Antoine Le Gonidec
ab80794dfe
* Fix filtering by Mailbox when getting Customers for a non-admin User.
141 lines
6.3 KiB
Markdown
141 lines
6.3 KiB
Markdown
# Millions Missing France - Freescout Restricted Customers
|
|
|
|
## Description
|
|
|
|
In a regular Freescout instance, all users have access to the e-mails of all customers.
|
|
That can easily lead to confidentiality breaches when multiple organizations share a same Freescout instance.
|
|
|
|
This package tries to provide a solution to this problem, by linking each customer to a specific mailbox.
|
|
The information related to a customer, especially their e-mail address, is only shown to users with access to the related mailbox.
|
|
|
|
## Disclaimer
|
|
|
|
This is still a work in progress.
|
|
Using any version prior to the (not yet released) 1.0.0 will lead to irrecuperable data loss.
|
|
You have been warned.
|
|
|
|
## Installation instructions
|
|
|
|
### Install the module
|
|
|
|
#### Install from the archive
|
|
|
|
Download the [release tarball] and extract its content into `Modules/MMFRestrictedCustomers`.
|
|
|
|
[release tarball]: https://port.numenaute.org/MMF/freescout-restricted-customers/archive/0.8.1.tar.gz
|
|
|
|
```
|
|
wget https://port.numenaute.org/MMF/freescout-restricted-customers/archive/0.8.1.tar.gz -O freescout-restricted-customers-0.8.1.tar.gz
|
|
mkdir -p Modules/MMFRestrictedCustomers
|
|
tar xf freescout-restricted-customers-0.8.1.tar.gz -C Modules/MMFRestrictedCustomers
|
|
```
|
|
|
|
#### Install from git
|
|
|
|
```
|
|
git clone https://port.numenaute.org/MMF/freescout-restricted-customers.git Modules/MMFRestrictedCustomers
|
|
```
|
|
|
|
### Edit the application routes
|
|
|
|
This package does not seem to correctly override the routes of the main application.
|
|
Overriding them has to be done manually, in the three following files.
|
|
|
|
#### routes/web.php
|
|
|
|
This section of the file:
|
|
|
|
```php
|
|
// Customers
|
|
Route::get('/customers/{id}/edit', 'CustomersController@update')->name('customers.update');
|
|
Route::post('/customers/{id}/edit', 'CustomersController@updateSave');
|
|
Route::get('/customers/{id}/', 'CustomersController@conversations')->name('customers.conversations');
|
|
Route::get('/customers/ajax-search', ['uses' => 'CustomersController@ajaxSearch', 'laroute' => true])->name('customers.ajax_search');
|
|
Route::post('/customers/ajax', ['uses' => 'CustomersController@ajax', 'laroute' => true])->name('customers.ajax');
|
|
```
|
|
|
|
should be replaced with:
|
|
|
|
```php
|
|
// Customers
|
|
Route::get('/customers/{id}/edit', '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@update')->name('customers.update');
|
|
Route::post('/customers/{id}/edit', 'CustomersController@updateSave');
|
|
Route::get('/customers/{id}/', '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@conversations')->name('customers.conversations');
|
|
Route::get('/customers/ajax-search', ['uses' => '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@ajaxSearch', 'laroute' => true])->name('customers.ajax_search');
|
|
Route::post('/customers/ajax', ['uses' => '\Modules\MMFRestrictedCustomers\Http\Controllers\CustomersController@ajax', 'laroute' => true])->name('customers.ajax');
|
|
```
|
|
|
|
#### Modules/Crm/Http/routes.php
|
|
|
|
The following list of routes:
|
|
|
|
```php
|
|
Route::group(['middleware' => ['web', 'auth', 'roles'], 'roles' => ['user', 'admin'], 'prefix' => \Helper::getSubdirectory(), 'namespace' => 'Modules\Crm\Http\Controllers'], function()
|
|
{
|
|
Route::get('/customers/new', 'CrmController@createCustomer')->name('crm.create_customer');
|
|
Route::post('/customers/new', 'CrmController@createCustomerSave');
|
|
Route::get('/crm/ajax-html/{action}/{param?}', ['uses' => 'CrmController@ajaxHtml'])->name('crm.ajax_html');
|
|
Route::get('/customers/fields/ajax-search', ['uses' => 'CrmController@ajaxSearch', 'laroute' => true])->name('crm.ajax_search');
|
|
Route::post('/crm/ajax', ['uses' => 'CrmController@ajax', 'laroute' => true])->name('crm.ajax');
|
|
});
|
|
```
|
|
|
|
should be replaced with:
|
|
|
|
```php
|
|
Route::group(['middleware' => ['web', 'auth', 'roles'], 'roles' => ['user', 'admin'], 'prefix' => \Helper::getSubdirectory(), 'namespace' => 'Modules\MMFRestrictedCustomers\Http\Controllers'], function()
|
|
{
|
|
Route::get('/customers/new', 'CrmController@createCustomer')->name('mmfrestrictedcustomers.create_customer');
|
|
Route::post('/customers/new', 'CrmController@createCustomerSave');
|
|
Route::get('/crm/ajax-html/{action}/{param?}', ['uses' => '\Modules\Crm\Http\Controllers\CrmController@ajaxHtml'])->name('crm.ajax_html');
|
|
Route::get('/customers/fields/ajax-search', ['uses' => 'CrmController@ajaxSearch', 'laroute' => true])->name('crm.ajax_search');
|
|
Route::post('/crm/ajax', ['uses' => 'CrmController@ajax', 'laroute' => true])->name('crm.ajax');
|
|
});
|
|
```
|
|
|
|
#### Modules/Crm/Providers/CrmServiceProvider.php
|
|
|
|
At line 173, this route call:
|
|
|
|
```php
|
|
$html = __('Customers').' <a href="#" data-trigger="modal" data-modal-title="'.__('Add Customer').'" data-modal-size="lg" data-modal-no-footer="true" data-modal-body=\'<iframe src="'.route('crm.create_customer', ['x_embed' => 1]).'" frameborder="0" class="modal-iframe"></iframe>\' class="btn btn-bordered btn-xs" style="position:relative;top:-1px;margin-left:4px;"><i class="glyphicon glyphicon-plus" title="'.__('Add Customer').'" data-toggle="tooltip"></i></a>';
|
|
```
|
|
|
|
should be replaced with:
|
|
|
|
```php
|
|
$html = __('Customers').' <a href="#" data-trigger="modal" data-modal-title="'.__('Add Customer').'" data-modal-size="lg" data-modal-no-footer="true" data-modal-body=\'<iframe src="'.route('mmfrestrictedcustomers.create_customer', ['x_embed' => 1]).'" frameborder="0" class="modal-iframe"></iframe>\' class="btn btn-bordered btn-xs" style="position:relative;top:-1px;margin-left:4px;"><i class="glyphicon glyphicon-plus" title="'.__('Add Customer').'" data-toggle="tooltip"></i></a>';
|
|
```
|
|
|
|
### Edit the artisan commands
|
|
|
|
#### app/Console/Kernel.php
|
|
|
|
At the lines 107-108, this:
|
|
|
|
```php
|
|
$fetch_command_identifier = \Helper::getWorkerIdentifier('freescout:fetch-emails');
|
|
$fetch_command_name = 'freescout:fetch-emails'
|
|
```
|
|
|
|
should be replaced with:
|
|
|
|
```php
|
|
$fetch_command_identifier = \Helper::getWorkerIdentifier('mmfrestrictedcustomers:fetch-emails');
|
|
$fetch_command_name = 'mmfrestrictedcustomers:fetch-emails'
|
|
```
|
|
|
|
### Update the database schema
|
|
|
|
```
|
|
php artisan migrate
|
|
```
|
|
|
|
### Use the updated views
|
|
|
|
Beware that this will overwrite any customization you might have done to the following templates:
|
|
- `resources/views/conversations/search.blade.php`
|
|
|
|
```
|
|
php artisan vendor:publish --provider='Modules\MMFRestrictedCustomers\Providers\MMFRestrictedCustomersServiceProvider' --tag='views' --force
|
|
```
|