_docker')) {
if (config('ninja.is_docker') || Ninja::isHosted()) {
return;
}

12
app/Livewire/DocumentsTable.php
View File

@ -118,12 +118,14 @@ class DocumentsTable extends Component
protected function documents()
{
return $this->client()->documents()
->where('is_public', true)
->orWhere(function ($query){
$client = $this->client();
$query->whereHasMorph('documentable', [Company::class], function ($q) {
$q->where('is_public', true);
return $client->documents()
->where('is_public', true)
->orWhere(function ($query) use ($client) {
$query->whereHasMorph('documentable', [Company::class], function ($q) use ($client) {
$q->where('is_public', true)->where('company_id', $client->company_id);
});
});

5
app/Providers/AppServiceProvider.php
View File

@ -145,6 +145,11 @@ class AppServiceProvider extends ServiceProvider
return $this;
});
//Prevents destructive commands from being run in hosted environments
\DB::prohibitDestructiveCommands(Ninja::isHosted());
}
public function register(): void

21
app/Services/Pdf/Purify.php
View File

@ -301,10 +301,25 @@ class Purify
} else {
// First, remove ALL attributes from the node
while ($node->attributes->length > 0) {
$attr = $node->attributes->item(0);
$node->removeAttribute($attr->nodeName);
// while ($node->attributes->length > 0) {
// $attr = $node->attributes->item(0);
// $node->removeAttribute($attr->nodeName);
// }
if ($node instanceof \DOMElement) {
// Create a list of attributes to remove
$attributes_to_remove = [];
foreach ($node->attributes as $attr) {
$attributes_to_remove[] = $attr->nodeName;
}
// Remove the attributes
foreach ($attributes_to_remove as $attr_name) {
$node->removeAttribute($attr_name);
}
}
}
// Then add back only the allowed attributes

68
resources/views/pdf-designs/bold.html
View File

@ -13,6 +13,9 @@
font-family: $font_name, Helvetica, sans-serif;
font-size: $font_size !important;
zoom: 80%;
margin: 0;
padding: 0;
}
table tr td, table tr, th {
@ -20,7 +23,9 @@
}
body, html {
html {
width: 210mm;
height: 200mm;
margin: 0;
padding: 0;
}
@ -163,11 +168,11 @@
padding: 1.5rem;
}
[data-ref="table"] > tbody > tr > td:last-child {
text-align: right;
td.right-radius {
text-align: right !important;
}
[data-ref="table"] > tbody > tr > td:first-child {
td.left-radius{
font-weight: bold;
}
@ -299,62 +304,11 @@
margin-top: 1rem;
}
[data-ref='product_table-product.item-td']{
font-weight: bold;
}
[data-ref='product_table-product.item-th']{
width: 10%;
}
[data-ref='product_table-product.unit_cost-th'],
[data-ref='product_table-product.quantity-th']{
width: 12%;
}
[data-ref='product_table-product.product1-th'],
[data-ref='product_table-product.product2-th'],
[data-ref='product_table-product.product3-th'],
[data-ref='product_table-product.product4-th'],
[data-ref='product_table-product.tax1-th'] {
width: 10%;
}
[data-ref='product_table-product.line_total-th'],
[data-ref='product_table-product.line_total-td'],
[data-ref='task_table-task.line_total-th'],
[data-ref='task_table-task.line_total-td'] {
width: 12%;
text-align: right !important;
padding-right: 1rem !important;
}
[data-ref='product_table-product.description-th'],
[data-ref='task_table-task.description-th'] {
[data-ref='product_table-product.description-th'] {
width:30%;
overflow-wrap: break-word;
min-width: 150px !important;
}
[data-ref='task_table-task.hours-th'],
[data-ref='task_table-task.discount-th'],
[data-ref='task_table-task.cost-th'],
[data-ref='task_table-task.quantity-th'],
[data-ref='task_table-task.task1-th'],
[data-ref='task_table-task.task2-th'],
[data-ref='task_table-task.task3-th'],
[data-ref='task_table-task.task4-th'] {
width: 12%;
}
[data-ref='task_table-task.service-th']{
width: 10%;
}
[data-ref='task_table-task.tax1-th'] {
width: 10%;
}
.left-radius {
padding-left: 1rem;
text-align: right;

18
resources/views/pdf-designs/calm.html
View File

@ -158,17 +158,17 @@
background-color: #f5f5f5;
}
[data-ref="table"]>thead>tr>th:last-child {
text-align: right;
}
[data-ref="table"]>tbody>tr>td {
border-bottom: 1px solid #e6e6e6;
padding: 0.75rem;
}
[data-ref="table"]>tbody>tr>td:last-child {
text-align: right;
th.right-radius {
text-align: right !important;
}
td.right-radius {
text-align: right !important;
}
[data-ref="table"]>tbody>tr:nth-child(even) {
@ -285,10 +285,8 @@
margin-top: 40px;
}
[data-element='product_table-product.description-td'],
td {
min-width: 100%;
max-width: 300px;
[data-ref='product_table-product.description-th'] {
width: 35%;
overflow-wrap: break-word;
}

83
resources/views/pdf-designs/clean.html
View File

@ -8,7 +8,8 @@
}
html {
width: 210mm;
height: 200mm;
}
body {
@ -19,7 +20,9 @@
zoom: 80%;
}
table tr td, table tr, th {
table tr td,
table tr,
th {
font-size: $font_size !important;
}
@ -37,6 +40,10 @@
padding: 0;
}
#qr-bill{
width:100% !important;
}
.header-container {
display: grid;
grid-template-columns: repeat(3, 1fr);
@ -74,17 +81,15 @@
padding-left: 1rem;
margin-bottom: 1rem;
font-weight: bold;
font-size:120%;
color: var(--primary-color);
}
.client-and-entity-wrapper {
padding: 1rem;
display: grid;
grid-template-columns: repeat(3, 1fr);
grid-template-columns: 1fr 1fr 1fr;
border-top: 1px solid #d8d8d8;
border-bottom: 1px solid #d8d8d8;
width:100%;
}
#entity-details {
@ -105,6 +110,7 @@
display: flex;
flex-direction: column;
line-height: var(--line-height);
padding-right: 30px;
}
#client-details> :first-child {
@ -120,7 +126,7 @@
[data-ref="table"] {
margin-top: 1rem;
margin-bottom: 5px;
width: 100%;
min-width: 100%;
table-layout: fixed;
overflow-wrap: break-word;
}
@ -137,7 +143,7 @@
[data-ref="table"]>thead>tr>th {
font-size: 1.1rem;
padding-bottom: 1rem;
padding-bottom: 1.5rem;
padding-left: 1rem;
}
@ -156,6 +162,10 @@
text-align: right;
}
[data-ref='product_table-product.item-td']{
color: var(--primary-color);
}
[data-ref="table"]>tbody>tr:nth-child(odd) {
background-color: #f5f5f5;
}
@ -192,18 +202,12 @@
margin-bottom: calc(.75rem * var(--tw-space-y-reverse));
}
#table-totals
> *
[data-element='product-table-balance-due-label'],
#table-totals
> *
[data-element='product-table-balance-due'] {
#table-totals>* [data-element='product-table-balance-due-label'],
#table-totals>* [data-element='product-table-balance-due'] {
font-weight: bold;
}
#table-totals
> *
[data-element='product-table-balance-due'] {
#table-totals>* [data-element='product-table-balance-due'] {
color: var(--primary-color);
}
@ -245,51 +249,23 @@
.repeating-footer-space {
height: 10px;
}
.repeating-header {
position: fixed;
top: 0;
}
.repeating-footer {
position: fixed;
bottom: 0;
}
[data-ref='task_table-task.description-th'],
[data-ref='task_table-task.description-td'],
[data-ref='product_table-product.description-th'],
[data-ref='product_table-product.description-td'] {
min-width: 150px !important;
[data-ref='product_table-product.description-td'], td {
min-width: 100%;
max-width: 300px;
overflow-wrap: break-word;
}
[data-ref='product_table-product.item-td']{
color: var(--primary-color);
}
[data-ref='product_table-product.item-th'],
[data-ref='product_table-product.unit_cost-th'],
[data-ref='product_table-product.quantity-th'],
[data-ref='product_table-product.line_total-th'] {
width: 12%;
}
[data-ref='product_table-product.tax1-th'] {
width: 10%;
}
[data-ref='task_table-task.hours-th'],
[data-ref='task_table-task.service-th'],
[data-ref='task_table-task.discount-th'],
[data-ref='task_table-task.cost-th'],
[data-ref='task_table-task.quantity-th'],
[data-ref='task_table-task.line_total-th'] {
width: 12%;
}
[data-ref='task_table-task.tax1-th'] {
width: 10%;
}
.stamp {
transform: rotate(12deg);
color: #555;
@ -334,13 +310,7 @@
color: #505050;
}
.pqrcode {
}
#qr-bill{
width:100% !important;
}
.pqrcode {}
/** Useful snippets, uncomment to enable. **/
@ -431,5 +401,4 @@ $entity_images
<div class="repeating-footerx" id="footer">
<p data-ref="total_table-footer">$entity_footer</p>
</div>

48
resources/views/pdf-designs/creative.html
View File

@ -147,8 +147,8 @@
[data-ref='product_table-product.description-th'],
[data-ref='product_table-product.description-td'] {
min-width: 150px !important;
[data-ref='task_table-task.description-th'] {
width: 35% !important;
overflow-wrap: break-word;
}
@ -156,42 +156,6 @@
color: var(--primary-color);
}
[data-ref='product_table-product.item-th'],
[data-ref='product_table-product.unit_cost-th'],
[data-ref='product_table-product.quantity-th'] {
width: 12%;
}
[data-ref='product_table-product.tax1-th'] {
width: 6%;
}
[data-ref='product_table-product.line_total-th'] {
width: 10%;
}
[data-ref='task_table-task.description-th'],
[data-ref='task_table-task.description-td'] {
min-width: 100px !important;
overflow-wrap: break-word;
}
[data-ref='task_table-task.hours-th'],
[data-ref='task_table-task.service-th'],
[data-ref='task_table-task.discount-th'],
[data-ref='task_table-task.cost-th'],
[data-ref='task_table-task.quantity-th'] {
width: 12%;
}
[data-ref='task_table-task.tax1-th'] {
width: 6%;
}
[data-ref='task_table-task.line_total-th'] {
width: 10%;
}
[data-ref="table"] > thead {
text-align: left;
}
@ -201,12 +165,12 @@
padding: 1rem;
}
[data-ref="table"] > thead > tr > th:last-child {
text-align: right;
th.right-radius {
text-align: right !important;
}
[data-ref="table"] > tbody > tr > td:last-child {
text-align: right;
td.right-radius {
text-align: right !important;
}
[data-ref="table"] > tbody > tr > td {