DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-02-21 03:15:45 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Fixed asset model permission not granted for edit

Browse source
This commit is contained in:
snipe 2018-03-07 18:22:49 -08:00
parent 95d935d917
commit 1d130b4a89
3 changed files with 29 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/Http/Controllers/AssetModelsController.php
View file

@ -166,7 +166,7 @@ class AssetModelsController extends Controller
*/
public function edit($modelId = null)
{
$this->authorize('edit', AssetModel::class);
$this->authorize('update', AssetModel::class);
if ($item = AssetModel::find($modelId)) {
$category_type = 'asset';
$view = View::make('models/edit', compact('item','category_type'));
@ -190,7 +190,7 @@ class AssetModelsController extends Controller
*/
public function update(ImageUploadRequest $request, $modelId = null)
{
$this->authorize('edit', AssetModel::class);
$this->authorize('update', AssetModel::class);
// Check if the model exists
if (is_null($model = AssetModel::find($modelId))) {
// Redirect to the models management page

13
app/Policies/DepreciationPolicy.php Normal file
View file

@ -0,0 +1,13 @@
<?php
namespace App\Policies;
use App\Policies\SnipePermissionsPolicy;
class DepreciationPolicy extends SnipePermissionsPolicy
{
protected function columnName()
{
return 'depreciations';
}
}

26
app/Providers/AuthServiceProvider.php
View file

@ -12,6 +12,7 @@ use App\Models\CustomField;
use App\Models\Department;
use App\Models\License;
use App\Models\Location;
use App\Models\Depreciation;
use App\Models\Statuslabel;
use App\Models\Supplier;
use App\Models\Manufacturer;
@ -25,6 +26,7 @@ use App\Policies\ComponentPolicy;
use App\Policies\ConsumablePolicy;
use App\Policies\CustomFieldPolicy;
use App\Policies\DepartmentPolicy;
use App\Policies\DepreciationPolicy;
use App\Policies\LicensePolicy;
use App\Policies\LocationPolicy;
use App\Policies\StatuslabelPolicy;
@ -55,6 +57,7 @@ class AuthServiceProvider extends ServiceProvider
Consumable::class => ConsumablePolicy::class,
CustomField::class => CustomFieldPolicy::class,
Department::class => DepartmentPolicy::class,
Depreciation::class => DepreciationPolicy::class,
License::class => LicensePolicy::class,
Location::class => LocationPolicy::class,
Statuslabel::class => StatuslabelPolicy::class,
@ -130,18 +133,17 @@ class AuthServiceProvider extends ServiceProvider
});
Gate::define('backend.interact', function ($user) {
return $user->can('view', \App\Models\Statuslabel::class)
|| $user->can('view', \App\Models\AssetModel::class)
|| $user->can('view', \App\Models\Category::class)
|| $user->can('view', \App\Models\Manufacturer::class)
|| $user->can('view', \App\Models\Supplier::class)
|| $user->can('view', \App\Models\Department::class)
|| $user->can('view', \App\Models\Location::class)
|| $user->can('view', \App\Models\Company::class)
|| $user->can('view', \App\Models\Manufacturer::class)
|| $user->can('view', \App\Models\Company::class)
|| $user->can('view', \App\Models\CustomField::class)
|| $user->can('view', \App\Models\Depreciation::class);
return $user->can('view', Statuslabel::class)
|| $user->can('view', AssetModel::class)
|| $user->can('view', Category::class)
|| $user->can('view', Manufacturer::class)
|| $user->can('view', Supplier::class)
|| $user->can('view', Department::class)
|| $user->can('view', Location::class)
|| $user->can('view', Company::class)
|| $user->can('view', Manufacturer::class)
|| $user->can('view', CustomField::class)
|| $user->can('view', Depreciation::class);
});
}
}