Fixed permission management

Reviewed-on: #9

app/Domains/Event/Views/Partials/SignUpForm/steps/StepSummary.vue

@@ -54,7 +54,7 @@ function eatingHabit() {
             <table class="form-table" style="margin-bottom: 20px;">
                 <tr>
                     <td>Dein Name:</td>
-                    <td>{{props.formData.vorname}} {{props.formData.vorname}}</td>
+                    <td>{{props.formData.vorname}} {{props.formData.nachname}}</td>
                 </tr>
 
                 <tr>

app/Domains/Invoice/Actions/CreateInvoice/CreateInvoiceCommand.php

@@ -4,6 +4,7 @@ namespace App\Domains\Invoice\Actions\CreateInvoice;
 
 use App\Enumerations\InvoiceStatus;
 use App\Mail\InvoiceMails\InvoiceMailsNewInvoiceMail;
+use App\Mail\InvoiceMails\InvoiceMailsSubmittedConfirmationMail;
 use App\Mail\ParticipantParticipationMails\EventSignUpSuccessfullMail;
 use App\Models\Invoice;
 use Illuminate\Support\Facades\Mail;
@@ -50,6 +51,13 @@ class CreateInvoiceCommand {
         if ($invoice !== null) {
             $response->success = true;
             $response->invoice = $invoice;
+
+            if ($invoice->contact_email !== null) {
+                Mail::to($invoice->contact_email)->send(new InvoiceMailsSubmittedConfirmationMail(
+                    invoice: $invoice,
+                    costUnit: $this->request->costUnit,
+                ));
+            }
         }
 
         if ($this->request->costUnit->mail_on_new) {

app/Mail/InvoiceMails/InvoiceMailsSubmittedConfirmationMail.php

@@ -0,0 +1,50 @@
+<?php
+
+namespace App\Mail\InvoiceMails;
+
+use App\Models\CostUnit;
+use App\Models\Invoice;
+use App\ValueObjects\Amount;
+use Illuminate\Mail\Mailable;
+use Illuminate\Mail\Mailables\Attachment;
+use Illuminate\Mail\Mailables\Content;
+use Illuminate\Mail\Mailables\Envelope;
+
+class InvoiceMailsSubmittedConfirmationMail extends Mailable {
+    public function __construct(
+        private Invoice $invoice,
+        private CostUnit $costUnit,
+    )
+    {
+        //
+    }
+
+    public function envelope(): Envelope
+    {
+        return new Envelope(
+            subject: 'Deine Abrechnung wurde erfolgreich eingereicht',
+        );
+    }
+
+    public function content(): Content
+    {
+        return new Content(
+            view: 'emails.invoices.submitted_confirmation',
+            with: [
+                'contactName' => $this->invoice->contact_name,
+                'costUnitName' => $this->costUnit->name,
+                'invoiceAmount' => Amount::fromString($this->invoice->amount)->toString(),
+                'invoiceType' => $this->invoice->invoiceType()->name,
+                'invoiceNumber' => $this->invoice->invoice_number,
+            ],
+        );
+    }
+
+    /**
+     * @return array<int, Attachment>
+     */
+    public function attachments(): array
+    {
+        return [];
+    }
+}

app/Repositories/CostUnitRepository.php

@@ -66,34 +66,20 @@ class CostUnitRepository {
     }
 
     public function getCostUnitsByCriteria(array $criteria, bool $forDisplay = true, $disableAccessCheck = false) : array {
-        $tenant = app('tenant');
-
-        $canSeeAll = false;
         $user = Auth()->user();
 
         if ($disableAccessCheck) {
             $canSeeAll = true;
         } else {
-            if ($tenant->slug !== 'lv') {
+            $canSeeAll = in_array(new AuthCheckProvider()->getUserRole(), [
-                if (
+                UserRole::USER_ROLE_ADMIN, UserRole::USER_ROLE_GROUP_LEADER
-                    new AuthCheckProvider()->isAdministrator() ||
+            ]);
-                    $user->user_role_local_group === UserRole::USER_ROLE_ADMIN
-                ) {
-                    $canSeeAll = true;
-                }
-            } else {
-                if (
-                    in_array($user->user_role_main, [UserRole::USER_ROLE_GROUP_LEADER, UserRole::USER_ROLE_ADMIN])
-                ) {
-                    $canSeeAll = true;
-                }
-            }
         }
 
         $visibleCostUnits = [];
         /** @var CostUnit $costUnit */
         foreach (Costunit::where($criteria)->get() as $costUnit) {
-            if ($canSeeAll || $disableAccessCheck || $costUnit->treasurers()->where('user_id', $user->id)->exists() ) {
+            if ($canSeeAll || $costUnit->treasurers()->where('user_id', $user->id)->exists() ) {
                 if ($forDisplay) {
                     $visibleCostUnits[] = new CostUnitResource($costUnit)->toArray(request());
                 } else {

app/Repositories/EventRepository.php

@@ -77,38 +77,20 @@ class EventRepository {
     }
 
     public function getEventsByCriteria(array $criteria, $accessCheck = true) : array {
-        $tenant = app('tenant');
-
-        $canSeeAll = false;
         $user = Auth()->user();
 
         if (!$accessCheck) {
             $canSeeAll = true;
         } else {
-        if (
+            $canSeeAll = in_array(new AuthCheckProvider()->getUserRole(), [
-            new AuthCheckProvider()->isAdministrator() ||
+                UserRole::USER_ROLE_ADMIN, UserRole::USER_ROLE_GROUP_LEADER
-            $user->user_role_local_group === UserRole::USER_ROLE_ADMIN
+            ]);
-        ) {
-                if (
-                    $user->user_role_main === UserRole::USER_ROLE_ADMIN ||
-                    in_array($user->user_role_local_group, [UserRole::USER_ROLE_GROUP_LEADER, UserRole::USER_ROLE_ADMIN])
-                ) {
-                    $canSeeAll = true;
-                }
-            } else {
-                if (
-                    in_array($user->user_role_main, [UserRole::USER_ROLE_GROUP_LEADER, UserRole::USER_ROLE_ADMIN])
-                ) {
-                    $canSeeAll = true;
-                }
-            }
         }
 
         $visibleEvents = [];
         /** @var Event $event */
         foreach (Event::where($criteria)->orderBy('start_date')->get() as $event) {
-
+            if ($canSeeAll || $event->eventManagers()->where('user_id', $user->id)->exists()) {
-            if ($canSeeAll || !$accessCheck || $event->eventManagers()->where('user_id', $user->id)->exists()) {
                 $visibleEvents[] = $event;
             }
         }

app/Repositories/InvoiceRepository.php

@@ -6,6 +6,7 @@ use App\Enumerations\InvoiceStatus;
 use App\Enumerations\UserRole;
 use App\Models\CostUnit;
 use App\Models\Invoice;
+use App\Providers\AuthCheckProvider;
 use App\Resources\InvoiceResource;
 use App\ValueObjects\Amount;
 use Illuminate\Database\Eloquent\Collection;
@@ -83,19 +84,9 @@ class InvoiceRepository {
             return $invoice;
         }
 
-        $user = auth()->user();
+        return in_array(new AuthCheckProvider()->getUserRole(), [
-        if ($user->user_role_main === UserRole::USER_ROLE_ADMIN) {
+            UserRole::USER_ROLE_ADMIN, UserRole::USER_ROLE_GROUP_LEADER
-            return $invoice;
+        ]) ? $invoice : null;
-        }
 
-        if (app('tenant')->slug === 'lv' && $user->user_role_main === UserRole::USER_ROLE_GROUP_LEADER) {
-            return $invoice;
-        }
-
-        if (app('tenant')->slug !== 'lv' && $user->local_group === app('tenant')->slug && $user->user_role_local_group === UserRole::USER_ROLE_GROUP_LEADER) {
-            return $invoice;
-        }
-
-        return null;
     }
 }

app/Resources/EventResource.php

@@ -331,7 +331,7 @@ class EventResource extends JsonResource{
         $basicFee = $basicFee->multiply($this->getMultiplier());
 
         if ($this->event->pay_per_day) {
-            $days = $arrival->diff($departure)->days;
+            $days = $arrival->diff($departure)->days + 1;
             $basicFee = $basicFee->multiply($days);
         }
 

resources/views/emails/invoices/submitted_confirmation.blade.php

@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html>
+<body>
+<h1>Hallo {{$contactName}},</h1>
+<p>
+    deine Abrechnung wurde erfolgreich eingereicht.<br />
+    In der nachfolgenden Übersicht findest du die Details zu deiner Abrechnung:
+</p>
+
+
+<table cellpadding="0" cellspacing="0" border="0"
+       style="width: 100%; max-width: 640px; border-collapse: collapse; font-family: Arial, sans-serif; font-size: 14px; color: #1f2937;">
+
+    <tr>
+        <td style="padding: 8px 12px; width: 180px; font-weight: 600; color: #4b5563; border-bottom: 1px solid #e5e7eb;">
+            Abrechnungsnummer:
+        </td>
+        <td style="padding: 8px 12px; border-bottom: 1px solid #e5e7eb;">
+            {{$invoiceNumber}}
+        </td>
+    </tr>
+
+    <tr>
+        <td style="padding: 8px 12px; width: 180px; font-weight: 600; color: #4b5563; border-bottom: 1px solid #e5e7eb;">
+            Veranstaltung / Kostenstelle:
+        </td>
+        <td style="padding: 8px 12px; border-bottom: 1px solid #e5e7eb;">
+            {{$costUnitName}}
+        </td>
+    </tr>
+
+    <tr>
+        <td style="padding: 8px 12px; width: 180px; font-weight: 600; color: #4b5563; border-bottom: 1px solid #e5e7eb;">
+            Betrag:
+        </td>
+        <td style="padding: 8px 12px; border-bottom: 1px solid #e5e7eb;">
+            {{$invoiceAmount}}
+        </td>
+    </tr>
+
+    <tr>
+        <td style="padding: 8px 12px; font-weight: 600; color: #4b5563; border-bottom: 1px solid #e5e7eb;">
+            Grund der Abrechnung:
+        </td>
+        <td style="padding: 8px 12px; border-bottom: 1px solid #e5e7eb;">
+            {{$invoiceType}}
+        </td>
+    </tr>
+</table>
+
+
+<p>
+    Deine Abrechnung wird nun bearbeitet. Du wirst per E-Mail benachrichtigt, sobald sich der Status deiner Abrechnung ändert.
+</p>
+</body>
+</html>

version

@@ -1 +1 @@
-4.5.0
+4.5.2