From 66b17bfad6c1daf112ea82ef73d48b0ebacdedfd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Witold=20Wis=CC=81niewski?=
 <witold.michal.wisniewski@gmail.com>
Date: Wed, 7 Aug 2024 13:11:25 +0200
Subject: [PATCH] Fix payment update

---
 app/Http/Middleware/IsAppPayment.php                       | 4 +++-
 src/Domain/Organization/Resources/OrganizationResource.php | 2 +-
 src/Domain/Organization/Services/OrganizationService.php   | 1 -
 tests/Feature/PaymentTest.php                              | 6 +++---
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/app/Http/Middleware/IsAppPayment.php b/app/Http/Middleware/IsAppPayment.php
index 2a24e7c33..dca0b48d9 100644
--- a/app/Http/Middleware/IsAppPayment.php
+++ b/app/Http/Middleware/IsAppPayment.php
@@ -4,6 +4,7 @@
 
 use App\Enums\ExceptionsEnums\Exceptions;
 use App\Exceptions\ClientException;
+use App\Models\App;
 use App\Models\Payment;
 use Closure;
 use Illuminate\Http\Request;
@@ -16,7 +17,8 @@ public function handle(Request $request, Closure $next): mixed
         /** @var Payment $payment */
         $payment = $request->route('payment');
 
-        if ($payment->paymentMethod?->app_id !== Auth::id()) {
+        // @phpstan-ignore-next-line
+        if (Auth::user() instanceof App && $payment->paymentMethod?->app_id !== Auth::id()) {
             throw new ClientException(Exceptions::CLIENT_NO_ACCESS);
         }
 
diff --git a/src/Domain/Organization/Resources/OrganizationResource.php b/src/Domain/Organization/Resources/OrganizationResource.php
index 91d50965c..868ddfbf7 100644
--- a/src/Domain/Organization/Resources/OrganizationResource.php
+++ b/src/Domain/Organization/Resources/OrganizationResource.php
@@ -21,7 +21,7 @@ public function base(Request $request): array
             'client_id' => $this->resource->client_id,
             'billing_email' => $this->resource->billing_email,
             'billing_address' => AddressResource::make($this->resource->address),
-            'sales_channel' => SalesChannelResource::make($this->resource->salesChannel),
+            'sales_channel' => SalesChannelResource::make($this->resource->salesChannel)->baseOnly(),
         ];
     }
 
diff --git a/src/Domain/Organization/Services/OrganizationService.php b/src/Domain/Organization/Services/OrganizationService.php
index 75ed033e5..704a95cab 100644
--- a/src/Domain/Organization/Services/OrganizationService.php
+++ b/src/Domain/Organization/Services/OrganizationService.php
@@ -129,7 +129,6 @@ public function myOrganization(): Organization
      */
     public function myOrganizationEdit(OrganizationPublicUpdateDto $dto): Organization
     {
-        // TODO dodać consents
         return $this->organizationRepository->myUpdate($this->myOrganization(), $dto);
     }
 
diff --git a/tests/Feature/PaymentTest.php b/tests/Feature/PaymentTest.php
index 2a8e37623..310d6b0cb 100644
--- a/tests/Feature/PaymentTest.php
+++ b/tests/Feature/PaymentTest.php
@@ -622,9 +622,9 @@ public function testUpdate(): void
         ]);
     }
 
-    public function testUpdateSuccessful(): void
+    public function testUpdateAsUser(): void
     {
-        $this->appUser->givePermissionTo('payments.edit');
+        $this->user->givePermissionTo('payments.edit');
         $paymentMethod = PaymentMethod::factory()->create([
             'name' => 'test',
             'app_id' => $this->appUser->getKey(),
@@ -638,7 +638,7 @@ public function testUpdateSuccessful(): void
             'amount' => 100,
         ]);
 
-        $this->actingAs($this->appUser)->json('PATCH', '/payments/id:' . $payment->getKey(), [
+        $this->actingAs($this->user)->json('PATCH', '/payments/id:' . $payment->getKey(), [
             'status' => PaymentStatus::SUCCESSFUL,
         ])
             ->assertOk()