Sultan
/
invoiceninja
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ensures that invalid props cannot be saves to settings

This commit is contained in:
David Bomba 2025-01-13 17:59:38 +11:00
parent 3d2ba32c7d
commit 7304f01de6
3 changed files with 32 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/ClientPortal/InvoiceController.php
View File

@ -106,14 +106,14 @@ class InvoiceController extends Controller
break; break;
} }
usleep(200000); usleep(300000);
} }
$invitation = false; $invitation = false;
match($data['entity_type'] ?? 'invoice') { match($data['entity_type'] ?? 'invoice') {
'invoice' => $invitation = InvoiceInvitation::withTrashed()->find($data['invitation_id']), 'invoice' => $invitation = InvoiceInvitation::withTrashed()->find($data['invitation_id']), //@todo - sometimes this is false!!
'quote' => $invitation = QuoteInvitation::withTrashed()->find($data['invitation_id']), 'quote' => $invitation = QuoteInvitation::withTrashed()->find($data['invitation_id']),
'credit' => $invitation = CreditInvitation::withTrashed()->find($data['invitation_id']), 'credit' => $invitation = CreditInvitation::withTrashed()->find($data['invitation_id']),
'recurring_invoice' => $invitation = RecurringInvoiceInvitation::withTrashed()->find($data['invitation_id']), 'recurring_invoice' => $invitation = RecurringInvoiceInvitation::withTrashed()->find($data['invitation_id']),

4
app/Utils/Traits/ClientGroupSettingsSaver.php
View File

@ -46,12 +46,14 @@ trait ClientGroupSettingsSaver
unset($settings[$field]); unset($settings[$field]);
} }
$company_settings_stub = new CompanySettings();
/* /*
* for clients and group settings, if a field is not set or is set to a blank value, * for clients and group settings, if a field is not set or is set to a blank value,
* we unset it from the settings object * we unset it from the settings object
*/ */
foreach ($settings as $key => $value) { foreach ($settings as $key => $value) {
if (! isset($settings->{$key}) || empty($settings->{$key}) || (! is_object($settings->{$key}) && strlen($settings->{$key}) == 0)) { if (! isset($settings->{$key}) || empty($settings->{$key}) || !property_exists($company_settings_stub, $key) || (! is_object($settings->{$key}) && strlen($settings->{$key}) == 0)) {
unset($settings->{$key}); unset($settings->{$key});
} }
} }

27
tests/Unit/ClientSettingsTest.php
View File

@ -11,6 +11,7 @@
namespace Tests\Unit; namespace Tests\Unit;
use App\DataMapper\ClientSettings;
use Illuminate\Foundation\Testing\DatabaseTransactions; use Illuminate\Foundation\Testing\DatabaseTransactions;
use Illuminate\Validation\ValidationException; use Illuminate\Validation\ValidationException;
use Tests\MockAccountData; use Tests\MockAccountData;
@ -36,6 +37,32 @@ class ClientSettingsTest extends TestCase
} }
public function testBadProps()
{
$client = \App\Models\Client::factory()->create([
'company_id' => $this->company->id,
'user_id' => $this->user->id,
'settings' => ClientSettings::defaults(),
]);
$this->assertNotNull($client);
$settings = $client->settings;
$settings->timezone_id = '15';
$client->saveSettings($settings, $client);
$this->assertNotNull($client);
$settings->something_crazy_here = '5424234234';
$client->saveSettings($settings, $client);
$this->assertFalse(property_exists($client->settings, 'something_crazy_here'));
}
public function testClientValidSettingsWithBadProps() public function testClientValidSettingsWithBadProps()
{ {
$data = [ $data = [