2017-01-11 18:14:06 -08:00
< ? php
2021-06-10 13:15:52 -07:00
2017-01-11 18:14:06 -08:00
namespace App\Http\Controllers\Api ;
use App\Helpers\Helper ;
2017-01-25 21:29:23 -08:00
use App\Http\Controllers\Controller ;
2017-11-27 21:17:16 -08:00
use App\Http\Requests\AssetCheckoutRequest ;
2017-01-25 21:29:23 -08:00
use App\Http\Transformers\AssetsTransformer ;
2019-01-22 14:47:40 -08:00
use App\Http\Transformers\LicensesTransformer ;
2019-03-13 20:12:03 -07:00
use App\Http\Transformers\SelectlistTransformer ;
2017-01-11 18:14:06 -08:00
use App\Models\Asset ;
use App\Models\AssetModel ;
use App\Models\Company ;
use App\Models\CustomField ;
2019-01-22 14:47:40 -08:00
use App\Models\License ;
2017-01-11 18:14:06 -08:00
use App\Models\Location ;
2017-01-25 21:29:23 -08:00
use App\Models\Setting ;
2017-01-11 18:14:06 -08:00
use App\Models\User ;
2017-01-25 21:29:23 -08:00
use Auth ;
use Carbon\Carbon ;
use DB ;
2017-01-11 18:14:06 -08:00
use Illuminate\Http\Request ;
2021-06-10 13:15:52 -07:00
use Illuminate\Support\Facades\Gate ;
2017-01-25 21:29:23 -08:00
use Input ;
use Paginator ;
use Slack ;
use Str ;
use TCPDF ;
use Validator ;
2017-01-11 18:14:06 -08:00
/**
* This class controls all actions related to assets for
* the Snipe - IT Asset Management application .
*
* @ version v1 . 0
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
*/
class AssetsController extends Controller
{
2017-01-11 23:40:56 -08:00
/**
* Returns JSON listing of all assets
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param int $assetId
* @ since [ v4 . 0 ]
* @ return JsonResponse
*/
2019-05-05 19:32:52 -07:00
public function index ( Request $request , $audit = null )
2017-01-11 18:14:06 -08:00
{
2017-01-13 11:41:00 -08:00
$this -> authorize ( 'index' , Asset :: class );
2018-01-17 19:18:48 -08:00
$settings = Setting :: getSettings ();
2017-01-13 11:41:00 -08:00
$allowed_columns = [
'id' ,
'name' ,
'asset_tag' ,
'serial' ,
'model_number' ,
'last_checkout' ,
'notes' ,
'expected_checkin' ,
'order_number' ,
'image' ,
'assigned_to' ,
'created_at' ,
2017-02-23 16:23:02 -08:00
'updated_at' ,
2017-01-13 11:41:00 -08:00
'purchase_date' ,
2017-10-31 07:05:15 -07:00
'purchase_cost' ,
2017-12-12 03:03:43 -08:00
'last_audit_date' ,
'next_audit_date' ,
2017-10-31 07:05:15 -07:00
'warranty_months' ,
2018-05-16 19:20:43 -07:00
'checkout_counter' ,
'checkin_counter' ,
'requests_counter' ,
2017-01-13 11:41:00 -08:00
];
2021-06-10 13:15:52 -07:00
$filter = [];
2018-01-11 15:17:34 -08:00
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'filter' )) {
2018-04-25 20:25:03 -07:00
$filter = json_decode ( $request -> input ( 'filter' ), true );
2017-03-11 04:26:01 -08:00
}
2017-01-13 11:41:00 -08:00
$all_custom_fields = CustomField :: all (); //used as a 'cache' of custom fields throughout this page load
foreach ( $all_custom_fields as $field ) {
2021-06-10 13:15:52 -07:00
$allowed_columns [] = $field -> db_column_name ();
2017-01-13 11:41:00 -08:00
}
2021-06-10 13:15:52 -07:00
$assets = Company :: scopeCompanyables ( Asset :: select ( 'assets.*' ), 'company_id' , 'assets' )
2018-01-11 15:17:34 -08:00
-> with ( 'location' , 'assetstatus' , 'assetlog' , 'company' , 'defaultLoc' , 'assignedTo' ,
2021-06-10 13:15:52 -07:00
'model.category' , 'model.manufacturer' , 'model.fieldset' , 'supplier' );
2017-10-18 10:07:35 -07:00
2018-01-11 15:17:34 -08:00
// These are used by the API to query against specific ID numbers.
// They are also used by the individual searches on detail pages like
// locations, etc.
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'status_id' )) {
2017-10-20 17:37:46 -07:00
$assets -> where ( 'assets.status_id' , '=' , $request -> input ( 'status_id' ));
2017-02-03 20:34:09 -08:00
}
2021-06-10 13:15:52 -07:00
if ( $request -> input ( 'requestable' ) == 'true' ) {
2018-04-04 17:33:02 -07:00
$assets -> where ( 'assets.requestable' , '=' , '1' );
}
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'model_id' )) {
2017-02-03 19:34:24 -08:00
$assets -> InModelList ([ $request -> input ( 'model_id' )]);
}
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'category_id' )) {
2017-02-03 19:34:24 -08:00
$assets -> InCategory ( $request -> input ( 'category_id' ));
}
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'location_id' )) {
2017-11-03 20:10:36 -07:00
$assets -> where ( 'assets.location_id' , '=' , $request -> input ( 'location_id' ));
2017-02-08 03:31:42 -08:00
}
2020-04-08 11:00:04 -07:00
if ( $request -> filled ( 'rtd_location_id' )) {
$assets -> where ( 'assets.rtd_location_id' , '=' , $request -> input ( 'rtd_location_id' ));
}
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'supplier_id' )) {
2017-05-15 20:55:39 -07:00
$assets -> where ( 'assets.supplier_id' , '=' , $request -> input ( 'supplier_id' ));
}
2019-05-23 17:39:50 -07:00
if (( $request -> filled ( 'assigned_to' )) && ( $request -> filled ( 'assigned_type' ))) {
2018-01-10 05:44:11 -08:00
$assets -> where ( 'assets.assigned_to' , '=' , $request -> input ( 'assigned_to' ))
2019-02-13 04:45:21 -08:00
-> where ( 'assets.assigned_type' , '=' , $request -> input ( 'assigned_type' ));
2018-01-10 05:44:11 -08:00
}
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'company_id' )) {
2017-03-14 08:37:39 -07:00
$assets -> where ( 'assets.company_id' , '=' , $request -> input ( 'company_id' ));
2017-02-08 03:31:42 -08:00
}
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'manufacturer_id' )) {
2017-02-03 19:52:00 -08:00
$assets -> ByManufacturer ( $request -> input ( 'manufacturer_id' ));
}
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'depreciation_id' )) {
2017-10-17 11:20:05 -07:00
$assets -> ByDepreciationId ( $request -> input ( 'depreciation_id' ));
}
2019-05-23 17:39:50 -07:00
$request -> filled ( 'order_number' ) ? $assets = $assets -> where ( 'assets.order_number' , '=' , e ( $request -> get ( 'order_number' ))) : '' ;
2020-02-04 12:32:24 -08:00
// Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
// case we override with the actual count, so we should return 0 items.
$offset = (( $assets ) && ( $request -> get ( 'offset' ) > $assets -> count ())) ? $assets -> count () : $request -> get ( 'offset' , 0 );
2019-09-03 14:02:08 -07:00
// Check to make sure the limit is not higher than the max allowed
2019-09-03 20:28:49 -07:00
(( config ( 'app.max_results' ) >= $request -> input ( 'limit' )) && ( $request -> filled ( 'limit' ))) ? $limit = $request -> input ( 'limit' ) : $limit = config ( 'app.max_results' );
2019-09-03 14:02:08 -07:00
2017-01-13 11:41:00 -08:00
$order = $request -> input ( 'order' ) === 'asc' ? 'asc' : 'desc' ;
2017-01-11 18:14:06 -08:00
2019-05-05 19:32:52 -07:00
// This is used by the audit reporting routes
if ( Gate :: allows ( 'audit' , Asset :: class )) {
switch ( $audit ) {
case 'due' :
$assets -> DueOrOverdueForAudit ( $settings );
break ;
case 'overdue' :
$assets -> overdueForAudit ( $settings );
break ;
}
}
2017-05-15 20:55:39 -07:00
// This is used by the sidenav, mostly
2017-10-17 12:48:18 -07:00
// We switched from using query scopes here because of a Laravel bug
// related to fulltext searches on complex queries.
// I am sad. :(
2017-02-08 03:37:44 -08:00
switch ( $request -> input ( 'status' )) {
2017-01-11 18:14:06 -08:00
case 'Deleted' :
2019-01-24 14:47:44 -08:00
$assets -> onlyTrashed ();
2017-01-11 18:14:06 -08:00
break ;
case 'Pending' :
2021-06-10 13:15:52 -07:00
$assets -> join ( 'status_labels AS status_alias' , function ( $join ) {
$join -> on ( 'status_alias.id' , '=' , 'assets.status_id' )
-> where ( 'status_alias.deployable' , '=' , 0 )
-> where ( 'status_alias.pending' , '=' , 1 )
2017-10-18 01:21:08 -07:00
-> where ( 'status_alias.archived' , '=' , 0 );
2017-10-17 12:48:18 -07:00
});
2017-01-11 18:14:06 -08:00
break ;
case 'RTD' :
2017-10-18 01:21:08 -07:00
$assets -> whereNull ( 'assets.assigned_to' )
2021-06-10 13:15:52 -07:00
-> join ( 'status_labels AS status_alias' , function ( $join ) {
$join -> on ( 'status_alias.id' , '=' , 'assets.status_id' )
-> where ( 'status_alias.deployable' , '=' , 1 )
-> where ( 'status_alias.pending' , '=' , 0 )
2019-02-13 04:45:21 -08:00
-> where ( 'status_alias.archived' , '=' , 0 );
});
2017-01-11 18:14:06 -08:00
break ;
case 'Undeployable' :
$assets -> Undeployable ();
break ;
case 'Archived' :
2021-06-10 13:15:52 -07:00
$assets -> join ( 'status_labels AS status_alias' , function ( $join ) {
$join -> on ( 'status_alias.id' , '=' , 'assets.status_id' )
-> where ( 'status_alias.deployable' , '=' , 0 )
-> where ( 'status_alias.pending' , '=' , 0 )
2017-10-18 01:21:08 -07:00
-> where ( 'status_alias.archived' , '=' , 1 );
2017-10-17 12:48:18 -07:00
});
2017-01-11 18:14:06 -08:00
break ;
case 'Requestable' :
2017-10-17 12:48:18 -07:00
$assets -> where ( 'assets.requestable' , '=' , 1 )
2021-06-10 13:15:52 -07:00
-> join ( 'status_labels AS status_alias' , function ( $join ) {
$join -> on ( 'status_alias.id' , '=' , 'assets.status_id' )
-> where ( 'status_alias.deployable' , '=' , 1 )
-> where ( 'status_alias.pending' , '=' , 0 )
2019-02-13 04:45:21 -08:00
-> where ( 'status_alias.archived' , '=' , 0 );
});
2017-10-17 12:48:18 -07:00
2017-01-11 18:14:06 -08:00
break ;
case 'Deployed' :
2017-10-17 12:48:18 -07:00
// more sad, horrible workarounds for laravel bugs when doing full text searches
$assets -> where ( 'assets.assigned_to' , '>' , '0' );
2017-01-11 18:14:06 -08:00
break ;
2017-10-17 11:20:05 -07:00
default :
2018-01-17 19:18:48 -08:00
2021-06-10 13:15:52 -07:00
if (( ! $request -> filled ( 'status_id' )) && ( $settings -> show_archived_in_list != '1' )) {
2018-01-17 19:18:48 -08:00
// terrible workaround for complex-query Laravel bug in fulltext
2021-06-10 13:15:52 -07:00
$assets -> join ( 'status_labels AS status_alias' , function ( $join ) {
$join -> on ( 'status_alias.id' , '=' , 'assets.status_id' )
2018-01-17 19:18:48 -08:00
-> where ( 'status_alias.archived' , '=' , 0 );
});
2019-02-13 04:45:21 -08:00
2021-06-10 13:15:52 -07:00
// If there is a status ID, don't take show_archived_in_list into consideration
2018-02-01 14:31:32 -08:00
} else {
2021-06-10 13:15:52 -07:00
$assets -> join ( 'status_labels AS status_alias' , function ( $join ) {
$join -> on ( 'status_alias.id' , '=' , 'assets.status_id' );
2018-02-01 14:31:32 -08:00
});
2018-01-17 19:18:48 -08:00
}
2017-01-11 18:14:06 -08:00
}
2021-06-10 13:15:52 -07:00
if (( ! is_null ( $filter )) && ( count ( $filter )) > 0 ) {
2018-01-11 15:17:34 -08:00
$assets -> ByFilter ( $filter );
2019-05-23 17:39:50 -07:00
} elseif ( $request -> filled ( 'search' )) {
2018-01-11 15:17:34 -08:00
$assets -> TextSearch ( $request -> input ( 'search' ));
}
2017-10-18 09:27:34 -07:00
// This is kinda gross, but we need to do this because the Bootstrap Tables
// API passes custom field ordering as custom_fields.fieldname, and we have to strip
// that out to let the default sorter below order them correctly on the assets table.
2021-06-10 13:15:52 -07:00
$sort_override = str_replace ( 'custom_fields.' , '' , $request -> input ( 'sort' ));
2017-10-18 09:27:34 -07:00
// This handles all of the pivot sorting (versus the assets.* fields
// in the allowed_columns array)
$column_sort = in_array ( $sort_override , $allowed_columns ) ? $sort_override : 'assets.created_at' ;
2019-02-13 04:45:21 -08:00
2017-10-18 09:27:34 -07:00
switch ( $sort_override ) {
2017-01-11 18:14:06 -08:00
case 'model' :
2017-01-13 11:41:00 -08:00
$assets -> OrderModels ( $order );
2017-01-11 18:14:06 -08:00
break ;
case 'model_number' :
2017-01-13 11:41:00 -08:00
$assets -> OrderModelNumber ( $order );
2017-01-11 18:14:06 -08:00
break ;
case 'category' :
2017-01-13 11:41:00 -08:00
$assets -> OrderCategory ( $order );
2017-01-11 18:14:06 -08:00
break ;
case 'manufacturer' :
2017-01-13 11:41:00 -08:00
$assets -> OrderManufacturer ( $order );
2017-01-11 18:14:06 -08:00
break ;
2017-01-13 11:41:00 -08:00
case 'company' :
$assets -> OrderCompany ( $order );
2017-01-11 18:14:06 -08:00
break ;
case 'location' :
2017-01-13 11:41:00 -08:00
$assets -> OrderLocation ( $order );
2018-01-24 14:27:12 -08:00
case 'rtd_location' :
$assets -> OrderRtdLocation ( $order );
2017-01-11 18:14:06 -08:00
break ;
case 'status_label' :
2017-01-13 11:41:00 -08:00
$assets -> OrderStatus ( $order );
2017-01-11 18:14:06 -08:00
break ;
2017-05-15 20:55:39 -07:00
case 'supplier' :
$assets -> OrderSupplier ( $order );
break ;
2017-01-11 18:14:06 -08:00
case 'assigned_to' :
2017-01-13 11:41:00 -08:00
$assets -> OrderAssigned ( $order );
2017-01-11 18:14:06 -08:00
break ;
default :
2017-05-15 20:55:39 -07:00
$assets -> orderBy ( $column_sort , $order );
2017-01-11 18:14:06 -08:00
break ;
}
2018-01-10 05:44:11 -08:00
2017-01-13 11:41:00 -08:00
$total = $assets -> count ();
$assets = $assets -> skip ( $offset ) -> take ( $limit ) -> get ();
2018-07-24 19:35:26 -07:00
// dd($assets);
2017-01-13 11:41:00 -08:00
return ( new AssetsTransformer ) -> transformAssets ( $assets , $total );
2017-01-11 18:14:06 -08:00
}
2018-03-23 14:50:11 -07:00
/**
* Returns JSON with information about an asset ( by tag ) for detail view .
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param string $tag
* @ since [ v4 . 2.1 ]
* @ return JsonResponse
*/
public function showByTag ( $tag )
{
2021-06-10 13:15:52 -07:00
if ( $asset = Asset :: with ( 'assetstatus' ) -> with ( 'assignedTo' ) -> where ( 'asset_tag' , $tag ) -> first ()) {
2018-03-23 14:50:11 -07:00
$this -> authorize ( 'view' , $asset );
2021-06-10 13:15:52 -07:00
2018-03-23 14:50:11 -07:00
return ( new AssetsTransformer ) -> transformAsset ( $asset );
}
2021-06-10 13:15:52 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , null , 'Asset not found' ), 200 );
2018-03-23 14:50:11 -07:00
}
/**
* Returns JSON with information about an asset ( by serial ) for detail view .
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param string $serial
* @ since [ v4 . 2.1 ]
* @ return JsonResponse
*/
public function showBySerial ( $serial )
{
2019-02-13 04:46:19 -08:00
$this -> authorize ( 'index' , Asset :: class );
2018-03-23 14:50:11 -07:00
if ( $assets = Asset :: with ( 'assetstatus' ) -> with ( 'assignedTo' )
2021-06-10 13:15:52 -07:00
-> withTrashed () -> where ( 'serial' , $serial ) -> get ()) {
return ( new AssetsTransformer ) -> transformAssets ( $assets , $assets -> count ());
2018-03-23 14:50:11 -07:00
}
2021-06-10 13:15:52 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , null , 'Asset not found' ), 200 );
2018-03-23 14:50:11 -07:00
}
2019-02-13 04:45:21 -08:00
/**
2017-01-11 19:00:34 -08:00
* Returns JSON with information about an asset for detail view .
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param int $assetId
2017-01-11 23:40:56 -08:00
* @ since [ v4 . 0 ]
* @ return JsonResponse
2017-01-11 19:00:34 -08:00
*/
2017-01-12 02:19:55 -08:00
public function show ( $id )
2017-01-11 19:00:34 -08:00
{
2018-07-24 22:40:05 -07:00
if ( $asset = Asset :: with ( 'assetstatus' ) -> with ( 'assignedTo' ) -> withTrashed ()
-> withCount ( 'checkins as checkins_count' , 'checkouts as checkouts_count' , 'userRequests as user_requests_count' ) -> findOrFail ( $id )) {
2017-01-11 19:00:34 -08:00
$this -> authorize ( 'view' , $asset );
2021-06-10 13:15:52 -07:00
2017-01-24 21:04:38 -08:00
return ( new AssetsTransformer ) -> transformAsset ( $asset );
2017-01-11 19:00:34 -08:00
}
}
2021-06-10 13:15:52 -07:00
2019-01-22 14:47:40 -08:00
public function licenses ( $id )
{
$this -> authorize ( 'view' , Asset :: class );
$this -> authorize ( 'view' , License :: class );
$asset = Asset :: where ( 'id' , $id ) -> withTrashed () -> first ();
$licenses = $asset -> licenses () -> get ();
2019-02-13 04:44:19 -08:00
2021-06-10 13:15:52 -07:00
return ( new LicensesTransformer ()) -> transformLicenses ( $licenses , $licenses -> count ());
}
2017-10-26 21:50:01 -07:00
2017-10-26 02:28:17 -07:00
/**
2017-10-26 21:50:01 -07:00
* Gets a paginated collection for the select2 menus
2017-10-26 02:28:17 -07:00
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
2017-10-26 21:50:01 -07:00
* @ since [ v4 . 0.16 ]
* @ see \App\Http\Transformers\SelectlistTransformer
2017-10-26 02:28:17 -07:00
*/
public function selectlist ( Request $request )
{
$assets = Company :: scopeCompanyables ( Asset :: select ([
'assets.id' ,
'assets.name' ,
'assets.asset_tag' ,
'assets.model_id' ,
2017-11-16 16:49:16 -08:00
'assets.assigned_to' ,
'assets.assigned_type' ,
2021-06-10 13:15:52 -07:00
'assets.status_id' ,
2019-02-13 06:52:36 -08:00
]) -> with ( 'model' , 'assetstatus' , 'assignedTo' ) -> NotArchived (), 'company_id' , 'assets' );
2017-10-26 02:28:17 -07:00
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'assetStatusType' ) && $request -> input ( 'assetStatusType' ) === 'RTD' ) {
2018-04-25 02:39:23 -07:00
$assets = $assets -> RTD ();
}
2017-10-26 02:28:17 -07:00
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'search' )) {
2017-11-16 16:49:16 -08:00
$assets = $assets -> AssignedSearch ( $request -> input ( 'search' ));
2017-10-26 02:28:17 -07:00
}
$assets = $assets -> paginate ( 50 );
2017-10-26 21:50:01 -07:00
// Loop through and set some custom properties for the transformer to use.
// This lets us have more flexibility in special cases like assets, where
// they may not have a ->name value but we want to display something anyway
2017-10-26 02:28:17 -07:00
foreach ( $assets as $asset ) {
2017-10-26 21:50:01 -07:00
$asset -> use_text = $asset -> present () -> fullName ;
2017-11-16 16:49:16 -08:00
2017-11-22 15:07:34 -08:00
if (( $asset -> checkedOutToUser ()) && ( $asset -> assigned )) {
2017-11-16 16:49:16 -08:00
$asset -> use_text .= ' → ' . $asset -> assigned -> getFullNameAttribute ();
}
2021-06-10 13:15:52 -07:00
if ( $asset -> assetstatus -> getStatuslabelType () == 'pending' ) {
$asset -> use_text .= '(' . $asset -> assetstatus -> getStatuslabelType () . ')' ;
2017-11-03 11:33:36 -07:00
}
2017-10-26 21:50:01 -07:00
$asset -> use_image = ( $asset -> getImageUrl ()) ? $asset -> getImageUrl () : null ;
2017-10-26 02:28:17 -07:00
}
2017-10-26 03:43:28 -07:00
2017-10-26 21:50:01 -07:00
return ( new SelectlistTransformer ) -> transformSelectlist ( $assets );
2017-10-26 02:28:17 -07:00
}
2017-01-11 23:40:56 -08:00
/**
* Accepts a POST request to create a new asset
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
2017-01-12 02:19:55 -08:00
* @ param Request $request
2017-01-11 23:40:56 -08:00
* @ since [ v4 . 0 ]
2017-01-12 02:19:55 -08:00
* @ return JsonResponse
2017-01-11 23:40:56 -08:00
*/
2018-09-29 21:33:52 -07:00
public function store ( Request $request )
2017-01-11 23:40:56 -08:00
{
2017-08-25 03:26:50 -07:00
$this -> authorize ( 'create' , Asset :: class );
2017-01-11 23:40:56 -08:00
$asset = new Asset ();
2017-03-14 08:37:39 -07:00
$asset -> model () -> associate ( AssetModel :: find (( int ) $request -> get ( 'model_id' )));
2017-01-11 23:40:56 -08:00
2021-06-10 13:15:52 -07:00
$asset -> name = $request -> get ( 'name' );
$asset -> serial = $request -> get ( 'serial' );
$asset -> company_id = Company :: getIdForCurrentUser ( $request -> get ( 'company_id' ));
$asset -> model_id = $request -> get ( 'model_id' );
$asset -> order_number = $request -> get ( 'order_number' );
$asset -> notes = $request -> get ( 'notes' );
$asset -> asset_tag = $request -> get ( 'asset_tag' , Asset :: autoincrement_asset ());
$asset -> user_id = Auth :: id ();
$asset -> archived = '0' ;
$asset -> physical = '1' ;
$asset -> depreciate = '0' ;
$asset -> status_id = $request -> get ( 'status_id' , 0 );
$asset -> warranty_months = $request -> get ( 'warranty_months' , null );
$asset -> purchase_cost = Helper :: ParseFloat ( $request -> get ( 'purchase_cost' ));
$asset -> purchase_date = $request -> get ( 'purchase_date' , null );
$asset -> assigned_to = $request -> get ( 'assigned_to' , null );
$asset -> supplier_id = $request -> get ( 'supplier_id' , 0 );
$asset -> requestable = $request -> get ( 'requestable' , 0 );
$asset -> rtd_location_id = $request -> get ( 'rtd_location_id' , null );
$asset -> location_id = $request -> get ( 'rtd_location_id' , null );
if ( $request -> has ( 'image_source' ) && $request -> input ( 'image_source' ) != '' ) {
2019-03-13 21:00:40 -07:00
$saved_image_path = Helper :: processUploadedImage (
$request -> input ( 'image_source' ), 'uploads/assets/'
);
2021-06-10 13:15:52 -07:00
if ( ! $saved_image_path ) {
2019-03-13 21:00:40 -07:00
return response () -> json ( Helper :: formatStandardApiResponse (
'error' ,
null ,
trans ( 'admin/hardware/message.create.error' )
), 200 );
}
$asset -> image = $saved_image_path ;
}
2017-01-11 23:40:56 -08:00
// Update custom fields in the database.
// Validation for these fields is handled through the AssetRequest form request
$model = AssetModel :: find ( $request -> get ( 'model_id' ));
2019-05-24 15:44:54 -07:00
if (( $model ) && ( $model -> fieldset )) {
2017-01-11 23:40:56 -08:00
foreach ( $model -> fieldset -> fields as $field ) {
2021-04-05 20:16:06 -07:00
// Set the field value based on what was sent in the request
$field_val = $request -> input ( $field -> convertUnicodeDbSlug (), null );
// If input value is null, use custom field's default value
if ( $field_val == null ) {
\Log :: debug ( 'Field value for ' . $field -> convertUnicodeDbSlug () . ' is null' );
$field_val = $field -> defaultValue ( $request -> get ( 'model_id' ));
\Log :: debug ( 'Use the default fieldset value of ' . $field -> defaultValue ( $request -> get ( 'model_id' )));
}
// if the field is set to encrypted, make sure we encrypt the value
if ( $field -> field_encrypted == '1' ) {
\Log :: debug ( 'This model field is encrypted in this fieldset.' );
2019-05-15 19:33:30 -07:00
if ( Gate :: allows ( 'admin' )) {
2021-04-05 20:16:06 -07:00
// If input value is null, use custom field's default value
2021-06-10 13:15:52 -07:00
if (( $field_val == null ) && ( $request -> has ( 'model_id' ) != '' )) {
2021-04-05 20:16:06 -07:00
$field_val = \Crypt :: encrypt ( $field -> defaultValue ( $request -> get ( 'model_id' )));
} else {
$field_val = \Crypt :: encrypt ( $request -> input ( $field -> convertUnicodeDbSlug ()));
}
2019-05-15 19:33:30 -07:00
}
}
2021-04-05 20:16:06 -07:00
$asset -> { $field -> convertUnicodeDbSlug ()} = $field_val ;
2017-01-11 23:40:56 -08:00
}
}
if ( $asset -> save ()) {
2017-03-14 08:37:39 -07:00
if ( $request -> get ( 'assigned_user' )) {
2017-01-11 23:40:56 -08:00
$target = User :: find ( request ( 'assigned_user' ));
2017-03-14 08:37:39 -07:00
} elseif ( $request -> get ( 'assigned_asset' )) {
2017-01-11 23:40:56 -08:00
$target = Asset :: find ( request ( 'assigned_asset' ));
2017-03-14 08:37:39 -07:00
} elseif ( $request -> get ( 'assigned_location' )) {
2017-01-11 23:40:56 -08:00
$target = Location :: find ( request ( 'assigned_location' ));
}
2017-01-12 02:19:55 -08:00
if ( isset ( $target )) {
2017-01-11 23:40:56 -08:00
$asset -> checkOut ( $target , Auth :: user (), date ( 'Y-m-d H:i:s' ), '' , 'Checked out on asset creation' , e ( $request -> get ( 'name' )));
}
2019-03-13 21:00:40 -07:00
if ( $asset -> image ) {
$asset -> image = $asset -> getImageUrl ();
}
2017-08-01 20:01:11 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'success' , $asset , trans ( 'admin/hardware/message.create.success' )));
2017-01-11 23:40:56 -08:00
}
2017-08-25 03:26:50 -07:00
2017-03-14 08:37:39 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , null , $asset -> getErrors ()), 200 );
2017-01-11 23:40:56 -08:00
}
2017-01-12 03:48:18 -08:00
/**
* Accepts a POST request to update an asset
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param Request $request
* @ since [ v4 . 0 ]
* @ return JsonResponse
*/
public function update ( Request $request , $id )
{
2018-07-12 18:28:02 -07:00
$this -> authorize ( 'update' , Asset :: class );
2017-01-12 03:48:18 -08:00
2019-02-13 04:44:19 -08:00
if ( $asset = Asset :: find ( $id )) {
$asset -> fill ( $request -> all ());
2019-02-12 22:08:38 -08:00
2019-05-23 17:39:50 -07:00
( $request -> filled ( 'model_id' )) ?
2019-02-12 22:08:38 -08:00
$asset -> model () -> associate ( AssetModel :: find ( $request -> get ( 'model_id' ))) : null ;
2018-07-24 22:51:31 -07:00
( $request -> filled ( 'rtd_location_id' )) ?
2017-11-03 19:42:45 -07:00
$asset -> location_id = $request -> get ( 'rtd_location_id' ) : '' ;
2019-05-23 17:39:50 -07:00
( $request -> filled ( 'company_id' )) ?
2017-01-12 03:48:18 -08:00
$asset -> company_id = Company :: getIdForCurrentUser ( $request -> get ( 'company_id' )) : '' ;
2021-06-10 13:15:52 -07:00
( $request -> filled ( 'rtd_location_id' )) ?
2019-11-18 19:49:39 -08:00
$asset -> location_id = $request -> get ( 'rtd_location_id' ) : null ;
Integrations/develop into master (#7352)
* Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report
TODO: Fid diff/threshold math
* Added route to list overdue / upcoming assets via API
* Controller/API methods for due/overdue audits
We could probably skip this and just handle it via view in the routes…
* Added query scopes for due and overdue audits
* Added audit due console command to kernel
* Added ability to pass audit specs to main API asset search method
* Added audit presenter
* Added bootstrap-tables presenter formatter to display an audit button
* Added gated sidenav items to left nav
* Added audit due/overdue blades
* Cleanup on audit due/overdue console command
* Added language strings for audit views
* Fixed :threshold placeholder
* Removed unused setting variable
* Fixed next audit date math
* Added scope for both overdue and upcoming
* Derp. Wrong version
* Bumped version
(I will release this version officially tomorrow)
* Leave the activated state for users alone in normal LDAP synchronisation. (#6988)
* Fixed #7003 - crash when warranty months or purchase date is null
* Fixed #6956 - viewKeys policy inconsistent (#7009)
* Fixed #6956 - Added additional gates show showing/hiding license keys
* Modified gate to allow user to see licenses if they can create or edit the license as well
* Added API middleware to API routes to enable throttling
TODO: Figure out how to make this costumizable without touching the code
* Import locations from CSV via command line (#7021)
* Added import locations command
* Small fixes to location importer
* Added country, LDAP OU
* Cleaned up comments, added more clarification to what the script does
* Added ability to update groups via API
Fixes [ch9139]
* Bumped version
* Fixed #6883 - remove escaping of fields on LDAP import
* Fixed #6880 - correctly encrypt encrypted fields via the API
* Fixes #5054: LDAP users deactivated for none-ad (#7032)
When using none-AD ldap, users are automatically deactivated every LDAP
sync. This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.
Fixed #5054, at least for 4.X
* Updated packages
- Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
- Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
- Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
- Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
- Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
- Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
- Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
- Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)
* Fixed #7044 - API update deleted custom fields if they are not re-presented
* Fixed XSS vulnerability when creating a new categories, etc via modal on create
Same fix as before, because of the weird select2 post-parsing ajax behavior
* Updated email strings
* Fixed #7046 - added user website url back into UI
* Updated language strings
* Bumped version
* Updated packages
* New backups config for spatie
* Removed debugbar service provider (autodiscovery)
* Use laravel v5.5 withCount manual aliases
* Added spatie language files
* Removed old laravel backups config
This config file was renamed in a newer version of spatie laravel-backup
* Set the serialization
* Added the command loader to console kernel
* Renamed fire() to handle()
* Updated withCount to use manual naming
* Updated backup path in backup admin
* Updated travis with new php versions
* Bumped laravel version in readme
* Fixed custom field edit screen
* Fixed baseUrl is undefined error
I literally cannot figure out how this ever worked before.
* Fix for included files in backup
* Bumped version
* Switch has() to filled()
* Change ->has() to ->filled()
* Removed cosole log
* Bumped packages
* Use getReader instead of fetchAssoc for CSV parser
https://csv.thephpleague.com/9.0/upgrading/
* Handle JSON validation errors like 5.4
* Handle JSON validation errors like 5.4
* Handle JSON validation errors like 5.4
* Trying to fix ajax asset validation
This I think gets us closer, but still not handling the validation on the asset properly.
When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:
```
Illuminate\Support\MessageBag Object
(
[messages:protected] => Array
(
[name] => Array
(
[0] => The name field is required.
)
[seats] => Array
(
[0] => The seats field is required.
)
[category_id] => Array
(
[0] => The category id field is required.
)
)
[format:protected] => :message
)
```
Currently the Assets ajax returns:
```
[2019-05-24 06:52:06] develop.ERROR: array (
'messages' =>
array (
'model_id' =>
array (
0 => 'The model id field is required.',
),
'status_id' =>
array (
0 => 'The status id field is required.',
),
'asset_tag' =>
array (
0 => 'The asset tag field is required.',
),
),
)
```
So not sure why it’s not working.
* Fixed missing asset validation
* Check that a model exists before trying to fiddle with fieldsets
* Tidied up license check
* Removed extra escaping on checkin
* Updated importer to work with newer CSV Reader::getRecords() method
* Fixed field mapping
* Small fix for reordering fields
Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]
This needs revisiting for a more solid fix, especially for data that was already entered bad.
* Fixed bug where sorting by company name in Users API did not work
Fixes [ch9200]
* Removed custom fields from AssignedSearch to prevent confusing data in selectlist
Fixes [ch9193]
* Removed alert-danger from tests
* Fixed missed consumables_count withCount() statement
* Fixed Undefined variable user in $backto if checked out to a non-user
Fixes [ch9194]
* Check for valid model before attempting to access fieldsets
Fixes [ch1249]
* Only build the log upload destination path if there is a matching record
Fixes [ch1232]
* Fixed free_seats_count variable name
(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)
* Only gtry to delete the file if a record is found in the log
* Only try to get fieldset if model is valid
* Fixed more camel-casing -> snake-casing
* Only display the file if the log record can be found
* Fixed casing in sync command
* Updated README
* Derp - typo
* Added link to Atlassian plugin
* More Atlassian clarifications
* Show accessory image on view page
* Increased image size to 800px, added lightboxes
* Fixed #7083 - Removed user_exists constraint on department save
If the user has been deleted, this prevented the department from being successfully saved on edit
* Updated branch in version file
* Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084)
* bump up to php7.1
& change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect`
* AND modapache ><
* 2 updates required to get software-properties+ppa
* Bumped version
* Bumped release again :(
* Missed one
* Fixed #7098 - updated backup config for deleteFile() method
* Fixed #7092 - handle weird port forwarding/port numbers for baseUrl
* Bumped version
* Fixed #7099 - set email to null by default for backup notifications
* Removed old comments
* Fixed #7100 - Check if $user isset on checkin
* Increased throttle to 120 requests per minute
* Added Filipino, corrected order for Spanish variations
* Update language strings
* Bumped hash
* Changed has to filled to fix bulk asset editing
* Bumped point version
* Small fixes for phpleague CSB reader v9
* Improved error checking in locations importer
* Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility
* Reduce minimum group name length to 2 (from 3)
eg: IT
* Back in time fix FOR #7145 for new installs on MySQL 8+
* Fixed permission insert
//TODO
Handle this via model
* Possible fix for reporting/admin migration back in time
* Fixed #7164 - change table name to permission_groups
* Fixed LDAP password blanking on save
* fixing previous commit's actual wiping of password (#7183)
replaced Input::fille('ldap_pword') with _filled_. Should be good to go.
https://github.com/snipe/snipe-it/issues/7179
https://github.com/snipe/snipe-it/issues/7169
* Bumped version
* Downgrading rollbar for Laravel 5.5
* Spelling Correction (#7206)
Fixed Spelling for the word reqrite, to be rewrite.
* Fix #6910: Add logic to manipulate the eloquent query. (#7006)
* Added company_id to consumables_users table
* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users
* Remove a migration that tries to fix this problem, but is not longer necessary
* Addresses #7238 - add PWA code to layout
Needs additional UX testing
* Better log message for bad LDAP connection
* Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed
* Comment clarification on #7186
* Check for valid seat on hardware view
* Added space between footer and custom message
* Cap warranty months to three characters
Filles rollbar 209
* Cap warranty months to 3 on the frontend blade
* Fixed countable() strings on user destroy
* Check that the user has assets and that the aset model is valid
* Bumped hash
* Caps asset warranty to 20 years
* Command to fix custom field unicode conversion differences between PHP versions (#7263)
* Fixes #7252 form request changes (#7272)
* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests
* Removed debug info
* More fixes for #7252
This is mostly working as intended, if not yet the way Laravel wants us to do it.
Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.
* Removed experimental method
* Check for digits_between:0,240 for warranty
* Removed debug code
* Apply fix from PR #7273 to master
* Bumped hash
* Fixed #7250 - permission issue for API fieldsets and fields endpoints
This applies the change from #7294 to master
* Add @mskrip as a contributor
* Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name
* CORS for api (#7292)
* Added CORS support to API
* Changed order so CORS will still work if throttle hit
* Added APP_CORS_ALLOWED_ORIGINS env option
* Fixed typo
* Clarified header comments
* More clarification
* DIsable CORS allowed origins by default to replicate existing behavior
* Change variable name to be clearer
* Bumped version
* Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317)
* Added comments to the ByFilter query scope for clarity
* Added accessories checkout/checkin API endpoint
* Fixed CVE-2019-10742
https://nvd.nist.gov/vuln/detail/CVE-2019-10742
* Update README.md (#7334)
Add reference to CSV importer.
* Group related variables in .env
* History importer fixes
* Fixes to history importer
2019-08-14 21:48:14 -07:00
if ( $request -> filled ( 'image_source' )) {
2021-06-10 13:15:52 -07:00
if ( $request -> input ( 'image_source' ) == '' ) {
( $request -> filled ( 'rtd_location_id' )) ?
2019-02-13 04:44:19 -08:00
$asset -> location_id = $request -> get ( 'rtd_location_id' ) : null ;
2019-03-13 21:00:40 -07:00
$asset -> image = null ;
} else {
$saved_image_path = Helper :: processUploadedImage (
$request -> input ( 'image_source' ), 'uploads/assets/'
);
2021-06-10 13:15:52 -07:00
if ( ! $saved_image_path ) {
2019-03-13 21:00:40 -07:00
return response () -> json ( Helper :: formatStandardApiResponse (
'error' ,
null ,
trans ( 'admin/hardware/message.update.error' )
), 200 );
}
$asset -> image = $saved_image_path ;
}
}
2018-01-17 13:12:32 -08:00
// Update custom fields
if (( $model = AssetModel :: find ( $asset -> model_id )) && ( isset ( $model -> fieldset ))) {
foreach ( $model -> fieldset -> fields as $field ) {
2019-05-20 11:49:18 -07:00
if ( $request -> has ( $field -> convertUnicodeDbSlug ())) {
2021-06-10 13:15:52 -07:00
if ( $field -> field_encrypted == '1' ) {
2019-05-20 11:49:18 -07:00
if ( Gate :: allows ( 'admin' )) {
$asset -> { $field -> convertUnicodeDbSlug ()} = \Crypt :: encrypt ( $request -> input ( $field -> convertUnicodeDbSlug ()));
}
} else {
$asset -> { $field -> convertUnicodeDbSlug ()} = $request -> input ( $field -> convertUnicodeDbSlug ());
2019-05-15 19:33:30 -07:00
}
2017-01-12 03:48:18 -08:00
}
}
}
if ( $asset -> save ()) {
2019-05-23 17:39:50 -07:00
if (( $request -> filled ( 'assigned_user' )) && ( $target = User :: find ( $request -> get ( 'assigned_user' )))) {
2021-06-10 13:15:52 -07:00
$location = $target -> location_id ;
2019-05-23 17:39:50 -07:00
} elseif (( $request -> filled ( 'assigned_asset' )) && ( $target = Asset :: find ( $request -> get ( 'assigned_asset' )))) {
2019-02-13 04:45:21 -08:00
$location = $target -> location_id ;
2019-12-04 16:19:25 -08:00
2021-06-10 13:16:56 -07:00
Asset :: where ( 'assigned_type' , \App\Models\Asset :: class ) -> where ( 'assigned_to' , $id )
2019-12-04 16:19:25 -08:00
-> update ([ 'location_id' => $target -> location_id ]);
2019-05-23 17:39:50 -07:00
} elseif (( $request -> filled ( 'assigned_location' )) && ( $target = Location :: find ( $request -> get ( 'assigned_location' )))) {
2017-11-03 19:42:45 -07:00
$location = $target -> id ;
2017-01-12 03:48:18 -08:00
}
if ( isset ( $target )) {
2017-11-03 19:42:45 -07:00
$asset -> checkOut ( $target , Auth :: user (), date ( 'Y-m-d H:i:s' ), '' , 'Checked out on asset update' , e ( $request -> get ( 'name' )), $location );
2017-01-12 03:48:18 -08:00
}
2019-03-13 21:00:40 -07:00
if ( $asset -> image ) {
$asset -> image = $asset -> getImageUrl ();
}
2017-03-14 08:37:39 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'success' , $asset , trans ( 'admin/hardware/message.update.success' )));
2017-01-12 03:48:18 -08:00
}
2021-06-10 13:15:52 -07:00
2017-03-14 08:37:39 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , null , $asset -> getErrors ()), 200 );
2017-01-12 03:48:18 -08:00
}
2021-06-10 13:15:52 -07:00
2017-03-14 08:37:39 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , null , trans ( 'admin/hardware/message.does_not_exist' )), 200 );
2017-01-12 03:48:18 -08:00
}
2017-01-11 23:40:56 -08:00
/**
* Delete a given asset ( mark as deleted ) .
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param int $assetId
* @ since [ v4 . 0 ]
2017-01-12 02:19:55 -08:00
* @ return JsonResponse
2017-01-11 23:40:56 -08:00
*/
public function destroy ( $id )
{
2017-08-03 19:49:41 -07:00
$this -> authorize ( 'delete' , Asset :: class );
2017-01-11 23:40:56 -08:00
if ( $asset = Asset :: find ( $id )) {
$this -> authorize ( 'delete' , $asset );
DB :: table ( 'assets' )
-> where ( 'id' , $asset -> id )
2021-06-10 13:15:52 -07:00
-> update ([ 'assigned_to' => null ]);
2017-01-11 23:40:56 -08:00
$asset -> delete ();
2017-03-14 08:37:39 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'success' , null , trans ( 'admin/hardware/message.delete.success' )));
2017-01-11 23:40:56 -08:00
}
2017-03-14 08:37:39 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , null , trans ( 'admin/hardware/message.does_not_exist' )), 200 );
2017-01-11 23:40:56 -08:00
}
2017-03-11 14:04:52 -08:00
/**
* Checkout an asset
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param int $assetId
* @ since [ v4 . 0 ]
* @ return JsonResponse
*/
2017-11-27 21:17:16 -08:00
public function checkout ( AssetCheckoutRequest $request , $asset_id )
2017-03-14 08:37:39 -07:00
{
2017-03-11 14:04:52 -08:00
$this -> authorize ( 'checkout' , Asset :: class );
$asset = Asset :: findOrFail ( $asset_id );
2021-06-10 13:15:52 -07:00
if ( ! $asset -> availableForCheckout ()) {
2017-03-11 14:04:52 -08:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , [ 'asset' => e ( $asset -> asset_tag )], trans ( 'admin/hardware/message.checkout.not_available' )));
}
$this -> authorize ( 'checkout' , $asset );
2017-10-19 15:51:55 -07:00
$error_payload = [];
$error_payload [ 'asset' ] = [
'id' => $asset -> id ,
'asset_tag' => $asset -> asset_tag ,
];
2017-11-27 21:17:58 -08:00
// This item is checked out to a location
2021-06-10 13:15:52 -07:00
if ( request ( 'checkout_to_type' ) == 'location' ) {
2017-11-27 21:17:58 -08:00
$target = Location :: find ( request ( 'assigned_location' ));
$asset -> location_id = ( $target ) ? $target -> id : '' ;
$error_payload [ 'target_id' ] = $request -> input ( 'assigned_location' );
$error_payload [ 'target_type' ] = 'location' ;
2021-06-10 13:15:52 -07:00
} elseif ( request ( 'checkout_to_type' ) == 'asset' ) {
$target = Asset :: where ( 'id' , '!=' , $asset_id ) -> find ( request ( 'assigned_asset' ));
2017-11-27 21:17:58 -08:00
$asset -> location_id = $target -> rtd_location_id ;
// Override with the asset's location_id if it has one
2020-04-06 15:54:40 -07:00
$asset -> location_id = (( $target ) && ( isset ( $target -> location_id ))) ? $target -> location_id : '' ;
2017-11-27 21:17:58 -08:00
$error_payload [ 'target_id' ] = $request -> input ( 'assigned_asset' );
$error_payload [ 'target_type' ] = 'asset' ;
2021-06-10 13:15:52 -07:00
} elseif ( request ( 'checkout_to_type' ) == 'user' ) {
2017-11-27 21:17:58 -08:00
// Fetch the target and set the asset's new location_id
$target = User :: find ( request ( 'assigned_user' ));
2020-04-06 15:54:40 -07:00
$asset -> location_id = (( $target ) && ( isset ( $target -> location_id ))) ? $target -> location_id : '' ;
2017-11-27 21:17:58 -08:00
$error_payload [ 'target_id' ] = $request -> input ( 'assigned_user' );
$error_payload [ 'target_type' ] = 'user' ;
2017-03-11 14:04:52 -08:00
}
2021-06-10 13:15:52 -07:00
if ( ! isset ( $target )) {
2017-11-27 21:17:58 -08:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , $error_payload , 'Checkout target for asset ' . e ( $asset -> asset_tag ) . ' is invalid - ' . $error_payload [ 'target_type' ] . ' does not exist.' ));
2017-03-11 14:04:52 -08:00
}
2021-06-10 13:15:52 -07:00
$checkout_at = request ( 'checkout_at' , date ( 'Y-m-d H:i:s' ));
2017-03-11 14:04:52 -08:00
$expected_checkin = request ( 'expected_checkin' , null );
$note = request ( 'note' , null );
$asset_name = request ( 'name' , null );
2019-02-13 04:45:21 -08:00
2017-10-28 07:38:36 -07:00
// Set the location ID to the RTD location id if there is one
2020-04-09 14:17:39 -07:00
// Wait, why are we doing this? This overrides the stuff we set further up, which makes no sense.
2021-06-10 13:15:52 -07:00
// TODO: Follow up here. WTF. Commented out for now.
2017-11-27 21:17:58 -08:00
2020-04-09 14:17:39 -07:00
// if ((isset($target->rtd_location_id)) && ($asset->rtd_location_id!='')) {
// $asset->location_id = $target->rtd_location_id;
// }
2017-11-27 21:17:58 -08:00
if ( $asset -> checkOut ( $target , Auth :: user (), $checkout_at , $expected_checkin , $note , $asset_name , $asset -> location_id )) {
2017-03-11 14:04:52 -08:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'success' , [ 'asset' => e ( $asset -> asset_tag )], trans ( 'admin/hardware/message.checkout.success' )));
}
2019-08-22 21:36:47 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , [ 'asset' => e ( $asset -> asset_tag )], trans ( 'admin/hardware/message.checkout.error' )));
2017-03-11 14:04:52 -08:00
}
/**
* Checkin an asset
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param int $assetId
* @ since [ v4 . 0 ]
* @ return JsonResponse
*/
2017-11-03 19:42:45 -07:00
public function checkin ( Request $request , $asset_id )
2017-03-14 08:37:39 -07:00
{
2017-03-11 14:04:52 -08:00
$this -> authorize ( 'checkin' , Asset :: class );
$asset = Asset :: findOrFail ( $asset_id );
$this -> authorize ( 'checkin' , $asset );
$user = $asset -> assignedUser ;
if ( is_null ( $target = $asset -> assignedTo )) {
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , [ 'asset' => e ( $asset -> asset_tag )], trans ( 'admin/hardware/message.checkin.already_checked_in' )));
}
$asset -> expected_checkin = null ;
$asset -> last_checkout = null ;
$asset -> assigned_to = null ;
$asset -> assignedTo () -> disassociate ( $asset );
$asset -> accepted = null ;
2019-07-26 12:37:38 -07:00
if ( $request -> filled ( 'name' )) {
$asset -> name = $request -> input ( 'name' );
}
2021-06-10 13:15:52 -07:00
$asset -> location_id = $asset -> rtd_location_id ;
2017-11-03 19:42:45 -07:00
2019-05-23 17:39:50 -07:00
if ( $request -> filled ( 'location_id' )) {
2021-06-10 13:15:52 -07:00
$asset -> location_id = $request -> input ( 'location_id' );
2017-11-03 19:42:45 -07:00
}
2019-12-11 11:09:54 -08:00
if ( $request -> has ( 'status_id' )) {
2021-06-10 13:15:52 -07:00
$asset -> status_id = $request -> input ( 'status_id' );
2017-03-11 14:04:52 -08:00
}
if ( $asset -> save ()) {
2019-12-11 11:09:54 -08:00
$asset -> logCheckin ( $target , e ( $request -> input ( 'note' )));
2021-06-10 13:15:52 -07:00
2017-03-11 14:04:52 -08:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'success' , [ 'asset' => e ( $asset -> asset_tag )], trans ( 'admin/hardware/message.checkin.success' )));
}
return response () -> json ( Helper :: formatStandardApiResponse ( 'success' , [ 'asset' => e ( $asset -> asset_tag )], trans ( 'admin/hardware/message.checkin.error' )));
}
2017-08-25 10:04:19 -07:00
/**
* Mark an asset as audited
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ param int $id
* @ since [ v4 . 0 ]
* @ return JsonResponse
*/
2021-06-10 13:15:52 -07:00
public function audit ( Request $request )
{
2017-08-29 16:00:22 -07:00
$this -> authorize ( 'audit' , Asset :: class );
2021-06-10 13:15:52 -07:00
$rules = [
2017-08-29 16:00:22 -07:00
'asset_tag' => 'required' ,
2017-08-25 18:40:20 -07:00
'location_id' => 'exists:locations,id|nullable|numeric' ,
2021-06-10 13:15:52 -07:00
'next_audit_date' => 'date|nullable' ,
];
2017-08-25 10:04:19 -07:00
2017-08-29 16:00:22 -07:00
$validator = Validator :: make ( $request -> all (), $rules );
2017-08-25 18:40:20 -07:00
if ( $validator -> fails ()) {
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , null , $validator -> errors () -> all ()));
}
2017-08-25 10:04:19 -07:00
2018-08-01 03:04:29 -07:00
$settings = Setting :: getSettings ();
$dt = Carbon :: now () -> addMonths ( $settings -> audit_interval ) -> toDateString ();
2021-06-10 13:15:52 -07:00
$asset = Asset :: where ( 'asset_tag' , '=' , $request -> input ( 'asset_tag' )) -> first ();
2017-08-29 16:00:22 -07:00
if ( $asset ) {
2017-12-12 03:03:43 -08:00
// We don't want to log this as a normal update, so let's bypass that
$asset -> unsetEventDispatcher ();
2018-08-01 03:04:29 -07:00
$asset -> next_audit_date = $dt ;
if ( $request -> filled ( 'next_audit_date' )) {
$asset -> next_audit_date = $request -> input ( 'next_audit_date' );
}
2018-09-07 05:39:41 -07:00
// Check to see if they checked the box to update the physical location,
// not just note it in the audit notes
2021-06-10 13:15:52 -07:00
if ( $request -> input ( 'update_location' ) == '1' ) {
2018-09-07 05:39:41 -07:00
$asset -> location_id = $request -> input ( 'location_id' );
}
2021-01-26 12:22:59 -08:00
$asset -> last_audit_date = date ( 'Y-m-d H:i:s' );
2017-12-12 03:03:43 -08:00
2017-08-29 16:00:22 -07:00
if ( $asset -> save ()) {
2021-06-10 13:15:52 -07:00
$log = $asset -> logAudit ( request ( 'note' ), request ( 'location_id' ));
2017-08-31 21:30:38 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'success' , [
'asset_tag' => e ( $asset -> asset_tag ),
'note' => e ( $request -> input ( 'note' )),
2021-06-10 13:15:52 -07:00
'next_audit_date' => Helper :: getFormattedDateObject ( $asset -> next_audit_date ),
2017-08-31 21:30:38 -07:00
], trans ( 'admin/hardware/message.audit.success' )));
2017-08-29 16:00:22 -07:00
}
2017-08-25 10:04:19 -07:00
}
2017-08-29 16:00:22 -07:00
return response () -> json ( Helper :: formatStandardApiResponse ( 'error' , [ 'asset_tag' => e ( $request -> input ( 'asset_tag' ))], 'Asset with tag ' . $request -> input ( 'asset_tag' ) . ' not found' ));
2018-04-04 17:33:02 -07:00
}
/**
* Returns JSON listing of all requestable assets
*
* @ author [ A . Gianotto ] [ < snipe @ snipe . net > ]
* @ since [ v4 . 0 ]
* @ return JsonResponse
*/
public function requestable ( Request $request )
{
2018-07-12 18:28:02 -07:00
$this -> authorize ( 'viewRequestable' , Asset :: class );
2021-06-10 13:15:52 -07:00
$assets = Company :: scopeCompanyables ( Asset :: select ( 'assets.*' ), 'company_id' , 'assets' )
2018-04-04 17:33:02 -07:00
-> with ( 'location' , 'assetstatus' , 'assetlog' , 'company' , 'defaultLoc' , 'assignedTo' ,
2021-06-10 13:15:52 -07:00
'model.category' , 'model.manufacturer' , 'model.fieldset' , 'supplier' ) -> where ( 'assets.requestable' , '=' , '1' );
2018-04-04 17:33:02 -07:00
$offset = request ( 'offset' , 0 );
$limit = $request -> input ( 'limit' , 50 );
$order = $request -> input ( 'order' ) === 'asc' ? 'asc' : 'desc' ;
$assets -> TextSearch ( $request -> input ( 'search' ));
switch ( $request -> input ( 'sort' )) {
case 'model' :
$assets -> OrderModels ( $order );
break ;
case 'model_number' :
$assets -> OrderModelNumber ( $order );
break ;
case 'category' :
$assets -> OrderCategory ( $order );
break ;
case 'manufacturer' :
$assets -> OrderManufacturer ( $order );
break ;
default :
$assets -> orderBy ( 'assets.created_at' , $order );
break ;
}
$total = $assets -> count ();
$assets = $assets -> skip ( $offset ) -> take ( $limit ) -> get ();
2021-06-10 13:15:52 -07:00
2018-04-04 17:33:02 -07:00
return ( new AssetsTransformer ) -> transformRequestedAssets ( $assets , $total );
2017-08-25 10:04:19 -07:00
}
2017-01-11 18:14:06 -08:00
}