diff --git a/app/Jobs/Document/UpdateDocument.php b/app/Jobs/Document/UpdateDocument.php index 6fc370116..f2eb0db7d 100644 --- a/app/Jobs/Document/UpdateDocument.php +++ b/app/Jobs/Document/UpdateDocument.php @@ -18,6 +18,8 @@ class UpdateDocument extends Job implements ShouldUpdate public function handle(): Document { + $this->authorize(); + if (empty($this->request['amount'])) { $this->request['amount'] = 0; } @@ -83,4 +85,23 @@ class UpdateDocument extends Job implements ShouldUpdate return $this->model; } + + /** + * Determine if this action is applicable. + */ + public function authorize(): void + { + $lockedStatuses = ['sent', 'received', 'viewed', 'partial', 'paid', 'overdue', 'unpaid', 'cancelled']; + + if ( + isset($this->request['contact_id']) && + (int) $this->request['contact_id'] !== (int) $this->model->contact_id && + in_array($this->model->status, $lockedStatuses) + ) { + $type = Str::plural($this->model->type); + $message = trans('messages.warning.contact_change', ['type' => trans_choice("general.$type", 1)]); + + throw new \Exception($message); + } + } } diff --git a/resources/lang/en-GB/messages.php b/resources/lang/en-GB/messages.php index 31334d4a9..66def4732 100644 --- a/resources/lang/en-GB/messages.php +++ b/resources/lang/en-GB/messages.php @@ -47,6 +47,7 @@ return [ 'payment_cancel' => 'Warning: You have cancelled your recent :method payment!', 'missing_transfer' => 'Warning: The transfer related to this transaction is missing. You should consider deleting this transaction.', 'connect_tax' => 'Warning: This :type has a tax amount. Taxes added to the :type can not be connected, so the tax will be added to the total and calculated accordingly.', + 'contact_change' => 'Warning: You are not allowed to change the contact on a :type that has already been sent, received, or paid!', ], ];