snipe-it/app/Http/Controllers/AssetModelsController.php

476 lines
15 KiB
PHP
Raw Normal View History

2016-03-25 01:18:05 -07:00
<?php
namespace App\Http\Controllers;
use App\Helpers\Helper;
use App\Http\Requests\ImageUploadRequest;
use App\Models\AssetModel;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Input;
use Illuminate\Support\Facades\View;
2016-03-25 01:18:05 -07:00
use Redirect;
2019-12-10 20:39:29 -08:00
use Request;
2019-12-10 22:03:15 -08:00
use Storage;
2016-03-25 01:18:05 -07:00
/**
2016-04-07 13:21:09 -07:00
* This class controls all actions related to asset models for
* the Snipe-IT Asset Management application.
*
* @version v1.0
* @author [A. Gianotto] [<snipe@snipe.net>]
2016-03-25 01:18:05 -07:00
*/
class AssetModelsController extends Controller
{
/**
* Returns a view that invokes the ajax tables which actually contains
* the content for the accessories listing, which is generated in getDatatable.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @return View
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2016-12-15 06:11:03 -08:00
public function index()
2016-03-25 01:18:05 -07:00
{
2018-01-20 04:39:31 -08:00
$this->authorize('index', AssetModel::class);
return view('models/index');
2016-03-25 01:18:05 -07:00
}
/**
* Returns a view containing the asset model creation form.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @return View
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2016-12-15 06:11:03 -08:00
public function create()
2016-03-25 01:18:05 -07:00
{
2018-01-20 04:39:31 -08:00
$this->authorize('create', AssetModel::class);
return view('models/edit')->with('category_type', 'asset')
->with('depreciation_list', Helper::depreciationList())
->with('item', new AssetModel);
2016-03-25 01:18:05 -07:00
}
/**
* Validate and process the new Asset Model data.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param ImageUploadRequest $request
* @return Redirect
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2017-10-06 16:56:43 -07:00
public function store(ImageUploadRequest $request)
2016-03-25 01:18:05 -07:00
{
2018-01-20 04:39:31 -08:00
$this->authorize('create', AssetModel::class);
2016-03-25 01:18:05 -07:00
// Create a new asset model
$model = new AssetModel;
// Save the model data
$model->eol = $request->input('eol');
$model->depreciation_id = $request->input('depreciation_id');
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$model->name = $request->input('name');
$model->model_number = $request->input('model_number');
$model->manufacturer_id = $request->input('manufacturer_id');
$model->category_id = $request->input('category_id');
$model->notes = $request->input('notes');
2017-09-25 11:53:10 -07:00
$model->user_id = Auth::id();
$model->requestable = Request::has('requestable');
2016-12-15 15:56:52 -08:00
if ($request->input('custom_fieldset')!='') {
$model->fieldset_id = e($request->input('custom_fieldset'));
2016-03-25 01:18:05 -07:00
}
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
$model = $request->handleImages($model);
2016-03-25 01:18:05 -07:00
// Was it created?
if ($model->save()) {
if ($this->shouldAddDefaultValues($request->input())) {
$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
}
2016-03-25 01:18:05 -07:00
// Redirect to the new model page
2016-12-15 06:11:03 -08:00
return redirect()->route("models.index")->with('success', trans('admin/models/message.create.success'));
2016-03-25 01:18:05 -07:00
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
return redirect()->back()->withInput()->withErrors($model->getErrors());
2016-03-25 01:18:05 -07:00
}
/**
* Returns a view containing the asset model edit form.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $modelId
* @return View
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2016-12-15 06:11:03 -08:00
public function edit($modelId = null)
2016-03-25 01:18:05 -07:00
{
$this->authorize('update', AssetModel::class);
2017-10-28 11:17:52 -07:00
if ($item = AssetModel::find($modelId)) {
$category_type = 'asset';
$view = View::make('models/edit', compact('item','category_type'));
$view->with('depreciation_list', Helper::depreciationList());
return $view;
2016-03-25 01:18:05 -07:00
}
2017-10-28 11:17:52 -07:00
return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
2016-03-25 01:18:05 -07:00
}
/**
* Validates and processes form data from the edit
* Asset Model form based on the model ID passed.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param ImageUploadRequest $request
* @param int $modelId
* @return Redirect
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2017-10-06 17:03:51 -07:00
public function update(ImageUploadRequest $request, $modelId = null)
2016-03-25 01:18:05 -07:00
{
$this->authorize('update', AssetModel::class);
2016-03-25 01:18:05 -07:00
// Check if the model exists
if (is_null($model = AssetModel::find($modelId))) {
// Redirect to the models management page
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
2016-03-25 01:18:05 -07:00
}
$model->depreciation_id = $request->input('depreciation_id');
$model->eol = $request->input('eol');
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$model->name = $request->input('name');
$model->model_number = $request->input('model_number');
$model->manufacturer_id = $request->input('manufacturer_id');
$model->category_id = $request->input('category_id');
$model->notes = $request->input('notes');
$model->requestable = $request->input('requestable', '0');
$this->removeCustomFieldsDefaultValues($model);
2016-12-15 15:56:52 -08:00
if ($request->input('custom_fieldset')=='') {
2016-03-25 01:18:05 -07:00
$model->fieldset_id = null;
} else {
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
$model->fieldset_id = $request->input('custom_fieldset');
if ($this->shouldAddDefaultValues($request->input())) {
$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
}
2016-03-25 01:18:05 -07:00
}
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
$model = $request->handleImages($model);
2016-03-25 01:18:05 -07:00
if ($model->save()) {
2016-12-15 06:11:03 -08:00
return redirect()->route("models.index")->with('success', trans('admin/models/message.update.success'));
2016-03-25 01:18:05 -07:00
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
return redirect()->back()->withInput()->withErrors($model->getErrors());
2016-03-25 01:18:05 -07:00
}
/**
* Validate and delete the given Asset Model. An Asset Model
* cannot be deleted if there are associated assets.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $modelId
* @return Redirect
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2016-12-15 06:11:03 -08:00
public function destroy($modelId)
2016-03-25 01:18:05 -07:00
{
2018-01-20 04:39:31 -08:00
$this->authorize('delete', AssetModel::class);
2016-03-25 01:18:05 -07:00
// Check if the model exists
if (is_null($model = AssetModel::find($modelId))) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
return redirect()->route('models.index')->with('error', trans('admin/models/message.not_found'));
2016-03-25 01:18:05 -07:00
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
if ($model->assets()->count() > 0) {
2016-03-25 01:18:05 -07:00
// Throw an error that this model is associated with assets
2016-12-15 06:11:03 -08:00
return redirect()->route('models.index')->with('error', trans('admin/models/message.assoc_users'));
2016-03-25 01:18:05 -07:00
}
2017-10-28 05:46:43 -07:00
if ($model->image) {
try {
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
Storage::disk('public')->delete('models/'.$model->image);
2017-10-28 05:46:43 -07:00
} catch (\Exception $e) {
\Log::info($e);
2017-10-28 05:46:43 -07:00
}
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
// Delete the model
$model->delete();
// Redirect to the models management page
return redirect()->route('models.index')->with('success', trans('admin/models/message.delete.success'));
2016-03-25 01:18:05 -07:00
}
/**
* Restore a given Asset Model (mark as un-deleted)
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $modelId
* @return Redirect
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2016-03-25 01:18:05 -07:00
public function getRestore($modelId = null)
{
2018-01-20 04:39:31 -08:00
$this->authorize('create', AssetModel::class);
2016-03-25 01:18:05 -07:00
// Get user information
$model = AssetModel::withTrashed()->find($modelId);
if (isset($model->id)) {
$model->restore();
return redirect()->route('models.index')->with('success', trans('admin/models/message.restore.success'));
2016-03-25 01:18:05 -07:00
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
return redirect()->back()->with('error', trans('admin/models/message.not_found'));
2016-03-25 01:18:05 -07:00
}
/**
* Get the model information to present to the model view page
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $modelId
* @return View
* @throws \Illuminate\Auth\Access\AuthorizationException
*/
2016-12-15 06:11:03 -08:00
public function show($modelId = null)
2016-03-25 01:18:05 -07:00
{
2018-01-20 04:39:31 -08:00
$this->authorize('view', AssetModel::class);
2016-03-25 01:18:05 -07:00
$model = AssetModel::withTrashed()->find($modelId);
if (isset($model->id)) {
return view('models/view', compact('model'));
2016-03-25 01:18:05 -07:00
}
Cleanup controller escaping (#3084) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. * Extend Supplier phone/fax length. This catches issues found in testing with a phone number with a five digit extension. fex (356) 654-3024 x36632 Also move away from escaping all values put into eloquent. Eloquent already uses PDO parameter binding, and this was leading to names like Mr Ryan O'Malley turning into an html escaped version of that name when stored. All values should be escaped when using {{}}, we'll just have to be more cautious when we use {!!, but I think we already are? * Remove additional escaping here, like we did in suppliers controller. * No need to eager load all of these relationships when we can call the count on the querybuilder directly * Work on controller cleanup * Always start from scrach, catches more issues this way. * Update sql dump. Remove old code from permissions test. * Generate a deletable item on demand in the test, rather than relying on one existing. I think we should probably move to mock all the database stuff at some point.. * More travis related fixes * Break script into multiple functional lines * Update all controllers to use the new helper, also cleanup syntax and docblocks along the way.
2016-12-19 22:00:50 -08:00
// Redirect to the user management page
return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
2016-03-25 01:18:05 -07:00
}
/**
* Get the clone page to clone a model
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $modelId
* @return View
*/
public function getClone($modelId = null)
{
// Check if the model exists
if (is_null($model_to_clone = AssetModel::find($modelId))) {
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
2016-03-25 01:18:05 -07:00
}
$model = clone $model_to_clone;
$model->id = null;
// Show the page
return view('models/edit')
->with('depreciation_list', Helper::depreciationList())
->with('item', $model)
->with('clone_model', $model_to_clone);
2016-03-25 01:18:05 -07:00
}
/**
* Get the custom fields form
*
* @author [B. Wetherington] [<uberbrady@gmail.com>]
* @since [v2.0]
* @param int $modelId
* @return View
*/
public function getCustomFields($modelId)
{
return view("models.custom_fields_form")->with("model", AssetModel::find($modelId));
}
2017-12-12 09:10:05 -08:00
Integrations/develop into master (#7352) * Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992) * Added upcoming audit report TODO: Fid diff/threshold math * Added route to list overdue / upcoming assets via API * Controller/API methods for due/overdue audits We could probably skip this and just handle it via view in the routes… * Added query scopes for due and overdue audits * Added audit due console command to kernel * Added ability to pass audit specs to main API asset search method * Added audit presenter * Added bootstrap-tables presenter formatter to display an audit button * Added gated sidenav items to left nav * Added audit due/overdue blades * Cleanup on audit due/overdue console command * Added language strings for audit views * Fixed :threshold placeholder * Removed unused setting variable * Fixed next audit date math * Added scope for both overdue and upcoming * Derp. Wrong version * Bumped version (I will release this version officially tomorrow) * Leave the activated state for users alone in normal LDAP synchronisation. (#6988) * Fixed #7003 - crash when warranty months or purchase date is null * Fixed #6956 - viewKeys policy inconsistent (#7009) * Fixed #6956 - Added additional gates show showing/hiding license keys * Modified gate to allow user to see licenses if they can create or edit the license as well * Added API middleware to API routes to enable throttling TODO: Figure out how to make this costumizable without touching the code * Import locations from CSV via command line (#7021) * Added import locations command * Small fixes to location importer * Added country, LDAP OU * Cleaned up comments, added more clarification to what the script does * Added ability to update groups via API Fixes [ch9139] * Bumped version * Fixed #6883 - remove escaping of fields on LDAP import * Fixed #6880 - correctly encrypt encrypted fields via the API * Fixes #5054: LDAP users deactivated for none-ad (#7032) When using none-AD ldap, users are automatically deactivated every LDAP sync. This commit changes the behaviour so that if the active flag isn't set, the users are enabled. Fixed #5054, at least for 4.X * Updated packages - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%) - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%) - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%) - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%) - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%) - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%) - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed) Downloading (100%) - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%) - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%) * Fixed #7044 - API update deleted custom fields if they are not re-presented * Fixed XSS vulnerability when creating a new categories, etc via modal on create Same fix as before, because of the weird select2 post-parsing ajax behavior * Updated email strings * Fixed #7046 - added user website url back into UI * Updated language strings * Bumped version * Updated packages * New backups config for spatie * Removed debugbar service provider (autodiscovery) * Use laravel v5.5 withCount manual aliases * Added spatie language files * Removed old laravel backups config This config file was renamed in a newer version of spatie laravel-backup * Set the serialization * Added the command loader to console kernel * Renamed fire() to handle() * Updated withCount to use manual naming * Updated backup path in backup admin * Updated travis with new php versions * Bumped laravel version in readme * Fixed custom field edit screen * Fixed baseUrl is undefined error I literally cannot figure out how this ever worked before. * Fix for included files in backup * Bumped version * Switch has() to filled() * Change ->has() to ->filled() * Removed cosole log * Bumped packages * Use getReader instead of fetchAssoc for CSV parser https://csv.thephpleague.com/9.0/upgrading/ * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Trying to fix ajax asset validation This I think gets us closer, but still not handling the validation on the asset properly. When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this: ``` Illuminate\Support\MessageBag Object ( [messages:protected] => Array ( [name] => Array ( [0] => The name field is required. ) [seats] => Array ( [0] => The seats field is required. ) [category_id] => Array ( [0] => The category id field is required. ) ) [format:protected] => :message ) ``` Currently the Assets ajax returns: ``` [2019-05-24 06:52:06] develop.ERROR: array ( 'messages' => array ( 'model_id' => array ( 0 => 'The model id field is required.', ), 'status_id' => array ( 0 => 'The status id field is required.', ), 'asset_tag' => array ( 0 => 'The asset tag field is required.', ), ), ) ``` So not sure why it’s not working. * Fixed missing asset validation * Check that a model exists before trying to fiddle with fieldsets * Tidied up license check * Removed extra escaping on checkin * Updated importer to work with newer CSV Reader::getRecords() method * Fixed field mapping * Small fix for reordering fields Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151] This needs revisiting for a more solid fix, especially for data that was already entered bad. * Fixed bug where sorting by company name in Users API did not work Fixes [ch9200] * Removed custom fields from AssignedSearch to prevent confusing data in selectlist Fixes [ch9193] * Removed alert-danger from tests * Fixed missed consumables_count withCount() statement * Fixed Undefined variable user in $backto if checked out to a non-user Fixes [ch9194] * Check for valid model before attempting to access fieldsets Fixes [ch1249] * Only build the log upload destination path if there is a matching record Fixes [ch1232] * Fixed free_seats_count variable name (I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables) * Only gtry to delete the file if a record is found in the log * Only try to get fieldset if model is valid * Fixed more camel-casing -> snake-casing * Only display the file if the log record can be found * Fixed casing in sync command * Updated README * Derp - typo * Added link to Atlassian plugin * More Atlassian clarifications * Show accessory image on view page * Increased image size to 800px, added lightboxes * Fixed #7083 - Removed user_exists constraint on department save If the user has been deleted, this prevented the department from being successfully saved on edit * Updated branch in version file * Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084) * bump up to php7.1 & change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect` * AND modapache >< * 2 updates required to get software-properties+ppa * Bumped version * Bumped release again :( * Missed one * Fixed #7098 - updated backup config for deleteFile() method * Fixed #7092 - handle weird port forwarding/port numbers for baseUrl * Bumped version * Fixed #7099 - set email to null by default for backup notifications * Removed old comments * Fixed #7100 - Check if $user isset on checkin * Increased throttle to 120 requests per minute * Added Filipino, corrected order for Spanish variations * Update language strings * Bumped hash * Changed has to filled to fix bulk asset editing * Bumped point version * Small fixes for phpleague CSB reader v9 * Improved error checking in locations importer * Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility * Reduce minimum group name length to 2 (from 3) eg: IT * Back in time fix FOR #7145 for new installs on MySQL 8+ * Fixed permission insert //TODO Handle this via model * Possible fix for reporting/admin migration back in time * Fixed #7164 - change table name to permission_groups * Fixed LDAP password blanking on save * fixing previous commit's actual wiping of password (#7183) replaced Input::fille('ldap_pword') with _filled_. Should be good to go. https://github.com/snipe/snipe-it/issues/7179 https://github.com/snipe/snipe-it/issues/7169 * Bumped version * Downgrading rollbar for Laravel 5.5 * Spelling Correction (#7206) Fixed Spelling for the word reqrite, to be rewrite. * Fix #6910: Add logic to manipulate the eloquent query. (#7006) * Added company_id to consumables_users table * Added logic to manage when a pivot table doesn't have the column company_id trough a join with users * Remove a migration that tries to fix this problem, but is not longer necessary * Addresses #7238 - add PWA code to layout Needs additional UX testing * Better log message for bad LDAP connection * Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed * Comment clarification on #7186 * Check for valid seat on hardware view * Added space between footer and custom message * Cap warranty months to three characters Filles rollbar 209 * Cap warranty months to 3 on the frontend blade * Fixed countable() strings on user destroy * Check that the user has assets and that the aset model is valid * Bumped hash * Caps asset warranty to 20 years * Command to fix custom field unicode conversion differences between PHP versions (#7263) * Fixes #7252 form request changes (#7272) * Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests * Removed debug info * More fixes for #7252 This is mostly working as intended, if not yet the way Laravel wants us to do it. Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress. * Removed experimental method * Check for digits_between:0,240 for warranty * Removed debug code * Apply fix from PR #7273 to master * Bumped hash * Fixed #7250 - permission issue for API fieldsets and fields endpoints This applies the change from #7294 to master * Add @mskrip as a contributor * Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name * CORS for api (#7292) * Added CORS support to API * Changed order so CORS will still work if throttle hit * Added APP_CORS_ALLOWED_ORIGINS env option * Fixed typo * Clarified header comments * More clarification * DIsable CORS allowed origins by default to replicate existing behavior * Change variable name to be clearer * Bumped version * Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317) * Added comments to the ByFilter query scope for clarity * Added accessories checkout/checkin API endpoint * Fixed CVE-2019-10742 https://nvd.nist.gov/vuln/detail/CVE-2019-10742 * Update README.md (#7334) Add reference to CSV importer. * Group related variables in .env * History importer fixes * Fixes to history importer
2019-08-14 21:48:14 -07:00
/**
* Returns a view that allows the user to bulk edit model attrbutes
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.7]
* @return \Illuminate\Contracts\View\View
*/
public function postBulkEdit(Request $request)
{
$models_raw_array = Request::get('ids');
Integrations/develop into master (#7352) * Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992) * Added upcoming audit report TODO: Fid diff/threshold math * Added route to list overdue / upcoming assets via API * Controller/API methods for due/overdue audits We could probably skip this and just handle it via view in the routes… * Added query scopes for due and overdue audits * Added audit due console command to kernel * Added ability to pass audit specs to main API asset search method * Added audit presenter * Added bootstrap-tables presenter formatter to display an audit button * Added gated sidenav items to left nav * Added audit due/overdue blades * Cleanup on audit due/overdue console command * Added language strings for audit views * Fixed :threshold placeholder * Removed unused setting variable * Fixed next audit date math * Added scope for both overdue and upcoming * Derp. Wrong version * Bumped version (I will release this version officially tomorrow) * Leave the activated state for users alone in normal LDAP synchronisation. (#6988) * Fixed #7003 - crash when warranty months or purchase date is null * Fixed #6956 - viewKeys policy inconsistent (#7009) * Fixed #6956 - Added additional gates show showing/hiding license keys * Modified gate to allow user to see licenses if they can create or edit the license as well * Added API middleware to API routes to enable throttling TODO: Figure out how to make this costumizable without touching the code * Import locations from CSV via command line (#7021) * Added import locations command * Small fixes to location importer * Added country, LDAP OU * Cleaned up comments, added more clarification to what the script does * Added ability to update groups via API Fixes [ch9139] * Bumped version * Fixed #6883 - remove escaping of fields on LDAP import * Fixed #6880 - correctly encrypt encrypted fields via the API * Fixes #5054: LDAP users deactivated for none-ad (#7032) When using none-AD ldap, users are automatically deactivated every LDAP sync. This commit changes the behaviour so that if the active flag isn't set, the users are enabled. Fixed #5054, at least for 4.X * Updated packages - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%) - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%) - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%) - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%) - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%) - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%) - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed) Downloading (100%) - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%) - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%) * Fixed #7044 - API update deleted custom fields if they are not re-presented * Fixed XSS vulnerability when creating a new categories, etc via modal on create Same fix as before, because of the weird select2 post-parsing ajax behavior * Updated email strings * Fixed #7046 - added user website url back into UI * Updated language strings * Bumped version * Updated packages * New backups config for spatie * Removed debugbar service provider (autodiscovery) * Use laravel v5.5 withCount manual aliases * Added spatie language files * Removed old laravel backups config This config file was renamed in a newer version of spatie laravel-backup * Set the serialization * Added the command loader to console kernel * Renamed fire() to handle() * Updated withCount to use manual naming * Updated backup path in backup admin * Updated travis with new php versions * Bumped laravel version in readme * Fixed custom field edit screen * Fixed baseUrl is undefined error I literally cannot figure out how this ever worked before. * Fix for included files in backup * Bumped version * Switch has() to filled() * Change ->has() to ->filled() * Removed cosole log * Bumped packages * Use getReader instead of fetchAssoc for CSV parser https://csv.thephpleague.com/9.0/upgrading/ * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Trying to fix ajax asset validation This I think gets us closer, but still not handling the validation on the asset properly. When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this: ``` Illuminate\Support\MessageBag Object ( [messages:protected] => Array ( [name] => Array ( [0] => The name field is required. ) [seats] => Array ( [0] => The seats field is required. ) [category_id] => Array ( [0] => The category id field is required. ) ) [format:protected] => :message ) ``` Currently the Assets ajax returns: ``` [2019-05-24 06:52:06] develop.ERROR: array ( 'messages' => array ( 'model_id' => array ( 0 => 'The model id field is required.', ), 'status_id' => array ( 0 => 'The status id field is required.', ), 'asset_tag' => array ( 0 => 'The asset tag field is required.', ), ), ) ``` So not sure why it’s not working. * Fixed missing asset validation * Check that a model exists before trying to fiddle with fieldsets * Tidied up license check * Removed extra escaping on checkin * Updated importer to work with newer CSV Reader::getRecords() method * Fixed field mapping * Small fix for reordering fields Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151] This needs revisiting for a more solid fix, especially for data that was already entered bad. * Fixed bug where sorting by company name in Users API did not work Fixes [ch9200] * Removed custom fields from AssignedSearch to prevent confusing data in selectlist Fixes [ch9193] * Removed alert-danger from tests * Fixed missed consumables_count withCount() statement * Fixed Undefined variable user in $backto if checked out to a non-user Fixes [ch9194] * Check for valid model before attempting to access fieldsets Fixes [ch1249] * Only build the log upload destination path if there is a matching record Fixes [ch1232] * Fixed free_seats_count variable name (I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables) * Only gtry to delete the file if a record is found in the log * Only try to get fieldset if model is valid * Fixed more camel-casing -> snake-casing * Only display the file if the log record can be found * Fixed casing in sync command * Updated README * Derp - typo * Added link to Atlassian plugin * More Atlassian clarifications * Show accessory image on view page * Increased image size to 800px, added lightboxes * Fixed #7083 - Removed user_exists constraint on department save If the user has been deleted, this prevented the department from being successfully saved on edit * Updated branch in version file * Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084) * bump up to php7.1 & change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect` * AND modapache >< * 2 updates required to get software-properties+ppa * Bumped version * Bumped release again :( * Missed one * Fixed #7098 - updated backup config for deleteFile() method * Fixed #7092 - handle weird port forwarding/port numbers for baseUrl * Bumped version * Fixed #7099 - set email to null by default for backup notifications * Removed old comments * Fixed #7100 - Check if $user isset on checkin * Increased throttle to 120 requests per minute * Added Filipino, corrected order for Spanish variations * Update language strings * Bumped hash * Changed has to filled to fix bulk asset editing * Bumped point version * Small fixes for phpleague CSB reader v9 * Improved error checking in locations importer * Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility * Reduce minimum group name length to 2 (from 3) eg: IT * Back in time fix FOR #7145 for new installs on MySQL 8+ * Fixed permission insert //TODO Handle this via model * Possible fix for reporting/admin migration back in time * Fixed #7164 - change table name to permission_groups * Fixed LDAP password blanking on save * fixing previous commit's actual wiping of password (#7183) replaced Input::fille('ldap_pword') with _filled_. Should be good to go. https://github.com/snipe/snipe-it/issues/7179 https://github.com/snipe/snipe-it/issues/7169 * Bumped version * Downgrading rollbar for Laravel 5.5 * Spelling Correction (#7206) Fixed Spelling for the word reqrite, to be rewrite. * Fix #6910: Add logic to manipulate the eloquent query. (#7006) * Added company_id to consumables_users table * Added logic to manage when a pivot table doesn't have the column company_id trough a join with users * Remove a migration that tries to fix this problem, but is not longer necessary * Addresses #7238 - add PWA code to layout Needs additional UX testing * Better log message for bad LDAP connection * Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed * Comment clarification on #7186 * Check for valid seat on hardware view * Added space between footer and custom message * Cap warranty months to three characters Filles rollbar 209 * Cap warranty months to 3 on the frontend blade * Fixed countable() strings on user destroy * Check that the user has assets and that the aset model is valid * Bumped hash * Caps asset warranty to 20 years * Command to fix custom field unicode conversion differences between PHP versions (#7263) * Fixes #7252 form request changes (#7272) * Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests * Removed debug info * More fixes for #7252 This is mostly working as intended, if not yet the way Laravel wants us to do it. Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress. * Removed experimental method * Check for digits_between:0,240 for warranty * Removed debug code * Apply fix from PR #7273 to master * Bumped hash * Fixed #7250 - permission issue for API fieldsets and fields endpoints This applies the change from #7294 to master * Add @mskrip as a contributor * Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name * CORS for api (#7292) * Added CORS support to API * Changed order so CORS will still work if throttle hit * Added APP_CORS_ALLOWED_ORIGINS env option * Fixed typo * Clarified header comments * More clarification * DIsable CORS allowed origins by default to replicate existing behavior * Change variable name to be clearer * Bumped version * Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317) * Added comments to the ByFilter query scope for clarity * Added accessories checkout/checkin API endpoint * Fixed CVE-2019-10742 https://nvd.nist.gov/vuln/detail/CVE-2019-10742 * Update README.md (#7334) Add reference to CSV importer. * Group related variables in .env * History importer fixes * Fixes to history importer
2019-08-14 21:48:14 -07:00
// Make sure some IDs have been selected
if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
$models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->orderBy('assets_count', 'ASC')->get();
// If deleting....
if ($request->input('bulk_actions')=='delete') {
$valid_count = 0;
foreach ($models as $model) {
if ($model->assets_count == 0) {
$valid_count++;
}
}
return view('models/bulk-delete', compact('models'))->with('valid_count', $valid_count);
// Otherwise display the bulk edit screen
} else {
$nochange = ['NC' => 'No Change'];
$fieldset_list = $nochange + Helper::customFieldsetList();
$depreciation_list = $nochange + Helper::depreciationList();
return view('models/bulk-edit', compact('models'))
->with('fieldset_list', $fieldset_list)
->with('depreciation_list', $depreciation_list);
}
}
return redirect()->route('models.index')
->with('error', 'You must select at least one model to edit.');
}
/**
* Returns a view that allows the user to bulk edit model attrbutes
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.7]
* @return \Illuminate\Contracts\View\View
*/
public function postBulkEditSave(Request $request)
{
$models_raw_array = Request::get('ids');
Integrations/develop into master (#7352) * Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992) * Added upcoming audit report TODO: Fid diff/threshold math * Added route to list overdue / upcoming assets via API * Controller/API methods for due/overdue audits We could probably skip this and just handle it via view in the routes… * Added query scopes for due and overdue audits * Added audit due console command to kernel * Added ability to pass audit specs to main API asset search method * Added audit presenter * Added bootstrap-tables presenter formatter to display an audit button * Added gated sidenav items to left nav * Added audit due/overdue blades * Cleanup on audit due/overdue console command * Added language strings for audit views * Fixed :threshold placeholder * Removed unused setting variable * Fixed next audit date math * Added scope for both overdue and upcoming * Derp. Wrong version * Bumped version (I will release this version officially tomorrow) * Leave the activated state for users alone in normal LDAP synchronisation. (#6988) * Fixed #7003 - crash when warranty months or purchase date is null * Fixed #6956 - viewKeys policy inconsistent (#7009) * Fixed #6956 - Added additional gates show showing/hiding license keys * Modified gate to allow user to see licenses if they can create or edit the license as well * Added API middleware to API routes to enable throttling TODO: Figure out how to make this costumizable without touching the code * Import locations from CSV via command line (#7021) * Added import locations command * Small fixes to location importer * Added country, LDAP OU * Cleaned up comments, added more clarification to what the script does * Added ability to update groups via API Fixes [ch9139] * Bumped version * Fixed #6883 - remove escaping of fields on LDAP import * Fixed #6880 - correctly encrypt encrypted fields via the API * Fixes #5054: LDAP users deactivated for none-ad (#7032) When using none-AD ldap, users are automatically deactivated every LDAP sync. This commit changes the behaviour so that if the active flag isn't set, the users are enabled. Fixed #5054, at least for 4.X * Updated packages - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%) - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%) - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%) - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%) - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%) - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%) - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed) Downloading (100%) - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%) - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%) * Fixed #7044 - API update deleted custom fields if they are not re-presented * Fixed XSS vulnerability when creating a new categories, etc via modal on create Same fix as before, because of the weird select2 post-parsing ajax behavior * Updated email strings * Fixed #7046 - added user website url back into UI * Updated language strings * Bumped version * Updated packages * New backups config for spatie * Removed debugbar service provider (autodiscovery) * Use laravel v5.5 withCount manual aliases * Added spatie language files * Removed old laravel backups config This config file was renamed in a newer version of spatie laravel-backup * Set the serialization * Added the command loader to console kernel * Renamed fire() to handle() * Updated withCount to use manual naming * Updated backup path in backup admin * Updated travis with new php versions * Bumped laravel version in readme * Fixed custom field edit screen * Fixed baseUrl is undefined error I literally cannot figure out how this ever worked before. * Fix for included files in backup * Bumped version * Switch has() to filled() * Change ->has() to ->filled() * Removed cosole log * Bumped packages * Use getReader instead of fetchAssoc for CSV parser https://csv.thephpleague.com/9.0/upgrading/ * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Trying to fix ajax asset validation This I think gets us closer, but still not handling the validation on the asset properly. When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this: ``` Illuminate\Support\MessageBag Object ( [messages:protected] => Array ( [name] => Array ( [0] => The name field is required. ) [seats] => Array ( [0] => The seats field is required. ) [category_id] => Array ( [0] => The category id field is required. ) ) [format:protected] => :message ) ``` Currently the Assets ajax returns: ``` [2019-05-24 06:52:06] develop.ERROR: array ( 'messages' => array ( 'model_id' => array ( 0 => 'The model id field is required.', ), 'status_id' => array ( 0 => 'The status id field is required.', ), 'asset_tag' => array ( 0 => 'The asset tag field is required.', ), ), ) ``` So not sure why it’s not working. * Fixed missing asset validation * Check that a model exists before trying to fiddle with fieldsets * Tidied up license check * Removed extra escaping on checkin * Updated importer to work with newer CSV Reader::getRecords() method * Fixed field mapping * Small fix for reordering fields Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151] This needs revisiting for a more solid fix, especially for data that was already entered bad. * Fixed bug where sorting by company name in Users API did not work Fixes [ch9200] * Removed custom fields from AssignedSearch to prevent confusing data in selectlist Fixes [ch9193] * Removed alert-danger from tests * Fixed missed consumables_count withCount() statement * Fixed Undefined variable user in $backto if checked out to a non-user Fixes [ch9194] * Check for valid model before attempting to access fieldsets Fixes [ch1249] * Only build the log upload destination path if there is a matching record Fixes [ch1232] * Fixed free_seats_count variable name (I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables) * Only gtry to delete the file if a record is found in the log * Only try to get fieldset if model is valid * Fixed more camel-casing -> snake-casing * Only display the file if the log record can be found * Fixed casing in sync command * Updated README * Derp - typo * Added link to Atlassian plugin * More Atlassian clarifications * Show accessory image on view page * Increased image size to 800px, added lightboxes * Fixed #7083 - Removed user_exists constraint on department save If the user has been deleted, this prevented the department from being successfully saved on edit * Updated branch in version file * Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084) * bump up to php7.1 & change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect` * AND modapache >< * 2 updates required to get software-properties+ppa * Bumped version * Bumped release again :( * Missed one * Fixed #7098 - updated backup config for deleteFile() method * Fixed #7092 - handle weird port forwarding/port numbers for baseUrl * Bumped version * Fixed #7099 - set email to null by default for backup notifications * Removed old comments * Fixed #7100 - Check if $user isset on checkin * Increased throttle to 120 requests per minute * Added Filipino, corrected order for Spanish variations * Update language strings * Bumped hash * Changed has to filled to fix bulk asset editing * Bumped point version * Small fixes for phpleague CSB reader v9 * Improved error checking in locations importer * Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility * Reduce minimum group name length to 2 (from 3) eg: IT * Back in time fix FOR #7145 for new installs on MySQL 8+ * Fixed permission insert //TODO Handle this via model * Possible fix for reporting/admin migration back in time * Fixed #7164 - change table name to permission_groups * Fixed LDAP password blanking on save * fixing previous commit's actual wiping of password (#7183) replaced Input::fille('ldap_pword') with _filled_. Should be good to go. https://github.com/snipe/snipe-it/issues/7179 https://github.com/snipe/snipe-it/issues/7169 * Bumped version * Downgrading rollbar for Laravel 5.5 * Spelling Correction (#7206) Fixed Spelling for the word reqrite, to be rewrite. * Fix #6910: Add logic to manipulate the eloquent query. (#7006) * Added company_id to consumables_users table * Added logic to manage when a pivot table doesn't have the column company_id trough a join with users * Remove a migration that tries to fix this problem, but is not longer necessary * Addresses #7238 - add PWA code to layout Needs additional UX testing * Better log message for bad LDAP connection * Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed * Comment clarification on #7186 * Check for valid seat on hardware view * Added space between footer and custom message * Cap warranty months to three characters Filles rollbar 209 * Cap warranty months to 3 on the frontend blade * Fixed countable() strings on user destroy * Check that the user has assets and that the aset model is valid * Bumped hash * Caps asset warranty to 20 years * Command to fix custom field unicode conversion differences between PHP versions (#7263) * Fixes #7252 form request changes (#7272) * Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests * Removed debug info * More fixes for #7252 This is mostly working as intended, if not yet the way Laravel wants us to do it. Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress. * Removed experimental method * Check for digits_between:0,240 for warranty * Removed debug code * Apply fix from PR #7273 to master * Bumped hash * Fixed #7250 - permission issue for API fieldsets and fields endpoints This applies the change from #7294 to master * Add @mskrip as a contributor * Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name * CORS for api (#7292) * Added CORS support to API * Changed order so CORS will still work if throttle hit * Added APP_CORS_ALLOWED_ORIGINS env option * Fixed typo * Clarified header comments * More clarification * DIsable CORS allowed origins by default to replicate existing behavior * Change variable name to be clearer * Bumped version * Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317) * Added comments to the ByFilter query scope for clarity * Added accessories checkout/checkin API endpoint * Fixed CVE-2019-10742 https://nvd.nist.gov/vuln/detail/CVE-2019-10742 * Update README.md (#7334) Add reference to CSV importer. * Group related variables in .env * History importer fixes * Fixes to history importer
2019-08-14 21:48:14 -07:00
$update_array = array();
if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
$update_array['manufacturer_id'] = $request->input('manufacturer_id');
}
if (($request->filled('category_id') && ($request->input('category_id')!='NC'))) {
$update_array['category_id'] = $request->input('category_id');
}
if ($request->input('fieldset_id')!='NC') {
$update_array['fieldset_id'] = $request->input('fieldset_id');
}
if ($request->input('depreciation_id')!='NC') {
$update_array['depreciation_id'] = $request->input('depreciation_id');
}
if (count($update_array) > 0) {
AssetModel::whereIn('id', $models_raw_array)->update($update_array);
return redirect()->route('models.index')
->with('success', trans('admin/models/message.bulkedit.success'));
}
return redirect()->route('models.index')
->with('warning', trans('admin/models/message.bulkedit.error'));
}
/**
* Validate and delete the given Asset Models. An Asset Model
* cannot be deleted if there are associated assets.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
* @param int $modelId
* @return Redirect
*/
public function postBulkDelete(Request $request)
{
$models_raw_array = Request::get('ids');
Integrations/develop into master (#7352) * Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992) * Added upcoming audit report TODO: Fid diff/threshold math * Added route to list overdue / upcoming assets via API * Controller/API methods for due/overdue audits We could probably skip this and just handle it via view in the routes… * Added query scopes for due and overdue audits * Added audit due console command to kernel * Added ability to pass audit specs to main API asset search method * Added audit presenter * Added bootstrap-tables presenter formatter to display an audit button * Added gated sidenav items to left nav * Added audit due/overdue blades * Cleanup on audit due/overdue console command * Added language strings for audit views * Fixed :threshold placeholder * Removed unused setting variable * Fixed next audit date math * Added scope for both overdue and upcoming * Derp. Wrong version * Bumped version (I will release this version officially tomorrow) * Leave the activated state for users alone in normal LDAP synchronisation. (#6988) * Fixed #7003 - crash when warranty months or purchase date is null * Fixed #6956 - viewKeys policy inconsistent (#7009) * Fixed #6956 - Added additional gates show showing/hiding license keys * Modified gate to allow user to see licenses if they can create or edit the license as well * Added API middleware to API routes to enable throttling TODO: Figure out how to make this costumizable without touching the code * Import locations from CSV via command line (#7021) * Added import locations command * Small fixes to location importer * Added country, LDAP OU * Cleaned up comments, added more clarification to what the script does * Added ability to update groups via API Fixes [ch9139] * Bumped version * Fixed #6883 - remove escaping of fields on LDAP import * Fixed #6880 - correctly encrypt encrypted fields via the API * Fixes #5054: LDAP users deactivated for none-ad (#7032) When using none-AD ldap, users are automatically deactivated every LDAP sync. This commit changes the behaviour so that if the active flag isn't set, the users are enabled. Fixed #5054, at least for 4.X * Updated packages - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%) - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%) - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%) - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%) - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%) - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%) - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed) Downloading (100%) - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%) - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%) * Fixed #7044 - API update deleted custom fields if they are not re-presented * Fixed XSS vulnerability when creating a new categories, etc via modal on create Same fix as before, because of the weird select2 post-parsing ajax behavior * Updated email strings * Fixed #7046 - added user website url back into UI * Updated language strings * Bumped version * Updated packages * New backups config for spatie * Removed debugbar service provider (autodiscovery) * Use laravel v5.5 withCount manual aliases * Added spatie language files * Removed old laravel backups config This config file was renamed in a newer version of spatie laravel-backup * Set the serialization * Added the command loader to console kernel * Renamed fire() to handle() * Updated withCount to use manual naming * Updated backup path in backup admin * Updated travis with new php versions * Bumped laravel version in readme * Fixed custom field edit screen * Fixed baseUrl is undefined error I literally cannot figure out how this ever worked before. * Fix for included files in backup * Bumped version * Switch has() to filled() * Change ->has() to ->filled() * Removed cosole log * Bumped packages * Use getReader instead of fetchAssoc for CSV parser https://csv.thephpleague.com/9.0/upgrading/ * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Trying to fix ajax asset validation This I think gets us closer, but still not handling the validation on the asset properly. When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this: ``` Illuminate\Support\MessageBag Object ( [messages:protected] => Array ( [name] => Array ( [0] => The name field is required. ) [seats] => Array ( [0] => The seats field is required. ) [category_id] => Array ( [0] => The category id field is required. ) ) [format:protected] => :message ) ``` Currently the Assets ajax returns: ``` [2019-05-24 06:52:06] develop.ERROR: array ( 'messages' => array ( 'model_id' => array ( 0 => 'The model id field is required.', ), 'status_id' => array ( 0 => 'The status id field is required.', ), 'asset_tag' => array ( 0 => 'The asset tag field is required.', ), ), ) ``` So not sure why it’s not working. * Fixed missing asset validation * Check that a model exists before trying to fiddle with fieldsets * Tidied up license check * Removed extra escaping on checkin * Updated importer to work with newer CSV Reader::getRecords() method * Fixed field mapping * Small fix for reordering fields Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151] This needs revisiting for a more solid fix, especially for data that was already entered bad. * Fixed bug where sorting by company name in Users API did not work Fixes [ch9200] * Removed custom fields from AssignedSearch to prevent confusing data in selectlist Fixes [ch9193] * Removed alert-danger from tests * Fixed missed consumables_count withCount() statement * Fixed Undefined variable user in $backto if checked out to a non-user Fixes [ch9194] * Check for valid model before attempting to access fieldsets Fixes [ch1249] * Only build the log upload destination path if there is a matching record Fixes [ch1232] * Fixed free_seats_count variable name (I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables) * Only gtry to delete the file if a record is found in the log * Only try to get fieldset if model is valid * Fixed more camel-casing -> snake-casing * Only display the file if the log record can be found * Fixed casing in sync command * Updated README * Derp - typo * Added link to Atlassian plugin * More Atlassian clarifications * Show accessory image on view page * Increased image size to 800px, added lightboxes * Fixed #7083 - Removed user_exists constraint on department save If the user has been deleted, this prevented the department from being successfully saved on edit * Updated branch in version file * Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084) * bump up to php7.1 & change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect` * AND modapache >< * 2 updates required to get software-properties+ppa * Bumped version * Bumped release again :( * Missed one * Fixed #7098 - updated backup config for deleteFile() method * Fixed #7092 - handle weird port forwarding/port numbers for baseUrl * Bumped version * Fixed #7099 - set email to null by default for backup notifications * Removed old comments * Fixed #7100 - Check if $user isset on checkin * Increased throttle to 120 requests per minute * Added Filipino, corrected order for Spanish variations * Update language strings * Bumped hash * Changed has to filled to fix bulk asset editing * Bumped point version * Small fixes for phpleague CSB reader v9 * Improved error checking in locations importer * Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility * Reduce minimum group name length to 2 (from 3) eg: IT * Back in time fix FOR #7145 for new installs on MySQL 8+ * Fixed permission insert //TODO Handle this via model * Possible fix for reporting/admin migration back in time * Fixed #7164 - change table name to permission_groups * Fixed LDAP password blanking on save * fixing previous commit's actual wiping of password (#7183) replaced Input::fille('ldap_pword') with _filled_. Should be good to go. https://github.com/snipe/snipe-it/issues/7179 https://github.com/snipe/snipe-it/issues/7169 * Bumped version * Downgrading rollbar for Laravel 5.5 * Spelling Correction (#7206) Fixed Spelling for the word reqrite, to be rewrite. * Fix #6910: Add logic to manipulate the eloquent query. (#7006) * Added company_id to consumables_users table * Added logic to manage when a pivot table doesn't have the column company_id trough a join with users * Remove a migration that tries to fix this problem, but is not longer necessary * Addresses #7238 - add PWA code to layout Needs additional UX testing * Better log message for bad LDAP connection * Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed * Comment clarification on #7186 * Check for valid seat on hardware view * Added space between footer and custom message * Cap warranty months to three characters Filles rollbar 209 * Cap warranty months to 3 on the frontend blade * Fixed countable() strings on user destroy * Check that the user has assets and that the aset model is valid * Bumped hash * Caps asset warranty to 20 years * Command to fix custom field unicode conversion differences between PHP versions (#7263) * Fixes #7252 form request changes (#7272) * Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests * Removed debug info * More fixes for #7252 This is mostly working as intended, if not yet the way Laravel wants us to do it. Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress. * Removed experimental method * Check for digits_between:0,240 for warranty * Removed debug code * Apply fix from PR #7273 to master * Bumped hash * Fixed #7250 - permission issue for API fieldsets and fields endpoints This applies the change from #7294 to master * Add @mskrip as a contributor * Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name * CORS for api (#7292) * Added CORS support to API * Changed order so CORS will still work if throttle hit * Added APP_CORS_ALLOWED_ORIGINS env option * Fixed typo * Clarified header comments * More clarification * DIsable CORS allowed origins by default to replicate existing behavior * Change variable name to be clearer * Bumped version * Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317) * Added comments to the ByFilter query scope for clarity * Added accessories checkout/checkin API endpoint * Fixed CVE-2019-10742 https://nvd.nist.gov/vuln/detail/CVE-2019-10742 * Update README.md (#7334) Add reference to CSV importer. * Group related variables in .env * History importer fixes * Fixes to history importer
2019-08-14 21:48:14 -07:00
if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
$models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->get();
$del_error_count = 0;
$del_count = 0;
foreach ($models as $model) {
\Log::debug($model->id);
if ($model->assets_count > 0) {
$del_error_count++;
} else {
$model->delete();
$del_count++;
}
}
\Log::debug($del_count);
\Log::debug($del_error_count);
if ($del_error_count == 0) {
return redirect()->route('models.index')
->with('success', trans('admin/models/message.bulkdelete.success',['success_count'=> $del_count] ));
}
return redirect()->route('models.index')
->with('warning', trans('admin/models/message.bulkdelete.success_partial', ['fail_count'=>$del_error_count, 'success_count'=> $del_count]));
}
return redirect()->route('models.index')
->with('error', trans('admin/models/message.bulkdelete.error'));
}
/**
* Returns true if a fieldset is set, 'add default values' is ticked and if
* any default values were entered into the form.
*
* @param array $input
* @return boolean
*/
private function shouldAddDefaultValues(array $input)
{
return !empty($input['add_default_values'])
&& !empty($input['default_values'])
&& !empty($input['custom_fieldset']);
}
/**
* Adds default values to a model (as long as they are truthy)
*
* @param AssetModel $model
* @param array $defaultValues
* @return void
*/
private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
{
foreach ($defaultValues as $customFieldId => $defaultValue) {
if ($defaultValue) {
$model->defaultValues()->attach($customFieldId, ['default_value' => $defaultValue]);
}
}
}
/**
* Removes all default values
*
* @return void
*/
private function removeCustomFieldsDefaultValues(AssetModel $model)
{
$model->defaultValues()->detach();
}
2016-03-25 01:18:05 -07:00
}