public function userdocuments(DocumentController $doc)
{
if (Auth::check()) {
return view('userdocument')->with('user', Auth::user())->with('data', $doc->ReturnView());
} else {
return view('welcome')->with('warning', 'Please sign-in to use Magicrent.');
}
}
/**
* @param DocumentRequest $request
*
* @return \Illuminate\Http\Response|\Redirect|\Symfony\Component\HttpFoundation\StreamedResponse
*/
public function show(DocumentRequest $request)
{
$document = $request->entity();
if (array_key_exists($document->type, Document::$types)) {
return DocumentController::getDownloadResponse($document);
} else {
return $this->errorResponse(['error' => 'Invalid mime type'], 400);
}
}
public function getDocument($invitationKey, $publicId)
{
if (!($invitation = $this->invoiceRepo->findInvoiceByInvitation($invitationKey))) {
return $this->returnError();
}
Session::put('contact_key', $invitation->contact->contact_key);
// track current contact
$clientId = $invitation->invoice->client_id;
$document = Document::scope($publicId, $invitation->account_id)->firstOrFail();
$authorized = false;
if ($document->expense && $document->expense->client_id == $invitation->invoice->client_id) {
$authorized = true;
} else {
if ($document->invoice && $document->invoice->client_id == $invitation->invoice->client_id) {
$authorized = true;
}
}
if (!$authorized) {
return Response::view('error', ['error' => 'Not authorized'], 403);
}
return DocumentController::getDownloadResponse($document);
}
