fix build errors 501

Recurring index  delete refresh page

See merge request mohit.panjvani/crater-web!1303

.editorconfig

@@ -20,3 +20,6 @@ indent_size = 2
 
 [*.js]
 indent_size = 2
+
+[*.json]
+indent_size = 2

.env.example

@@ -34,3 +34,5 @@ PUSHER_SECRET=
 
 SANCTUM_STATEFUL_DOMAINS=crater.test
 SESSION_DOMAIN=crater.test
+
+TRUSTED_PROXIES="*"

.env.testing

@@ -9,5 +9,5 @@ MAIL_PORT=587
 MAIL_USERNAME=ff538f0e1037f4
 MAIL_PASSWORD=c04c81145fcb73
 MAIL_ENCRYPTION=tls
-MAIL_FROM_ADDRESS="admin@crater.com"
+MAIL_FROM_ADDRESS="admin@craterapp.com"
 MAIL_FROM_NAME="John Doe"

.eslintrc

@@ -1,21 +0,0 @@
-{
-  "root": true,
-  "extends": [
-    "plugin:vue/recommended",
-    "eslint:recommended",
-    "prettier/vue",
-    "plugin:prettier/recommended"
-  ],
-  "rules": {
-    "vue/max-attributes-per-line": [
-      "error",
-      {
-        "singleline": 20,
-        "multiline": {
-          "max": 1,
-          "allowFirstLine": false
-        }
-      }
-    ]
-  }
-}

.eslintrc.js

@@ -0,0 +1,14 @@
+// .eslintrc.js
+
+module.exports = {
+  extends: [
+    // add more generic rulesets here, such as:
+    // 'eslint:recommended',
+    "plugin:vue/vue3-recommended",
+    "prettier",
+  ],
+  rules: {
+    // override/add rules settings here, such as:
+    // 'vue/no-unused-vars': 'error'
+  },
+};

.github/workflows/ci.yaml

@@ -0,0 +1,37 @@
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+  build-test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        php: ['7.4', '8.0']
+
+    name: PHP ${{ matrix.php }}
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Install dependencies
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php }}
+        extensions: exif
+
+    - name: Install PHP 7 dependencies
+      run: composer update --no-interaction --no-progress
+      if: "matrix.php < 8"
+
+    - name: Install PHP 8 dependencies
+      run: composer update --ignore-platform-req=php --no-interaction --no-progress
+      if: "matrix.php >= 8"
+
+    - name: Check coding style
+      run: ./vendor/bin/php-cs-fixer fix -v --dry-run --using-cache=no --config=.php-cs-fixer.dist.php
+
+    - name: Unit Tests
+      run: php ./vendor/bin/pest

.php-cs-fixer.dist.php

@@ -0,0 +1,42 @@
+<?php
+
+$finder = PhpCsFixer\Finder::create()
+    ->in(__DIR__)
+    ->exclude(['bootstrap', 'storage', 'vendor'])
+    ->name('*.php')
+    ->name('_ide_helper')
+    ->notName('*.blade.php')
+    ->ignoreDotFiles(true)
+    ->ignoreVCS(true);
+
+$rules = [
+    '@PSR12' => true,
+    'array_syntax' => ['syntax' => 'short'],
+    'ordered_imports' => ['sort_algorithm' => 'alpha'],
+    'concat_space' => true,
+    'no_unused_imports' => true,
+    'not_operator_with_successor_space' => true,
+    'phpdoc_scalar' => true,
+    'unary_operator_spaces' => true,
+    'binary_operator_spaces' => true,
+    'blank_line_before_statement' => [
+        'statements' => ['break', 'continue', 'declare', 'return', 'throw', 'try'],
+    ],
+    'phpdoc_single_line_var_spacing' => true,
+    'phpdoc_var_without_name' => true,
+    'class_attributes_separation' => [
+        'elements' => [
+            'method' => 'one',
+            'property' => 'one',
+        ],
+    ],
+    'method_argument_space' => [
+        'on_multiline' => 'ensure_fully_multiline',
+        'keep_multiple_spaces_after_comma' => true,
+    ],
+];
+
+return (new PhpCsFixer\Config())
+    ->setUsingCache(true)
+    ->setRules($rules)
+    ->setFinder($finder);

Dockerfile

@@ -1,39 +1,44 @@
-FROM php:7.4-fpm
+FROM php:7.4-fpm-alpine
 
-# Arguments defined in docker-compose.yml
-ARG user
-ARG uid
-
-# Install system dependencies
-RUN apt-get update && apt-get install -y \
-    git \
-    curl \
-    libpng-dev \
-    libonig-dev \
-    libxml2-dev \
-    zip \
-    unzip \ 
-    libzip-dev \ 
-    libmagickwand-dev
-
-# Clear cache
-RUN apt-get clean && rm -rf /var/lib/apt/lists/*
-
-RUN pecl install imagick \ 
-    && docker-php-ext-enable imagick
-
-# Install PHP extensions
-RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl bcmath gd 
-
-# Get latest Composer
-COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
-
-# Create system user to run Composer and Artisan Commands
-RUN useradd -G www-data,root -u $uid -d /home/$user $user
-RUN mkdir -p /home/$user/.composer && \
-    chown -R $user:$user /home/$user
-
-# Set working directory
 WORKDIR /var/www
 
-USER $user
+RUN apk add --no-cache \
+            $PHPIZE_DEPS \
+            freetype-dev \
+            git \
+            zip \
+            libzip-dev \
+            php7-bcmath \
+            curl \
+            unzip \
+            libjpeg-turbo-dev \
+            libpng-dev \
+            libxml2-dev \
+            mariadb-client \
+            sqlite \
+            php7-json \
+            php7-openssl \
+            php7-pdo \
+            php7-pdo_mysql \
+            php7-session \
+            php7-simplexml \
+            php7-tokenizer \
+            php7-xml \
+            imagemagick \
+            imagemagick-libs \
+            imagemagick-dev \
+            php7-imagick \
+            php7-pcntl \
+            --repository http://dl-cdn.alpinelinux.org/alpine/v3.13/community/ gnu-libiconv=1.15-r3
+
+ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php
+
+RUN printf "\n" | pecl install \
+		imagick && \
+		docker-php-ext-enable --ini-name 20-imagick.ini imagick
+
+RUN docker-php-ext-configure zip
+RUN docker-php-ext-install zip
+RUN docker-php-ext-install iconv pdo pdo_mysql bcmath pcntl exif
+RUN docker-php-ext-configure gd --with-jpeg --with-freetype
+RUN docker-php-ext-install gd

app/Console/Commands/CheckEstimateStatus.php

@@ -1,9 +1,10 @@
 <?php
+
 namespace Crater\Console\Commands;
 
-use Illuminate\Console\Command;
 use Carbon\Carbon;
 use Crater\Models\Estimate;
+use Illuminate\Console\Command;
 
 class CheckEstimateStatus extends Command
 {
@@ -39,7 +40,7 @@ class CheckEstimateStatus extends Command
     public function handle()
     {
         $date = Carbon::now();
-        $status = array(Estimate::STATUS_ACCEPTED, Estimate::STATUS_REJECTED, Estimate::STATUS_EXPIRED);
+        $status = [Estimate::STATUS_ACCEPTED, Estimate::STATUS_REJECTED, Estimate::STATUS_EXPIRED];
         $estimates = Estimate::whereNotIn('status', $status)->whereDate('expiry_date', '<', $date)->get();
 
         foreach ($estimates as $estimate) {

app/Console/Commands/CheckInvoiceStatus.php

@@ -1,9 +1,10 @@
 <?php
+
 namespace Crater\Console\Commands;
 
-use Illuminate\Console\Command;
 use Carbon\Carbon;
 use Crater\Models\Invoice;
+use Illuminate\Console\Command;
 
 class CheckInvoiceStatus extends Command
 {
@@ -39,7 +40,7 @@ class CheckInvoiceStatus extends Command
     public function handle()
     {
         $date = Carbon::now();
-        $invoices = Invoice::where('status', '<>', Invoice::STATUS_COMPLETED)->whereDate('due_date', '<',$date)->get();
+        $invoices = Invoice::where('status', '<>', Invoice::STATUS_COMPLETED)->whereDate('due_date', '<', $date)->get();
 
         foreach ($invoices as $invoice) {
             $invoice->status = Invoice::STATUS_OVERDUE;

app/Console/Commands/CreateTemplateCommand.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace Crater\Console\Commands;
+
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Storage;
+
+class CreateTemplateCommand extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'make:template {name} {--type=}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Create estimate or invoice pdf template.                               ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return int
+     */
+    public function handle()
+    {
+        $templateName = $this->argument('name');
+        $type = $this->option('type');
+
+        if (! $type) {
+            $type = $this->choice('Create a template for?', ['invoice', 'estimate']);
+        }
+
+        if (Storage::disk('views')->exists("/app/pdf/{$type}/{$templateName}.blade.php")) {
+            $this->info("Template with given name already exists.");
+
+            return 0;
+        }
+
+        Storage::disk('views')->copy("/app/pdf/{$type}/{$type}1.blade.php", "/app/pdf/{$type}/{$templateName}.blade.php");
+        copy(resource_path("/static/img/PDF/{$type}1.png"), resource_path("/static/img/PDF/{$templateName}.png"));
+
+        $path = resource_path("app/pdf/{$type}/{$templateName}.blade.php");
+        $type = ucfirst($type);
+        $this->info("{$type} Template created successfully at ".$path);
+
+        return 0;
+    }
+}

app/Console/Commands/ResetApp.php

@@ -3,17 +3,19 @@
 namespace Crater\Console\Commands;
 
 use Illuminate\Console\Command;
+use Illuminate\Console\ConfirmableTrait;
 use Illuminate\Support\Facades\Artisan;
-use Illuminate\Filesystem\Filesystem;
 
 class ResetApp extends Command
 {
+    use ConfirmableTrait;
+
     /**
      * The name and signature of the console command.
      *
      * @var string
      */
-    protected $signature = 'reset:app';
+    protected $signature = 'reset:app {--force}';
 
     /**
      * The console command description.
@@ -39,13 +41,28 @@ class ResetApp extends Command
      */
     public function handle()
     {
-        if ($this->confirm('Do you wish to continue? This will delete your tables')) {
+        if (! $this->confirmToProceed()) {
-            Artisan::call('migrate:reset --force');
+            return;
-
-            \Storage::disk('local')->delete('database_created');
-
-            // $file = new Filesystem;
-            // $file->cleanDirectory('public/storage');
         }
+
+        $this->info('Running migrate:fresh');
+
+        Artisan::call('migrate:fresh --seed --force');
+
+        $this->info('Seeding database');
+
+        Artisan::call('db:seed', ['--class' => 'DemoSeeder', '--force' => true]);
+
+        $path = base_path('.env');
+
+        if (file_exists($path)) {
+            file_put_contents($path, str_replace(
+                'APP_DEBUG=true',
+                'APP_DEBUG=false',
+                file_get_contents($path)
+            ));
+        }
+
+        $this->info('App has been reset successfully');
     }
 }

app/Console/Commands/UpdateCommand.php

@@ -2,9 +2,9 @@
 
 namespace Crater\Console\Commands;
 
-use Illuminate\Console\Command;
-use Crater\Space\Updater;
 use Crater\Models\Setting;
+use Crater\Space\Updater;
+use Illuminate\Console\Command;
 
 // Implementation taken from Akaunting - https://github.com/akaunting/akaunting
 class UpdateCommand extends Command
@@ -57,42 +57,43 @@ class UpdateCommand extends Command
             return;
         }
 
-        if (!$this->version) {
+        if (! $this->version) {
             $this->info('No Update Available! You are already on the latest version.');
+
             return;
         }
 
-        if (!$this->confirm("Do you wish to update to {$this->version}?")) {
+        if (! $this->confirm("Do you wish to update to {$this->version}?")) {
             return;
         }
 
-        if (!$path = $this->download()) {
+        if (! $path = $this->download()) {
             return;
         }
 
-        if (!$path = $this->unzip($path)) {
+        if (! $path = $this->unzip($path)) {
             return;
         }
 
-        if (!$this->copyFiles($path)) {
+        if (! $this->copyFiles($path)) {
             return;
         }
 
-        if(isset($this->response->deleted_files) && !empty($this->response->deleted_files)) {
+        if (isset($this->response->deleted_files) && ! empty($this->response->deleted_files)) {
-            if (!$this->deleteFiles($this->response->deleted_files)) {
+            if (! $this->deleteFiles($this->response->deleted_files)) {
                 return;
             }
         }
 
-        if (!$this->migrateUpdate()) {
+        if (! $this->migrateUpdate()) {
             return;
         }
 
-        if (!$this->finish()) {
+        if (! $this->finish()) {
             return;
         }
 
-        $this->info('Successfully updated to ' . $this->version);
+        $this->info('Successfully updated to '.$this->version);
     }
 
     public function getInstalledVersion()
@@ -102,7 +103,7 @@ class UpdateCommand extends Command
 
     public function getLatestVersionResponse()
     {
-        $this->info('Your currently installed version is ' . $this->installed);
+        $this->info('Your currently installed version is '.$this->installed);
         $this->line('');
         $this->info('Checking for update...');
 
@@ -110,14 +111,12 @@ class UpdateCommand extends Command
             $response = Updater::checkForUpdate($this->installed);
 
             if ($response->success) {
-
                 $extensions = $response->version->extensions;
 
                 $is_required = false;
 
                 foreach ($extensions as $key => $extension) {
-
+                    if (! $extension) {
-                    if(!$extension) {
                         $is_required = true;
                         $this->info('❌ '.$key);
                     }
@@ -125,7 +124,7 @@ class UpdateCommand extends Command
                     $this->info('✅ '.$key);
                 }
 
-                if($is_required) {
+                if ($is_required) {
                     return 'extension_required';
                 }
 
@@ -146,8 +145,9 @@ class UpdateCommand extends Command
 
         try {
             $path = Updater::download($this->version, 1);
-            if (!is_string($path)) {
+            if (! is_string($path)) {
                 $this->error('Download exception');
+
                 return false;
             }
         } catch (\Exception $e) {
@@ -165,8 +165,9 @@ class UpdateCommand extends Command
 
         try {
             $path = Updater::unzip($path);
-            if (!is_string($path)) {
+            if (! is_string($path)) {
                 $this->error('Unzipping exception');
+
                 return false;
             }
         } catch (\Exception $e) {

app/Console/Kernel.php

@@ -1,6 +1,8 @@
 <?php
+
 namespace Crater\Console;
 
+use Crater\Models\RecurringInvoice;
 use Illuminate\Console\Scheduling\Schedule;
 use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
 
@@ -13,7 +15,8 @@ class Kernel extends ConsoleKernel
      */
     protected $commands = [
         Commands\ResetApp::class,
-        Commands\UpdateCommand::class
+        Commands\UpdateCommand::class,
+        Commands\CreateTemplateCommand::class
     ];
 
     /**
@@ -29,6 +32,13 @@ class Kernel extends ConsoleKernel
 
         $schedule->command('check:estimates:status')
             ->daily();
+
+        $recurringInvoices = RecurringInvoice::where('status', 'ACTIVE')->get();
+        foreach ($recurringInvoices as $recurringInvoice) {
+            $schedule->call(function () use ($recurringInvoice) {
+                $recurringInvoice->generateInvoice();
+            })->cron($recurringInvoice->frequency);
+        }
     }
 
     /**

app/Exceptions/Handler.php

@@ -1,8 +1,9 @@
 <?php
+
 namespace Crater\Exceptions;
 
-use Throwable;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+use Throwable;
 
 class Handler extends ExceptionHandler
 {

app/Generators/CustomPathGenerator.php

@@ -1,9 +1,7 @@
 <?php
 
-
 namespace Crater\Generators;
 
-
 use Crater\Models\Estimate;
 use Crater\Models\Invoice;
 use Crater\Models\Payment;
@@ -12,20 +10,19 @@ use Spatie\MediaLibrary\Support\PathGenerator\PathGenerator;
 
 class CustomPathGenerator implements PathGenerator
 {
-
     public function getPath(Media $media): string
     {
-        return $this->getBasePath($media) . '/';
+        return $this->getBasePath($media).'/';
     }
 
     public function getPathForConversions(Media $media): string
     {
-        return $this->getBasePath($media) . '/conversations/';
+        return $this->getBasePath($media).'/conversations/';
     }
 
     public function getPathForResponsiveImages(Media $media): string
     {
-        return $this->getBasePath($media) . '/responsive-images/';
+        return $this->getBasePath($media).'/responsive-images/';
     }
 
     /*

app/Http/Controllers/Controller.php

@@ -1,12 +1,15 @@
 <?php
+
 namespace Crater\Http\Controllers;
 
-use Illuminate\Foundation\Bus\DispatchesJobs;
-use Illuminate\Routing\Controller as BaseController;
-use Illuminate\Foundation\Validation\ValidatesRequests;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+use Illuminate\Foundation\Bus\DispatchesJobs;
+use Illuminate\Foundation\Validation\ValidatesRequests;
+use Illuminate\Routing\Controller as BaseController;
 
 class Controller extends BaseController
 {
-    use AuthorizesRequests, DispatchesJobs, ValidatesRequests;
+    use AuthorizesRequests;
+    use DispatchesJobs;
+    use ValidatesRequests;
 }

app/Http/Controllers/V1/Admin/Auth/ConfirmPasswordController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Auth;
+namespace Crater\Http\Controllers\V1\Admin\Auth;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Providers\RouteServiceProvider;

app/Http/Controllers/V1/Admin/Auth/ForgotPasswordController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Auth;
+namespace Crater\Http\Controllers\V1\Admin\Auth;
 
 use Crater\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
@@ -45,6 +45,8 @@ class ForgotPasswordController extends Controller
      */
     protected function sendResetLinkFailedResponse(Request $request, $response)
     {
-        return response('Email could not be sent to this email address.', 403);
+        return response()->json([
+            'error' => 'Email could not be sent to this email address.'
+        ], 403);
     }
 }

app/Http/Controllers/V1/Admin/Auth/LoginController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Auth;
+namespace Crater\Http\Controllers\V1\Admin\Auth;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Providers\RouteServiceProvider;

app/Http/Controllers/V1/Admin/Auth/RegisterController.php

@@ -1,12 +1,11 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Auth;
+namespace Crater\Http\Controllers\V1\Admin\Auth;
 
 use Crater\Http\Controllers\Controller;
-use Crater\Providers\RouteServiceProvider;
 use Crater\Models\User;
+use Crater\Providers\RouteServiceProvider;
 use Illuminate\Foundation\Auth\RegistersUsers;
-use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Validator;
 
 class RegisterController extends Controller
@@ -67,7 +66,7 @@ class RegisterController extends Controller
         return User::create([
             'name' => $data['name'],
             'email' => $data['email'],
-            'password' => $data['password']
+            'password' => $data['password'],
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Auth/ResetPasswordController.php

@@ -1,13 +1,13 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Auth;
+namespace Crater\Http\Controllers\V1\Admin\Auth;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Providers\RouteServiceProvider;
-use Illuminate\Support\Str;
 use Illuminate\Auth\Events\PasswordReset;
-use Illuminate\Http\Request;
 use Illuminate\Foundation\Auth\ResetsPasswords;
+use Illuminate\Http\Request;
+use Illuminate\Support\Str;
 
 class ResetPasswordController extends Controller
 {
@@ -31,7 +31,6 @@ class ResetPasswordController extends Controller
      */
     protected $redirectTo = RouteServiceProvider::HOME;
 
-
     /**
      * Get the response for a successful password reset.
      *
@@ -42,7 +41,7 @@ class ResetPasswordController extends Controller
     protected function sendResetResponse(Request $request, $response)
     {
         return response()->json([
-            'message' => 'Password reset successfully.'
+            'message' => 'Password reset successfully.',
         ]);
     }
 

app/Http/Controllers/V1/Admin/Auth/VerificationController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Auth;
+namespace Crater\Http\Controllers\V1\Admin\Auth;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Providers\RouteServiceProvider;

app/Http/Controllers/V1/Admin/Backup/ApiController.php

@@ -1,7 +1,8 @@
 <?php
+
 // Implementation taken from nova-backup-tool - https://github.com/spatie/nova-backup-tool/
 
-namespace Crater\Http\Controllers\V1\Backup;
+namespace Crater\Http\Controllers\V1\Admin\Backup;
 
 use Crater\Http\Controllers\Controller;
 use Illuminate\Http\JsonResponse;
@@ -12,12 +13,10 @@ class ApiController extends Controller
      *
      * @return JsonResponse
      */
-
     public function respondSuccess(): JsonResponse
     {
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
-
 }

app/Http/Controllers/V1/Admin/Backup/BackupsController.php

@@ -1,17 +1,17 @@
 <?php
+
 // Implementation taken from nova-backup-tool - https://github.com/spatie/nova-backup-tool/
 
-namespace Crater\Http\Controllers\V1\Backup;
+namespace Crater\Http\Controllers\V1\Admin\Backup;
 
+use Crater\Jobs\CreateBackupJob;
+use Crater\Rules\Backup\PathToZip;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
 use Spatie\Backup\BackupDestination\Backup;
 use Spatie\Backup\BackupDestination\BackupDestination;
 use Spatie\Backup\Helpers\Format;
-use Crater\Jobs\CreateBackupJob;
-use Crater\Rules\Backup\BackupDisk;
-use Crater\Rules\Backup\PathToZip;
-use Illuminate\Http\JsonResponse;
 
 class BackupsController extends ApiController
 {
@@ -22,6 +22,8 @@ class BackupsController extends ApiController
      */
     public function index(Request $request)
     {
+        $this->authorize('manage backups');
+
         $configuredBackupDisks = config('backup.backup.destination.disks');
 
         try {
@@ -42,14 +44,14 @@ class BackupsController extends ApiController
 
             return response()->json([
                 'backups' => $backups,
-                'disks' => $configuredBackupDisks
+                'disks' => $configuredBackupDisks,
             ]);
         } catch (\Exception $e) {
             return response()->json([
                 'backups' => [],
                 'error' => 'invalid_disk_credentials',
                 'error_message' => $e->getMessage(),
-                'disks' => $configuredBackupDisks
+                'disks' => $configuredBackupDisks,
             ]);
         }
     }
@@ -62,6 +64,8 @@ class BackupsController extends ApiController
      */
     public function store(Request $request)
     {
+        $this->authorize('manage backups');
+
         dispatch(new CreateBackupJob($request->all()))->onQueue(config('backup.queue.name'));
 
         return $this->respondSuccess();
@@ -75,6 +79,8 @@ class BackupsController extends ApiController
      */
     public function destroy($disk, Request $request)
     {
+        $this->authorize('manage backups');
+
         $validated = $request->validate([
             'path' => ['required', new PathToZip()],
         ]);

app/Http/Controllers/V1/Admin/Backup/DownloadBackupController.php

@@ -1,14 +1,13 @@
 <?php
+
 // Implementation taken from nova-backup-tool - https://github.com/spatie/nova-backup-tool/
 
-namespace Crater\Http\Controllers\V1\Backup;
+namespace Crater\Http\Controllers\V1\Admin\Backup;
 
-use Crater\Http\Controllers\Controller;
+use Crater\Rules\Backup\PathToZip;
 use Illuminate\Http\Request;
 use Spatie\Backup\BackupDestination\Backup;
 use Spatie\Backup\BackupDestination\BackupDestination;
-use Crater\Rules\Backup\BackupDisk;
-use Crater\Rules\Backup\PathToZip;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 
@@ -16,6 +15,8 @@ class DownloadBackupController extends ApiController
 {
     public function __invoke(Request $request)
     {
+        $this->authorize('manage backups');
+
         $validated = $request->validate([
             'path' => ['required', new PathToZip()],
         ]);

app/Http/Controllers/V1/Admin/Company/CompaniesController.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Company;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\CompaniesRequest;
+use Crater\Http\Resources\CompanyResource;
+use Crater\Models\Company;
+use Crater\Models\User;
+use Illuminate\Http\Request;
+use Silber\Bouncer\BouncerFacade;
+use Vinkla\Hashids\Facades\Hashids;
+
+class CompaniesController extends Controller
+{
+    public function store(CompaniesRequest $request)
+    {
+        $this->authorize('create company');
+
+        $user = $request->user();
+
+        $company = Company::create($request->getCompanyPayload());
+        $company->unique_hash = Hashids::connection(Company::class)->encode($company->id);
+        $company->save();
+        $company->setupDefaultData();
+        $user->companies()->attach($company->id);
+        $user->assign('super admin');
+
+        if ($request->address) {
+            $company->address()->create($request->address);
+        }
+
+        return new CompanyResource($company);
+    }
+
+    public function destroy(Request $request)
+    {
+        $company = Company::find($request->header('company'));
+
+        $this->authorize('delete company', $company);
+
+        $user = $request->user();
+
+        if ($request->name !== $company->name) {
+            return respondJson('company_name_must_match_with_given_name', 'Company name must match with given name');
+        }
+
+        if ($user->loadCount('companies')->companies_count <= 1) {
+            return respondJson('You_cannot_delete_all_companies', 'You cannot delete all companies');
+        }
+
+        $company->deleteCompany($user);
+
+        return response()->json([
+            'success' => true
+        ]);
+    }
+
+    public function transferOwnership(Request $request, User $user)
+    {
+        $company = Company::find($request->header('company'));
+        $this->authorize('transfer company ownership', $company);
+
+        if ($user->hasCompany($company->id)) {
+            return response()->json([
+                'success' => false,
+                'message' => 'User does not belongs to this company.'
+            ]);
+        }
+
+        $company->update(['owner_id' => $user->id]);
+        BouncerFacade::sync($user)->roles(['super admin']);
+
+        return response()->json([
+            'success' => true
+        ]);
+    }
+
+    public function getUserCompanies(Request $request)
+    {
+        $companies = $request->user()->companies;
+
+        return CompanyResource::collection($companies);
+    }
+}

app/Http/Controllers/V1/Admin/Company/CompanyController.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Company;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Resources\CompanyResource;
+use Crater\Models\Company;
+use Illuminate\Http\Request;
+
+class CompanyController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        $company = Company::find($request->header('company'));
+
+        return new CompanyResource($company);
+    }
+}

app/Http/Controllers/V1/Admin/Config/FiscalYearsController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\Config;
 
 use Crater\Http\Controllers\Controller;
 use Illuminate\Http\Request;
@@ -16,7 +16,7 @@ class FiscalYearsController extends Controller
     public function __invoke(Request $request)
     {
         return response()->json([
-            'fiscal_years' => config('crater.fiscal_years')
+            'fiscal_years' => config('crater.fiscal_years'),
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Config/LanguagesController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\Config;
 
 use Crater\Http\Controllers\Controller;
 use Illuminate\Http\Request;
@@ -16,7 +16,7 @@ class LanguagesController extends Controller
     public function __invoke(Request $request)
     {
         return response()->json([
-            'languages' => config('crater.languages')
+            'languages' => config('crater.languages'),
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Config/RetrospectiveEditsController.php

@@ -1,12 +1,11 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Update;
+namespace Crater\Http\Controllers\V1\Admin\Config;
 
 use Crater\Http\Controllers\Controller;
-use Crater\Space\Updater;
 use Illuminate\Http\Request;
 
-class MigrateUpdateController extends Controller
+class RetrospectiveEditsController extends Controller
 {
     /**
      * Handle the incoming request.
@@ -16,10 +15,8 @@ class MigrateUpdateController extends Controller
      */
     public function __invoke(Request $request)
     {
-        Updater::migrateUpdate();
-
         return response()->json([
-            'success' => true
+            'retrospective_edits' => config('crater.retrospective_edits'),
         ]);
     }
 }

app/Http/Controllers/V1/Admin/CustomField/CustomFieldsController.php

@@ -1,10 +1,11 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\CustomField;
+namespace Crater\Http\Controllers\V1\Admin\CustomField;
 
-use Crater\Models\CustomField;
 use Crater\Http\Controllers\Controller;
 use Crater\Http\Requests\CustomFieldRequest;
+use Crater\Http\Resources\CustomFieldResource;
+use Crater\Models\CustomField;
 use Illuminate\Http\Request;
 
 class CustomFieldsController extends Controller
@@ -16,20 +17,16 @@ class CustomFieldsController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', CustomField::class);
+
         $limit = $request->has('limit') ? $request->limit : 5;
 
-      $customFields = CustomField::whereCompany($request->header('company'))
+        $customFields = CustomField::applyFilters($request->all())
-            ->applyFilters($request->only([
+            ->whereCompany()
-                'type',
-                'search'
-            ]))
             ->latest()
             ->paginateData($limit);
 
-
+        return CustomFieldResource::collection($customFields);
-        return response()->json([
-            'customFields' => $customFields
-        ]);
     }
 
     /**
@@ -40,12 +37,11 @@ class CustomFieldsController extends Controller
      */
     public function store(CustomFieldRequest $request)
     {
+        $this->authorize('create', CustomField::class);
+
         $customField = CustomField::createCustomField($request);
 
-        return response()->json([
+        return new CustomFieldResource($customField);
-            'customField' => $customField,
-            'success' => true
-        ]);
     }
 
     /**
@@ -56,10 +52,9 @@ class CustomFieldsController extends Controller
      */
     public function show(CustomField $customField)
     {
-        return response()->json([
+        $this->authorize('view', $customField);
-            'customField' => $customField,
+
-            'success' => true
+        return new CustomFieldResource($customField);
-        ]);
     }
 
     /**
@@ -71,12 +66,11 @@ class CustomFieldsController extends Controller
      */
     public function update(CustomFieldRequest $request, CustomField $customField)
     {
+        $this->authorize('update', $customField);
+
         $customField->updateCustomField($request);
 
-        return response()->json([
+        return new CustomFieldResource($customField);
-            'customField' => $customField,
-            'success' => true
-        ]);
     }
 
     /**
@@ -87,16 +81,16 @@ class CustomFieldsController extends Controller
      */
     public function destroy(CustomField $customField)
     {
-        if ($customField->customFieldValue()->exists()) {
+        $this->authorize('delete', $customField);
-            return response()->json([
+
-                'error' => 'values_attached'
+        if ($customField->customFieldValues()->exists()) {
-            ]);
+            $customField->customFieldValues()->delete();
         }
 
-        $customField->delete();
+        $customField->forceDelete();
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Customer/CustomerStatsController.php

@@ -1,14 +1,15 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Customer;
+namespace Crater\Http\Controllers\V1\Admin\Customer;
 
-use Crater\Http\Controllers\Controller;
-use Crater\Models\Invoice;
-use Crater\Models\Expense;
-use Crater\Models\Payment;
-use Crater\Models\User;
-use Crater\Models\CompanySetting;
 use Carbon\Carbon;
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Resources\CustomerResource;
+use Crater\Models\CompanySetting;
+use Crater\Models\Customer;
+use Crater\Models\Expense;
+use Crater\Models\Invoice;
+use Crater\Models\Payment;
 use Illuminate\Http\Request;
 
 class CustomerStatsController extends Controller
@@ -19,8 +20,10 @@ class CustomerStatsController extends Controller
      * @param  \Illuminate\Http\Request  $request
      * @return \Illuminate\Http\Response
      */
-    public function __invoke(Request $request, User $customer)
+    public function __invoke(Request $request, Customer $customer)
     {
+        $this->authorize('view', $customer);
+
         $i = 0;
         $months = [];
         $invoiceTotals = [];
@@ -56,7 +59,7 @@ class CustomerStatsController extends Controller
                     'invoice_date',
                     [$start->format('Y-m-d'), $end->format('Y-m-d')]
                 )
-                    ->whereCompany($request->header('company'))
+                    ->whereCompany()
                     ->whereCustomer($customer->id)
                     ->sum('total') ?? 0
             );
@@ -66,7 +69,7 @@ class CustomerStatsController extends Controller
                     'expense_date',
                     [$start->format('Y-m-d'), $end->format('Y-m-d')]
                 )
-                    ->whereCompany($request->header('company'))
+                    ->whereCompany()
                     ->whereUser($customer->id)
                     ->sum('amount') ?? 0
             );
@@ -76,7 +79,7 @@ class CustomerStatsController extends Controller
                     'payment_date',
                     [$start->format('Y-m-d'), $end->format('Y-m-d')]
                 )
-                    ->whereCompany($request->header('company'))
+                    ->whereCompany()
                     ->whereCustomer($customer->id)
                     ->sum('amount') ?? 0
             );
@@ -94,25 +97,25 @@ class CustomerStatsController extends Controller
 
         $start->subMonth()->endOfMonth();
 
-        $salesTotal = Invoice::whereCompany($request->header('company'))
+        $salesTotal = Invoice::whereBetween(
-            ->whereBetween(
             'invoice_date',
             [$startDate->format('Y-m-d'), $start->format('Y-m-d')]
         )
+            ->whereCompany()
             ->whereCustomer($customer->id)
             ->sum('total');
-        $totalReceipts = Payment::whereCompany($request->header('company'))
+        $totalReceipts = Payment::whereBetween(
-            ->whereBetween(
             'payment_date',
             [$startDate->format('Y-m-d'), $start->format('Y-m-d')]
         )
+            ->whereCompany()
             ->whereCustomer($customer->id)
             ->sum('amount');
-        $totalExpenses = Expense::whereCompany($request->header('company'))
+        $totalExpenses = Expense::whereBetween(
-            ->whereBetween(
             'expense_date',
             [$startDate->format('Y-m-d'), $start->format('Y-m-d')]
         )
+            ->whereCompany()
             ->whereUser($customer->id)
             ->sum('amount');
         $netProfit = (int) $totalReceipts - (int) $totalExpenses;
@@ -126,21 +129,14 @@ class CustomerStatsController extends Controller
             'netProfits' => $netProfits,
             'salesTotal' => $salesTotal,
             'totalReceipts' => $totalReceipts,
-            'totalExpenses' => $totalExpenses
+            'totalExpenses' => $totalExpenses,
         ];
 
-        $customer = User::with([
+        $customer = Customer::find($customer->id);
-            'billingAddress',
-            'shippingAddress',
-            'billingAddress.country',
-            'shippingAddress.country',
-            'currency',
-            'fields.customField'
-        ])->find($customer->id);
 
-        return response()->json([
+        return (new CustomerResource($customer))
-            'customer' => $customer,
+            ->additional(['meta' => [
-            'chartData' => $chartData,
+                'chartData' => $chartData
-        ]);
+            ]]);
     }
 }

app/Http/Controllers/V1/Admin/Customer/CustomersController.php

@@ -0,0 +1,108 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Customer;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests;
+use Crater\Http\Requests\DeleteCustomersRequest;
+use Crater\Http\Resources\CustomerResource;
+use Crater\Models\Customer;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class CustomersController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('viewAny', Customer::class);
+
+        $limit = $request->has('limit') ? $request->limit : 10;
+
+        $customers = Customer::with('creator')
+            ->whereCompany()
+            ->applyFilters($request->all())
+            ->select(
+                'customers.*',
+                DB::raw('sum(invoices.base_due_amount) as base_due_amount'),
+                DB::raw('sum(invoices.due_amount) as due_amount'),
+            )
+            ->groupBy('customers.id')
+            ->leftJoin('invoices', 'customers.id', '=', 'invoices.customer_id')
+            ->paginateData($limit);
+
+        return (CustomerResource::collection($customers))
+            ->additional(['meta' => [
+                'customer_total_count' => Customer::whereCompany()->count(),
+            ]]);
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function store(Requests\CustomerRequest $request)
+    {
+        $this->authorize('create', Customer::class);
+
+        $customer = Customer::createCustomer($request);
+
+        return new CustomerResource($customer);
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  Customer $customer
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function show(Customer $customer)
+    {
+        $this->authorize('view', $customer);
+
+        return new CustomerResource($customer);
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @param  \Crater\Models\Customer $customer
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function update(Requests\CustomerRequest $request, Customer $customer)
+    {
+        $this->authorize('update', $customer);
+
+        $customer = Customer::updateCustomer($request, $customer);
+
+        if (is_string($customer)) {
+            return respondJson('you_cannot_edit_currency', 'Cannot change currency once transactions created');
+        }
+
+        return new CustomerResource($customer);
+    }
+
+    /**
+     * Remove a list of Customers along side all their resources (ie. Estimates, Invoices, Payments and Addresses)
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function delete(DeleteCustomersRequest $request)
+    {
+        $this->authorize('delete multiple customers');
+
+        Customer::deleteCustomers($request->ids);
+
+        return response()->json([
+            'success' => true,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/Dashboard/DashboardController.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Dashboard;
+
+use Carbon\Carbon;
+use Crater\Http\Controllers\Controller;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
+use Crater\Models\Customer;
+use Crater\Models\Estimate;
+use Crater\Models\Expense;
+use Crater\Models\Invoice;
+use Crater\Models\Payment;
+use Illuminate\Http\Request;
+
+class DashboardController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function __invoke(Request $request)
+    {
+        $company = Company::find($request->header('company'));
+
+        $this->authorize('view dashboard', $company);
+
+        $invoice_totals = [];
+        $expense_totals = [];
+        $receipt_totals = [];
+        $net_income_totals = [];
+
+        $i = 0;
+        $months = [];
+        $monthCounter = 0;
+        $fiscalYear = CompanySetting::getSetting('fiscal_year', $request->header('company'));
+        $startDate = Carbon::now();
+        $start = Carbon::now();
+        $end = Carbon::now();
+        $terms = explode('-', $fiscalYear);
+
+        if ($terms[0] <= $start->month) {
+            $startDate->month($terms[0])->startOfMonth();
+            $start->month($terms[0])->startOfMonth();
+            $end->month($terms[0])->endOfMonth();
+        } else {
+            $startDate->subYear()->month($terms[0])->startOfMonth();
+            $start->subYear()->month($terms[0])->startOfMonth();
+            $end->subYear()->month($terms[0])->endOfMonth();
+        }
+
+        if ($request->has('previous_year')) {
+            $startDate->subYear()->startOfMonth();
+            $start->subYear()->startOfMonth();
+            $end->subYear()->endOfMonth();
+        }
+
+        while ($monthCounter < 12) {
+            array_push(
+                $invoice_totals,
+                Invoice::whereBetween(
+                    'invoice_date',
+                    [$start->format('Y-m-d'), $end->format('Y-m-d')]
+                )
+                ->whereCompany()
+                ->sum('base_total')
+            );
+            array_push(
+                $expense_totals,
+                Expense::whereBetween(
+                    'expense_date',
+                    [$start->format('Y-m-d'), $end->format('Y-m-d')]
+                )
+                ->whereCompany()
+                ->sum('base_amount')
+            );
+            array_push(
+                $receipt_totals,
+                Payment::whereBetween(
+                    'payment_date',
+                    [$start->format('Y-m-d'), $end->format('Y-m-d')]
+                )
+                ->whereCompany()
+                ->sum('base_amount')
+            );
+            array_push(
+                $net_income_totals,
+                ($receipt_totals[$i] - $expense_totals[$i])
+            );
+            $i++;
+            array_push($months, $start->format('M'));
+            $monthCounter++;
+            $end->startOfMonth();
+            $start->addMonth()->startOfMonth();
+            $end->addMonth()->endOfMonth();
+        }
+
+        $start->subMonth()->endOfMonth();
+
+        $total_sales = Invoice::whereBetween(
+            'invoice_date',
+            [$startDate->format('Y-m-d'), $start->format('Y-m-d')]
+        )
+            ->whereCompany()
+            ->sum('base_total');
+
+        $total_receipts = Payment::whereBetween(
+            'payment_date',
+            [$startDate->format('Y-m-d'), $start->format('Y-m-d')]
+        )
+            ->whereCompany()
+            ->sum('base_amount');
+
+        $total_expenses = Expense::whereBetween(
+            'expense_date',
+            [$startDate->format('Y-m-d'), $start->format('Y-m-d')]
+        )
+            ->whereCompany()
+            ->sum('base_amount');
+
+        $total_net_income = (int)$total_receipts - (int)$total_expenses;
+
+        $chart_data = [
+            'months' => $months,
+            'invoice_totals' => $invoice_totals,
+            'expense_totals' => $expense_totals,
+            'receipt_totals' => $receipt_totals,
+            'net_income_totals' => $net_income_totals,
+        ];
+
+        $total_customer_count = Customer::whereCompany()->count();
+        $total_invoice_count = Invoice::whereCompany()
+            ->count();
+        $total_estimate_count = Estimate::whereCompany()->count();
+        $total_amount_due = Invoice::whereCompany()
+            ->sum('base_due_amount');
+
+        $recent_due_invoices = Invoice::with('customer')
+            ->whereCompany()
+            ->where('base_due_amount', '>', 0)
+            ->take(5)
+            ->latest()
+            ->get();
+        $recent_estimates = Estimate::with('customer')->whereCompany()->take(5)->latest()->get();
+
+        return response()->json([
+            'total_amount_due' => $total_amount_due,
+            'total_customer_count' => $total_customer_count,
+            'total_invoice_count' => $total_invoice_count,
+            'total_estimate_count' => $total_estimate_count,
+
+            'recent_due_invoices' => $recent_due_invoices,
+            'recent_estimates' => $recent_estimates,
+
+            'chart_data' => $chart_data,
+
+            'total_sales' => $total_sales,
+            'total_receipts' => $total_receipts,
+            'total_expenses' => $total_expenses,
+            'total_net_income' => $total_net_income,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/Estimate/ChangeEstimateStatusController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Estimate;
+namespace Crater\Http\Controllers\V1\Admin\Estimate;
 
-use Illuminate\Http\Request;
 use Crater\Http\Controllers\Controller;
 use Crater\Models\Estimate;
+use Illuminate\Http\Request;
 
 class ChangeEstimateStatusController extends Controller
 {
@@ -17,10 +17,12 @@ class ChangeEstimateStatusController extends Controller
     */
     public function __invoke(Request $request, Estimate $estimate)
     {
+        $this->authorize('send estimate', $estimate);
+
         $estimate->update($request->only('status'));
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Estimate/ConvertEstimateController.php

@@ -0,0 +1,132 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Estimate;
+
+use Carbon\Carbon;
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Resources\InvoiceResource;
+use Crater\Models\CompanySetting;
+use Crater\Models\Estimate;
+use Crater\Models\Invoice;
+use Crater\Services\SerialNumberFormatter;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Vinkla\Hashids\Facades\Hashids;
+
+class ConvertEstimateController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Crater\Models\Estimate $estimate
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request, Estimate $estimate, Invoice $invoice)
+    {
+        $this->authorize('create', Invoice::class);
+
+        $estimate->load(['items', 'items.taxes', 'customer', 'taxes']);
+
+        $invoice_date = Carbon::now();
+        $due_date = null;
+
+        $dueDateEnabled = CompanySetting::getSetting(
+            'invoice_set_due_date_automatically',
+            $request->header('company')
+        );
+
+        if ($dueDateEnabled === 'YES') {
+            $dueDateDays = CompanySetting::getSetting(
+                'invoice_due_date_days',
+                $request->header('company')
+            );
+            $due_date = Carbon::now()->addDays($dueDateDays)->format('Y-m-d');
+        }
+
+        $serial = (new SerialNumberFormatter())
+            ->setModel($invoice)
+            ->setCompany($estimate->company_id)
+            ->setCustomer($estimate->customer_id)
+            ->setNextNumbers();
+
+        $templateName = $estimate->getInvoiceTemplateName();
+
+        $exchange_rate = $estimate->exchange_rate;
+
+        $invoice = Invoice::create([
+            'creator_id' => Auth::id(),
+            'invoice_date' => $invoice_date->format('Y-m-d'),
+            'due_date' => $due_date,
+            'invoice_number' => $serial->getNextNumber(),
+            'sequence_number' => $serial->nextSequenceNumber,
+            'customer_sequence_number' => $serial->nextCustomerSequenceNumber,
+            'reference_number' => $serial->getNextNumber(),
+            'customer_id' => $estimate->customer_id,
+            'company_id' => $request->header('company'),
+            'template_name' => $templateName,
+            'status' => Invoice::STATUS_DRAFT,
+            'paid_status' => Invoice::STATUS_UNPAID,
+            'sub_total' => $estimate->sub_total,
+            'discount' => $estimate->discount,
+            'discount_type' => $estimate->discount_type,
+            'discount_val' => $estimate->discount_val,
+            'total' => $estimate->total,
+            'due_amount' => $estimate->total,
+            'tax_per_item' => $estimate->tax_per_item,
+            'discount_per_item' => $estimate->discount_per_item,
+            'tax' => $estimate->tax,
+            'notes' => $estimate->notes,
+            'exchange_rate' => $exchange_rate,
+            'base_discount_val' => $estimate->discount_val * $exchange_rate,
+            'base_sub_total' => $estimate->sub_total * $exchange_rate,
+            'base_total' => $estimate->total * $exchange_rate,
+            'base_tax' => $estimate->tax * $exchange_rate,
+            'currency_id' => $estimate->currency_id,
+        ]);
+
+        $invoice->unique_hash = Hashids::connection(Invoice::class)->encode($invoice->id);
+        $invoice->save();
+        $invoiceItems = $estimate->items->toArray();
+
+        foreach ($invoiceItems as $invoiceItem) {
+            $invoiceItem['company_id'] = $request->header('company');
+            $invoiceItem['name'] = $invoiceItem['name'];
+            $estimateItem['exchange_rate'] = $exchange_rate;
+            $estimateItem['base_price'] = $invoiceItem['price'] * $exchange_rate;
+            $estimateItem['base_discount_val'] = $invoiceItem['discount_val'] * $exchange_rate;
+            $estimateItem['base_tax'] = $invoiceItem['tax'] * $exchange_rate;
+            $estimateItem['base_total'] = $invoiceItem['total'] * $exchange_rate;
+
+            $item = $invoice->items()->create($invoiceItem);
+
+            if (array_key_exists('taxes', $invoiceItem) && $invoiceItem['taxes']) {
+                foreach ($invoiceItem['taxes'] as $tax) {
+                    $tax['company_id'] = $request->header('company');
+
+                    if ($tax['amount']) {
+                        $item->taxes()->create($tax);
+                    }
+                }
+            }
+        }
+
+        if ($estimate->taxes) {
+            foreach ($estimate->taxes->toArray() as $tax) {
+                $tax['company_id'] = $request->header('company');
+                $tax['exchange_rate'] = $exchange_rate;
+                $tax['base_amount'] = $tax['amount'] * $exchange_rate;
+                $tax['currency_id'] = $estimate->currency_id;
+                unset($tax['estimate_id']);
+
+                $invoice->taxes()->create($tax);
+            }
+        }
+
+        $estimate->checkForEstimateConvertAction();
+
+        $invoice = Invoice::find($invoice->id);
+
+        return new InvoiceResource($invoice);
+    }
+}

app/Http/Controllers/V1/Admin/Estimate/EstimateTemplatesController.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Estimate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\Estimate;
+use Illuminate\Http\Request;
+
+class EstimateTemplatesController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        $this->authorize('viewAny', Estimate::class);
+
+        $estimateTemplates = Estimate::estimateTemplates();
+
+        return response()->json([
+            'estimateTemplates' => $estimateTemplates
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/Estimate/EstimatesController.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Estimate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\DeleteEstimatesRequest;
+use Crater\Http\Requests\EstimatesRequest;
+use Crater\Http\Resources\EstimateResource;
+use Crater\Jobs\GenerateEstimatePdfJob;
+use Crater\Models\Estimate;
+use Illuminate\Http\Request;
+
+class EstimatesController extends Controller
+{
+    public function index(Request $request)
+    {
+        $this->authorize('viewAny', Estimate::class);
+
+        $limit = $request->has('limit') ? $request->limit : 10;
+
+        $estimates = Estimate::whereCompany()
+            ->join('customers', 'customers.id', '=', 'estimates.customer_id')
+            ->applyFilters($request->all())
+            ->select('estimates.*', 'customers.name')
+            ->latest()
+            ->paginateData($limit);
+
+        return (EstimateResource::collection($estimates))
+            ->additional(['meta' => [
+                'estimate_total_count' => Estimate::whereCompany()->count(),
+            ]]);
+    }
+
+    public function store(EstimatesRequest $request)
+    {
+        $this->authorize('create', Estimate::class);
+
+        $estimate = Estimate::createEstimate($request);
+
+        if ($request->has('estimateSend')) {
+            $estimate->send($request->title, $request->body);
+        }
+
+        GenerateEstimatePdfJob::dispatch($estimate);
+
+        return new EstimateResource($estimate);
+    }
+
+    public function show(Request $request, Estimate $estimate)
+    {
+        $this->authorize('view', $estimate);
+
+        return new EstimateResource($estimate);
+    }
+
+    public function update(EstimatesRequest $request, Estimate $estimate)
+    {
+        $this->authorize('update', $estimate);
+
+        $estimate = $estimate->updateEstimate($request);
+
+        GenerateEstimatePdfJob::dispatch($estimate, true);
+
+        return new EstimateResource($estimate);
+    }
+
+    public function delete(DeleteEstimatesRequest $request)
+    {
+        $this->authorize('delete multiple estimates');
+
+        Estimate::destroy($request->ids);
+
+        return response()->json([
+            'success' => true,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/Estimate/SendEstimateController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Estimate;
+namespace Crater\Http\Controllers\V1\Admin\Estimate;
 
 use Crater\Http\Controllers\Controller;
-use Crater\Models\Estimate;
 use Crater\Http\Requests\SendEstimatesRequest;
+use Crater\Models\Estimate;
 
 class SendEstimateController extends Controller
 {
@@ -16,6 +16,8 @@ class SendEstimateController extends Controller
     */
     public function __invoke(SendEstimatesRequest $request, Estimate $estimate)
     {
+        $this->authorize('send estimate', $estimate);
+
         $response = $estimate->send($request->all());
 
         return response()->json($response);

app/Http/Controllers/V1/Admin/Estimate/SendEstimatePreviewController.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Estimate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\SendEstimatesRequest;
+use Crater\Models\Estimate;
+use Illuminate\Mail\Markdown;
+
+class SendEstimatePreviewController extends Controller
+{
+    /**
+    * Handle the incoming request.
+    *
+    * @param  \Crater\Http\Requests\SendEstimatesRequest  $request
+    * @return \Illuminate\Http\JsonResponse
+    */
+    public function __invoke(SendEstimatesRequest $request, Estimate $estimate)
+    {
+        $this->authorize('send estimate', $estimate);
+
+        $markdown = new Markdown(view(), config('mail.markdown'));
+
+        return $markdown->render('emails.send.estimate', ['data' => $estimate->sendEstimateData($request->all())]);
+    }
+}

app/Http/Controllers/V1/Admin/ExchangeRate/ExchangeRateProviderController.php

@@ -0,0 +1,117 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\ExchangeRate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\ExchangeRateProviderRequest;
+use Crater\Http\Resources\ExchangeRateProviderResource;
+use Crater\Models\ExchangeRateProvider;
+use Illuminate\Http\Request;
+
+class ExchangeRateProviderController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('viewAny', ExchangeRateProvider::class);
+
+        $limit = $request->has('limit') ? $request->limit : 5;
+
+        $exchangeRateProviders = ExchangeRateProvider::whereCompany()->paginate($limit);
+
+        return ExchangeRateProviderResource::collection($exchangeRateProviders);
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(ExchangeRateProviderRequest $request)
+    {
+        $this->authorize('create', ExchangeRateProvider::class);
+
+        $query = ExchangeRateProvider::checkActiveCurrencies($request);
+
+        if (count($query) !== 0) {
+            return respondJson('currency_used', 'Currency used.');
+        }
+
+        $checkConverterApi = ExchangeRateProvider::checkExchangeRateProviderStatus($request);
+
+        if ($checkConverterApi->status() == 200) {
+            $exchangeRateProvider = ExchangeRateProvider::createFromRequest($request);
+
+            return new ExchangeRateProviderResource($exchangeRateProvider);
+        }
+
+        return $checkConverterApi;
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  \Crater\Models\ExchangeRateProvider  $exchangeRateProvider
+     * @return \Illuminate\Http\Response
+     */
+    public function show(ExchangeRateProvider $exchangeRateProvider)
+    {
+        $this->authorize('view', $exchangeRateProvider);
+
+        return new ExchangeRateProviderResource($exchangeRateProvider);
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Crater\Models\ExchangeRateProvider  $exchangeRateProvider
+     * @return \Illuminate\Http\Response
+     */
+    public function update(ExchangeRateProviderRequest $request, ExchangeRateProvider $exchangeRateProvider)
+    {
+        $this->authorize('update', $exchangeRateProvider);
+
+        $query = $exchangeRateProvider->checkUpdateActiveCurrencies($request);
+
+        if (count($query) !== 0) {
+            return respondJson('currency_used', 'Currency used.');
+        }
+
+        $checkConverterApi = ExchangeRateProvider::checkExchangeRateProviderStatus($request);
+
+        if ($checkConverterApi->status() == 200) {
+            $exchangeRateProvider->updateFromRequest($request);
+
+            return new ExchangeRateProviderResource($exchangeRateProvider);
+        }
+
+        return $checkConverterApi;
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  \Crater\Models\ExchangeRateProvider  $exchangeRateProvider
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy(ExchangeRateProvider $exchangeRateProvider)
+    {
+        $this->authorize('delete', $exchangeRateProvider);
+
+        if ($exchangeRateProvider->active == true) {
+            return respondJson('provider_active', 'Provider Active.');
+        }
+
+        $exchangeRateProvider->delete();
+
+        return response()->json([
+            'success' => true,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/ExchangeRate/GetActiveProviderController.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\ExchangeRate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\Currency;
+use Crater\Models\ExchangeRateProvider;
+use Illuminate\Http\Request;
+
+class GetActiveProviderController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request, Currency $currency)
+    {
+        $query = ExchangeRateProvider::whereCompany()->whereJsonContains('currencies', $currency->code)
+                ->where('active', true)
+                ->get();
+
+        if (count($query) !== 0) {
+            return response()->json([
+                'success' => true,
+                'message' => 'provider_active',
+            ], 200);
+        }
+
+        return response()->json([
+            'error' => 'no_active_provider',
+        ], 200);
+    }
+}

app/Http/Controllers/V1/Admin/ExchangeRate/GetExchangeRateController.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\ExchangeRate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\CompanySetting;
+use Crater\Models\Currency;
+use Crater\Models\ExchangeRateLog;
+use Crater\Models\ExchangeRateProvider;
+use Crater\Traits\ExchangeRateProvidersTrait;
+use Illuminate\Http\Request;
+use Illuminate\Support\Arr;
+
+class GetExchangeRateController extends Controller
+{
+    use ExchangeRateProvidersTrait;
+
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request, Currency $currency)
+    {
+        $settings = CompanySetting::getSettings(['currency'], $request->header('company'));
+        $baseCurrency = Currency::findOrFail($settings['currency']);
+
+        $query = ExchangeRateProvider::whereJsonContains('currencies', $currency->code)
+                ->where('active', true)
+                ->get()
+                ->toArray();
+
+        $exchange_rate = ExchangeRateLog::where('base_currency_id', $currency->id)
+                ->where('currency_id', $baseCurrency->id)
+                ->orderBy('created_at', 'desc')
+                ->value('exchange_rate');
+
+        if ($query) {
+            $filter = Arr::only($query[0], ['key', 'driver', 'driver_config']);
+            $exchange_rate_value = $this->getExchangeRate($filter, $currency->code, $baseCurrency->code);
+
+            if ($exchange_rate_value->status() == 200) {
+                return $exchange_rate_value;
+            }
+        }
+        if ($exchange_rate) {
+            return response()->json([
+                'exchangeRate' => [$exchange_rate],
+            ], 200);
+        }
+
+        return response()->json([
+            'error' => 'no_exchange_rate_available',
+        ], 200);
+    }
+}

app/Http/Controllers/V1/Admin/ExchangeRate/GetSupportedCurrenciesController.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\ExchangeRate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\ExchangeRateProvider;
+use Crater\Traits\ExchangeRateProvidersTrait;
+use Illuminate\Http\Request;
+
+class GetSupportedCurrenciesController extends Controller
+{
+    use ExchangeRateProvidersTrait;
+
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        $this->authorize('viewAny', ExchangeRateProvider::class);
+
+        return $this->getSupportedCurrencies($request);
+    }
+}

app/Http/Controllers/V1/Admin/ExchangeRate/GetUsedCurrenciesController.php

@@ -0,0 +1,55 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\ExchangeRate;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\ExchangeRateProvider;
+use Illuminate\Http\Request;
+
+class GetUsedCurrenciesController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        $this->authorize('viewAny', ExchangeRateProvider::class);
+
+        $providerId = $request->provider_id;
+
+        $activeExchangeRateProviders = ExchangeRateProvider::where('active', true)
+            ->whereCompany()
+            ->when($providerId, function ($query) use ($providerId) {
+                return $query->where('id', '<>', $providerId);
+            })
+            ->pluck('currencies');
+        $activeExchangeRateProvider = [];
+
+        foreach ($activeExchangeRateProviders as $data) {
+            if (is_array($data)) {
+                for ($limit = 0; $limit < count($data); $limit++) {
+                    $activeExchangeRateProvider[] = $data[$limit];
+                }
+            }
+        }
+
+        $allExchangeRateProviders = ExchangeRateProvider::whereCompany()->pluck('currencies');
+        $allExchangeRateProvider = [];
+
+        foreach ($allExchangeRateProviders as $data) {
+            if (is_array($data)) {
+                for ($limit = 0; $limit < count($data); $limit++) {
+                    $allExchangeRateProvider[] = $data[$limit];
+                }
+            }
+        }
+
+        return response()->json([
+            'allUsedCurrencies' => $allExchangeRateProvider ? $allExchangeRateProvider : [],
+            'activeUsedCurrencies' => $activeExchangeRateProvider ? $activeExchangeRateProvider : [],
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/Expense/ExpenseCategoriesController.php

@@ -1,10 +1,12 @@
 <?php
-namespace Crater\Http\Controllers\V1\Expense;
 
+namespace Crater\Http\Controllers\V1\Admin\Expense;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\ExpenseCategoryRequest;
+use Crater\Http\Resources\ExpenseCategoryResource;
 use Crater\Models\ExpenseCategory;
 use Illuminate\Http\Request;
-use Crater\Http\Requests\ExpenseCategoryRequest;
-use Crater\Http\Controllers\Controller;
 
 class ExpenseCategoriesController extends Controller
 {
@@ -15,19 +17,16 @@ class ExpenseCategoriesController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', ExpenseCategory::class);
+
         $limit = $request->has('limit') ? $request->limit : 5;
 
-        $categories = ExpenseCategory::whereCompany($request->header('company'))
+        $categories = ExpenseCategory::applyFilters($request->all())
-            ->applyFilters($request->only([
+            ->whereCompany()
-                'category_id',
-                'search'
-            ]))
             ->latest()
             ->paginateData($limit);
 
-        return response()->json([
+        return ExpenseCategoryResource::collection($categories);
-            'categories' => $categories
-        ]);
     }
 
     /**
@@ -38,14 +37,11 @@ class ExpenseCategoriesController extends Controller
      */
     public function store(ExpenseCategoryRequest $request)
     {
-        $data = $request->validated();
+        $this->authorize('create', ExpenseCategory::class);
-        $data['company_id'] = $request->header('company');
-        $category = ExpenseCategory::create($data);
 
-        return response()->json([
+        $category = ExpenseCategory::create($request->getExpenseCategoryPayload());
-            'category' => $category,
+
-            'success' => true
+        return new ExpenseCategoryResource($category);
-        ]);
     }
 
     /**
@@ -56,9 +52,9 @@ class ExpenseCategoriesController extends Controller
      */
     public function show(ExpenseCategory $category)
     {
-        return response()->json([
+        $this->authorize('view', $category);
-            'category' => $category
+
-        ]);
+        return new ExpenseCategoryResource($category);
     }
 
     /**
@@ -70,12 +66,11 @@ class ExpenseCategoriesController extends Controller
      */
     public function update(ExpenseCategoryRequest $request, ExpenseCategory $category)
     {
-        $category->update($request->validated());
+        $this->authorize('update', $category);
 
-        return response()->json([
+        $category->update($request->getExpenseCategoryPayload());
-            'category' => $category,
+
-            'success' => true
+        return new ExpenseCategoryResource($category);
-        ]);
     }
 
     /**
@@ -86,16 +81,16 @@ class ExpenseCategoriesController extends Controller
      */
     public function destroy(ExpenseCategory $category)
     {
+        $this->authorize('delete', $category);
+
         if ($category->expenses() && $category->expenses()->count() > 0) {
-            return response()->json([
+            return respondJson('expense_attached', 'Expense Attached');
-                'success' => false
-            ]);
         }
 
         $category->delete();
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Expense/ExpensesController.php

@@ -1,12 +1,13 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Expense;
+namespace Crater\Http\Controllers\V1\Admin\Expense;
 
-use Crater\Models\Expense;
-use Illuminate\Http\Request;
-use Crater\Http\Requests\ExpenseRequest;
 use Crater\Http\Controllers\Controller;
 use Crater\Http\Requests\DeleteExpensesRequest;
+use Crater\Http\Requests\ExpenseRequest;
+use Crater\Http\Resources\ExpenseResource;
+use Crater\Models\Expense;
+use Illuminate\Http\Request;
 
 class ExpensesController extends Controller
 {
@@ -17,29 +18,22 @@ class ExpensesController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', Expense::class);
+
         $limit = $request->has('limit') ? $request->limit : 10;
 
         $expenses = Expense::with('category', 'creator', 'fields')
-            ->leftJoin('users', 'users.id', '=', 'expenses.user_id')
+            ->whereCompany()
+            ->leftJoin('customers', 'customers.id', '=', 'expenses.customer_id')
             ->join('expense_categories', 'expense_categories.id', '=', 'expenses.expense_category_id')
-            ->applyFilters($request->only([
+            ->applyFilters($request->all())
-                'expense_category_id',
+            ->select('expenses.*', 'expense_categories.name', 'customers.name as user_name')
-                'user_id',
-                'expense_id',
-                'search',
-                'from_date',
-                'to_date',
-                'orderByField',
-                'orderBy'
-            ]))
-            ->whereCompany($request->header('company'))
-            ->select('expenses.*', 'expense_categories.name', 'users.name as user_name')
             ->paginateData($limit);
 
-        return response()->json([
+        return (ExpenseResource::collection($expenses))
-            'expenses' => $expenses,
+            ->additional(['meta' => [
-            'expenseTotalCount' => Expense::count()
+                'expense_total_count' => Expense::whereCompany()->count(),
-        ]);
+            ]]);
     }
 
     /**
@@ -50,12 +44,11 @@ class ExpensesController extends Controller
      */
     public function store(ExpenseRequest $request)
     {
+        $this->authorize('create', Expense::class);
+
         $expense = Expense::createExpense($request);
 
-        return response()->json([
+        return new ExpenseResource($expense);
-            'expense' => $expense,
-            'success' => true
-        ]);
     }
 
     /**
@@ -66,11 +59,9 @@ class ExpensesController extends Controller
      */
     public function show(Expense $expense)
     {
-        $expense->load('creator', 'fields.customField');
+        $this->authorize('view', $expense);
 
-        return response()->json([
+        return new ExpenseResource($expense);
-            'expense' => $expense
-        ]);
     }
 
     /**
@@ -82,20 +73,21 @@ class ExpensesController extends Controller
      */
     public function update(ExpenseRequest $request, Expense $expense)
     {
+        $this->authorize('update', $expense);
+
         $expense->updateExpense($request);
 
-        return response()->json([
+        return new ExpenseResource($expense);
-            'expense' => $expense,
-            'success' => true
-        ]);
     }
 
     public function delete(DeleteExpensesRequest $request)
     {
+        $this->authorize('delete multiple expenses');
+
         Expense::destroy($request->ids);
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Expense/ShowReceiptController.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Expense;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\Expense;
+
+class ShowReceiptController extends Controller
+{
+    /**
+     * Retrieve details of an expense receipt from storage.
+     *
+     * @param   \Crater\Models\Expense $expense
+     * @return  \Illuminate\Http\JsonResponse
+     */
+    public function __invoke(Expense $expense)
+    {
+        $this->authorize('view', $expense);
+
+        if ($expense) {
+            $media = $expense->getFirstMedia('receipts');
+
+            if ($media) {
+                return response()->file($media->getPath());
+            }
+
+            return respondJson('receipt_does_not_exist', 'Receipt does not exist.');
+        }
+    }
+}

app/Http/Controllers/V1/Admin/Expense/UploadReceiptController.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Expense;
+namespace Crater\Http\Controllers\V1\Admin\Expense;
 
-use Crater\Models\Expense;
 use Crater\Http\Controllers\Controller;
+use Crater\Models\Expense;
 use Illuminate\Http\Request;
 
 class UploadReceiptController extends Controller
@@ -17,6 +17,8 @@ class UploadReceiptController extends Controller
      */
     public function __invoke(Request $request, Expense $expense)
     {
+        $this->authorize('update', $expense);
+
         $data = json_decode($request->attachment_receipt);
 
         if ($data) {
@@ -26,11 +28,11 @@ class UploadReceiptController extends Controller
 
             $expense->addMediaFromBase64($data->data)
                 ->usingFileName($data->name)
-                ->toMediaCollection('receipts', 'local');
+                ->toMediaCollection('receipts');
         }
 
         return response()->json([
-            'success' => 'Expense receipts uploaded successfully'
+            'success' => 'Expense receipts uploaded successfully',
-        ]);
+        ], 200);
     }
 }

app/Http/Controllers/V1/Admin/General/BootstrapController.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\General;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Resources\CompanyResource;
+use Crater\Http\Resources\UserResource;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
+use Crater\Models\Currency;
+use Crater\Traits\GeneratesMenuTrait;
+use Illuminate\Http\Request;
+use Silber\Bouncer\BouncerFacade;
+
+class BootstrapController extends Controller
+{
+    use GeneratesMenuTrait;
+
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function __invoke(Request $request)
+    {
+        $current_user = $request->user();
+        $current_user_settings = $current_user->getAllSettings();
+
+        $main_menu = $this->generateMenu('main_menu', $current_user);
+
+        $setting_menu = $this->generateMenu('setting_menu', $current_user);
+
+        $companies = $current_user->companies;
+
+        $current_company = Company::find($request->header('company'));
+
+        if ((! $current_company) || ($current_company && ! $current_user->hasCompany($current_company->id))) {
+            $current_company = $current_user->companies()->first();
+        }
+
+        $current_company_settings = CompanySetting::getAllSettings($current_company->id);
+
+        $current_company_currency = $current_company_settings->has('currency')
+            ? Currency::find($current_company_settings->get('currency'))
+            : Currency::first();
+
+        BouncerFacade::refreshFor($current_user);
+
+        return response()->json([
+            'current_user' => new UserResource($current_user),
+            'current_user_settings' => $current_user_settings,
+            'current_user_abilities' => $current_user->getAbilities(),
+            'companies' => CompanyResource::collection($companies),
+            'current_company' => new CompanyResource($current_company),
+            'current_company_settings' => $current_company_settings,
+            'current_company_currency' => $current_company_currency,
+            'config' => config('crater'),
+            'main_menu' => $main_menu,
+            'setting_menu' => $setting_menu,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/General/BulkExchangeRateController.php

@@ -0,0 +1,128 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\General;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\BulkExchangeRateRequest;
+use Crater\Models\CompanySetting;
+use Crater\Models\Estimate;
+use Crater\Models\Invoice;
+use Crater\Models\Payment;
+use Crater\Models\Tax;
+
+class BulkExchangeRateController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(BulkExchangeRateRequest $request)
+    {
+        $bulkExchangeRate = CompanySetting::getSetting('bulk_exchange_rate_configured', $request->header('company'));
+
+        if ($bulkExchangeRate == 'NO') {
+            if ($request->currencies) {
+                foreach ($request->currencies as $currency) {
+                    $currency['exchange_rate'] = $currency['exchange_rate'] ?? 1;
+
+                    $invoices = Invoice::where('currency_id', $currency['id'])->get();
+
+                    if ($invoices) {
+                        foreach ($invoices as $invoice) {
+                            $invoice->update([
+                                'exchange_rate' => $currency['exchange_rate'],
+                                'base_discount_val' => $invoice->sub_total * $currency['exchange_rate'],
+                                'base_sub_total' => $invoice->sub_total * $currency['exchange_rate'],
+                                'base_total' => $invoice->total * $currency['exchange_rate'],
+                                'base_tax' => $invoice->tax * $currency['exchange_rate'],
+                                'base_due_amount' => $invoice->due_amount * $currency['exchange_rate']
+                            ]);
+
+                            $this->items($invoice);
+                        }
+                    }
+
+                    $estimates = Estimate::where('currency_id', $currency['id'])->get();
+
+                    if ($estimates) {
+                        foreach ($estimates as $estimate) {
+                            $estimate->update([
+                                'exchange_rate' => $currency['exchange_rate'],
+                                'base_discount_val' => $estimate->sub_total * $currency['exchange_rate'],
+                                'base_sub_total' => $estimate->sub_total * $currency['exchange_rate'],
+                                'base_total' => $estimate->total * $currency['exchange_rate'],
+                                'base_tax' => $estimate->tax * $currency['exchange_rate']
+                            ]);
+
+                            $this->items($estimate);
+                        }
+                    }
+
+                    $taxes = Tax::where('currency_id', $currency['id'])->get();
+
+                    if ($taxes) {
+                        foreach ($taxes as $tax) {
+                            $tax->base_amount = $tax->base_amount * $currency['exchange_rate'];
+                            $tax->save();
+                        }
+                    }
+
+                    $payments = Payment::where('currency_id', $currency['id'])->get();
+
+                    if ($payments) {
+                        foreach ($payments as $payment) {
+                            $payment->exchange_rate = $currency['exchange_rate'];
+                            $payment->base_amount = $payment->amount * $currency['exchange_rate'];
+                            $payment->save();
+                        }
+                    }
+                }
+            }
+
+            $settings = [
+                'bulk_exchange_rate_configured' => 'YES'
+            ];
+
+            CompanySetting::setSettings($settings, $request->header('company'));
+
+            return response()->json([
+                'success' => true
+            ]);
+        }
+
+        return response()->json([
+            'error' => false
+        ]);
+    }
+
+    public function items($model)
+    {
+        foreach ($model->items as $item) {
+            $item->update([
+                'exchange_rate' => $model->exchange_rate,
+                'base_discount_val' => $item->discount_val * $model->exchange_rate,
+                'base_price' => $item->price * $model->exchange_rate,
+                'base_tax' => $item->tax * $model->exchange_rate,
+                'base_total' => $item->total * $model->exchange_rate
+            ]);
+
+            $this->taxes($item);
+        }
+
+        $this->taxes($model);
+    }
+
+    public function taxes($model)
+    {
+        if ($model->taxes()->exists()) {
+            $model->taxes->map(function ($tax) use ($model) {
+                $tax->update([
+                    'exchange_rate' => $model->exchange_rate,
+                    'base_amount' => $tax->amount * $model->exchange_rate,
+                ]);
+            });
+        }
+    }
+}

app/Http/Controllers/V1/Admin/General/ConfigController.php

@@ -1,12 +1,11 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Estimate;
+namespace Crater\Http\Controllers\V1\Admin\General;
 
-use Crater\Models\EstimateTemplate;
 use Crater\Http\Controllers\Controller;
 use Illuminate\Http\Request;
 
-class EstimateTemplatesController extends Controller
+class ConfigController extends Controller
 {
     /**
      * Handle the incoming request.
@@ -17,7 +16,7 @@ class EstimateTemplatesController extends Controller
     public function __invoke(Request $request)
     {
         return response()->json([
-            'templates' => EstimateTemplate::all()
+            $request->key => config('crater.'.$request->key),
         ]);
     }
 }

app/Http/Controllers/V1/Admin/General/CountriesController.php

@@ -1,9 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\General;
 
-use Crater\Models\Country;
 use Crater\Http\Controllers\Controller;
+use Crater\Http\Resources\CountryResource;
+use Crater\Models\Country;
 use Illuminate\Http\Request;
 
 class CountriesController extends Controller
@@ -16,8 +17,8 @@ class CountriesController extends Controller
      */
     public function __invoke(Request $request)
     {
-        return response()->json([
+        $countries = Country::all();
-            'countries' => Country::all()
+
-        ]);
+        return CountryResource::collection($countries);
     }
 }

app/Http/Controllers/V1/Admin/General/CurrenciesController.php

@@ -1,9 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\General;
 
-use Crater\Models\Currency;
 use Crater\Http\Controllers\Controller;
+use Crater\Http\Resources\CurrencyResource;
+use Crater\Models\Currency;
 use Illuminate\Http\Request;
 
 class CurrenciesController extends Controller
@@ -18,8 +19,6 @@ class CurrenciesController extends Controller
     {
         $currencies = Currency::latest()->get();
 
-        return response()->json([
+        return CurrencyResource::collection($currencies);
-            'currencies' => $currencies
-        ]);
     }
 }

app/Http/Controllers/V1/Admin/General/DateFormatsController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\General;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Space\DateFormatter;
@@ -17,7 +17,7 @@ class DateFormatsController extends Controller
     public function __invoke(Request $request)
     {
         return response()->json([
-            'date_formats' => DateFormatter::get_list()
+            'date_formats' => DateFormatter::get_list(),
         ]);
     }
 }

app/Http/Controllers/V1/Admin/General/GetAllUsedCurrenciesController.php

@@ -0,0 +1,37 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\General;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\Currency;
+use Crater\Models\Estimate;
+use Crater\Models\Invoice;
+use Crater\Models\Payment;
+use Crater\Models\Tax;
+use Illuminate\Http\Request;
+
+class GetAllUsedCurrenciesController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        $invoices = Invoice::where('exchange_rate', null)->pluck('currency_id')->toArray();
+
+        $taxes = Tax::where('exchange_rate', null)->pluck('currency_id')->toArray();
+
+        $estimates = Estimate::where('exchange_rate', null)->pluck('currency_id')->toArray();
+
+        $payments = Payment::where('exchange_rate', null)->pluck('currency_id')->toArray();
+
+        $currencies = array_merge($invoices, $taxes, $estimates, $payments);
+
+        return response()->json([
+            'currencies' => Currency::whereIn('id', $currencies)->get()
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/General/NextNumberController.php

@@ -0,0 +1,66 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\General;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\Estimate;
+use Crater\Models\Invoice;
+use Crater\Models\Payment;
+use Crater\Services\SerialNumberFormatter;
+use Illuminate\Http\Request;
+
+class NextNumberController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request, Invoice $invoice, Estimate $estimate, Payment $payment)
+    {
+        $key = $request->key;
+        $nextNumber = null;
+        $serial = (new SerialNumberFormatter())
+            ->setCompany($request->header('company'))
+            ->setCustomer($request->userId);
+
+        try {
+            switch ($key) {
+                case 'invoice':
+                    $nextNumber = $serial->setModel($invoice)
+                        ->setModelObject($request->model_id)
+                        ->getNextNumber();
+
+                    break;
+
+                case 'estimate':
+                    $nextNumber = $serial->setModel($estimate)
+                        ->setModelObject($request->model_id)
+                        ->getNextNumber();
+
+                    break;
+
+                case 'payment':
+                    $nextNumber = $serial->setModel($payment)
+                        ->setModelObject($request->model_id)
+                        ->getNextNumber();
+
+                    break;
+
+                default:
+                    return;
+            }
+        } catch (\Exception $exception) {
+            return response()->json([
+                'success' => false,
+                'message' => $exception->getMessage()
+            ]);
+        }
+
+        return response()->json([
+            'success' => true,
+            'nextNumber' => $nextNumber,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/General/NotesController.php

@@ -1,9 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\General;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Http\Requests\NotesRequest;
+use Crater\Http\Resources\NoteResource;
 use Crater\Models\Note;
 use Illuminate\Http\Request;
 
@@ -16,15 +17,16 @@ class NotesController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('view notes');
+
         $limit = $request->limit ?? 10;
 
         $notes = Note::latest()
-            ->applyFilters($request->only(['type', 'search']))
+            ->whereCompany()
+            ->applyFilters($request->all())
             ->paginate($limit);
 
-        return response()->json([
+        return NoteResource::collection($notes);
-            'notes' => $notes
-        ]);
     }
 
     /**
@@ -35,11 +37,11 @@ class NotesController extends Controller
      */
     public function store(NotesRequest $request)
     {
-        $note = Note::create($request->validated());
+        $this->authorize('manage notes');
 
-        return response()->json([
+        $note = Note::create($request->getNotesPayload());
-            'note' => $note
+
-        ]);
+        return new NoteResource($note);
     }
 
     /**
@@ -50,9 +52,9 @@ class NotesController extends Controller
      */
     public function show(Note $note)
     {
-        return response()->json([
+        $this->authorize('view notes');
-            'note' => $note
+
-        ]);
+        return new NoteResource($note);
     }
 
     /**
@@ -64,11 +66,11 @@ class NotesController extends Controller
      */
     public function update(NotesRequest $request, Note $note)
     {
-        $note->update($request->validated());
+        $this->authorize('manage notes');
 
-        return response()->json([
+        $note->update($request->getNotesPayload());
-            'note' => $note
+
-        ]);
+        return new NoteResource($note);
     }
 
     /**
@@ -79,10 +81,12 @@ class NotesController extends Controller
      */
     public function destroy(Note $note)
     {
+        $this->authorize('manage notes');
+
         $note->delete();
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/General/NumberPlaceholdersController.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\General;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Services\SerialNumberFormatter;
+use Illuminate\Http\Request;
+
+class NumberPlaceholdersController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        if ($request->format) {
+            $placeholders = SerialNumberFormatter::getPlaceholders($request->format);
+        } else {
+            $placeholders = [];
+        }
+
+        return response()->json([
+            'success' => true,
+            'placeholders' => $placeholders,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/General/SearchController.php

@@ -1,11 +1,11 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\General;
 
 use Crater\Http\Controllers\Controller;
+use Crater\Models\Customer;
 use Crater\Models\User;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Auth;
 
 class SearchController extends Controller
 {
@@ -17,21 +17,21 @@ class SearchController extends Controller
      */
     public function __invoke(Request $request)
     {
-        $customers = User::where('role', 'customer')
+        $user = $request->user();
-            ->applyFilters($request->only(['search']))
+
+        $customers = Customer::applyFilters($request->only(['search']))
             ->latest()
             ->paginate(10);
 
-        if (Auth::user()->role == 'super admin') {
+        if ($user->isOwner()) {
-            $users = User::where('role', 'admin')
+            $users = User::applyFilters($request->only(['search']))
-                ->applyFilters($request->only(['search']))
                 ->latest()
                 ->paginate(10);
         }
 
         return response()->json([
             'customers' => $customers,
-            'users' => $users ?? []
+            'users' => $users ?? [],
         ]);
     }
 }

app/Http/Controllers/V1/Admin/General/SearchUsersController.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\General;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\User;
+use Illuminate\Http\Request;
+
+class SearchUsersController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        $this->authorize('create', User::class);
+
+        $users = User::whereEmail($request->email)
+            ->latest()
+            ->paginate(10);
+
+        return response()->json(['users' => $users]);
+    }
+}

app/Http/Controllers/V1/Admin/General/TimezonesController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\General;
+namespace Crater\Http\Controllers\V1\Admin\General;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Space\TimeZones;
@@ -17,7 +17,7 @@ class TimezonesController extends Controller
     public function __invoke(Request $request)
     {
         return response()->json([
-            'time_zones' => TimeZones::get_list()
+            'time_zones' => TimeZones::get_list(),
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Invoice/ChangeInvoiceStatusController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Invoice;
+namespace Crater\Http\Controllers\V1\Admin\Invoice;
 
-use Illuminate\Http\Request;
 use Crater\Http\Controllers\Controller;
 use Crater\Models\Invoice;
+use Illuminate\Http\Request;
 
 class ChangeInvoiceStatusController extends Controller
 {
@@ -16,6 +16,8 @@ class ChangeInvoiceStatusController extends Controller
     */
     public function __invoke(Request $request, Invoice $invoice)
     {
+        $this->authorize('send invoice', $invoice);
+
         if ($request->status == Invoice::STATUS_SENT) {
             $invoice->status = Invoice::STATUS_SENT;
             $invoice->sent = true;
@@ -28,7 +30,7 @@ class ChangeInvoiceStatusController extends Controller
         }
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Invoice/CloneInvoiceController.php

@@ -0,0 +1,131 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Invoice;
+
+use Carbon\Carbon;
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Resources\InvoiceResource;
+use Crater\Models\CompanySetting;
+use Crater\Models\Invoice;
+use Crater\Services\SerialNumberFormatter;
+use Illuminate\Http\Request;
+use Vinkla\Hashids\Facades\Hashids;
+
+class CloneInvoiceController extends Controller
+{
+    /**
+     * Mail a specific invoice to the corresponding customer's email address.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function __invoke(Request $request, Invoice $invoice)
+    {
+        $this->authorize('create', Invoice::class);
+
+        $date = Carbon::now();
+
+        $serial = (new SerialNumberFormatter())
+            ->setModel($invoice)
+            ->setCompany($invoice->company_id)
+            ->setCustomer($invoice->customer_id)
+            ->setNextNumbers();
+
+        $due_date = null;
+        $dueDateEnabled = CompanySetting::getSetting(
+            'invoice_set_due_date_automatically',
+            $request->header('company')
+        );
+
+        if ($dueDateEnabled === 'YES') {
+            $dueDateDays = CompanySetting::getSetting(
+                'invoice_due_date_days',
+                $request->header('company')
+            );
+            $due_date = Carbon::now()->addDays($dueDateDays)->format('Y-m-d');
+        }
+
+        $exchange_rate = $invoice->exchange_rate;
+
+        $newInvoice = Invoice::create([
+            'invoice_date' => $date->format('Y-m-d'),
+            'due_date' => $due_date,
+            'invoice_number' => $serial->getNextNumber(),
+            'sequence_number' => $serial->nextSequenceNumber,
+            'customer_sequence_number' => $serial->nextCustomerSequenceNumber,
+            'reference_number' => $invoice->reference_number,
+            'customer_id' => $invoice->customer_id,
+            'company_id' => $request->header('company'),
+            'template_name' => $invoice->template_name,
+            'status' => Invoice::STATUS_DRAFT,
+            'paid_status' => Invoice::STATUS_UNPAID,
+            'sub_total' => $invoice->sub_total,
+            'discount' => $invoice->discount,
+            'discount_type' => $invoice->discount_type,
+            'discount_val' => $invoice->discount_val,
+            'total' => $invoice->total,
+            'due_amount' => $invoice->total,
+            'tax_per_item' => $invoice->tax_per_item,
+            'discount_per_item' => $invoice->discount_per_item,
+            'tax' => $invoice->tax,
+            'notes' => $invoice->notes,
+            'exchange_rate' => $exchange_rate,
+            'base_total' => $invoice->total * $exchange_rate,
+            'base_discount_val' => $invoice->discount_val * $exchange_rate,
+            'base_sub_total' => $invoice->sub_total * $exchange_rate,
+            'base_tax' => $invoice->tax * $exchange_rate,
+            'base_due_amount' => $invoice->total * $exchange_rate,
+            'currency_id' => $invoice->currency_id,
+        ]);
+
+        $newInvoice->unique_hash = Hashids::connection(Invoice::class)->encode($newInvoice->id);
+        $newInvoice->save();
+        $invoice->load('items.taxes');
+
+        $invoiceItems = $invoice->items->toArray();
+
+        foreach ($invoiceItems as $invoiceItem) {
+            $invoiceItem['company_id'] = $request->header('company');
+            $invoiceItem['name'] = $invoiceItem['name'];
+            $invoiceItem['exchange_rate'] = $exchange_rate;
+            $invoiceItem['base_price'] = $invoiceItem['price'] * $exchange_rate;
+            $invoiceItem['base_discount_val'] = $invoiceItem['discount_val'] * $exchange_rate;
+            $invoiceItem['base_tax'] = $invoiceItem['tax'] * $exchange_rate;
+            $invoiceItem['base_total'] = $invoiceItem['total'] * $exchange_rate;
+
+            $item = $newInvoice->items()->create($invoiceItem);
+
+            if (array_key_exists('taxes', $invoiceItem) && $invoiceItem['taxes']) {
+                foreach ($invoiceItem['taxes'] as $tax) {
+                    $tax['company_id'] = $request->header('company');
+
+                    if ($tax['amount']) {
+                        $item->taxes()->create($tax);
+                    }
+                }
+            }
+        }
+
+        if ($invoice->taxes) {
+            foreach ($invoice->taxes->toArray() as $tax) {
+                $tax['company_id'] = $request->header('company');
+                $newInvoice->taxes()->create($tax);
+            }
+        }
+
+        if ($invoice->fields()->exists()) {
+            $customFields = [];
+
+            foreach ($invoice->fields as $data) {
+                $customFields[] = [
+                    'id' => $data->custom_field_id,
+                    'value' => $data->defaultAnswer
+                ];
+            }
+
+            $newInvoice->addCustomFields($customFields);
+        }
+
+        return new InvoiceResource($newInvoice);
+    }
+}

app/Http/Controllers/V1/Admin/Invoice/InvoiceTemplatesController.php

@@ -1,9 +1,9 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Invoice;
+namespace Crater\Http\Controllers\V1\Admin\Invoice;
 
 use Crater\Http\Controllers\Controller;
-use Crater\Models\InvoiceTemplate;
+use Crater\Models\Invoice;
 use Illuminate\Http\Request;
 
 class InvoiceTemplatesController extends Controller
@@ -16,10 +16,12 @@ class InvoiceTemplatesController extends Controller
      */
     public function __invoke(Request $request)
     {
-        $invoiceTemplates = InvoiceTemplate::all();
+        $this->authorize('viewAny', Invoice::class);
+
+        $invoiceTemplates = Invoice::invoiceTemplates();
 
         return response()->json([
-            'invoiceTemplates' => $invoiceTemplates
+            'invoiceTemplates' => $invoiceTemplates,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Invoice/InvoicesController.php

@@ -1,13 +1,14 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Invoice;
+namespace Crater\Http\Controllers\V1\Admin\Invoice;
 
-use Illuminate\Http\Request;
-use Crater\Http\Requests;
-use Crater\Models\Invoice;
 use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests;
 use Crater\Http\Requests\DeleteInvoiceRequest;
+use Crater\Http\Resources\InvoiceResource;
 use Crater\Jobs\GenerateInvoicePdfJob;
+use Crater\Models\Invoice;
+use Illuminate\Http\Request;
 
 class InvoicesController extends Controller
 {
@@ -18,31 +19,21 @@ class InvoicesController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', Invoice::class);
+
         $limit = $request->has('limit') ? $request->limit : 10;
 
-        $invoices = Invoice::with(['items', 'user', 'creator', 'invoiceTemplate', 'taxes'])
+        $invoices = Invoice::whereCompany()
-            ->join('users', 'users.id', '=', 'invoices.user_id')
+            ->join('customers', 'customers.id', '=', 'invoices.customer_id')
-            ->applyFilters($request->only([
+            ->applyFilters($request->all())
-                'status',
+            ->select('invoices.*', 'customers.name')
-                'paid_status',
-                'customer_id',
-                'invoice_id',
-                'invoice_number',
-                'from_date',
-                'to_date',
-                'orderByField',
-                'orderBy',
-                'search',
-            ]))
-            ->whereCompany($request->header('company'))
-            ->select('invoices.*', 'users.name')
             ->latest()
             ->paginateData($limit);
 
-        return response()->json([
+        return (InvoiceResource::collection($invoices))
-            'invoices' => $invoices,
+            ->additional(['meta' => [
-            'invoiceTotalCount' => Invoice::count()
+                'invoice_total_count' => Invoice::whereCompany()->count(),
-        ]);
+            ]]);
     }
 
     /**
@@ -53,6 +44,8 @@ class InvoicesController extends Controller
      */
     public function store(Requests\InvoicesRequest $request)
     {
+        $this->authorize('create', Invoice::class);
+
         $invoice = Invoice::createInvoice($request);
 
         if ($request->has('invoiceSend')) {
@@ -61,9 +54,7 @@ class InvoicesController extends Controller
 
         GenerateInvoicePdfJob::dispatch($invoice);
 
-        return response()->json([
+        return new InvoiceResource($invoice);
-            'invoice' => $invoice
-        ]);
     }
 
     /**
@@ -72,24 +63,11 @@ class InvoicesController extends Controller
      * @param  \Crater\Models\Invoice $invoice
      * @return \Illuminate\Http\JsonResponse
      */
-    public function show(Invoice $invoice)
+    public function show(Request $request, Invoice $invoice)
     {
-        $invoice->load([
+        $this->authorize('view', $invoice);
-            'items',
-            'items.taxes',
-            'user',
-            'invoiceTemplate',
-            'taxes.taxType',
-            'fields.customField'
-        ]);
 
-        $siteData = [
+        return new InvoiceResource($invoice);
-            'invoice' => $invoice,
-            'nextInvoiceNumber' => $invoice->getInvoiceNumAttribute(),
-            'invoicePrefix' => $invoice->getInvoicePrefixAttribute(),
-        ];
-
-        return response()->json($siteData);
     }
 
     /**
@@ -101,14 +79,17 @@ class InvoicesController extends Controller
      */
     public function update(Requests\InvoicesRequest $request, Invoice $invoice)
     {
+        $this->authorize('update', $invoice);
+
         $invoice = $invoice->updateInvoice($request);
 
+        if (is_string($invoice)) {
+            return respondJson($invoice, $invoice);
+        }
+
         GenerateInvoicePdfJob::dispatch($invoice, true);
 
-        return response()->json([
+        return new InvoiceResource($invoice);
-            'invoice' => $invoice,
-            'success' => true
-        ]);
     }
 
     /**
@@ -119,10 +100,12 @@ class InvoicesController extends Controller
      */
     public function delete(DeleteInvoiceRequest $request)
     {
+        $this->authorize('delete multiple invoices');
+
         Invoice::destroy($request->ids);
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Invoice/SendInvoiceController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Invoice;
+namespace Crater\Http\Controllers\V1\Admin\Invoice;
 
 use Crater\Http\Controllers\Controller;
-use Crater\Models\Invoice;
 use Crater\Http\Requests\SendInvoiceRequest;
+use Crater\Models\Invoice;
 
 class SendInvoiceController extends Controller
 {
@@ -16,10 +16,12 @@ class SendInvoiceController extends Controller
      */
     public function __invoke(SendInvoiceRequest $request, Invoice $invoice)
     {
+        $this->authorize('send invoice', $invoice);
+
         $invoice->send($request->all());
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Invoice/SendInvoicePreviewController.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Invoice;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\SendInvoiceRequest;
+use Crater\Models\Invoice;
+use Illuminate\Mail\Markdown;
+
+class SendInvoicePreviewController extends Controller
+{
+    /**
+     * Mail a specific invoice to the corresponding customer's email address.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function __invoke(SendInvoiceRequest $request, Invoice $invoice)
+    {
+        $this->authorize('send invoice', $invoice);
+
+        $markdown = new Markdown(view(), config('mail.markdown'));
+
+        return $markdown->render('emails.send.invoice', ['data' => $invoice->sendInvoiceData($request->all())]);
+    }
+}

app/Http/Controllers/V1/Admin/Item/ItemsController.php

@@ -1,13 +1,14 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Item;
+namespace Crater\Http\Controllers\V1\Admin\Item;
 
 use Crater\Http\Controllers\Controller;
-use Illuminate\Http\Request;
 use Crater\Http\Requests;
 use Crater\Http\Requests\DeleteItemsRequest;
+use Crater\Http\Resources\ItemResource;
 use Crater\Models\Item;
 use Crater\Models\TaxType;
+use Illuminate\Http\Request;
 
 class ItemsController extends Controller
 {
@@ -19,28 +20,22 @@ class ItemsController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', Item::class);
+
         $limit = $request->has('limit') ? $request->limit : 10;
 
-        $items = Item::with(['taxes', 'creator'])
+        $items = Item::whereCompany()
             ->leftJoin('units', 'units.id', '=', 'items.unit_id')
-            ->applyFilters($request->only([
+            ->applyFilters($request->all())
-                'search',
-                'price',
-                'unit_id',
-                'item_id',
-                'orderByField',
-                'orderBy'
-            ]))
-            ->whereCompany($request->header('company'))
             ->select('items.*', 'units.name as unit_name')
             ->latest()
             ->paginateData($limit);
 
-        return response()->json([
+        return (ItemResource::collection($items))
-            'items' => $items,
+            ->additional(['meta' => [
-            'taxTypes' => TaxType::latest()->get(),
+                'tax_types' => TaxType::whereCompany()->latest()->get(),
-            'itemTotalCount' => Item::count()
+                'item_total_count' => Item::whereCompany()->count(),
-        ]);
+            ]]);
     }
 
     /**
@@ -51,11 +46,11 @@ class ItemsController extends Controller
      */
     public function store(Requests\ItemsRequest $request)
     {
+        $this->authorize('create', Item::class);
+
         $item = Item::createItem($request);
 
-        return response()->json([
+        return new ItemResource($item);
-            'item' => $item
-        ]);
     }
 
     /**
@@ -66,11 +61,9 @@ class ItemsController extends Controller
      */
     public function show(Item $item)
     {
-        $item->load('taxes');
+        $this->authorize('view', $item);
 
-        return response()->json([
+        return new ItemResource($item);
-            'item' => $item
-        ]);
     }
 
     /**
@@ -82,11 +75,11 @@ class ItemsController extends Controller
      */
     public function update(Requests\ItemsRequest $request, Item $item)
     {
+        $this->authorize('update', $item);
+
         $item = $item->updateItem($request);
 
-        return response()->json([
+        return new ItemResource($item);
-            'item' => $item
-        ]);
     }
 
     /**
@@ -97,10 +90,12 @@ class ItemsController extends Controller
      */
     public function delete(DeleteItemsRequest $request)
     {
+        $this->authorize('delete multiple items');
+
         Item::destroy($request->ids);
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Item/UnitsController.php

@@ -1,11 +1,12 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Item;
+namespace Crater\Http\Controllers\V1\Admin\Item;
 
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\UnitRequest;
+use Crater\Http\Resources\UnitResource;
 use Crater\Models\Unit;
 use Illuminate\Http\Request;
-use Crater\Http\Requests\UnitRequest;
-use Crater\Http\Controllers\Controller;
 
 class UnitsController extends Controller
 {
@@ -16,28 +17,16 @@ class UnitsController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', Unit::class);
+
         $limit = $request->has('limit') ? $request->limit : 5;
 
-        $units = Unit::whereCompany($request->header('company'))
+        $units = Unit::applyFilters($request->all())
-            ->applyFilters($request->only([
+            ->whereCompany()
-                'unit_id'
-            ]))
             ->latest()
             ->paginateData($limit);
 
-        return response()->json([
+        return UnitResource::collection($units);
-            'units' => $units
-        ]);
-    }
-
-    /**
-     * Show the form for creating a new resource.
-     *
-     * @return \Illuminate\Http\Response
-     */
-    public function create()
-    {
-        //
     }
 
     /**
@@ -48,13 +37,11 @@ class UnitsController extends Controller
      */
     public function store(UnitRequest $request)
     {
-        $data = $request->validated();
+        $this->authorize('create', Unit::class);
-        $data['company_id'] = $request->header('company');
-        $unit = Unit::create($data);
 
-        return response()->json([
+        $unit = Unit::create($request->getUnitPayload());
-            'unit' => $unit
+
-        ]);
+        return new UnitResource($unit);
     }
 
     /**
@@ -65,9 +52,9 @@ class UnitsController extends Controller
      */
     public function show(Unit $unit)
     {
-        return response()->json([
+        $this->authorize('view', $unit);
-            'unit' => $unit
+
-        ]);
+        return new UnitResource($unit);
     }
 
     /**
@@ -79,11 +66,11 @@ class UnitsController extends Controller
      */
     public function update(UnitRequest $request, Unit $unit)
     {
-        $unit->update($request->validated());
+        $this->authorize('update', $unit);
 
-        return response()->json([
+        $unit->update($request->getUnitPayload());
-            'unit' => $unit
+
-        ]);
+        return new UnitResource($unit);
     }
 
     /**
@@ -94,16 +81,16 @@ class UnitsController extends Controller
      */
     public function destroy(Unit $unit)
     {
+        $this->authorize('delete', $unit);
+
         if ($unit->items()->exists()) {
-            return response()->json([
+            return respondJson('items_attached', 'Items Attached');
-                'error' => 'items_attached'
-            ]);
         }
 
         $unit->delete();
 
         return response()->json([
-            'success' => 'Unit deleted successfully'
+            'success' => 'Unit deleted successfully',
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Mobile/AuthController.php

@@ -1,23 +1,19 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Mobile;
+namespace Crater\Http\Controllers\V1\Admin\Mobile;
 
 use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\LoginRequest;
 use Crater\Models\User;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Validation\ValidationException;
 
 class AuthController extends Controller
 {
-    public function login(Request $request)
+    public function login(LoginRequest $request)
     {
-        $request->validate([
-            'username' => 'required|email',
-            'password' => 'required',
-            'device_name' => 'required',
-        ]);
-
         $user = User::where('email', $request->username)->first();
 
         if (! $user || ! Hash::check($request->password, $user->password)) {
@@ -28,7 +24,7 @@ class AuthController extends Controller
 
         return response()->json([
             'type' => 'Bearer',
-            'token' => $user->createToken($request->device_name)->plainTextToken
+            'token' => $user->createToken($request->device_name)->plainTextToken,
         ]);
     }
 
@@ -37,7 +33,12 @@ class AuthController extends Controller
         $request->user()->currentAccessToken()->delete();
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
+
+    public function check()
+    {
+        return Auth::check();
+    }
 }

app/Http/Controllers/V1/Admin/Payment/PaymentMethodsController.php

@@ -1,11 +1,12 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Payment;
+namespace Crater\Http\Controllers\V1\Admin\Payment;
 
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\PaymentMethodRequest;
+use Crater\Http\Resources\PaymentMethodResource;
 use Crater\Models\PaymentMethod;
 use Illuminate\Http\Request;
-use Crater\Http\Requests\PaymentMethodRequest;
-use Crater\Http\Controllers\Controller;
 
 class PaymentMethodsController extends Controller
 {
@@ -16,19 +17,16 @@ class PaymentMethodsController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', PaymentMethod::class);
+
         $limit = $request->has('limit') ? $request->limit : 5;
 
-        $paymentMethods = PaymentMethod::whereCompany($request->header('company'))
+        $paymentMethods = PaymentMethod::applyFilters($request->all())
-            ->applyFilters($request->only([
+            ->whereCompany()
-                'method_id',
-                'search'
-            ]))
             ->latest()
             ->paginateData($limit);
 
-        return response()->json([
+        return PaymentMethodResource::collection($paymentMethods);
-            'paymentMethods' => $paymentMethods
-        ]);
     }
 
     /**
@@ -39,11 +37,11 @@ class PaymentMethodsController extends Controller
      */
     public function store(PaymentMethodRequest $request)
     {
+        $this->authorize('create', PaymentMethod::class);
+
         $paymentMethod = PaymentMethod::createPaymentMethod($request);
 
-        return response()->json([
+        return new PaymentMethodResource($paymentMethod);
-            'paymentMethod' => $paymentMethod
-        ]);
     }
 
     /**
@@ -54,9 +52,9 @@ class PaymentMethodsController extends Controller
      */
     public function show(PaymentMethod $paymentMethod)
     {
-        return response()->json([
+        $this->authorize('view', $paymentMethod);
-            'paymentMethod' => $paymentMethod
+
-        ]);
+        return new PaymentMethodResource($paymentMethod);
     }
 
     /**
@@ -68,11 +66,11 @@ class PaymentMethodsController extends Controller
      */
     public function update(PaymentMethodRequest $request, PaymentMethod $paymentMethod)
     {
+        $this->authorize('update', $paymentMethod);
+
         $paymentMethod->update($request->validated());
 
-        return response()->json([
+        return new PaymentMethodResource($paymentMethod);
-            'paymentMethod' => $paymentMethod
-        ]);
     }
 
     /**
@@ -83,18 +81,18 @@ class PaymentMethodsController extends Controller
      */
     public function destroy(PaymentMethod $paymentMethod)
     {
+        $this->authorize('delete', $paymentMethod);
+
         $payments = $paymentMethod->payments;
 
         if ($payments->count() > 0) {
-            return response()->json([
+            return respondJson('payments_attached', 'Payments Attached.');
-                'error' => 'payments_attached'
-            ]);
         }
 
         $paymentMethod->delete();
 
         return response()->json([
-            'success' => 'Payment method deleted successfully'
+            'success' => 'Payment method deleted successfully',
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Payment/PaymentsController.php

@@ -0,0 +1,81 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Payment;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\DeletePaymentsRequest;
+use Crater\Http\Requests\PaymentRequest;
+use Crater\Http\Resources\PaymentResource;
+use Crater\Models\Payment;
+use Illuminate\Http\Request;
+
+class PaymentsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('viewAny', Payment::class);
+
+        $limit = $request->has('limit') ? $request->limit : 10;
+
+        $payments = Payment::whereCompany()
+            ->join('customers', 'customers.id', '=', 'payments.customer_id')
+            ->leftJoin('invoices', 'invoices.id', '=', 'payments.invoice_id')
+            ->leftJoin('payment_methods', 'payment_methods.id', '=', 'payments.payment_method_id')
+            ->applyFilters($request->all())
+            ->select('payments.*', 'customers.name', 'invoices.invoice_number', 'payment_methods.name as payment_mode')
+            ->latest()
+            ->paginateData($limit);
+
+        return (PaymentResource::collection($payments))
+            ->additional(['meta' => [
+                'payment_total_count' => Payment::whereCompany()->count(),
+            ]]);
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(PaymentRequest $request)
+    {
+        $this->authorize('create', Payment::class);
+
+        $payment = Payment::createPayment($request);
+
+        return new PaymentResource($payment);
+    }
+
+    public function show(Request $request, Payment $payment)
+    {
+        $this->authorize('view', $payment);
+
+        return new PaymentResource($payment);
+    }
+
+    public function update(PaymentRequest $request, Payment $payment)
+    {
+        $this->authorize('update', $payment);
+
+        $payment = $payment->updatePayment($request);
+
+        return new PaymentResource($payment);
+    }
+
+    public function delete(DeletePaymentsRequest $request)
+    {
+        $this->authorize('delete multiple payments');
+
+        Payment::deletePayments($request->ids);
+
+        return response()->json([
+            'success' => true,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/Payment/SendPaymentController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Payment;
+namespace Crater\Http\Controllers\V1\Admin\Payment;
 
 use Crater\Http\Controllers\Controller;
-use Crater\Models\Payment;
 use Crater\Http\Requests\SendPaymentRequest;
+use Crater\Models\Payment;
 
 class SendPaymentController extends Controller
 {
@@ -16,6 +16,8 @@ class SendPaymentController extends Controller
      */
     public function __invoke(SendPaymentRequest $request, Payment $payment)
     {
+        $this->authorize('send payment', $payment);
+
         $response = $payment->send($request->all());
 
         return response()->json($response);

app/Http/Controllers/V1/Admin/Payment/SendPaymentPreviewController.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Payment;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\Payment;
+use Illuminate\Http\Request;
+use Illuminate\Mail\Markdown;
+
+class SendPaymentPreviewController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request, Payment $payment)
+    {
+        $this->authorize('send payment', $payment);
+
+        $markdown = new Markdown(view(), config('mail.markdown'));
+
+        return $markdown->render('emails.send.payment', ['data' => $payment->sendPaymentData($request->all())]);
+    }
+}

app/Http/Controllers/V1/Admin/RecurringInvoice/RecurringInvoiceController.php

@@ -0,0 +1,94 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\RecurringInvoice;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\RecurringInvoiceRequest;
+use Crater\Http\Resources\RecurringInvoiceResource;
+use Crater\Models\RecurringInvoice;
+use Illuminate\Http\Request;
+
+class RecurringInvoiceController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('viewAny', RecurringInvoice::class);
+
+        $limit = $request->has('limit') ? $request->limit : 10;
+
+        $recurringInvoices = RecurringInvoice::whereCompany()
+            ->applyFilters($request->all())
+            ->paginateData($limit);
+
+        return (RecurringInvoiceResource::collection($recurringInvoices))
+            ->additional(['meta' => [
+                'recurring_invoice_total_count' => RecurringInvoice::whereCompany()->count(),
+            ]]);
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(RecurringInvoiceRequest $request)
+    {
+        $this->authorize('create', RecurringInvoice::class);
+
+        $recurringInvoice = RecurringInvoice::createFromRequest($request);
+
+        return new RecurringInvoiceResource($recurringInvoice);
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  \Crater\Models\RecurringInvoice  $recurringInvoice
+     * @return \Illuminate\Http\Response
+     */
+    public function show(RecurringInvoice $recurringInvoice)
+    {
+        $this->authorize('view', $recurringInvoice);
+
+        return new RecurringInvoiceResource($recurringInvoice);
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Crater\Models\RecurringInvoice  $recurringInvoice
+     * @return \Illuminate\Http\Response
+     */
+    public function update(RecurringInvoiceRequest $request, RecurringInvoice $recurringInvoice)
+    {
+        $this->authorize('update', $recurringInvoice);
+
+        $recurringInvoice->updateFromRequest($request);
+
+        return new RecurringInvoiceResource($recurringInvoice);
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  \Crater\Models\RecurringInvoice  $recurringInvoice
+     * @return \Illuminate\Http\Response
+     */
+    public function delete(Request $request)
+    {
+        $this->authorize('delete multiple recurring invoices');
+
+        RecurringInvoice::deleteRecurringInvoice($request->ids);
+
+        return response()->json([
+            'success' => true,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/RecurringInvoice/RecurringInvoiceFrequencyController.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\RecurringInvoice;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Models\RecurringInvoice;
+use Illuminate\Http\Request;
+
+class RecurringInvoiceFrequencyController extends Controller
+{
+    public function __invoke(Request $request)
+    {
+        $nextInvoiceAt = RecurringInvoice::getNextInvoiceDate($request->frequency, $request->starts_at);
+
+        return response()->json([
+            'success' => true,
+            'next_invoice_at' => $nextInvoiceAt,
+        ]);
+    }
+}

app/Http/Controllers/V1/Admin/Report/CustomerSalesReportController.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Report;
+namespace Crater\Http\Controllers\V1\Admin\Report;
 
-use Illuminate\Support\Facades\App;
-use Illuminate\Http\Request;
-use Crater\Models\Company;
-use PDF;
 use Carbon\Carbon;
-use Crater\Models\User;
-use Crater\Models\CompanySetting;
 use Crater\Http\Controllers\Controller;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
+use Crater\Models\Customer;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\App;
+use PDF;
 
 class CustomerSalesReportController extends Controller
 {
@@ -24,6 +24,8 @@ class CustomerSalesReportController extends Controller
     {
         $company = Company::where('unique_hash', $hash)->first();
 
+        $this->authorize('view report', $company);
+
         $locale = CompanySetting::getSetting('language',  $company->id);
 
         App::setLocale($locale);
@@ -31,14 +33,13 @@ class CustomerSalesReportController extends Controller
         $start = Carbon::createFromFormat('Y-m-d', $request->from_date);
         $end = Carbon::createFromFormat('Y-m-d', $request->to_date);
 
-        $customers = User::with(['invoices' => function ($query) use ($start, $end) {
+        $customers = Customer::with(['invoices' => function ($query) use ($start, $end) {
             $query->whereBetween(
                 'invoice_date',
                 [$start->format('Y-m-d'), $end->format('Y-m-d')]
             );
         }])
-            ->customer()
+            ->where('company_id', $company->id)
-            ->whereCompany($company->id)
             ->applyInvoiceFilters($request->only(['from_date', 'to_date']))
             ->get();
 
@@ -65,7 +66,7 @@ class CustomerSalesReportController extends Controller
             'footer_text_color',
             'footer_total_color',
             'footer_bg_color',
-            'date_text_color'
+            'date_text_color',
         ];
 
         $colorSettings = CompanySetting::whereIn('option', $colors)
@@ -78,11 +79,15 @@ class CustomerSalesReportController extends Controller
             'colorSettings' => $colorSettings,
             'company' => $company,
             'from_date' => $from_date,
-            'to_date' => $to_date
+            'to_date' => $to_date,
         ]);
 
         $pdf = PDF::loadView('app.pdf.reports.sales-customers');
 
+        if ($request->has('preview')) {
+            return view('app.pdf.reports.sales-customers');
+        }
+
         if ($request->has('download')) {
             return $pdf->download();
         }

app/Http/Controllers/V1/Admin/Report/ExpensesReportController.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Report;
+namespace Crater\Http\Controllers\V1\Admin\Report;
 
-use Illuminate\Http\Request;
-use Crater\Models\Company;
-use PDF;
 use Carbon\Carbon;
-use Crater\Models\Expense;
-use Crater\Models\CompanySetting;
 use Crater\Http\Controllers\Controller;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
+use Crater\Models\Expense;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\App;
+use PDF;
 
 class ExpensesReportController extends Controller
 {
@@ -24,16 +24,17 @@ class ExpensesReportController extends Controller
     {
         $company = Company::where('unique_hash', $hash)->first();
 
+        $this->authorize('view report', $company);
+
         $locale = CompanySetting::getSetting('language',  $company->id);
 
         App::setLocale($locale);
 
         $expenseCategories = Expense::with('category')
-        ->whereCompany($company->id)
+            ->whereCompanyId($company->id)
             ->applyFilters($request->only(['from_date', 'to_date']))
             ->expensesAttributes()
             ->get();
-
         $totalAmount = 0;
         foreach ($expenseCategories as $category) {
             $totalAmount += $category->total_amount;
@@ -52,7 +53,7 @@ class ExpensesReportController extends Controller
             'footer_text_color',
             'footer_total_color',
             'footer_bg_color',
-            'date_text_color'
+            'date_text_color',
         ];
         $colorSettings = CompanySetting::whereIn('option', $colors)
             ->whereCompany($company->id)
@@ -64,10 +65,14 @@ class ExpensesReportController extends Controller
             'totalExpense' => $totalAmount,
             'company' => $company,
             'from_date' => $from_date,
-            'to_date' => $to_date
+            'to_date' => $to_date,
         ]);
         $pdf = PDF::loadView('app.pdf.reports.expenses');
 
+        if ($request->has('preview')) {
+            return view('app.pdf.reports.expenses');
+        }
+
         if ($request->has('download')) {
             return $pdf->download();
         }

app/Http/Controllers/V1/Admin/Report/ItemSalesReportController.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Report;
+namespace Crater\Http\Controllers\V1\Admin\Report;
 
-use Illuminate\Http\Request;
-use Crater\Models\Company;
-use PDF;
 use Carbon\Carbon;
-use Crater\Models\InvoiceItem;
-use Crater\Models\CompanySetting;
 use Crater\Http\Controllers\Controller;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
+use Crater\Models\InvoiceItem;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\App;
+use PDF;
 
 class ItemSalesReportController extends Controller
 {
@@ -24,6 +24,8 @@ class ItemSalesReportController extends Controller
     {
         $company = Company::where('unique_hash', $hash)->first();
 
+        $this->authorize('view report', $company);
+
         $locale = CompanySetting::getSetting('language',  $company->id);
 
         App::setLocale($locale);
@@ -51,7 +53,7 @@ class ItemSalesReportController extends Controller
             'footer_text_color',
             'footer_total_color',
             'footer_bg_color',
-            'date_text_color'
+            'date_text_color',
         ];
         $colorSettings = CompanySetting::whereIn('option', $colors)
             ->whereCompany($company->id)
@@ -63,10 +65,14 @@ class ItemSalesReportController extends Controller
             'totalAmount' => $totalAmount,
             'company' => $company,
             'from_date' => $from_date,
-            'to_date' => $to_date
+            'to_date' => $to_date,
         ]);
         $pdf = PDF::loadView('app.pdf.reports.sales-items');
 
+        if ($request->has('preview')) {
+            return view('app.pdf.reports.sales-items');
+        }
+
         if ($request->has('download')) {
             return $pdf->download();
         }

app/Http/Controllers/V1/Admin/Report/ProfitLossReportController.php

@@ -1,16 +1,16 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Report;
+namespace Crater\Http\Controllers\V1\Admin\Report;
 
-use Illuminate\Http\Request;
-use Crater\Models\Company;
-use PDF;
 use Carbon\Carbon;
-use Crater\Models\Invoice;
-use Crater\Models\Expense;
-use Crater\Models\CompanySetting;
 use Crater\Http\Controllers\Controller;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
+use Crater\Models\Expense;
+use Crater\Models\Invoice;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\App;
+use PDF;
 
 class ProfitLossReportController extends Controller
 {
@@ -25,17 +25,19 @@ class ProfitLossReportController extends Controller
     {
         $company = Company::where('unique_hash', $hash)->first();
 
+        $this->authorize('view report', $company);
+
         $locale = CompanySetting::getSetting('language',  $company->id);
 
         App::setLocale($locale);
 
-        $invoicesAmount = Invoice::whereCompany($company->id)
+        $invoicesAmount = Invoice::whereCompanyId($company->id)
             ->applyFilters($request->only(['from_date', 'to_date']))
             ->wherePaidStatus(Invoice::STATUS_PAID)
             ->sum('total');
 
         $expenseCategories = Expense::with('category')
-        ->whereCompany($company->id)
+            ->whereCompanyId($company->id)
             ->applyFilters($request->only(['from_date', 'to_date']))
             ->expensesAttributes()
             ->get();
@@ -58,7 +60,7 @@ class ProfitLossReportController extends Controller
             'footer_text_color',
             'footer_total_color',
             'footer_bg_color',
-            'date_text_color'
+            'date_text_color',
         ];
         $colorSettings = CompanySetting::whereIn('option', $colors)
             ->whereCompany($company->id)
@@ -72,10 +74,14 @@ class ProfitLossReportController extends Controller
             'colorSettings' => $colorSettings,
             'company' => $company,
             'from_date' => $from_date,
-            'to_date' => $to_date
+            'to_date' => $to_date,
         ]);
         $pdf = PDF::loadView('app.pdf.reports.profit-loss');
 
+        if ($request->has('preview')) {
+            return view('app.pdf.reports.profit-loss');
+        }
+
         if ($request->has('download')) {
             return $pdf->download();
         }

app/Http/Controllers/V1/Admin/Report/TaxSummaryReportController.php

@@ -1,15 +1,15 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Report;
+namespace Crater\Http\Controllers\V1\Admin\Report;
 
-use Illuminate\Http\Request;
-use Crater\Models\Company;
-use PDF;
 use Carbon\Carbon;
-use Crater\Models\Tax;
-use Crater\Models\CompanySetting;
 use Crater\Http\Controllers\Controller;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
+use Crater\Models\Tax;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\App;
+use PDF;
 
 class TaxSummaryReportController extends Controller
 {
@@ -24,6 +24,8 @@ class TaxSummaryReportController extends Controller
     {
         $company = Company::where('unique_hash', $hash)->first();
 
+        $this->authorize('view report', $company);
+
         $locale = CompanySetting::getSetting('language',  $company->id);
 
         App::setLocale($locale);
@@ -52,7 +54,7 @@ class TaxSummaryReportController extends Controller
             'footer_text_color',
             'footer_total_color',
             'footer_bg_color',
-            'date_text_color'
+            'date_text_color',
         ];
 
         $colorSettings = CompanySetting::whereIn('option', $colors)
@@ -65,11 +67,15 @@ class TaxSummaryReportController extends Controller
             'colorSettings' => $colorSettings,
             'company' => $company,
             'from_date' => $from_date,
-            'to_date' => $to_date
+            'to_date' => $to_date,
         ]);
 
         $pdf = PDF::loadView('app.pdf.reports.tax-summary');
 
+        if ($request->has('preview')) {
+            return view('app.pdf.reports.tax-summary');
+        }
+
         if ($request->has('download')) {
             return $pdf->download();
         }

app/Http/Controllers/V1/Admin/Role/AbilitiesController.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Role;
+
+use Crater\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+
+class AbilitiesController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        return response()->json(['abilities' => config('abilities.abilities')]);
+    }
+}

app/Http/Controllers/V1/Admin/Role/RolesController.php

@@ -0,0 +1,119 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Role;
+
+use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\RoleRequest;
+use Crater\Http\Resources\RoleResource;
+use Crater\Models\User;
+use Illuminate\Http\Request;
+use Silber\Bouncer\BouncerFacade;
+use Silber\Bouncer\Database\Role;
+
+class RolesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('viewAny', Role::class);
+
+        $roles = Role::when($request->has('orderByField'), function ($query) use ($request) {
+            return $query->orderBy($request['orderByField'], $request['orderBy']);
+        })
+            ->when($request->company_id, function ($query) use ($request) {
+                return $query->where('scope', $request->company_id);
+            })
+            ->get();
+
+        return RoleResource::collection($roles);
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(RoleRequest $request)
+    {
+        $this->authorize('create', Role::class);
+
+        $role = Role::create($request->getRolePayload());
+
+        $this->syncAbilities($request, $role);
+
+        return new RoleResource($role);
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  \Spatie\Permission\Models\Role $role
+     * @return \Illuminate\Http\Response
+     */
+    public function show(Role $role)
+    {
+        $this->authorize('view', $role);
+
+        return new RoleResource($role);
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Spatie\Permission\Models\Role $role
+     * @return \Illuminate\Http\Response
+     */
+    public function update(RoleRequest $request, Role $role)
+    {
+        $this->authorize('update', $role);
+
+        $role->update($request->getRolePayload());
+
+        $this->syncAbilities($request, $role);
+
+        return new RoleResource($role);
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  \Spatie\Permission\Models\Role $role
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy(Role $role)
+    {
+        $this->authorize('delete', $role);
+
+        $users = User::whereIs($role->name)->get()->toArray();
+
+        if (! empty($users)) {
+            return respondJson('role_attached_to_users', 'Roles Attached to user');
+        }
+
+        $role->delete();
+
+        return response()->json([
+            'success' => true
+        ]);
+    }
+
+    private function syncAbilities(RoleRequest $request, $role)
+    {
+        foreach (config('abilities.abilities') as $ability) {
+            $check = array_search($ability['ability'], array_column($request->abilities, 'ability'));
+            if ($check !== false) {
+                BouncerFacade::allow($role)->to($ability['ability'], $ability['model']);
+            } else {
+                BouncerFacade::disallow($role)->to($ability['ability'], $ability['model']);
+            }
+        }
+
+        return true;
+    }
+}

app/Http/Controllers/V1/Admin/Settings/CompanyController.php

@@ -1,13 +1,14 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
-use Illuminate\Http\Request;
-use Crater\Models\Company;
-use Crater\Http\Requests\ProfileRequest;
-use Crater\Http\Requests\CompanyRequest;
 use Crater\Http\Controllers\Controller;
-use Illuminate\Support\Facades\Auth;
+use Crater\Http\Requests\CompanyRequest;
+use Crater\Http\Requests\ProfileRequest;
+use Crater\Http\Resources\CompanyResource;
+use Crater\Http\Resources\UserResource;
+use Crater\Models\Company;
+use Illuminate\Http\Request;
 
 class CompanyController extends Controller
 {
@@ -15,21 +16,9 @@ class CompanyController extends Controller
      * Retrive the Admin account.
      * @return \Illuminate\Http\JsonResponse
      */
-    public function getUser()
+    public function getUser(Request $request)
     {
-        $user = Auth::user();
+        return new UserResource($request->user());
-
-        $user->load([
-            'addresses',
-            'addresses.country',
-            'company',
-            'company.address',
-            'company.address.country'
-        ]);
-
-        return response()->json([
-            'user' => $user
-        ]);
     }
 
     /**
@@ -41,14 +30,11 @@ class CompanyController extends Controller
      */
     public function updateProfile(ProfileRequest $request)
     {
-        $user = Auth::user();
+        $user = $request->user();
 
         $user->update($request->validated());
 
-        return response()->json([
+        return new UserResource($user);
-            'user' => $user,
-            'success' => true
-        ]);
     }
 
     /**
@@ -58,16 +44,15 @@ class CompanyController extends Controller
      */
     public function updateCompany(CompanyRequest $request)
     {
-        $company = Auth::user()->company;
+        $company = Company::find($request->header('company'));
+
+        $this->authorize('manage company', $company);
 
         $company->update($request->only('name'));
 
-        $company->address()->updateOrCreate(['company_id' => $company->id], $request->except(['name']));
+        $company->address()->updateOrCreate(['company_id' => $company->id], $request->address);
 
-        return response()->json([
+        return new CompanyResource($company);
-            'company' => $company,
-            'success' => true
-        ]);
     }
 
     /**
@@ -78,6 +63,10 @@ class CompanyController extends Controller
      */
     public function uploadCompanyLogo(Request $request)
     {
+        $company = Company::find($request->header('company'));
+
+        $this->authorize('manage company', $company);
+
         $data = json_decode($request->company_logo);
 
         if ($data) {
@@ -93,7 +82,7 @@ class CompanyController extends Controller
         }
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 
@@ -105,23 +94,24 @@ class CompanyController extends Controller
      */
     public function uploadAvatar(Request $request)
     {
-        $data = json_decode($request->admin_avatar);
-
-        if ($data) {
         $user = auth()->user();
 
-            if ($user) {
+        if ($user && $request->hasFile('admin_avatar')) {
+            $user->clearMediaCollection('admin_avatar');
+
+            $user->addMediaFromRequest('admin_avatar')
+                ->toMediaCollection('admin_avatar');
+        }
+
+        if ($user && $request->has('avatar')) {
+            $data = json_decode($request->avatar);
             $user->clearMediaCollection('admin_avatar');
 
             $user->addMediaFromBase64($data->data)
                 ->usingFileName($data->name)
                 ->toMediaCollection('admin_avatar');
         }
-        }
 
-        return response()->json([
+        return new UserResource($user);
-            'user' => $user,
-            'success' => true
-        ]);
     }
 }

app/Http/Controllers/V1/Admin/Settings/DiskController.php

@@ -1,12 +1,13 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
 use Crater\Http\Controllers\Controller;
-use Illuminate\Http\Request;
-use Crater\Models\FileDisk;
 use Crater\Http\Requests\DiskEnvironmentRequest;
+use Crater\Http\Resources\FileDiskResource;
+use Crater\Models\FileDisk;
 use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
 
 class DiskController extends Controller
 {
@@ -16,14 +17,14 @@ class DiskController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('manage file disk');
+
         $limit = $request->has('limit') ? $request->limit : 5;
         $disks = FileDisk::applyFilters($request->all())
             ->latest()
             ->paginateData($limit);
 
-        return response()->json([
+        return FileDiskResource::collection($disks);
-            'disks' => $disks,
-        ]);
     }
 
     /**
@@ -33,19 +34,15 @@ class DiskController extends Controller
      */
     public function store(DiskEnvironmentRequest $request)
     {
-        if(!FileDisk::validateCredentials($request->credentials, $request->driver)) {
+        $this->authorize('manage file disk');
-            return response()->json([
+
-                'success' => false,
+        if (! FileDisk::validateCredentials($request->credentials, $request->driver)) {
-                'error' => 'invalid_credentials'
+            return respondJson('invalid_credentials', 'Invalid Credentials.');
-            ]);
         }
 
         $disk = FileDisk::createDisk($request);
 
-        return response()->json([
+        return new FileDiskResource($disk);
-            'success' => true,
-            'disk' => $disk
-        ]);
     }
 
     /**
@@ -56,26 +53,22 @@ class DiskController extends Controller
      */
     public function update(FileDisk $disk, Request $request)
     {
+        $this->authorize('manage file disk');
+
         $credentials = $request->credentials;
         $driver = $request->driver;
 
-        if($credentials && $driver && $disk->type !== 'SYSTEM') {
+        if ($credentials && $driver && $disk->type !== 'SYSTEM') {
-            if(!FileDisk::validateCredentials($credentials, $driver)) {
+            if (! FileDisk::validateCredentials($credentials, $driver)) {
-                return response()->json([
+                return respondJson('invalid_credentials', 'Invalid Credentials.');
-                    'success' => false,
-                    'error' => 'invalid_credentials'
-                ]);
             }
 
             $disk->updateDisk($request);
-        } else if($request->set_as_default) {
+        } elseif ($request->set_as_default) {
             $disk->setAsDefaultDisk();
         }
 
-        return response()->json([
+        return new FileDiskResource($disk);
-            'success' => true,
-            'disk' => $disk
-        ]);
     }
 
     /**
@@ -84,12 +77,15 @@ class DiskController extends Controller
      */
     public function show($disk)
     {
+        $this->authorize('manage file disk');
+
         $diskData = [];
         switch ($disk) {
             case 'local':
                 $diskData = [
                     'root' => config('filesystems.disks.local.root'),
                 ];
+
                 break;
 
 
@@ -101,6 +97,7 @@ class DiskController extends Controller
                     'bucket' => '',
                     'root' => '',
                 ];
+
                 break;
 
             case 'doSpaces':
@@ -112,6 +109,7 @@ class DiskController extends Controller
                     'endpoint' => '',
                     'root' => '',
                 ];
+
                 break;
 
             case 'dropbox':
@@ -122,6 +120,7 @@ class DiskController extends Controller
                     'app' => '',
                     'root' => '',
                 ];
+
                 break;
         }
 
@@ -138,16 +137,16 @@ class DiskController extends Controller
      */
     public function destroy(FileDisk $disk)
     {
+        $this->authorize('manage file disk');
+
         if ($disk->setAsDefault() && $disk->type === 'SYSTEM') {
-            return response()->json([
+            return respondJson('not_allowed', 'Not Allowed');
-                'success' => false
-            ]);
         }
 
         $disk->delete();
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 
@@ -157,22 +156,24 @@ class DiskController extends Controller
      */
     public function getDiskDrivers()
     {
+        $this->authorize('manage file disk');
+
         $drivers = [
             [
                 'name' => 'Local',
-                'value' => 'local'
+                'value' => 'local',
             ],
             [
                 'name' => 'Amazon S3',
-                'value' => 's3'
+                'value' => 's3',
             ],
             [
                 'name' => 'Digital Ocean Spaces',
-                'value' => 'doSpaces'
+                'value' => 'doSpaces',
             ],
             [
                 'name' => 'Dropbox',
-                'value' => 'dropbox'
+                'value' => 'dropbox',
             ],
         ];
 
@@ -180,7 +181,7 @@ class DiskController extends Controller
 
         return response()->json([
             'drivers' => $drivers,
-            'default' => $default
+            'default' => $default,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Settings/GetCompanyMailConfigurationController.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Crater\Http\Controllers\V1\Admin\Settings;
+
+use Crater\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+
+class GetCompanyMailConfigurationController extends Controller
+{
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function __invoke(Request $request)
+    {
+        $mailConfig = [
+            'from_name' => config('mail.from.name'),
+            'from_mail' => config('mail.from.address'),
+        ];
+
+        return response()->json($mailConfig);
+    }
+}

app/Http/Controllers/V1/Admin/Settings/GetCompanySettingsController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
-use Crater\Models\CompanySetting;
 use Crater\Http\Controllers\Controller;
 use Crater\Http\Requests\GetSettingsRequest;
+use Crater\Models\CompanySetting;
 
 class GetCompanySettingsController extends Controller
 {

app/Http/Controllers/V1/Admin/Settings/GetUserSettingsController.php

@@ -1,8 +1,7 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
-use Auth;
 use Crater\Http\Controllers\Controller;
 use Crater\Http\Requests\GetSettingsRequest;
 
@@ -16,7 +15,7 @@ class GetUserSettingsController extends Controller
      */
     public function __invoke(GetSettingsRequest $request)
     {
-        $user = Auth::user();
+        $user = $request->user();
 
         return response()->json($user->getSettings($request->settings));
     }

app/Http/Controllers/V1/Admin/Settings/MailConfigurationController.php

@@ -1,14 +1,14 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
-use Crater\Models\Setting;
-use Illuminate\Http\Request;
-use Crater\Space\EnvironmentManager;
-use Crater\Http\Requests\MailEnvironmentRequest;
-use Illuminate\Http\JsonResponse;
 use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\MailEnvironmentRequest;
 use Crater\Mail\TestMail;
+use Crater\Models\Setting;
+use Crater\Space\EnvironmentManager;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
 use Mail;
 
 class MailConfigurationController extends Controller
@@ -33,11 +33,12 @@ class MailConfigurationController extends Controller
      */
     public function saveMailEnvironment(MailEnvironmentRequest $request)
     {
+        $this->authorize('manage email config');
+
         $setting = Setting::getSetting('profile_complete');
         $results = $this->environmentManager->saveMailVariables($request);
 
-        if ($setting !== 'COMPLETED')
+        if ($setting !== 'COMPLETED') {
-        {
             Setting::setSetting('profile_complete', 4);
         }
 
@@ -46,6 +47,8 @@ class MailConfigurationController extends Controller
 
     public function getMailEnvironment()
     {
+        $this->authorize('manage email config');
+
         $MailData = [
             'mail_driver' => config('mail.driver'),
             'mail_host' => config('mail.host'),
@@ -72,12 +75,14 @@ class MailConfigurationController extends Controller
      */
     public function getMailDrivers()
     {
+        $this->authorize('manage email config');
+
         $drivers = [
             'smtp',
             'mail',
             'sendmail',
             'mailgun',
-            'ses'
+            'ses',
         ];
 
         return response()->json($drivers);
@@ -85,16 +90,18 @@ class MailConfigurationController extends Controller
 
     public function testEmailConfig(Request $request)
     {
+        $this->authorize('manage email config');
+
         $this->validate($request, [
             'to' => 'required|email',
             'subject' => 'required',
-            'message' => 'required'
+            'message' => 'required',
         ]);
 
         Mail::to($request->to)->send(new TestMail($request->subject, $request->message));
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Settings/TaxTypesController.php

@@ -1,11 +1,12 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
-use Crater\Models\TaxType;
-use Crater\Http\Requests\TaxTypeRequest;
-use Illuminate\Http\Request;
 use Crater\Http\Controllers\Controller;
+use Crater\Http\Requests\TaxTypeRequest;
+use Crater\Http\Resources\TaxTypeResource;
+use Crater\Models\TaxType;
+use Illuminate\Http\Request;
 
 class TaxTypesController extends Controller
 {
@@ -16,21 +17,16 @@ class TaxTypesController extends Controller
      */
     public function index(Request $request)
     {
+        $this->authorize('viewAny', TaxType::class);
+
         $limit = $request->has('limit') ? $request->limit : 5;
 
-        $taxTypes = TaxType::whereCompany($request->header('company'))
+        $taxTypes = TaxType::applyFilters($request->all())
-            ->applyFilters($request->only([
+            ->whereCompany()
-                'tax_type_id',
-                'search',
-                'orderByField',
-                'orderBy'
-            ]))
             ->latest()
             ->paginateData($limit);
 
-        return response()->json([
+        return TaxTypeResource::collection($taxTypes);
-            'taxTypes' => $taxTypes
-        ]);
     }
 
     /**
@@ -41,15 +37,11 @@ class TaxTypesController extends Controller
      */
     public function store(TaxTypeRequest $request)
     {
-        $data = $request->validated();
+        $this->authorize('create', TaxType::class);
 
-        $data['company_id'] = $request->header('company');
+        $taxType = TaxType::create($request->getTaxTypePayload());
 
-        $taxType = TaxType::create($data);
+        return new TaxTypeResource($taxType);
-
-        return response()->json([
-            'taxType' => $taxType,
-        ]);
     }
 
     /**
@@ -60,9 +52,9 @@ class TaxTypesController extends Controller
      */
     public function show(TaxType $taxType)
     {
-        return response()->json([
+        $this->authorize('view', $taxType);
-            'taxType' => $taxType
+
-        ]);
+        return new TaxTypeResource($taxType);
     }
 
     /**
@@ -74,11 +66,11 @@ class TaxTypesController extends Controller
      */
     public function update(TaxTypeRequest $request, TaxType $taxType)
     {
-        $taxType->update($request->validated());
+        $this->authorize('update', $taxType);
 
-        return response()->json([
+        $taxType->update($request->getTaxTypePayload());
-            'taxType' => $taxType,
+
-        ]);
+        return new TaxTypeResource($taxType);
     }
 
     /**
@@ -89,15 +81,16 @@ class TaxTypesController extends Controller
      */
     public function destroy(TaxType $taxType)
     {
+        $this->authorize('delete', $taxType);
+
         if ($taxType->taxes() && $taxType->taxes()->count() > 0) {
-            return response()->json([
+            return respondJson('taxes_attached', 'Taxes Attached.');
-                'success' => false
-            ]);
         }
+
         $taxType->delete();
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Settings/UpdateCompanySettingsController.php

@@ -1,10 +1,11 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
-use Crater\Models\CompanySetting;
 use Crater\Http\Controllers\Controller;
 use Crater\Http\Requests\UpdateSettingsRequest;
+use Crater\Models\Company;
+use Crater\Models\CompanySetting;
 
 class UpdateCompanySettingsController extends Controller
 {
@@ -16,10 +17,12 @@ class UpdateCompanySettingsController extends Controller
      */
     public function __invoke(UpdateSettingsRequest $request)
     {
+        $this->authorize('manage company', Company::find($request->header('company')));
+
         CompanySetting::setSettings($request->settings, $request->header('company'));
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Settings/UpdateUserSettingsController.php

@@ -1,8 +1,7 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Settings;
+namespace Crater\Http\Controllers\V1\Admin\Settings;
 
-use Auth;
 use Crater\Http\Controllers\Controller;
 use Crater\Http\Requests\UpdateSettingsRequest;
 
@@ -16,12 +15,12 @@ class UpdateUserSettingsController extends Controller
      */
     public function __invoke(UpdateSettingsRequest $request)
     {
-        $user = Auth::user();
+        $user = $request->user();
 
         $user->setSettings($request->settings);
 
         return response()->json([
-            'success' => true
+            'success' => true,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Update/CheckVersionController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Update;
+namespace Crater\Http\Controllers\V1\Admin\Update;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Models\Setting;
@@ -17,6 +17,13 @@ class CheckVersionController extends Controller
      */
     public function __invoke(Request $request)
     {
+        if ((! $request->user()) || (! $request->user()->isOwner())) {
+            return response()->json([
+                'success' => false,
+                'message' => 'You are not allowed to update this app.'
+            ], 401);
+        }
+
         set_time_limit(600); // 10 minutes
 
         $json = Updater::checkForUpdate(Setting::getSetting('version'));

app/Http/Controllers/V1/Admin/Update/CopyFilesController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Update;
+namespace Crater\Http\Controllers\V1\Admin\Update;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Space\Updater;
@@ -16,6 +16,13 @@ class CopyFilesController extends Controller
      */
     public function __invoke(Request $request)
     {
+        if ((! $request->user()) || (! $request->user()->isOwner())) {
+            return response()->json([
+                'success' => false,
+                'message' => 'You are not allowed to update this app.'
+            ], 401);
+        }
+
         $request->validate([
             'path' => 'required',
         ]);
@@ -24,7 +31,7 @@ class CopyFilesController extends Controller
 
         return response()->json([
             'success' => true,
-            'path' => $path
+            'path' => $path,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Update/DeleteFilesController.php

@@ -1,10 +1,10 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Update;
+namespace Crater\Http\Controllers\V1\Admin\Update;
 
 use Crater\Http\Controllers\Controller;
-use Illuminate\Http\Request;
 use Crater\Space\Updater;
+use Illuminate\Http\Request;
 
 class DeleteFilesController extends Controller
 {
@@ -16,8 +16,14 @@ class DeleteFilesController extends Controller
      */
     public function __invoke(Request $request)
     {
+        if ((! $request->user()) || (! $request->user()->isOwner())) {
+            return response()->json([
+                'success' => false,
+                'message' => 'You are not allowed to update this app.'
+            ], 401);
+        }
 
-        if(isset($request->deleted_files) && !empty($request->deleted_files)) {
+        if (isset($request->deleted_files) && ! empty($request->deleted_files)) {
             Updater::deleteFiles($request->deleted_files);
         }
 

app/Http/Controllers/V1/Admin/Update/DownloadUpdateController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Update;
+namespace Crater\Http\Controllers\V1\Admin\Update;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Space\Updater;
@@ -16,6 +16,13 @@ class DownloadUpdateController extends Controller
      */
     public function __invoke(Request $request)
     {
+        if ((! $request->user()) || (! $request->user()->isOwner())) {
+            return response()->json([
+                'success' => false,
+                'message' => 'You are not allowed to update this app.'
+            ], 401);
+        }
+
         $request->validate([
             'version' => 'required',
         ]);
@@ -24,7 +31,7 @@ class DownloadUpdateController extends Controller
 
         return response()->json([
             'success' => true,
-            'path' => $path
+            'path' => $path,
         ]);
     }
 }

app/Http/Controllers/V1/Admin/Update/FinishUpdateController.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Crater\Http\Controllers\V1\Update;
+namespace Crater\Http\Controllers\V1\Admin\Update;
 
 use Crater\Http\Controllers\Controller;
 use Crater\Space\Updater;
@@ -16,6 +16,13 @@ class FinishUpdateController extends Controller
      */
     public function __invoke(Request $request)
     {
+        if ((! $request->user()) || (! $request->user()->isOwner())) {
+            return response()->json([
+                'success' => false,
+                'message' => 'You are not allowed to update this app.'
+            ], 401);
+        }
+
         $request->validate([
             'installed' => 'required',
             'version' => 'required',