From 58acb1642b1501b6b07936ba7b03034e07ff1bed Mon Sep 17 00:00:00 2001
From: Nadir Hamid <matrix.nad@gmail.com>
Date: Thu, 11 Jun 2026 18:37:47 +0000
Subject: [PATCH 1/2] lookup recordings by workspace ID

---
 app/app/Helpers/MainHelper.php                | 12 +++-
 .../Recording/RecordingWorkflow.php           |  3 +-
 .../Controllers/Api/ApiAuthController.php     | 11 +---
 .../JWT/AuthenticateController.php            | 65 ++++++++++++-------
 app/app/Http/routes.php                       |  2 +-
 5 files changed, 56 insertions(+), 37 deletions(-)

diff --git a/app/app/Helpers/MainHelper.php b/app/app/Helpers/MainHelper.php
index 1fac1be2e..a95f7374b 100755
--- a/app/app/Helpers/MainHelper.php
+++ b/app/app/Helpers/MainHelper.php
@@ -1316,5 +1316,15 @@ public static function isWorkspaceSuspended($workspaceId) {
       return false;
     }
 
-
+    public static function extractAuthToken() {
+        $headers = apache_request_headers();
+        $token = NULL;
+        foreach ( $headers as $key => $value ) {
+            $lower = strtolower($key);
+            if ( $lower == 'authorization' ) {
+                $token = $value;
+            }
+        }
+        return $token;
+    }
 }
diff --git a/app/app/Helpers/WorkflowTraits/Recording/RecordingWorkflow.php b/app/app/Helpers/WorkflowTraits/Recording/RecordingWorkflow.php
index dd0d55707..f0ed9ecbe 100755
--- a/app/app/Helpers/WorkflowTraits/Recording/RecordingWorkflow.php
+++ b/app/app/Helpers/WorkflowTraits/Recording/RecordingWorkflow.php
@@ -28,11 +28,12 @@ public function listRecordings(Request $request)
         DB::connection()->enableQueryLog();
         $paginate = $this->getPaginate( $request );
         $user = $this->getUser($request);
+        $workspace = $this->getWorkspace($request);
         $recordings = Recording::select(DB::raw("DISTINCT(recordings.id), recordings.*, calls.from AS call_from, calls.to AS call_to, calls.status AS call_status, calls.direction AS call_direction, (SELECT GROUP_CONCAT(recording_tags.tag) FROM recording_tags WHERE recording_tags.recording_id = recordings.id) AS tags"));
 
         $recordings->leftJoin('calls', 'calls.id', '=', 'recordings.call_id');
         $recordings->leftJoin('recording_tags', 'recording_tags.recording_id', '=', 'recordings.id');
-        $recordings->where('recordings.user_id', '=', $user->id);
+        $recordings->where('recordings.workspace_id', '=', $workspace->id);
         $search = $request->get("tags");
         if ( $search ) {
            \Log::info("tags are: " . $search);
diff --git a/app/app/Http/Controllers/Api/ApiAuthController.php b/app/app/Http/Controllers/Api/ApiAuthController.php
index 6114281aa..f987a9aac 100755
--- a/app/app/Http/Controllers/Api/ApiAuthController.php
+++ b/app/app/Http/Controllers/Api/ApiAuthController.php
@@ -6,6 +6,7 @@
 use \Dingo\Api\Routing\Helpers;
 use App\Http\Controllers\Api\ApiController;
 use Illuminate\Http\Request;
+use App\Helpers\MainHelper;
 use App\Workspace;
 use App\WorkspaceUser;
 use App\Extension;
@@ -94,15 +95,7 @@ public function getUser(Request $request, $soft=FALSE) {
                return $user;
           }
           $user = NULL;
-          $headers = apache_request_headers();
-          $token = NULL;
-          foreach ( $headers as $key => $value ) {
-               $lower = strtolower($key);
-               if ( $lower == 'authorization' ) {
-                    $token = $value;
-               }
-          }
-              
+          $token = MainHelper::extractAuthToken();
           //$token = $headers['authorization'];
 
            if (!empty($token)) {
diff --git a/app/app/Http/Controllers/JWT/AuthenticateController.php b/app/app/Http/Controllers/JWT/AuthenticateController.php
index 50b6fada6..5d1e9a507 100755
--- a/app/app/Http/Controllers/JWT/AuthenticateController.php
+++ b/app/app/Http/Controllers/JWT/AuthenticateController.php
@@ -91,28 +91,22 @@ public function authenticate(Request $request)
       }
 */
 
-          \Log::info("trying to authenticate user: " . $credentials['email']);
-        try {
-            // attempt to verify the credentials and create a token for the user
-            if (!$token = JWTAuth::attempt($credentials)) {
-                return response()->json(['error' => 'invalid_credentials'], 401);
-            }
-        } catch (JWTException $e) {
-            // something went wrong whilst attempting to encode the token
-            \Log::info("error occured: " . $e->getMessage());
-            return $this->errorInternal($request, 'Could not create token');
-        }
-        $currentUser = Auth::user();
 
+          \Log::info("trying to authenticate user: " . $credentials['email']);
+          $loginResult = $this->processLoginCredentials($credentials);
+          $currentUser = $loginResult['currentUser'];
+          $token = $loginResult['token'];
+        
         $workspace = $this->getRequestedWorkspace($request, $currentUser);
         $availableWorkspaces = Workspace::join('workspaces_users', 'workspaces_users.workspace_id', '=', 'workspaces.id')
             ->where('workspaces_users.user_id', $currentUser->id)
-            ->select('workspaces.id', 'workspaces.name')
+            ->select('workspaces.id', 'workspaces.name', 'workspaces.creator_id')
             ->get()
-            ->map(function ($workspace) {
+            ->map(function ($workspace) use ($currentUser) {
                 return [
                     'id' => $workspace->id,
-                    'name' => $workspace->name
+                    'name' => $workspace->name,
+                    'is_creator' => $workspace->creator_id == $currentUser->id
                 ];
             })
             ->toArray();
@@ -184,25 +178,27 @@ public function authenticate(Request $request)
 
     public function requestWorkspaceToken(Request $request)
     {
-        $currentUser = Auth::user();
-        $workspaceId = $request->get('workspace_id');
+        $requestData = $request->all();
+        $workspaceId = $requestData['workspace_id'];
         $workspace = Workspace::find($workspaceId);
         if (empty($workspace)) {
             return $this->errorInternal($request, 'No workspace found for user.');
         }
-        
-        if (!$token = JWTAuth::fromUser($currentUser)) {
-            return response()->json(['error' => 'could not create token'], 401);
-        }
+
+
+        //$loginResult = $this->processLoginCredentials($credentials);
+        $token = $requestData['token'];
+        $currentUser = JWTAuth::authenticate($token);
         
         $availableWorkspaces = Workspace::join('workspaces_users', 'workspaces_users.workspace_id', '=', 'workspaces.id')
             ->where('workspaces_users.user_id', $currentUser->id)
-            ->select('workspaces.id', 'workspaces.name')
+            ->select('workspaces.id', 'workspaces.name', 'workspaces.creator_id')
             ->get()
-            ->map(function ($workspace) {
+            ->map(function ($workspace) use ($currentUser) {
                 return [
                     'id' => $workspace->id,
-                    'name' => $workspace->name
+                    'name' => $workspace->name,
+                    'is_creator' => $workspace->creator_id == $currentUser->id
                 ];
             })
             ->toArray();
@@ -215,4 +211,23 @@ public function heartbeat(Request $request)
     {
       return $this->response->noContent();
     }
-}
+
+    private function processLoginCredentials($credentials) {
+        try {
+            // attempt to verify the credentials and create a token for the user
+            if (!$token = JWTAuth::attempt($credentials)) {
+                return response()->json(['error' => 'invalid_credentials'], 401);
+            }
+        } catch (JWTException $e) {
+            // something went wrong whilst attempting to encode the token
+            \Log::info("error occured: " . $e->getMessage());
+            return $this->errorInternal($request, 'Could not create token');
+        }
+        $currentUser = Auth::user();
+        
+        return [
+            'currentUser' => $currentUser,
+            'token' => $token
+        ];
+    }
+}
\ No newline at end of file
diff --git a/app/app/Http/routes.php b/app/app/Http/routes.php
index 4ce3c9a87..1bd3edf4f 100755
--- a/app/app/Http/routes.php
+++ b/app/app/Http/routes.php
@@ -533,7 +533,7 @@
       $api->post('authenticate', '\App\Http\Controllers\JWT\AuthenticateController@authenticate');
       $api->post('publicAuthenticate', '\App\Http\Controllers\JWT\AuthenticateController@authenticatePublic');
       $api->get('heartbeat', '\App\Http\Controllers\JWT\AuthenticateController@heartbeat');
-      $api->get('requestWorkspaceToken', '\App\Http\Controllers\JWT\AuthenticateController@requestWorkspaceToken');
+      $api->post('requestWorkspaceToken', '\App\Http\Controllers\JWT\AuthenticateController@requestWorkspaceToken');
     });
 
     $api->group([ 'prefix' => 'account'], function($api) {

From 21c08847356abcce98a6e878fbf8af010cf249f8 Mon Sep 17 00:00:00 2001
From: Nadir Hamid <matrix.nad@gmail.com>
Date: Thu, 11 Jun 2026 19:39:11 +0000
Subject: [PATCH 2/2] set workspace user status to active on creation

---
 app/app/WorkspaceUser.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/app/WorkspaceUser.php b/app/app/WorkspaceUser.php
index 90129eb95..dece6057d 100755
--- a/app/app/WorkspaceUser.php
+++ b/app/app/WorkspaceUser.php
@@ -3,6 +3,7 @@
 namespace App;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use \App\Enums\WorkspaceUserStatus;
 use \App\UserEmailOption;
 
 class WorkspaceUser extends PublicResource {
@@ -94,6 +95,7 @@ public static function createSuperAdmin($workspace, $user, $extras=[]) {
       }
       $attrs['user_id'] = $user->id;
       $attrs['workspace_id'] = $workspace->id;
+      $attrs['status'] = WorkspaceUserStatus::ACTIVE;
 
       $attrs = array_merge( $attrs, $extras );
       $user= WorkspaceUser::create($attrs);