freescout-restricted-customers/README.md
Antoine Le Gonidec ab80794dfe
0.8.1 release
* Fix filtering by Mailbox when getting Customers for a non-admin User.
2024-07-11 16:51:04 +02:00

141 lines
6.3 KiB
Markdown

# Millions Missing France - Freescout Restricted Customers
## Description
In a regular Freescout instance, all users have access to the e-mails of all customers.
That can easily lead to confidentiality breaches when multiple organizations share a same Freescout instance.
This package tries to provide a solution to this problem, by linking each customer to a specific mailbox.
The information related to a customer, especially their e-mail address, is only shown to users with access to the related mailbox.
## Disclaimer
This is still a work in progress.
Using any version prior to the (not yet released) 1.0.0 will lead to irrecuperable data loss.
You have been warned.
## Installation instructions
### Install the module
#### Install from the archive
Download the [release tarball] and extract its content into `Modules/MMFRestrictedCustomers`.
[release tarball]: https://port.numenaute.org/MMF/freescout-restricted-customers/archive/0.8.1.tar.gz
```
wget https://port.numenaute.org/MMF/freescout-restricted-customers/archive/0.8.1.tar.gz -O freescout-restricted-customers-0.8.1.tar.gz
mkdir -p Modules/MMFRestrictedCustomers
tar xf freescout-restricted-customers-0.8.1.tar.gz -C Modules/MMFRestrictedCustomers
```
#### Install from git
```
git clone https://port.numenaute.org/MMF/freescout-restricted-customers.git Modules/MMFRestrictedCustomers
```
### Edit the application routes
This package does not seem to correctly override the routes of the main application.
Overriding them has to be done manually, in the three following files.
#### routes/web.php
This section of the file:
```php
// Customers
Route::get('/customers/{id}/edit', 'CustomersController@update')->name('customers.update');
Route::post('/customers/{id}/edit', 'CustomersController@updateSave');
Route::get('/customers/{id}/', 'CustomersController@conversations')->name('customers.conversations');
Route::get('/customers/ajax-search', ['uses' => 'CustomersController@ajaxSearch', 'laroute' => true])->name('customers.ajax_search');
Route::post('/customers/ajax', ['uses' => 'CustomersController@ajax', 'laroute' => true])->name('customers.ajax');
```
should be replaced with:
```php
// Customers
Route::get('/customers/{id}/edit', '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@update')->name('customers.update');
Route::post('/customers/{id}/edit', 'CustomersController@updateSave');
Route::get('/customers/{id}/', '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@conversations')->name('customers.conversations');
Route::get('/customers/ajax-search', ['uses' => '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@ajaxSearch', 'laroute' => true])->name('customers.ajax_search');
Route::post('/customers/ajax', ['uses' => '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@ajax', 'laroute' => true])->name('customers.ajax');
```
#### Modules/Crm/Http/routes.php
The following list of routes:
```php
Route::group(['middleware' => ['web', 'auth', 'roles'], 'roles' => ['user', 'admin'], 'prefix' => \Helper::getSubdirectory(), 'namespace' => 'Modules\Crm\Http\Controllers'], function()
{
Route::get('/customers/new', 'CrmController@createCustomer')->name('crm.create_customer');
Route::post('/customers/new', 'CrmController@createCustomerSave');
Route::get('/crm/ajax-html/{action}/{param?}', ['uses' => 'CrmController@ajaxHtml'])->name('crm.ajax_html');
Route::get('/customers/fields/ajax-search', ['uses' => 'CrmController@ajaxSearch', 'laroute' => true])->name('crm.ajax_search');
Route::post('/crm/ajax', ['uses' => 'CrmController@ajax', 'laroute' => true])->name('crm.ajax');
});
```
should be replaced with:
```php
Route::group(['middleware' => ['web', 'auth', 'roles'], 'roles' => ['user', 'admin'], 'prefix' => \Helper::getSubdirectory(), 'namespace' => 'Modules\MMFRestrictedCustomers\Http\Controllers'], function()
{
Route::get('/customers/new', 'CrmController@createCustomer')->name('mmfrestrictedcustomers.create_customer');
Route::post('/customers/new', 'CrmController@createCustomerSave');
Route::get('/crm/ajax-html/{action}/{param?}', ['uses' => '\Modules\Crm\Http\Controllers\CrmController@ajaxHtml'])->name('crm.ajax_html');
Route::get('/customers/fields/ajax-search', ['uses' => 'CrmController@ajaxSearch', 'laroute' => true])->name('crm.ajax_search');
Route::post('/crm/ajax', ['uses' => 'CrmController@ajax', 'laroute' => true])->name('crm.ajax');
});
```
#### Modules/Crm/Providers/CrmServiceProvider.php
At line 173, this route call:
```php
$html = __('Customers').' <a href="#" data-trigger="modal" data-modal-title="'.__('Add Customer').'" data-modal-size="lg" data-modal-no-footer="true" data-modal-body=\'<iframe src="'.route('crm.create_customer', ['x_embed' => 1]).'" frameborder="0" class="modal-iframe"></iframe>\' class="btn btn-bordered btn-xs" style="position:relative;top:-1px;margin-left:4px;"><i class="glyphicon glyphicon-plus" title="'.__('Add Customer').'" data-toggle="tooltip"></i></a>';
```
should be replaced with:
```php
$html = __('Customers').' <a href="#" data-trigger="modal" data-modal-title="'.__('Add Customer').'" data-modal-size="lg" data-modal-no-footer="true" data-modal-body=\'<iframe src="'.route('mmfrestrictedcustomers.create_customer', ['x_embed' => 1]).'" frameborder="0" class="modal-iframe"></iframe>\' class="btn btn-bordered btn-xs" style="position:relative;top:-1px;margin-left:4px;"><i class="glyphicon glyphicon-plus" title="'.__('Add Customer').'" data-toggle="tooltip"></i></a>';
```
### Edit the artisan commands
#### app/Console/Kernel.php
At the lines 107-108, this:
```php
$fetch_command_identifier = \Helper::getWorkerIdentifier('freescout:fetch-emails');
$fetch_command_name = 'freescout:fetch-emails'
```
should be replaced with:
```php
$fetch_command_identifier = \Helper::getWorkerIdentifier('mmfrestrictedcustomers:fetch-emails');
$fetch_command_name = 'mmfrestrictedcustomers:fetch-emails'
```
### Update the database schema
```
php artisan migrate
```
### Use the updated views
Beware that this will overwrite any customization you might have done to the following templates:
- `resources/views/conversations/search.blade.php`
```
php artisan vendor:publish --provider='Modules\MMFRestrictedCustomers\Providers\MMFRestrictedCustomersServiceProvider' --tag='views' --force
```