mirror of
https://github.com/InvoiceShelf/InvoiceShelf.git
synced 2026-07-17 22:35:19 +00:00
Customer PDF controllers resolved the target document by raw mailable_id, ignoring mailable_type, and skipped the expiry check on the JSON endpoints. - Resolve via the $emailLog->mailable morph relation and assert the expected type (abort 404) so a token issued for one document type can't disclose another whose numeric id collides. - Enforce isExpired() (abort 403) on every public path, including the JSON getInvoice/getEstimate/getPayment endpoints. - Harden EmailLog::isExpired() to treat a null/unresolvable mailable as expired instead of throwing. Adds tests for cross-type 404, JSON-path expiry 403, and the valid path.
43 lines
1.1 KiB
PHP
43 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace App\Models;
|
|
|
|
use Carbon\Carbon;
|
|
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
|
use Illuminate\Database\Eloquent\Model;
|
|
use Illuminate\Database\Eloquent\Relations\MorphTo;
|
|
|
|
class EmailLog extends Model
|
|
{
|
|
use HasFactory;
|
|
|
|
protected $guarded = ['id'];
|
|
|
|
public function mailable(): MorphTo
|
|
{
|
|
return $this->morphTo();
|
|
}
|
|
|
|
public function isExpired()
|
|
{
|
|
$mailable = $this->mailable;
|
|
|
|
// A token whose target document no longer resolves is treated as
|
|
// expired/invalid rather than throwing.
|
|
if (! $mailable) {
|
|
return true;
|
|
}
|
|
|
|
$linkExpiryDays = (int) CompanySetting::getSetting('link_expiry_days', $mailable->company_id);
|
|
$checkExpiryLinks = CompanySetting::getSetting('automatically_expire_public_links', $mailable->company_id);
|
|
|
|
$expiryDate = $this->created_at->addDays($linkExpiryDays);
|
|
|
|
if ($checkExpiryLinks == 'YES' && Carbon::now()->format('Y-m-d') > $expiryDate->format('Y-m-d')) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
}
|