Sultan
/
invoiceninja
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rollbackup for tokensource

This commit is contained in:
David Bomba 2025-05-27 04:18:55 +10:00
parent 0dc56298d3
commit 36d523a3fb
2 changed files with 64 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/Models/CompanyToken.php
View File

@ -94,4 +94,22 @@ class CompanyToken extends BaseModel
{ {
return $this->hasOne(CompanyUser::class, ['user_id', 'company_id'], ['user_id', 'company_id']); return $this->hasOne(CompanyUser::class, ['user_id', 'company_id'], ['user_id', 'company_id']);
} }
// public function company_user(): \Illuminate\Database\Eloquent\Relations\HasOne
// {
// return $this->hasOne(CompanyUser::class, 'user_id', 'user_id')
// ->where('company_id', $this->company_id)
// ->where('user_id', $this->user_id);
// }
// /**
// * @return \Awobaz\Compoships\Database\Eloquent\Relations\HasOne
// */
// public function cu()
// {
// return $this->hasOne(CompanyUser::class, 'user_id', 'user_id')
// ->where('company_id', $this->company_id)
// ->where('user_id', $this->user_id);
// }
} }

154
app/Models/User.php
View File

@ -228,27 +228,18 @@ class User extends Authenticatable implements MustVerifyEmail
public function token() public function token()
{ {
// Try to get from TruthSource if container is ready $truth = app()->make(TruthSource::class);
try {
$truth = app()->make(TruthSource::class); if ($truth->getCompanyToken()) {
if ($truth->getCompanyToken()) { return $truth->getCompanyToken();
return $truth->getCompanyToken();
}
} catch (\Exception $e) {
// TruthSource not available yet, continue with fallback
} }
// Fallback to API token lookup // if (request()->header('X-API-TOKEN')) {
if (request()->header('X-API-TOKEN')) { if (request()->header('X-API-TOKEN')) {
$token = CompanyToken::with(['cu'])->where('token', request()->header('X-API-TOKEN'))->first(); return CompanyToken::with(['cu'])->where('token', request()->header('X-API-TOKEN'))->first();
if ($token) {
return $token;
}
} }
// Final fallback to user's first token return $this->tokens()->first();
$token = $this->tokens()->with(['cu'])->first();
return $token;
} }
/** /**
@ -279,27 +270,16 @@ class User extends Authenticatable implements MustVerifyEmail
*/ */
public function getCompany(): ?Company public function getCompany(): ?Company
{ {
$truth = app()->make(TruthSource::class);
// @phpstan-ignore-next-line // @phpstan-ignore-next-line
if ($this->company) { if ($this->company) {
return $this->company; return $this->company;
} } elseif ($truth->getCompany()) {
return $truth->getCompany();
// Try to get from TruthSource if container is ready } elseif (request()->header('X-API-TOKEN')) {
try {
$truth = app()->make(TruthSource::class);
if ($truth->getCompany()) {
return $truth->getCompany();
}
} catch (\Exception $e) {
// TruthSource not available yet, continue with fallback
}
// Fallback to API token lookup
if (request()->header('X-API-TOKEN')) {
$company_token = CompanyToken::with('company')->where('token', request()->header('X-API-TOKEN'))->first(); $company_token = CompanyToken::with('company')->where('token', request()->header('X-API-TOKEN'))->first();
if ($company_token) { return $company_token->company;
return $company_token->company;
}
} }
throw new \Exception('No Company Found'); throw new \Exception('No Company Found');
@ -325,39 +305,31 @@ class User extends Authenticatable implements MustVerifyEmail
return $this->hasMany(CompanyUser::class)->withTrashed(); return $this->hasMany(CompanyUser::class)->withTrashed();
} }
// public function co_user() public function co_user()
// { {
// $truth = app()->make(TruthSource::class); $truth = app()->make(TruthSource::class);
// if ($truth->getCompanyUser()) { if ($truth->getCompanyUser()) {
// return $truth->getCompanyUser(); return $truth->getCompanyUser();
// } }
// return $this->token()->cu; return $this->token()->cu;
// } }
public function company_user() public function company_user()
{ {
try { if ($this->companyId()) {
if ($this->companyId()) { return $this->belongsTo(CompanyUser::class)->where('company_id', $this->companyId())->withTrashed();
return $this->belongsTo(CompanyUser::class)->where('company_id', $this->companyId())->withTrashed();
}
} catch (\Exception $e) {
// companyId() failed, continue with fallback
} }
// Try to get from TruthSource if container is ready $truth = app()->make(TruthSource::class);
try {
$truth = app()->make(TruthSource::class); if ($truth->getCompanyUser()) {
if ($truth->getCompanyUser()) { return $truth->getCompanyUser();
return $truth->getCompanyUser();
}
} catch (\Exception $e) {
// TruthSource not available yet, continue with fallback
} }
$token = $this->token(); return $this->token()->cu;
return $token ? $token->cu : null;
} }
/** /**
@ -382,12 +354,8 @@ class User extends Authenticatable implements MustVerifyEmail
*/ */
public function permissions() public function permissions()
{ {
$token = $this->token(); return $this->token()->cu->permissions;
if (!$token || !$token->cu) {
return '';
}
return $token->cu->permissions;
} }
/** /**
@ -397,12 +365,8 @@ class User extends Authenticatable implements MustVerifyEmail
*/ */
public function settings() public function settings()
{ {
$token = $this->token(); return json_decode($this->token()->cu->settings);
if (!$token || !$token->cu) {
return new \stdClass();
}
return json_decode($token->cu->settings);
} }
/** /**
@ -412,22 +376,13 @@ class User extends Authenticatable implements MustVerifyEmail
*/ */
public function isAdmin(): bool public function isAdmin(): bool
{ {
$token = $this->token(); return $this->token()->cu->is_admin;
if (!$token || !$token->cu) {
return false;
}
return $token->cu->is_admin;
} }
public function isOwner(): bool public function isOwner(): bool
{ {
$token = $this->token(); return $this->token()->cu->is_owner;
if (!$token || !$token->cu) {
return false;
}
return $token->cu->is_owner;
} }
public function hasOwnerFlag(): bool public function hasOwnerFlag(): bool
@ -441,12 +396,7 @@ class User extends Authenticatable implements MustVerifyEmail
*/ */
public function isSuperUser(): bool public function isSuperUser(): bool
{ {
$token = $this->token(); return $this->token()->cu->is_owner || $this->token()->cu->is_admin;
if (!$token || !$token->cu) {
return false;
}
return $token->cu->is_owner || $token->cu->is_admin;
} }
/** /**
@ -516,16 +466,11 @@ class User extends Authenticatable implements MustVerifyEmail
} }
} }
$token = $this->token();
if (!$token || !$token->cu) {
return false;
}
return $this->isSuperUser() || return $this->isSuperUser() ||
(stripos($token->cu->permissions, $permission) !== false) || (stripos($this->token()->cu->permissions, $permission) !== false) ||
(stripos($token->cu->permissions, $all_permission) !== false) || (stripos($this->token()->cu->permissions, $all_permission) !== false) ||
(stripos($token->cu->permissions, $edit_all) !== false) || (stripos($this->token()->cu->permissions, $edit_all) !== false) ||
(stripos($token->cu->permissions, $edit_entity) !== false); (stripos($this->token()->cu->permissions, $edit_entity) !== false);
} }
/** /**
@ -547,13 +492,8 @@ class User extends Authenticatable implements MustVerifyEmail
$all_permission = $parts[0].'_all'; $all_permission = $parts[0].'_all';
} }
$token = $this->token(); return (stripos($this->token()->cu->permissions, $all_permission) !== false) ||
if (!$token || !$token->cu) { (stripos($this->token()->cu->permissions, $permission) !== false);
return false;
}
return (stripos($token->cu->permissions, $all_permission) !== false) ||
(stripos($token->cu->permissions, $permission) !== false);
} }
/** /**
@ -589,12 +529,7 @@ class User extends Authenticatable implements MustVerifyEmail
*/ */
public function hasExactPermission(string $permission = '___'): bool public function hasExactPermission(string $permission = '___'): bool
{ {
$token = $this->token(); return (stripos($this->token()->cu->permissions ?? '', $permission) !== false);
if (!$token || !$token->cu) {
return false;
}
return (stripos($token->cu->permissions ?? '', $permission) !== false);
} }
@ -682,12 +617,9 @@ class User extends Authenticatable implements MustVerifyEmail
public function routeNotificationForSlack($notification) public function routeNotificationForSlack($notification)
{ {
$token = $this->token(); if ($this->token()->cu->slack_webhook_url) {
if ($token && $token->cu && $token->cu->slack_webhook_url) { return $this->token()->cu->slack_webhook_url;
return $token->cu->slack_webhook_url;
} }
return null;
} }
public function routeNotificationForMail($notification) public function routeNotificationForMail($notification)