Sultan
/
invoiceninja
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Only allow owner users the abilty to create new companies

This commit is contained in:
David Bomba 2025-04-23 11:50:44 +10:00
parent c8eb2bc8c3
commit d02fbd5507
3 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app/Http/Requests/Company/StoreCompanyRequest.php
View File

@ -11,15 +11,16 @@
namespace App\Http\Requests\Company; namespace App\Http\Requests\Company;
use App\Http\Requests\Request;
use App\Http\ValidationRules\Company\ValidCompanyQuantity;
use App\Http\ValidationRules\Company\ValidExpenseMailbox;
use App\Http\ValidationRules\Company\ValidSubdomain;
use App\Http\ValidationRules\ValidSettingsRule;
use App\Models\Company;
use App\Utils\Ninja; use App\Utils\Ninja;
use App\Models\Company;
use App\Libraries\MultiDB; use App\Libraries\MultiDB;
use App\Http\Requests\Request;
use App\Utils\Traits\MakesHash; use App\Utils\Traits\MakesHash;
use App\Http\ValidationRules\ValidSettingsRule;
use Illuminate\Auth\Access\AuthorizationException;
use App\Http\ValidationRules\Company\ValidSubdomain;
use App\Http\ValidationRules\Company\ValidExpenseMailbox;
use App\Http\ValidationRules\Company\ValidCompanyQuantity;
class StoreCompanyRequest extends Request class StoreCompanyRequest extends Request
{ {
@ -34,7 +35,8 @@ class StoreCompanyRequest extends Request
{ {
/** @var \App\Models\User auth()->user */ /** @var \App\Models\User auth()->user */
$user = auth()->user(); $user = auth()->user();
return $user->can('create', Company::class); // return $user->can('create', Company::class);
return $user->isOwner();
} }
public function rules() public function rules()
@ -113,4 +115,11 @@ class StoreCompanyRequest extends Request
$this->replace($input); $this->replace($input);
} }
protected function failedAuthorization(): void
{
throw new AuthorizationException(
message: ctrans('texts.create_company_error_unauthorized'),
);
}
} }

1
app/Http/ValidationRules/Company/ValidCompanyQuantity.php
View File

@ -22,6 +22,7 @@ class ValidCompanyQuantity implements ValidationRule
{ {
public function validate(string $attribute, mixed $value, Closure $fail): void public function validate(string $attribute, mixed $value, Closure $fail): void
{ {
$message = ctrans('texts.company_limit_reached', ['limit' => Ninja::isSelfHost() ? 10 : auth()->user()->company()->account->hosted_company_count]); $message = ctrans('texts.company_limit_reached', ['limit' => Ninja::isSelfHost() ? 10 : auth()->user()->company()->account->hosted_company_count]);
$test = Ninja::isSelfHost() ? $test = Ninja::isSelfHost() ?

1
lang/en/texts.php
View File

@ -5572,6 +5572,7 @@ $lang = array(
'project_value' => 'Project Value', 'project_value' => 'Project Value',
'invalid_csv_data' => 'Invalid CSV data, your import was cancelled.', 'invalid_csv_data' => 'Invalid CSV data, your import was cancelled.',
'selected_products' => 'Selected Products', 'selected_products' => 'Selected Products',
'create_company_error_unauthorized' => 'You are not authorized to create a company. Only the account owner can create a company.',
); );
return $lang; return $lang;