From 5bc52a942502402cdfdce42905385295062f3726 Mon Sep 17 00:00:00 2001 From: Daniel Meltzer Date: Thu, 23 Jun 2016 09:39:50 -0400 Subject: [PATCH 1/6] Link to user on asset checkout as well as checkin. --- app/Models/Asset.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Models/Asset.php b/app/Models/Asset.php index 63b953faff..e2958fcb4c 100644 --- a/app/Models/Asset.php +++ b/app/Models/Asset.php @@ -155,7 +155,7 @@ class Asset extends Depreciable 'fields' => [ [ 'title' => 'Checked Out:', - 'value' => 'HARDWARE asset <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$this->showAssetName().'> checked out to <'.config('app.url').'/admin/users/'.$this->assigned_to.'/view|'.$this->assigneduser->fullName().'> by <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$admin->fullName().'>.' + 'value' => 'HARDWARE asset <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$this->showAssetName().'> checked out to <'.config('app.url').'/admin/users/'.$this->assigned_to.'/view|'.$this->assigneduser->fullName().'> by <'.config('app.url').'/admin/users/'.Auth::user()->id.'/view'.'|'.$admin->fullName().'>.' ], [ 'title' => 'Note:', From cf29a4a319459186d66c03ec00b1e9526a2564fe Mon Sep 17 00:00:00 2001 From: Daniel Meltzer Date: Mon, 27 Jun 2016 22:47:21 -0400 Subject: [PATCH 2/6] Extract common data from UserController postCreate and postEdit into a helper method. Use this method to store data about user. Fixes #2200 --- app/Http/Controllers/UsersController.php | 103 ++++++++++++----------- 1 file changed, 55 insertions(+), 48 deletions(-) diff --git a/app/Http/Controllers/UsersController.php b/app/Http/Controllers/UsersController.php index 9233fbd30a..7ca6451ccb 100755 --- a/app/Http/Controllers/UsersController.php +++ b/app/Http/Controllers/UsersController.php @@ -102,19 +102,15 @@ class UsersController extends Controller { $user = new User; - $user->first_name = $data['first_name']= e($request->input('first_name')); - $user->last_name = e($request->input('last_name')); + //Username, email, and password need to be handled specially because the need to respect config values on an edit. $user->email = $data['email'] = e($request->input('email')); - $user->activated = 1; - $user->locale = e($request->input('locale')); $user->username = $data['username'] = e($request->input('username')); - $user->permissions = json_encode($request->input('permission')); - if ($request->has('password')) { $user->password = bcrypt($request->input('password')); $data['password'] = $request->input('password'); } - + //populate all generic data. + $user = $this->extractUserDataFromRequest($user, $request); if ($user->save()) { @@ -279,57 +275,26 @@ class UsersController extends Controller return redirect()->route('users')->with('error', $error); } - // Update the user - $user->first_name = e($request->input('first_name')); - $user->last_name = e($request->input('last_name')); - $user->locale = e($request->input('locale')); - if (Input::has('username')) { - $user->username = e($request->input('username')); - } - - $user->email = e($request->input('email')); - $user->employee_num = e($request->input('employee_num')); - $user->activated = e($request->input('activated', $user->activated)); - $user->jobtitle = e($request->input('jobtitle')); - $user->phone = e($request->input('phone')); - $user->location_id = e($request->input('location_id')); - $user->company_id = e(Company::getIdForUser($request->input('company_id'))); - $user->manager_id = e($request->input('manager_id')); - $user->notes = e($request->input('notes')); - $user->permissions = json_encode($request->input('permission')); - - - - - if ($user->manager_id == "") { - $user->manager_id = null; - } - - if ($user->location_id == "") { - $user->location_id = null; - } - + // First handle anything exclusive to editing. if ($request->has('groups')) { $user->groups()->sync($request->input('groups')); } else { $user->groups()->sync(array()); } - + // If lock passwords is set, the username, email, and password cannot be changed. + if(!config('app.lock_passwords')) { // Do we want to update the user password? - if (($request->has('password')) && (!config('app.lock_passwords'))) { - $user->password = bcrypt($request->input('password')); - } - - // Do we want to update the user email? - if (!config('app.lock_passwords')) { + if ($request->has('password')) { + $user->password = bcrypt($request->input('password')); + } + if ( $request->has('username')) { + $user->username = e($request->input('username')); + } $user->email = e($request->input('email')); - } - - - if (!config('app.lock_passwords')) { } + $user = $this->extractUserDataFromRequest($user, $request); // Was the user updated? if ($user->save()) { @@ -346,6 +311,48 @@ class UsersController extends Controller } + /** + * Maps Request Information to a User object + * + * @auther [Daniel Meltzer] [] + * @since [v3.0] + * @param User $user + * @param Request $request + * @return User + */ + private function extractUserDataFromRequest(User $user, Request $request) + { + // Update the user + $user->first_name = e($request->input('first_name')); + $user->last_name = e($request->input('last_name')); + $user->locale = e($request->input('locale')); + $user->employee_num = e($request->input('employee_num')); + $user->activated = e($request->input('activated', $user->activated)); + $user->jobtitle = e($request->input('jobtitle')); + $user->phone = e($request->input('phone')); + $user->location_id = e($request->input('location_id')); + $user->company_id = e(Company::getIdForUser($request->input('company_id'))); + $user->manager_id = e($request->input('manager_id')); + $user->notes = e($request->input('notes')); + $user->permissions = json_encode($request->input('permission')); + + + if ($user->manager_id == "") { + $user->manager_id = null; + } + + if ($user->location_id == "") { + $user->location_id = null; + } + + if ($user->company_id == "") { + $user->company_id = null; + } + + + return $user; + } + /** * Delete a user * From d3b035cfe97027942c25bac396861781c54eea81 Mon Sep 17 00:00:00 2001 From: Daniel Meltzer Date: Mon, 27 Jun 2016 23:16:03 -0400 Subject: [PATCH 3/6] Fix integrity constraint violation on sqlite. If the requestable checkbox was not checked, it did not exist in the request. Setting requestable to null in such a case would cause a violation because it should be 0/1. Also fix a copy/paste where we reset requestable after checking for rtd_location_id. --- app/Http/Controllers/AssetsController.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/app/Http/Controllers/AssetsController.php b/app/Http/Controllers/AssetsController.php index d79c37e3ff..9200b6c81f 100755 --- a/app/Http/Controllers/AssetsController.php +++ b/app/Http/Controllers/AssetsController.php @@ -352,16 +352,13 @@ class AssetsController extends Controller $asset->supplier_id = null; } - if ($request->has('requestable')) { - $asset->requestable = e($request->input('requestable')); - } else { - $asset->requestable = null; - } + // If the box isn't checked, it's not in the request at all. + $asset->requestable = $request->has('requestable'); if ($request->has('rtd_location_id')) { $asset->rtd_location_id = e($request->input('rtd_location_id')); } else { - $asset->requestable = null; + $asset->rtd_location_id = null; } if ($request->has('image_delete')) { From ee1f983114bdc78cae97296d83cc35b3b62fc015 Mon Sep 17 00:00:00 2001 From: Daniel Meltzer Date: Mon, 27 Jun 2016 23:37:15 -0400 Subject: [PATCH 4/6] If the move of the uploaded import file fails, return a message. Fixes an issue reported on gitter today where bad permissions on the upload directory didn't provide any feedback. --- app/Http/Controllers/AssetsController.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/app/Http/Controllers/AssetsController.php b/app/Http/Controllers/AssetsController.php index d79c37e3ff..9f1396120e 100755 --- a/app/Http/Controllers/AssetsController.php +++ b/app/Http/Controllers/AssetsController.php @@ -836,7 +836,12 @@ class AssetsController extends Controller $date = date('Y-m-d-his'); $fixed_filename = str_replace(' ', '-', $file->getClientOriginalName()); - $file->move($path, $date.'-'.$fixed_filename); + try { + $file->move($path, $date.'-'.$fixed_filename); + } catch (\Symfony\Component\HttpFoundation\File\Exception\FileException $exception) { + $results['error']=trans('admin/hardware/message.upload.error'); + return $results; + } $name = date('Y-m-d-his').'-'.$fixed_filename; $filesize = Setting::fileSizeConvert(filesize($path.'/'.$name)); $results[] = compact('name', 'filesize'); @@ -850,7 +855,6 @@ class AssetsController extends Controller } else { - $results['error']=trans('general.feature_disabled'); return $results; } From 278be52f7b8bdbf5c23927dcb25890fe6c557699 Mon Sep 17 00:00:00 2001 From: Daniel Meltzer Date: Mon, 27 Jun 2016 23:54:45 -0400 Subject: [PATCH 5/6] Show the exception message if APP_DEBUG is enabled. --- app/Http/Controllers/AssetsController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/AssetsController.php b/app/Http/Controllers/AssetsController.php index 9f1396120e..8cab0d8475 100755 --- a/app/Http/Controllers/AssetsController.php +++ b/app/Http/Controllers/AssetsController.php @@ -840,6 +840,9 @@ class AssetsController extends Controller $file->move($path, $date.'-'.$fixed_filename); } catch (\Symfony\Component\HttpFoundation\File\Exception\FileException $exception) { $results['error']=trans('admin/hardware/message.upload.error'); + if( config('app.debug')) { + $results['error'].= ' ' . $exception->getMessage(); + } return $results; } $name = date('Y-m-d-his').'-'.$fixed_filename; From b1c28d796578314391a1acd7974caddf1774facb Mon Sep 17 00:00:00 2001 From: Daniel Meltzer Date: Tue, 28 Jun 2016 00:11:59 -0400 Subject: [PATCH 6/6] Move checks back into methods instead of having an extra helper method. Also remove unnecessary lock_passwords checks because there is a check at the top of the method that does this already. --- app/Http/Controllers/UsersController.php | 85 +++++++++++++----------- 1 file changed, 45 insertions(+), 40 deletions(-) diff --git a/app/Http/Controllers/UsersController.php b/app/Http/Controllers/UsersController.php index 7ca6451ccb..2e5bd3c353 100755 --- a/app/Http/Controllers/UsersController.php +++ b/app/Http/Controllers/UsersController.php @@ -109,8 +109,32 @@ class UsersController extends Controller $user->password = bcrypt($request->input('password')); $data['password'] = $request->input('password'); } - //populate all generic data. - $user = $this->extractUserDataFromRequest($user, $request); + // Update the user + $user->first_name = e($request->input('first_name')); + $user->last_name = e($request->input('last_name')); + $user->locale = e($request->input('locale')); + $user->employee_num = e($request->input('employee_num')); + $user->activated = e($request->input('activated', $user->activated)); + $user->jobtitle = e($request->input('jobtitle')); + $user->phone = e($request->input('phone')); + $user->location_id = e($request->input('location_id')); + $user->company_id = e(Company::getIdForUser($request->input('company_id'))); + $user->manager_id = e($request->input('manager_id')); + $user->notes = e($request->input('notes')); + $user->permissions = json_encode($request->input('permission')); + + + if ($user->manager_id == "") { + $user->manager_id = null; + } + + if ($user->location_id == "") { + $user->location_id = null; + } + + if ($user->company_id == "") { + $user->company_id = null; + } if ($user->save()) { @@ -281,47 +305,16 @@ class UsersController extends Controller } else { $user->groups()->sync(array()); } - // If lock passwords is set, the username, email, and password cannot be changed. - if(!config('app.lock_passwords')) { - - // Do we want to update the user password? - if ($request->has('password')) { - $user->password = bcrypt($request->input('password')); - } - if ( $request->has('username')) { - $user->username = e($request->input('username')); - } - $user->email = e($request->input('email')); - + // Do we want to update the user password? + if ($request->has('password')) { + $user->password = bcrypt($request->input('password')); } - $user = $this->extractUserDataFromRequest($user, $request); - - // Was the user updated? - if ($user->save()) { - - - // Prepare the success message - $success = trans('admin/users/message.success.update'); - - // Redirect to the user page - return redirect()->route('users')->with('success', $success); + if ( $request->has('username')) { + $user->username = e($request->input('username')); } + $user->email = e($request->input('email')); - return redirect()->back()->withInput()->withErrors($user->getErrors()); - } - - /** - * Maps Request Information to a User object - * - * @auther [Daniel Meltzer] [] - * @since [v3.0] - * @param User $user - * @param Request $request - * @return User - */ - private function extractUserDataFromRequest(User $user, Request $request) - { // Update the user $user->first_name = e($request->input('first_name')); $user->last_name = e($request->input('last_name')); @@ -350,7 +343,19 @@ class UsersController extends Controller } - return $user; + // Was the user updated? + if ($user->save()) { + + + // Prepare the success message + $success = trans('admin/users/message.success.update'); + + // Redirect to the user page + return redirect()->route('users')->with('success', $success); + } + + return redirect()->back()->withInput()->withErrors($user->getErrors()); + } /**