DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-10 15:44:11 -08:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity
snipe-it/app/Http/Controllers/UsersController.php

1003 lines
37 KiB
PHP
Raw Normal View History

Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
<?php
namespace App\Http\Controllers;
use App\Helpers\Helper;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use App\Http\Requests\AssetFileRequest;
use App\Http\Requests\SaveUserRequest;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use App\Models\Accessory;
use App\Models\Actionlog;
use App\Models\Asset;
use App\Models\Company;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use App\Models\Group;
use App\Models\Ldap;
Add a use declaration to Userscontroller to prevent assigning the wrong item_type. Should fix/prevent #3160 (#3168)
2017-01-11 04:27:05 -08:00
use App\Models\License;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use App\Models\LicenseSeat;
use App\Models\Location;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use App\Models\Setting;
use App\Models\User;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use App\Notifications\WelcomeNotification;
use Artisan;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use Auth;
use Config;
use Crypt;
use DB;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use Gate;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use HTML;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Http\Request;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use Input;
use Lang;
use League\Csv\Reader;
use Mail;
use Redirect;
use Response;
use Str;
use Symfony\Component\HttpFoundation\JsonResponse;
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
use Symfony\Component\HttpFoundation\StreamedResponse;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
use URL;
use View;
Fixes groups for cloning users
2016-06-02 00:41:10 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
/**
Updated docblocks
2016-04-07 13:21:09 -07:00
* This controller handles all actions related to Users for
* the Snipe-IT Asset Management application.
*
* @version v1.0
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
*/
Bump up memory for LDAP import of large number of users
2016-06-21 12:22:10 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
class UsersController extends Controller
{
/**
* Returns a view that invokes the ajax tables which actually contains
* the content for the users listing, which is generated in getDatatable().
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @see UsersController::getDatatable() method that generates the JSON response
* @since [v1.0]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Contracts\View\View
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function index()
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('index', User::class);
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/index');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
* Returns a view that displays the user creation form.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Contracts\View\View
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function create()
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('create', User::class);
Fixes #1997 - save user groups without Sentry crap
2016-05-12 15:26:48 -07:00
$groups = Group::pluck('name', 'id');
if (Input::old('groups')) {
$userGroups = Group::whereIn('id', Input::old('groups'))->pluck('name', 'id');
Fixes #1997 and #1996 - replace sentry functions
2016-04-28 21:59:43 -07:00
} else {
$userGroups = collect();
}
Moved group sync
2016-06-15 11:51:10 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$permissions = config('permissions');
Fixes #1996 - replace old Sentry methods with laravel native
2016-05-09 15:40:27 -07:00
$userPermissions = Helper::selectedPermissionsArray($permissions, Input::old('permissions', array()));
Rework permissions view (#2756) * Early layout work on a cleaner permissions interface * Cleanup layout. Make new permissions view work. Still needs some css and javascript improvements. Also need to do the same thing to the group view. * Improve styling, add javascript to toggle an entire group of permissions if choosing the permission on the header row. Would be nice to add collapsing of sections in the future. * Toggle viewing sections. * Special case places where we only have one item in a group to only display the item once. * Filter getCreate the same way.
2016-10-12 12:06:28 -07:00
$permissions = $this->filterDisplayable($permissions);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Set activated to default on when new user is created
2018-08-14 18:14:41 -07:00
$user = new User;
$user->activated = 1;
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/edit', compact('groups', 'userGroups', 'permissions', 'userPermissions'))
Set activated to default on when new user is created
2018-08-14 18:14:41 -07:00
->with('user', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
* Validate and store the new user data, or return an error.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Http\RedirectResponse
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function store(SaveUserRequest $request)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('create', User::class);
Cleanup namespaces a bit
2016-03-25 19:26:22 -07:00
$user = new User;
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
//Username, email, and password need to be handled specially because the need to respect config values on an edit.
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$user->email = $data['email'] = e($request->input('email'));
$user->username = $data['username'] = e($request->input('username'));
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('password')) {
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$user->password = bcrypt($request->input('password'));
$data['password'] = $request->input('password');
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
$user->locale = $request->input('locale');
$user->employee_num = $request->input('employee_num');
Fixed activated issue for strict mode
2018-07-24 13:28:59 -07:00
$user->activated = $request->input('activated', 0);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->jobtitle = $request->input('jobtitle');
$user->phone = $request->input('phone');
Move sanitization of input to the model attribute setters. This cleans up a lot of checks in the various controller methods and ensures data will be set in the model accurately regardless of where it's set. Add unit tests for these methods (#3102)
2016-12-26 15:17:46 -08:00
$user->location_id = $request->input('location_id', null);
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
$user->department_id = $request->input('department_id', null);
Move sanitization of input to the model attribute setters. This cleans up a lot of checks in the various controller methods and ensures data will be set in the model accurately regardless of where it's set. Add unit tests for these methods (#3102)
2016-12-26 15:17:46 -08:00
$user->company_id = Company::getIdForUser($request->input('company_id', null));
$user->manager_id = $request->input('manager_id', null);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->notes = $request->input('notes');
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->address = $request->input('address', null);
$user->city = $request->input('city', null);
$user->state = $request->input('state', null);
$user->country = $request->input('country', null);
$user->zip = $request->input('zip', null);
Unset superadmin by non-superadmins on user create
2016-10-31 19:08:24 -07:00
// Strip out the superuser permission if the user isn't a superadmin
$permissions_array = $request->input('permission');
if (!Auth::user()->isSuperUser()) {
unset($permissions_array['superuser']);
}
$user->permissions = json_encode($permissions_array);
Moved group sync
2016-06-15 11:51:10 -07:00
if ($user->save()) {
Fixes #2048
2016-05-17 21:15:29 -07:00
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('groups')) {
Moved group sync
2016-06-15 11:51:10 -07:00
$user->groups()->sync($request->input('groups'));
} else {
$user->groups()->sync(array());
}
Pass users path to get_src
2016-07-28 05:49:41 -07:00
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if (($request->input('email_user') == 1) && ($request->filled('email'))) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Send the credentials through email
$data = array();
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$data['email'] = e($request->input('email'));
$data['username'] = e($request->input('username'));
$data['first_name'] = e($request->input('first_name'));
New First Admin Notification (#5147) * New First Admin Notification * Include Last name in Welcome and First admin Notifications
2018-03-03 14:37:42 -08:00
$data['last_name'] = e($request->input('last_name'));
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$data['password'] = e($request->input('password'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
New Welcome Notification (#5146) * New Test Notification Created Test Notification. Updated Vendor Mail message.blade files. Updated api settings controller to use Notification Façade. * Add show URL in Emails condition * New Welcome Notification
2018-03-03 12:44:41 -08:00
$user->notify(new WelcomeNotification($data));
/* Mail::send('emails.send-login', $data, function ($m) use ($user) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$m->to($user->email, $user->first_name . ' ' . $user->last_name);
Add reply-to config setting
2016-09-20 07:20:10 -07:00
$m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
Translate emails (#2652) * commit temporal * final translation commit -- added email translations * final translation commit -- removed file for spanish translations * final translation commit -- removed file for spanish translations * added missing translations * method overrided and config files back to default * config files back to default * config files back to default
2016-09-26 14:13:07 -07:00
$m->subject(trans('mail.welcome', ['name' => $user->first_name]));
New Welcome Notification (#5146) * New Test Notification Created Test Notification. Updated Vendor Mail message.blade files. Updated api settings controller to use Notification Façade. * Add show URL in Emails condition * New Welcome Notification
2018-03-03 12:44:41 -08:00
});*/
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Make delete routes work. (#3077) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls.
2016-12-19 10:42:33 -08:00
return redirect::route('users.index')->with('success', trans('admin/users/message.success.create'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
return redirect()->back()->withInput()->withErrors($user->getErrors());
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
private function filterDisplayable($permissions)
{
$output = null;
foreach ($permissions as $key => $permission) {
$output[$key] = array_filter($permission, function ($p) {
return $p['display'] === true;
});
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
return $output;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* Returns a view that displays the edit user form
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param $permissions
* @return View
* @internal param int $id
*/
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
public function edit($id)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
More ajax menu fixes
2017-10-28 11:17:52 -07:00
if ($user = User::find($id)) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', $user);
Fixes #1997 and #1996 - replace sentry functions
2016-04-28 21:59:43 -07:00
$permissions = config('permissions');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Fixes #1997 and #1996 - replace sentry functions
2016-04-28 21:59:43 -07:00
$groups = Group::pluck('name', 'id');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Fixes #1997 and #1996 - replace sentry functions
2016-04-28 21:59:43 -07:00
$userGroups = $user->groups()->pluck('name', 'id');
$user->permissions = $user->decodePermissions();
$userPermissions = Helper::selectedPermissionsArray($permissions, $user->permissions);
Rework permissions view (#2756) * Early layout work on a cleaner permissions interface * Cleanup layout. Make new permissions view work. Still needs some css and javascript improvements. Also need to do the same thing to the group view. * Improve styling, add javascript to toggle an entire group of permissions if choosing the permission on the header row. Would be nice to add collapsing of sections in the future. * Toggle viewing sections. * Special case places where we only have one item in a group to only display the item once. * Filter getCreate the same way.
2016-10-12 12:06:28 -07:00
$permissions = $this->filterDisplayable($permissions);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
More ajax menu fixes
2017-10-28 11:17:52 -07:00
return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions'))->with('item', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
More ajax menu fixes
2017-10-28 11:17:52 -07:00
$error = trans('admin/users/message.user_not_found', compact('id'));
return redirect()->route('users.index')->with('error', $error);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* Validate and save edited user data from edit form.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param UpdateUserRequest $request
* @param int $id
* @return \Illuminate\Http\RedirectResponse
*/
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
public function update(SaveUserRequest $request, $id = null)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
// We need to reverse the UI specific logic for our
// permissions here before we update the user.
Use form request for user add/edit to handle password and password confirmation
2016-06-06 14:15:50 -07:00
$permissions = $request->input('permissions', array());
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
app('request')->request->set('permissions', $permissions);
// Only update the email address if locking is set to false
if (config('app.lock_passwords')) {
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', 'Denied! You cannot update user information on the demo.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
try {
Fixes #2894 - set whether or not the user was originally a superuser
2016-11-11 19:48:39 -08:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$user = User::find($id);
Fixes weird manager_id validation This is a shit fix - need to find out what’s happening here.
2017-11-03 12:48:00 -07:00
if ($user->id == $request->input('manager_id')) {
return redirect()->back()->withInput()->with('error', 'You cannot be your own manager.');
}
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', $user);
Check if the edited users permissioms are superuser before edit
2016-10-31 19:37:24 -07:00
// Figure out of this user was an admin before this edit
$orig_permissions_array = $user->decodePermissions();
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$orig_superuser = '0';
Fixes #2894 - set whether or not the user was originally a superuser
2016-11-11 19:48:39 -08:00
if (is_array($orig_permissions_array)) {
if (array_key_exists('superuser', $orig_permissions_array)) {
$orig_superuser = $orig_permissions_array['superuser'];
}
Check if the edited users permissioms are superuser before edit
2016-10-31 19:37:24 -07:00
}
bugfix: updating a user when an admin (not a superuser) would remove any groups from the user. (#5914)
2018-07-21 23:02:06 -07:00
} catch (ModelNotFoundException $e) {
return redirect()->route('users.index')
Checkout update locationid (#5919) * Fix missing punctuation. Bad merge. * If we're checking out to an location, use it's id instead of location_id
2018-07-23 06:47:21 -07:00
->with('error', trans('admin/users/message.user_not_found', compact('id')));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Do not makes group editable if the user is not an admin This fixes a bug where the field was (correctly) disabled if the editing user isn’t a superadmin, but because the field was disabled, it would clear the permission groups.
2016-10-31 18:57:35 -07:00
// Only save groups if the user is a super user
if (Auth::user()->isSuperUser()) {
Fixed #6061 - Assigned user group cannot be removed This bug was a result of attempting to check if the groups field had a value, and only THEN trying to sync the groups. This meant that uf you were removing ALL groups, the sync wouldn’t be triggered. This still needs to be updated in the API.
2019-02-12 23:43:38 -08:00
$user->groups()->sync($request->input('groups'));
Added inheritance back into users/groups
2016-06-15 20:45:45 -07:00
}
Do not makes group editable if the user is not an admin This fixes a bug where the field was (correctly) disabled if the editing user isn’t a superadmin, but because the field was disabled, it would clear the permission groups.
2016-10-31 18:57:35 -07:00
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('username')) {
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
$user->username = $request->input('username');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
$user->email = $request->input('email');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
// Update the user
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
Add presenters for models. (#3098) * Add presenters for models. Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot. Move view specific modifications from the models to the presenters as well. * Fix some issues found by travis and codacy * Fix a few more issues found while testing. * Attempt another acceptance test fix * Try something else * Maybe..
2016-12-23 17:52:00 -08:00
$user->two_factor_optin = $request->input('two_factor_optin') ?: 0;
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->locale = $request->input('locale');
$user->employee_num = $request->input('employee_num');
Set activated to zero if no values passed for active user
2018-07-18 08:27:26 -07:00
$user->activated = $request->input('activated', 0);
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->jobtitle = $request->input('jobtitle', null);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->phone = $request->input('phone');
Fixed #7046 - added user website url back into UI
2019-05-21 18:55:12 -07:00
$user->website = $request->input('website', null);
Move sanitization of input to the model attribute setters. This cleans up a lot of checks in the various controller methods and ensures data will be set in the model accurately regardless of where it's set. Add unit tests for these methods (#3102)
2016-12-26 15:17:46 -08:00
$user->location_id = $request->input('location_id', null);
$user->company_id = Company::getIdForUser($request->input('company_id', null));
$user->manager_id = $request->input('manager_id', null);
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$user->notes = $request->input('notes');
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
$user->department_id = $request->input('department_id', null);
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->address = $request->input('address', null);
$user->city = $request->input('city', null);
$user->state = $request->input('state', null);
$user->country = $request->input('country', null);
Fix activated check for login
2018-07-16 23:48:46 -07:00
$user->activated = $request->input('activated', 0);
Added address for users - fixes #4323
2017-10-30 18:57:00 -07:00
$user->zip = $request->input('zip', null);
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
Fixed updating the assigned assets location if user’s location changes
2017-10-30 19:33:52 -07:00
// Update the location of any assets checked out to this user
Asset::where('assigned_type', User::class)
->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
// Do we want to update the user password?
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('password')) {
ADDED: Password rules for complexity, min length, rejecting common passwords
2017-08-22 20:32:39 -07:00
$user->password = bcrypt($request->input('password'));
}
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
Only save user permissions if the user is a superadmin
2016-10-31 19:07:55 -07:00
// Strip out the superuser permission if the user isn't a superadmin
$permissions_array = $request->input('permission');
if (!Auth::user()->isSuperUser()) {
unset($permissions_array['superuser']);
Check if the edited users permissioms are superuser before edit
2016-10-31 19:37:24 -07:00
$permissions_array['superuser'] = $orig_superuser;
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
}
Only save user permissions if the user is a superadmin
2016-10-31 19:07:55 -07:00
$user->permissions = json_encode($permissions_array);
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
// Was the user updated?
Move checks back into methods instead of having an extra helper method. Also remove unnecessary lock_passwords checks because there is a check at the top of the method that does this already.
2016-06-27 21:11:59 -07:00
if ($user->save()) {
// Prepare the success message
$success = trans('admin/users/message.success.update');
// Redirect to the user page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('success', $success);
Move checks back into methods instead of having an extra helper method. Also remove unnecessary lock_passwords checks because there is a check at the top of the method that does this already.
2016-06-27 21:11:59 -07:00
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
return redirect()->back()->withInput()->withErrors($user->getErrors());
Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200
2016-06-27 19:47:21 -07:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
/**
* Delete a user
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $id
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Http\RedirectResponse
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function destroy($id = null)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
try {
// Get user information
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
$user = User::findOrFail($id);
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
// Authorize takes care of many of our logic checks now.
$this->authorize('delete', User::class);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Check if we are not trying to delete ourselves
if ($user->id === Auth::user()->id) {
// Redirect to the user management page
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
return redirect()->route('users.index')->with('error', 'You cannot delete yourself.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
if (($user->assets) && ($user->assets->count() > 0)) {
Fixes #4056 - check for assets before deleting user
2017-09-28 19:57:52 -07:00
// Redirect to the user management page
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets->count() . ' assets associated with them. Use the Checkin and Delete button on the user profile to check these items back in and delete this user.');
Fixes #4056 - check for assets before deleting user
2017-09-28 19:57:52 -07:00
}
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
if (($user->licenses) && ($user->licenses->count() > 0)) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
return redirect()->route('users.index')->with('error', 'This user still has ' . $user->licenses->count() . ' license(s associated with them. Use the Checkin and Delete button on the user profile to check these items back in and delete this user.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
if (($user->accessories) && ($user->accessories->count() > 0)) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
return redirect()->route('users.index')->with('error', 'This user still has ' . $user->accessories->count() . ' accessories associated with them. Use the Checkin and Delete button on the user profile to check these items back in and delete this user.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Fixed countable() strings on user destroy
2019-07-17 17:51:13 -07:00
if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
Check for accessories
2016-04-21 21:01:45 -07:00
// Redirect to the user management page
Add a manager field to locations. This is round one of the rethink of checkout-to-everything. A location now has a manager field, and the manager (by default) be responsible for assets checked out to the location.
2017-05-22 17:27:00 -07:00
return redirect()->route('users.index')->with('error', 'This user still has ' . $user->managedLocations()->count() . ' locations that they manage.');
Check for accessories
2016-04-21 21:01:45 -07:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Delete the user
$user->delete();
// Prepare the success message
Updated to use 5.2 trans() instead of Lang::get for localization
2016-04-07 13:39:35 -07:00
$success = trans('admin/users/message.success.delete');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('success', $success);
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
} catch (ModelNotFoundException $e) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Prepare the error message
Updated to use 5.2 trans() instead of Lang::get for localization
2016-04-07 13:39:35 -07:00
$error = trans('admin/users/message.user_not_found', compact('id'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', $error);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
/**
* Returns a view that confirms the user's a bulk delete will be applied to.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.7]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Contracts\View\View
*/
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
public function postBulkEdit(Request $request)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', User::class);
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$statuslabel_list = Helper::statusLabelList();
Fix bulk actions with new bootstrap tables checkboxes
2017-01-18 19:38:42 -08:00
$user_raw_array = array_keys(Input::get('ids'));
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
$users = User::whereIn('id', $user_raw_array)->with('groups', 'assets', 'licenses', 'accessories')->get();
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
if ($request->input('bulk_actions') == 'edit') {
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/bulk-edit', compact('users'))
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
->with('groups', Group::pluck('name', 'id'));
}
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/confirm-bulk-delete', compact('users', 'statuslabel_list'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
return redirect()->back()->with('error', 'No users selected');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
/**
* Save bulk-edited users
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @return \Illuminate\Http\RedirectResponse
*/
public function postBulkEditSave(Request $request)
{
$this->authorize('update', User::class);
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
$user_raw_array = $request->input('ids');
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
$update_array = array();
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
$manager_conflict = false;
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
$users = User::whereIn('id', $user_raw_array)->where('id', '!=', Auth::user()->id)->get();
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('location_id')) {
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
$update_array['location_id'] = $request->input('location_id');
}
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('department_id')) {
Added dept helper reference in create/edit/bulk edit users
2017-05-23 02:47:49 -07:00
$update_array['department_id'] = $request->input('department_id');
}
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('company_id')) {
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
$update_array['company_id'] = $request->input('company_id');
}
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('locale')) {
Allow bulk language update in user edit
2018-01-10 05:33:26 -08:00
$update_array['locale'] = $request->input('locale');
}
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('manager_id')) {
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
// Do not allow a manager update if the selected manager is one of the users being
// edited.
if (!array_key_exists($request->input('manager_id'), $user_raw_array)) {
$update_array['manager_id'] = $request->input('manager_id');
} else {
$manager_conflict = true;
}
}
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('activated')) {
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
$update_array['activated'] = $request->input('activated');
}
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
// Save the updated info
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
if (count($update_array) > 0) {
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
User::whereIn('id', $user_raw_array)->where('id', '!=', Auth::user()->id)->update($update_array);
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
}
// Only sync groups if groups were selected
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ($request->filled('groups')) {
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
foreach ($users as $user) {
$user->groups()->sync($request->input('groups'));
}
}
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
if ($manager_conflict) {
return redirect()->route('users.index')
->with('warning', trans('admin/users/message.bulk_manager_warn'));
}
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
return redirect()->route('users.index')
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
->with('success', trans('admin/users/message.success.update_bulk'));
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
}
PHP7.2 count fixes (#5427) * PHP 7.2 count() fixes * Re-enable php travis 7.2
2018-04-29 06:10:49 -07:00
return redirect()->back()->with('error', 'No users selected');
Fixes #2422 - Adds bulk edit for select user attributes
2017-03-10 20:07:44 -08:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
/**
* Soft-delete bulk users
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Http\RedirectResponse
*/
Fixes #5519 - count() for php 7.2
2018-05-16 19:35:14 -07:00
public function postBulkSave(Request $request)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', User::class);
Could should not be equal to 1
2018-05-16 19:38:02 -07:00
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
if ((!$request->filled('ids')) || (count($request->input('ids')) == 0)) {
Use updated redirect() reference
2016-04-28 21:06:41 -07:00
return redirect()->back()->with('error', 'No users selected');
Change ->has() to ->filled()
2019-05-23 17:39:50 -07:00
} elseif ((!$request->filled('status_id')) || ($request->input('status_id')=='')) {
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', 'No status selected');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
} else {
Fix bulk actions with new bootstrap tables checkboxes
2017-01-18 19:38:42 -08:00
$user_raw_array = Input::get('ids');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$asset_array = array();
if (($key = array_search(Auth::user()->id, $user_raw_array)) !== false) {
unset($user_raw_array[$key]);
}
Assetcontroller cleanup (#5858) * Extract method/cleanup * Remove apiStore method that is unusued since api controllers. * Use proper model exception * Remove old user importer. This is now supported by the general importer framework. * Refactor AssetsController methods. This is a giant diff without many functional changes, mostly cosmetic. I've pulled a number of methods out of assetscontroller, preferring instead to create some more targetted controllers for related actions. I think this cleans up the file some, and suggests some places for future targetted improvement. Fix weird missing things. * Fix Unit test failing after date changes. * Pass valid string to be translated. * Some method cleanup for codacy. * Extract trait for common checkout uses and codacy fixes.
2018-07-16 17:44:03 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
if (!config('app.lock_passwords')) {
Fixed bulk delete+checkin for users
2016-05-12 21:01:31 -07:00
$users = User::whereIn('id', $user_raw_array)->get();
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$assets = Asset::whereIn('assigned_to', $user_raw_array)->get();
$accessories = DB::table('accessories_users')->whereIn('assigned_to', $user_raw_array)->get();
Fixed bulk delete+checkin for users
2016-05-12 21:01:31 -07:00
$licenses = DB::table('license_seats')->whereIn('assigned_to', $user_raw_array)->get();
$license_array = array();
$accessory_array = array();
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
foreach ($assets as $asset) {
$asset_array[] = $asset->id;
// Update the asset log
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$logAction = new Actionlog();
$logAction->item_id = $asset->id;
$logAction->item_type = Asset::class;
$logAction->target_id = $asset->assigned_to;
$logAction->target_type = User::class;
$logAction->user_id = Auth::user()->id;
$logAction->note = 'Bulk checkin asset and delete user';
$logAction->logaction('checkin from');
Asset::whereIn('id', $asset_array)->update([
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
'status_id' => e(Input::get('status_id')),
'assigned_to' => null,
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
]);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
foreach ($accessories as $accessory) {
Fixed bulk delete+checkin for users
2016-05-12 21:01:31 -07:00
$accessory_array[] = $accessory->accessory_id;
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Update the asset log
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$logAction = new Actionlog();
$logAction->item_id = $accessory->id;
$logAction->item_type = Accessory::class;
$logAction->target_id = $accessory->assigned_to;
$logAction->target_type = User::class;
$logAction->user_id = Auth::user()->id;
$logAction->note = 'Bulk checkin accessory and delete user';
$logAction->logaction('checkin from');
Fixed bulk delete+checkin for users
2016-05-12 21:01:31 -07:00
}
foreach ($licenses as $license) {
$license_array[] = $license->id;
// Update the asset log
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$logAction = new Actionlog();
$logAction->item_id = $license->id;
$logAction->item_type = License::class;
$logAction->target_id = $license->assigned_to;
$logAction->target_type = User::class;
$logAction->user_id = Auth::user()->id;
$logAction->note = 'Bulk checkin license and delete user';
$logAction->logaction('checkin from');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Moved group sync
2016-06-15 11:51:10 -07:00
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
LicenseSeat::whereIn('id', $license_array)->update(['assigned_to' => null]);
Fixed bulk delete+checkin for users
2016-05-12 21:01:31 -07:00
foreach ($users as $user) {
$user->accessories()->sync(array());
$user->delete();
}
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('success', 'Your selected users have been deleted and their assets have been updated.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
return redirect()->route('users.index')->with('error', 'Bulk delete is not enabled in this installation');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
/**
* Restore a deleted user
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $id
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Http\RedirectResponse
*/
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
public function getRestore($id = null)
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('edit', User::class);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Get user information
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
if (!$user = User::onlyTrashed()->find($id)) {
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', trans('admin/users/messages.user_not_found'));
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
}
Check for accessories
2016-04-21 21:01:45 -07:00
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
// Restore the user
if (User::withTrashed()->where('id', $id)->restore()) {
return redirect()->route('users.index')->with('success', trans('admin/users/message.success.restored'));
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
}
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
return redirect()->route('users.index')->with('error', 'User could not be restored.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
* Return a view with user detail
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $userId
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Contracts\View\View
*/
User resource routes
2016-12-15 20:52:39 -08:00
public function show($userId = null)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Fixed compact() errors
2020-04-07 17:26:56 -07:00
if (!$user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')
->withTrashed()
->find($userId))
{
return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', ['id' => $userId]));
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Actionlog Class: Improvements and polymorphism (#2561) * Save progress * Create a new action_log table to replace asset_log. Use Polymorphism to generalize class and targets. Port everything I can find to use it. Add a migration to port the asset_logs table to action_logs. * Allow accepted_id to be nullable. * Comment out the thread_id migration, because it b0rks on a new database with the move. I'm unsure if the thread_id does anything...It doesn't seem to be used * Clean up all old methods from Actionlog model. Port everything to use new cleaner interface. * Port the actionlog factory to fix travis. * Adjust code to work on php5. Also fix lurking adminlog call. * Remove weird code * Port the pave command. Also fix dangling adminlog
2016-09-06 19:39:42 -07:00
$userlog = $user->userlog->load('item');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
if (isset($user->id)) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('view', $user);
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/view', compact('user', 'userlog'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
/**
* Unsuspend a user.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $id
* @return Redirect
*/
public function getUnsuspend($id = null)
{
try {
// Get user information
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$user = User::find($id);
$this->authorize('edit', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Check if we are not trying to unsuspend ourselves
if ($user->id === Auth::user()->id) {
// Prepare the error message
Updated to use 5.2 trans() instead of Lang::get for localization
2016-04-07 13:39:35 -07:00
$error = trans('admin/users/message.error.unsuspend');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', $error);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
// Do we have permission to unsuspend this user?
Switched or and and to || and && for code quality
2016-07-10 20:55:44 -07:00
if ($user->isSuperUser() && !Auth::user()->isSuperUser()) {
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', 'Insufficient permissions!');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
// Prepare the success message
Updated to use 5.2 trans() instead of Lang::get for localization
2016-04-07 13:39:35 -07:00
$success = trans('admin/users/message.success.unsuspend');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('success', $success);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
} catch (UserNotFoundException $e) {
// Prepare the error message
Updated to use 5.2 trans() instead of Lang::get for localization
2016-04-07 13:39:35 -07:00
$error = trans('admin/users/message.user_not_found', compact('id'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Redirect to the user management page
User resource routes
2016-12-15 20:52:39 -08:00
return redirect()->route('users.index')->with('error', $error);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
/**
* Return a view containing a pre-populated new user form,
* populated with some fields from an existing user.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $id
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Contracts\View\View
*/
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
public function getClone($id = null)
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('create', User::class);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// We need to reverse the UI specific logic for our
// permissions here before we update the user.
$permissions = Input::get('permissions', array());
//$this->decodePermissions($permissions);
app('request')->request->set('permissions', $permissions);
try {
// Get the user information
Fixed restore again. For some reason, $user->restore() isn't working? WTF.
2016-04-21 20:52:32 -07:00
$user_to_clone = User::withTrashed()->find($id);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$user = clone $user_to_clone;
$user->first_name = '';
$user->last_name = '';
$user->email = substr($user->email, ($pos = strpos($user->email, '@')) !== false ? $pos : 0);
More ajax menu fixes
2017-10-28 11:17:52 -07:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
$user->id = null;
// Get this user groups
Addec clone button back to models, assets, licenses, etc
2017-07-07 18:45:49 -07:00
$userGroups = $user_to_clone->groups()->pluck('name', 'id');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Get all the available permissions
$permissions = config('permissions');
Add a clone button the the user table. (#2241) Also preserve permissions when cloning a user, instead of nulling them by default.
2016-07-10 18:43:10 -07:00
$clonedPermissions = $user_to_clone->decodePermissions();
$userPermissions =Helper::selectedPermissionsArray($permissions, $clonedPermissions);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
// Show the page
Update all controllers to use laravel 5 return view method
2017-06-09 16:44:03 -07:00
return view('users/edit', compact('permissions', 'userPermissions'))
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
->with('user', $user)
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
->with('groups', Group::pluck('name', 'id'))
Formatting fixes for coding standards
2016-06-22 12:27:41 -07:00
->with('userGroups', $userGroups)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
->with('clone_user', $user_to_clone);
} catch (UserNotFoundException $e) {
Fixed compact() errors
2020-04-07 17:26:56 -07:00
return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
/**
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* Return JSON response with a list of user details for the getIndex() view.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.6]
* @param AssetFileRequest $request
* @param int $userId
* @return string JSON
*/
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
public function postUpload(AssetFileRequest $request, $userId = null)
{
$user = User::find($userId);
Additional doc blocks, added private_uploads path
2016-03-25 15:50:08 -07:00
$destinationPath = config('app.private_uploads') . '/users';
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
if (isset($user->id)) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Use upload modal
2020-03-31 22:50:07 -07:00
if (!$request->has('file')) {
\Log::debug('No file selected: ');
\Log::debug(print_r($request, true));
return redirect()->back()->with('error', 'No file submitted.');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Use upload modal
2020-03-31 22:50:07 -07:00
} else {
foreach ($request->file('file') as $file) {
$extension = $file->getClientOriginalExtension();
$filename = 'user-' . $user->id . '-' . str_random(8);
$filename .= '-' . str_slug($file->getClientOriginalName()) . '.' . $extension;
$upload_success = $file->move($destinationPath, $filename);
//Log the uploaded file to the log
$logAction = new Actionlog();
$logAction->item_id = $user->id;
$logAction->item_type = User::class;
Update user uploads for more data to work with recport
2020-04-01 02:22:16 -07:00
$logAction->target_type = User::class;
$logAction->target_id = $user->id;
Use upload modal
2020-03-31 22:50:07 -07:00
$logAction->user_id = Auth::user()->id;
$logAction->note = $request->input('notes');
$logAction->created_at = date("Y-m-d H:i:s");
$logAction->filename = $filename;
$logAction->action_type = 'uploaded';
$logAction->save();
}
return redirect()->back()->with('success', 'File uploaded');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
Use upload modal
2020-03-31 22:50:07 -07:00
return redirect()->route('users.index')->with('error', 'Error uploading files');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
* Delete file
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.6]
* @param int $userId
* @param int $fileId
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Http\RedirectResponse
*/
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
public function getDeleteFile($userId = null, $fileId = null)
{
$user = User::find($userId);
Additional doc blocks, added private_uploads path
2016-03-25 15:50:08 -07:00
$destinationPath = config('app.private_uploads').'/users';
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
if (isset($user->id)) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', $user);
$log = Actionlog::find($fileId);
$full_filename = $destinationPath . '/' . $log->filename;
if (file_exists($full_filename)) {
unlink($destinationPath . '/' . $log->filename);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$log->delete();
return redirect()->back()->with('success', trans('admin/users/message.deletefile.success'));
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Fixed compact() errors
2020-04-07 17:26:56 -07:00
return redirect()->route('users.index')->with('error', trans('admin/users/message.does_not_exist'));
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
* Display/download the uploaded file
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.6]
* @param int $userId
* @param int $fileId
* @return mixed
*/
public function displayFile($userId = null, $fileId = null)
{
$user = User::find($userId);
// the license is valid
if (isset($user->id)) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('view', $user);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$log = Actionlog::find($fileId);
$file = $log->get_src('users');
return Response::download($file);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
// Prepare the error message
$error = trans('admin/users/message.does_not_exist', compact('id'));
// Redirect to the licence management page
return redirect()->route('users.index')->with('error', $error);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
* Return view for LDAP import
*
* @author Aladin Alaily
* @since [v1.8]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Contracts\View\View
*/
Removed unused variables
2016-07-13 07:24:54 -07:00
public function getLDAP()
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('update', User::class);
Reworked LDAP login. Fixes #2218 LDAP no longer fails completely when the connection settings are wrong, or when app key is messed up. Rather than auth as the admin user and search, we auth as the user themselves. Admin auth is only for LDAP sync now. This should mean much fewer problems with donked LDAP settings and login.
2016-07-13 05:50:24 -07:00
try {
$ldapconn = Ldap::connectToLdap();
} catch (\Exception $e) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
return redirect()->route('users.index')->with('error', $e->getMessage());
Reworked LDAP login. Fixes #2218 LDAP no longer fails completely when the connection settings are wrong, or when app key is messed up. Rather than auth as the admin user and search, we auth as the user themselves. Admin auth is only for LDAP sync now. This should mean much fewer problems with donked LDAP settings and login.
2016-07-13 05:50:24 -07:00
}
try {
Ldap::bindAdminToLdap($ldapconn);
} catch (\Exception $e) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
return redirect()->route('users.index')->with('error', $e->getMessage());
Reworked LDAP login. Fixes #2218 LDAP no longer fails completely when the connection settings are wrong, or when app key is messed up. Rather than auth as the admin user and search, we auth as the user themselves. Admin auth is only for LDAP sync now. This should mean much fewer problems with donked LDAP settings and login.
2016-07-13 05:50:24 -07:00
}
Remove old helpers (#5843) * Cleanup model bulk-edit Use the general partials where appropriate, as well as display a list of what models we are editing in the bulk edit. * Use new api based fetch/display for modal select2. This is just copy/pasting the code currently because I'm not entirely sure how the two pieces of code interact. * Remove old helper functions that are no longer necessary with our populating of select2 dropdowns via ajax.
2018-07-16 14:22:25 -07:00
return view('users/ldap');
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
/**
* Declare the rules for the ldap fields validation.
*
* @author Aladin Alaily
* @since [v1.8]
* @var array
* @deprecated 3.0
* @todo remove this method in favor of other validation
* @var array
*/
protected $ldapValidationRules = array(
'firstname' => 'required|string|min:2',
'employee_number' => 'string',
'username' => 'required|min:2|unique:users,username',
'email' => 'email|unique:users,email',
);
/**
* LDAP form processing.
*
* @author Aladin Alaily
* @since [v1.8]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return \Illuminate\Http\RedirectResponse
*/
Ignore location field if no value is passed
2016-08-02 03:45:03 -07:00
public function postLDAP(Request $request)
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
{
LDAP sync improvements and DB query fix. (#4148) * Set 'ldap_ou' Location field to NULL when an empty string is submitted. * Consolidate LDAP user import logic in LdapSync.php.
2017-10-06 16:15:14 -07:00
// Call Artisan LDAP import command.
$location_id = $request->input('location_id');
Artisan::call('snipeit:ldap-sync', ['--location_id' => $location_id, '--json_summary' => true]);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
LDAP sync improvements and DB query fix. (#4148) * Set 'ldap_ou' Location field to NULL when an empty string is submitted. * Consolidate LDAP user import logic in LdapSync.php.
2017-10-06 16:15:14 -07:00
// Collect and parse JSON summary.
$ldap_results_json = Artisan::output();
$ldap_results = json_decode($ldap_results_json, true);
Add support for location-specific LDAP OUs. (#3176) * Add support for location-specific LDAP OUs. * Shortened variable names as suggested by Codacy review.
2017-01-11 23:37:14 -08:00
LDAP sync improvements and DB query fix. (#4148) * Set 'ldap_ou' Location field to NULL when an empty string is submitted. * Consolidate LDAP user import logic in LdapSync.php.
2017-10-06 16:15:14 -07:00
// Direct user to appropriate status page.
if ($ldap_results['error']) {
return redirect()->back()->withInput()->with('error', $ldap_results['error_message']);
} else {
return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $ldap_results['summary']);
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
}
Removed old getassetloist method
2017-08-26 15:22:04 -07:00
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
/**
* Exports users to CSV
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.5]
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
* @return StreamedResponse
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
*/
public function getExportUserCsv()
{
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
$this->authorize('view', User::class);
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
\Debugbar::disable();
Small phpcbf cleanup
2016-12-29 14:02:18 -08:00
$response = new StreamedResponse(function () {
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
// Open output stream
$handle = fopen('php://output', 'w');
Add departments to usr export
2018-02-01 13:54:49 -08:00
User::with('assets', 'accessories', 'consumables', 'department', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle')->orderBy('created_at', 'DESC')->chunk(500, function($users) use($handle) {
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
$headers=[
// strtolower to prevent Excel from trying to open it as a SYLK file
strtolower(trans('general.id')),
trans('admin/companies/table.title'),
Added username, fixed duplicate company name
2016-10-25 02:50:23 -07:00
trans('admin/users/table.title'),
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
trans('admin/users/table.employee_num'),
trans('admin/users/table.name'),
Added username, fixed duplicate company name
2016-10-25 02:50:23 -07:00
trans('admin/users/table.username'),
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
trans('admin/users/table.email'),
trans('admin/users/table.manager'),
trans('admin/users/table.location'),
Add departments to usr export
2018-02-01 13:54:49 -08:00
trans('general.department'),
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
trans('general.assets'),
trans('general.licenses'),
trans('general.accessories'),
trans('general.consumables'),
trans('admin/users/table.groups'),
trans('general.notes'),
trans('admin/users/table.activated'),
trans('general.created_at')
];
User resource routes
2016-12-15 20:52:39 -08:00
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
fputcsv($handle, $headers);
foreach ($users as $user) {
$user_groups = '';
foreach ($user->groups as $user_group) {
$user_groups .= $user_group->name.', ';
}
// Add a new row with data
$values = [
$user->id,
($user->company) ? $user->company->name : '',
Added username, fixed duplicate company name
2016-10-25 02:50:23 -07:00
$user->jobtitle,
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
$user->employee_num,
Add presenters for models. (#3098) * Add presenters for models. Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot. Move view specific modifications from the models to the presenters as well. * Fix some issues found by travis and codacy * Fix a few more issues found while testing. * Attempt another acceptance test fix * Try something else * Maybe..
2016-12-23 17:52:00 -08:00
$user->present()->fullName(),
Added username, fixed duplicate company name
2016-10-25 02:50:23 -07:00
$user->username,
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
$user->email,
Add presenters for models. (#3098) * Add presenters for models. Move bootstrap table JSON generation to these presenters, which cleans up controllers a lot. Move view specific modifications from the models to the presenters as well. * Fix some issues found by travis and codacy * Fix a few more issues found while testing. * Attempt another acceptance test fix * Try something else * Maybe..
2016-12-23 17:52:00 -08:00
($user->manager) ? $user->manager->present()->fullName() : '',
Fixes #3092 - user location not being exported correctly
2016-12-22 15:53:34 -08:00
($user->userloc) ? $user->userloc->name : '',
Add departments to usr export
2018-02-01 13:54:49 -08:00
($user->department) ? $user->department->name : '',
Export users to CSV Bypasses the weird limit bug in the javascript
2016-10-25 02:41:34 -07:00
$user->assets->count(),
$user->licenses->count(),
$user->accessories->count(),
$user->consumables->count(),
$user_groups,
$user->notes,
($user->activated=='1') ? trans('general.yes') : trans('general.no'),
$user->created_at,
];
fputcsv($handle, $values);
}
});
// Close the output stream
fclose($handle);
}, 200, [
'Content-Type' => 'text/csv',
'Content-Disposition' => 'attachment; filename="users-'.date('Y-m-d-his').'.csv"',
]);
return $response;
}
Fixes #106 - adds Google Authenticator support (#2842) * refactor to clean up LDAP login, and make the login method easier to handle. * Login refactor cleanup * Google 2FA package * Adds Google Authenticator two-factor * Removed unused blade * Added optin setting in profile * Removed dumb comments * Made lock_passwords check more consistent * Additional two factor strings * Lock passwords check * Display feature disabled text if in demo mode * Two factor admin reset options * Translation strings
2016-10-29 05:50:55 -07:00
Starter print template for all assets assigned to a user
2017-12-05 01:55:24 -08:00
/**
* LDAP form processing.
*
* @author Aladin Alaily
* @since [v1.8]
* @return \Illuminate\Http\RedirectResponse
*/
Fixed #4581 - renamed print method
2017-12-06 11:17:42 -08:00
public function printInventory($id)
Starter print template for all assets assigned to a user
2017-12-05 01:55:24 -08:00
{
Fixed #6349 - add view permission for print all assigned
2018-10-19 16:43:28 -07:00
$this->authorize('view', User::class);
Fixed #4581 - renamed print method
2017-12-06 11:17:42 -08:00
$show_user = User::where('id',$id)->withTrashed()->first();
Added #2562 - print view of all assigned inventory
2017-12-05 12:34:16 -08:00
$assets = Asset::where('assigned_to', $id)->where('assigned_type', User::class)->with('model', 'model.category')->get();
Fixed #4581 - renamed print method
2017-12-06 11:17:42 -08:00
$licenses = $show_user->licenses()->get();
$accessories = $show_user->accessories()->get();
$consumables = $show_user->consumables()->get();
return view('users/print')->with('assets', $assets)->with('licenses',$licenses)->with('accessories', $accessories)->with('consumables', $consumables)->with('show_user', $show_user);
Starter print template for all assets assigned to a user
2017-12-05 01:55:24 -08:00
}
Version 3 - hold onto your butts
2016-03-25 01:18:05 -07:00
}
Reference in a new issue Copy permalink