diff --git a/app/Exceptions/CheckoutNotAllowed.php b/app/Exceptions/CheckoutNotAllowed.php index 74c65efb1f..dc80a44f4e 100644 --- a/app/Exceptions/CheckoutNotAllowed.php +++ b/app/Exceptions/CheckoutNotAllowed.php @@ -7,6 +7,6 @@ class CheckoutNotAllowed extends Exception { public function __toString() { - "A checkout is not allowed under these circumstances"; + return "A checkout is not allowed under these circumstances"; } } diff --git a/app/Http/Controllers/Api/AssetsController.php b/app/Http/Controllers/Api/AssetsController.php index 8d1fe7b335..6b005c2bc8 100644 --- a/app/Http/Controllers/Api/AssetsController.php +++ b/app/Http/Controllers/Api/AssetsController.php @@ -457,16 +457,28 @@ class AssetsController extends Controller $this->authorize('checkout', $asset); + $error_payload = []; + $error_payload['asset'] = [ + 'id' => $asset->id, + 'asset_tag' => $asset->asset_tag, + ]; if ($request->has('user_id')) { $target = User::find($request->input('user_id')); + $error_payload['target_id'] = $request->input('user_id'); + $error_payload['target_type'] = User::class; + // Don't let the user check an asset out to itself } elseif ($request->has('asset_id')) { - $target = Asset::find($request->input('asset_id')); + $target = Asset::where('id','!=',$asset_id)->find($request->input('asset_id')); + $error_payload['target_id'] = $request->input('asset_id'); + $error_payload['target_type'] = Asset::class; } elseif ($request->has('location_id')) { $target = Location::find($request->input('location_id')); + $error_payload['target_id'] = $request->input('location_id'); + $error_payload['target_type'] = Location::class; } if (!isset($target)) { - return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], 'No valid checkout target specified for asset '.e($asset->asset_tag).'.')); + return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'No valid checkout target specified for asset '.e($asset->asset_tag).'.')); } $checkout_at = request('checkout_at', date("Y-m-d H:i:s")); diff --git a/app/Http/Controllers/AssetsController.php b/app/Http/Controllers/AssetsController.php index 0e91949fb2..01fc3d55c2 100755 --- a/app/Http/Controllers/AssetsController.php +++ b/app/Http/Controllers/AssetsController.php @@ -458,7 +458,7 @@ class AssetsController extends Controller if (request('assigned_user')) { $target = User::find(request('assigned_user')); } elseif (request('assigned_asset')) { - $target = Asset::find(request('assigned_asset')); + $target = Asset::where('id','!=',$assetId)->find(request('assigned_asset')); } elseif (request('assigned_location')) { $target = Location::find(request('assigned_location')); } diff --git a/app/Http/Requests/AssetCheckoutRequest.php b/app/Http/Requests/AssetCheckoutRequest.php index 7c341b3028..d0991b308d 100644 --- a/app/Http/Requests/AssetCheckoutRequest.php +++ b/app/Http/Requests/AssetCheckoutRequest.php @@ -23,10 +23,13 @@ class AssetCheckoutRequest extends Request */ public function rules() { - return [ + $rules = [ "assigned_user" => 'required_without_all:assigned_asset,assigned_location', - "assigned_asset" => 'required_without_all:assigned_user,assigned_location', + "assigned_asset" => 'required_without_all:assigned_user,assigned_location|different:'.$this->id, "assigned_location" => 'required_without_all:assigned_user,assigned_asset', ]; + + + return $rules; } }