Scope users listing and search to current company (#607)

Add scopeWhereCompany() to User model using whereHas through the
user_company pivot table. Apply it in UsersController::index() and
SearchController so users only see members of their current company.

Previously, the users page showed ALL users across all companies.

Ref #574

app/Http/Controllers/V1/Admin/General/SearchController.php

@@ -25,7 +25,8 @@ class SearchController extends Controller
             ->paginate(10);
 
         if ($user->isOwner()) {
-            $users = User::applyFilters($request->only(['search']))
+            $users = User::whereCompany()
+                ->applyFilters($request->only(['search']))
                 ->latest()
                 ->paginate(10);
         }

app/Http/Controllers/V1/Admin/Users/UsersController.php

@@ -25,14 +25,15 @@ class UsersController extends Controller
 
         $user = $request->user();
 
-        $users = User::applyFilters($request->all())
+        $users = User::whereCompany()
+            ->applyFilters($request->all())
             ->where('id', '<>', $user->id)
             ->latest()
             ->paginate($limit);
 
         return UserResource::collection($users)
             ->additional(['meta' => [
-                'user_total_count' => User::count(),
+                'user_total_count' => User::whereCompany()->count(),
             ]]);
     }
 

app/Models/User.php

@@ -213,6 +213,13 @@ class User extends Authenticatable implements HasMedia
         return $query->where('email', 'LIKE', '%'.$email.'%');
     }
 
+    public function scopeWhereCompany($query)
+    {
+        return $query->whereHas('companies', function ($q) {
+            $q->where('company_id', request()->header('company'));
+        });
+    }
+
     public function scopePaginateData($query, $limit)
     {
         if ($limit == 'all') {