snipe-it/app/Models/Company.php

<?php
namespace App\Models;

use Illuminate\Database\Eloquent\Model;
use Watson\Validating\ValidatingTrait;
use Auth;
use DB;

/**
 * Model for Companies.
 *
 * @version    v1.8
 */
final class Company extends Model
{
    protected $table = 'companies';

    // Declare the rules for the model validation
    protected $rules = [
        'name' => 'required|min:1|max:255|unique:companies,name'
    ];


    /**
    * Whether the model should inject it's identifier to the unique
    * validation rules before attempting validation. If this property
    * is not set in the model it will default to true.
    *
    * @var boolean
    */
    protected $injectUniqueIdentifier = true;
    use ValidatingTrait;


    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = ['name'];

    private static function isFullMultipleCompanySupportEnabled()
    {
        $settings = Setting::getSettings();

        // NOTE: this can happen when seeding the database
        if (is_null($settings)) {
            return false;
        } else {
            return $settings->full_multiple_companies_support == 1;
        }
    }

    private static function scopeCompanyablesDirectly($query, $column = 'company_id')
    {
        if (Auth::user()) {
            $company_id = Auth::user()->company_id;
        } else {
            $company_id = null;
        }

        return $query->where($column, '=', $company_id);
    }

    public static function getSelectList()
    {
        $select_company = trans('general.select_company');
        return ['0' => $select_company] + DB::table('companies')->orderBy('name', 'ASC')->lists('name', 'id');
    }

    public static function getIdFromInput($unescaped_input)
    {
        $escaped_input = e($unescaped_input);

        if ($escaped_input == '0') {
            return null;
        } else {
            return $escaped_input;
        }
    }

    public static function getIdForCurrentUser($unescaped_input)
    {
        if (!static::isFullMultipleCompanySupportEnabled()) {
            return static::getIdFromInput($unescaped_input);
        } else {
            $current_user = Auth::user();

            // Super users should be able to set a company to whatever they need
            if ($current_user->isSuperUser()) {
                return static::getIdFromInput($unescaped_input);
            } else {
                if ($current_user->company_id != null) {
                    return $current_user->company_id;
                } else {
                    return static::getIdFromInput($unescaped_input);
                }
            }

        }
    }

    public static function isCurrentUserHasAccess($companyable)
    {
        if (is_null($companyable)) {
            return false;
        } elseif (!static::isFullMultipleCompanySupportEnabled()) {
            return true;
        } else {
            $current_user_company_id = Auth::user()->company_id;
            $companyable_company_id = $companyable->company_id;
            return ($current_user_company_id == null || $current_user_company_id == $companyable_company_id || Auth::user()->isSuperUser());
        }
    }

    public static function isCurrentUserAuthorized()
    {

        return ((!static::isFullMultipleCompanySupportEnabled()) || (Auth::user()->isSuperUser()));
    }

    public static function canManageUsersCompanies()
    {
        return (!static::isFullMultipleCompanySupportEnabled() || Auth::user()->isSuperUser() ||
                Auth::user()->company_id == null);
    }

    public static function getIdForUser($unescaped_input)
    {
        if (!static::isFullMultipleCompanySupportEnabled() || Auth::user()->isSuperUser()) {
            return static::getIdFromInput($unescaped_input);
        } else {
            return static::getIdForCurrentUser($unescaped_input);
        }
    }

    public static function scopeCompanyables($query, $column = 'company_id')
    {
        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
            return $query;
        } else {
            return static::scopeCompanyablesDirectly($query, $column);
        }
    }

    public static function scopeCompanyableChildren(array $companyable_names, $query)
    {
        if (count($companyable_names) == 0) {
            throw new Exception('No Companyable Children to scope');
        } elseif (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
            return $query;
        } else {
            $f = function ($q) {

                static::scopeCompanyablesDirectly($q);
            };

            $q = $query->where(function ($q) use ($companyable_names, $f) {
                $q2 = $q->whereHas($companyable_names[0], $f);

                for ($i = 1; $i < count($companyable_names); $i++) {
                    $q2 = $q2->orWhereHas($companyable_names[$i], $f);
                }
            });
            return $q;
        }
    }

    public static function getName($companyable)
    {
        $company = $companyable->company;

        if (is_null($company)) {
            return '';
        } else {
            return e($company->name);
        }
    }
}
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`<?php`
			`namespace App\Models;`

			`use Illuminate\Database\Eloquent\Model;`
			`use Watson\Validating\ValidatingTrait;`
Allow superadmins to print labels 2016-06-10 03:40:49 -07:00			`use Auth;`
Updated lang to trans 2016-07-10 21:04:49 -07:00			`use DB;`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00
Updated docblocks 2016-04-07 13:21:09 -07:00			`/**`
			`* Model for Companies.`
			`*`
			`* @version v1.8`
			`*/`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`final class Company extends Model`
			`{`
			`protected $table = 'companies';`

			`// Declare the rules for the model validation`
Custom validator for multiple deleted items with the same unique field 2016-07-26 00:44:26 -07:00			`protected $rules = [`
Duh, we don’t soft-delete companies 2016-07-26 02:11:41 -07:00			`'name' => 'required\|min:1\|max:255\|unique:companies,name'`
Custom validator for multiple deleted items with the same unique field 2016-07-26 00:44:26 -07:00			`];`


Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`/**`
			`* Whether the model should inject it's identifier to the unique`
			`* validation rules before attempting validation. If this property`
			`* is not set in the model it will default to true.`
			`*`
			`* @var boolean`
			`*/`
			`protected $injectUniqueIdentifier = true;`
			`use ValidatingTrait;`


			`/**`
			`* The attributes that are mass assignable.`
			`*`
			`* @var array`
			`*/`
			`protected $fillable = ['name'];`

			`private static function isFullMultipleCompanySupportEnabled()`
			`{`
			`$settings = Setting::getSettings();`

			`// NOTE: this can happen when seeding the database`
			`if (is_null($settings)) {`
			`return false;`
			`} else {`
			`return $settings->full_multiple_companies_support == 1;`
			`}`
			`}`

			`private static function scopeCompanyablesDirectly($query, $column = 'company_id')`
			`{`
			`if (Auth::user()) {`
			`$company_id = Auth::user()->company_id;`
			`} else {`
			`$company_id = null;`
			`}`

Scope to company when viewing assets (#2315) * If a user doesn't belong to a company, when scoping to a company we should only show items that don't belong to a company. * Scope tables/items to the company they belong to when fetching items for the index. * Fix asset count to also scope to company. This fixes dashboard view * Exempt super users from the child company check to be consistent. Fixes license count on dashboard now that we scope everything 2016-07-25 19:46:29 -07:00			`return $query->where($column, '=', $company_id);`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`}`

			`public static function getSelectList()`
			`{`
Updated lang to trans 2016-07-10 21:04:49 -07:00			`$select_company = trans('general.select_company');`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`return ['0' => $select_company] + DB::table('companies')->orderBy('name', 'ASC')->lists('name', 'id');`
			`}`

			`public static function getIdFromInput($unescaped_input)`
			`{`
			`$escaped_input = e($unescaped_input);`

			`if ($escaped_input == '0') {`
			`return null;`
			`} else {`
			`return $escaped_input;`
			`}`
			`}`

			`public static function getIdForCurrentUser($unescaped_input)`
			`{`
			`if (!static::isFullMultipleCompanySupportEnabled()) {`
			`return static::getIdFromInput($unescaped_input);`
			`} else {`
			`$current_user = Auth::user();`

Allow super admins to override company 2016-07-28 12:40:19 -07:00			`// Super users should be able to set a company to whatever they need`
			`if ($current_user->isSuperUser()) {`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`return static::getIdFromInput($unescaped_input);`
Allow super admins to override company 2016-07-28 12:40:19 -07:00			`} else {`
			`if ($current_user->company_id != null) {`
			`return $current_user->company_id;`
			`} else {`
			`return static::getIdFromInput($unescaped_input);`
			`}`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`}`
Allow super admins to override company 2016-07-28 12:40:19 -07:00
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`}`
			`}`

			`public static function isCurrentUserHasAccess($companyable)`
			`{`
			`if (is_null($companyable)) {`
			`return false;`
			`} elseif (!static::isFullMultipleCompanySupportEnabled()) {`
			`return true;`
			`} else {`
			`$current_user_company_id = Auth::user()->company_id;`
			`$companyable_company_id = $companyable->company_id;`
Let superadmins through companyable trait 2016-06-10 04:07:27 -07:00			`return ($current_user_company_id == null \|\| $current_user_company_id == $companyable_company_id \|\| Auth::user()->isSuperUser());`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`}`
			`}`

			`public static function isCurrentUserAuthorized()`
			`{`
Let superadmins through companyable trait 2016-06-10 04:07:27 -07:00
Don't allow users without a company to change the company of items if full company support is enabled. (#2321) 2016-07-26 13:31:36 -07:00			`return ((!static::isFullMultipleCompanySupportEnabled()) \|\| (Auth::user()->isSuperUser()));`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`}`

			`public static function canManageUsersCompanies()`
			`{`
			`return (!static::isFullMultipleCompanySupportEnabled() \|\| Auth::user()->isSuperUser() \|\|`
			`Auth::user()->company_id == null);`
			`}`

			`public static function getIdForUser($unescaped_input)`
			`{`
			`if (!static::isFullMultipleCompanySupportEnabled() \|\| Auth::user()->isSuperUser()) {`
			`return static::getIdFromInput($unescaped_input);`
			`} else {`
			`return static::getIdForCurrentUser($unescaped_input);`
			`}`
			`}`

			`public static function scopeCompanyables($query, $column = 'company_id')`
			`{`
Formatting fixes for coding standards 2016-06-22 12:27:41 -07:00			`if (!static::isFullMultipleCompanySupportEnabled() \|\| (Auth::check() && Auth::user()->isSuperUser())) {`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`return $query;`
			`} else {`
			`return static::scopeCompanyablesDirectly($query, $column);`
			`}`
			`}`

			`public static function scopeCompanyableChildren(array $companyable_names, $query)`
			`{`
			`if (count($companyable_names) == 0) {`
			`throw new Exception('No Companyable Children to scope');`
Scope to company when viewing assets (#2315) * If a user doesn't belong to a company, when scoping to a company we should only show items that don't belong to a company. * Scope tables/items to the company they belong to when fetching items for the index. * Fix asset count to also scope to company. This fixes dashboard view * Exempt super users from the child company check to be consistent. Fixes license count on dashboard now that we scope everything 2016-07-25 19:46:29 -07:00			`} elseif (!static::isFullMultipleCompanySupportEnabled() \|\| (Auth::check() && Auth::user()->isSuperUser())) {`
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`return $query;`
			`} else {`
			`$f = function ($q) {`
Updated docblocks 2016-04-07 13:21:09 -07:00
Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00			`static::scopeCompanyablesDirectly($q);`
			`};`

			`$q = $query->where(function ($q) use ($companyable_names, $f) {`
			`$q2 = $q->whereHas($companyable_names[0], $f);`

			`for ($i = 1; $i < count($companyable_names); $i++) {`
			`$q2 = $q2->orWhereHas($companyable_names[$i], $f);`
			`}`
			`});`
			`return $q;`
			`}`
			`}`

			`public static function getName($companyable)`
			`{`
			`$company = $companyable->company;`

			`if (is_null($company)) {`
			`return '';`
			`} else {`
			`return e($company->name);`
			`}`
			`}`
			`}`