snipe-it/app/Http/Controllers/ActionlogController.php

<?php

namespace App\Http\Controllers;

use App\Helpers\Helper;
use App\Models\Actionlog;
use Response;

class ActionlogController extends Controller
{
    public function displaySig($filename)
    {
        // PHP doesn't let you handle file not found errors well with 
        // file_get_contents, so we set the error reporting for just this class
        error_reporting(0);

        $this->authorize('view', \App\Models\Asset::class);
        $file = config('app.private_uploads').'/signatures/'.$filename;
        $filetype = Helper::checkUploadIsImage($file);

        $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
        if ($contents === false) {
            \Log::warn('File '.$file.' not found');
            return false;
        } else {
            return Response::make($contents)->header('Content-Type', $filetype);
        }
       
    }
    public function getStoredEula($filename){
        $this->authorize('view', \App\Models\Asset::class);
        $file = config('app.private_uploads').'/eula-pdfs/'.$filename;

        return Response::download($file);
    }
}
Adds drawn signature to asset acceptance (#2846) * Adds digital signature to asset acceptance This is still a little broken - the history is displaying “Deleted user”, since there is no item type listed. Saving the item_type as App\Models\User tries to update accepted on the users table, which obviously doesn’t exist. * Use asset facade for folks in subdirs * Possible fix for weird accepted/declined display * Display signature in modal popup if sigs are required * Wrap that display file in auth middleware, just to be sure. It shoudl fail if you’re not authorized since you’re not logged in, but better safe than sorry * Fixed header section of layout * Removed extra drop from migration rollback 2016-10-31 21:00:30 -07:00			`<?php`

			`namespace App\Http\Controllers;`

			`use App\Helpers\Helper;`
clean up 2022-03-16 09:54:10 -07:00			`use App\Models\Actionlog;`
Adds drawn signature to asset acceptance (#2846) * Adds digital signature to asset acceptance This is still a little broken - the history is displaying “Deleted user”, since there is no item type listed. Saving the item_type as App\Models\User tries to update accepted on the users table, which obviously doesn’t exist. * Use asset facade for folks in subdirs * Possible fix for weird accepted/declined display * Display signature in modal popup if sigs are required * Wrap that display file in auth middleware, just to be sure. It shoudl fail if you’re not authorized since you’re not logged in, but better safe than sorry * Fixed header section of layout * Removed extra drop from migration rollback 2016-10-31 21:00:30 -07:00			`use Response;`

			`class ActionlogController extends Controller`
			`{`
			`public function displaySig($filename)`
			`{`
Handle file_get_contents more gracefully Signed-off-by: snipe <snipe@snipe.net> 2022-03-04 02:54:37 -08:00			`// PHP doesn't let you handle file not found errors well with`
			`// file_get_contents, so we set the error reporting for just this class`
			`error_reporting(0);`

Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations. 2016-12-19 11:04:28 -08:00			`$this->authorize('view', \App\Models\Asset::class);`
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200 2021-06-10 13:15:52 -07:00			`$file = config('app.private_uploads').'/signatures/'.$filename;`
Adds drawn signature to asset acceptance (#2846) * Adds digital signature to asset acceptance This is still a little broken - the history is displaying “Deleted user”, since there is no item type listed. Saving the item_type as App\Models\User tries to update accepted on the users table, which obviously doesn’t exist. * Use asset facade for folks in subdirs * Possible fix for weird accepted/declined display * Display signature in modal popup if sigs are required * Wrap that display file in auth middleware, just to be sure. It shoudl fail if you’re not authorized since you’re not logged in, but better safe than sorry * Fixed header section of layout * Removed extra drop from migration rollback 2016-10-31 21:00:30 -07:00			`$filetype = Helper::checkUploadIsImage($file);`
Adopt Laravel coding style Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200 2021-06-10 13:15:52 -07:00
Handle file_get_contents more gracefully Signed-off-by: snipe <snipe@snipe.net> 2022-03-04 02:54:37 -08:00			`$contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));`
			`if ($contents === false) {`
			`\Log::warn('File '.$file.' not found');`
			`return false;`
			`} else {`
			`return Response::make($contents)->header('Content-Type', $filetype);`
			`}`

Adds drawn signature to asset acceptance (#2846) * Adds digital signature to asset acceptance This is still a little broken - the history is displaying “Deleted user”, since there is no item type listed. Saving the item_type as App\Models\User tries to update accepted on the users table, which obviously doesn’t exist. * Use asset facade for folks in subdirs * Possible fix for weird accepted/declined display * Display signature in modal popup if sigs are required * Wrap that display file in auth middleware, just to be sure. It shoudl fail if you’re not authorized since you’re not logged in, but better safe than sorry * Fixed header section of layout * Removed extra drop from migration rollback 2016-10-31 21:00:30 -07:00			`}`
routes eula agreements for download correctly to the asset history 2022-03-16 11:51:40 -07:00			`public function getStoredEula($filename){`
			`$this->authorize('view', \App\Models\Asset::class);`
			`$file = config('app.private_uploads').'/eula-pdfs/'.$filename;`

			`return Response::download($file);`
			`}`
Adds drawn signature to asset acceptance (#2846) * Adds digital signature to asset acceptance This is still a little broken - the history is displaying “Deleted user”, since there is no item type listed. Saving the item_type as App\Models\User tries to update accepted on the users table, which obviously doesn’t exist. * Use asset facade for folks in subdirs * Possible fix for weird accepted/declined display * Display signature in modal popup if sigs are required * Wrap that display file in auth middleware, just to be sure. It shoudl fail if you’re not authorized since you’re not logged in, but better safe than sorry * Fixed header section of layout * Removed extra drop from migration rollback 2016-10-31 21:00:30 -07:00			`}`