not quite done, api side needs some work

2024-09-19 23:37:38 -07:00 · 2024-08-14 13:53:29 -05:00 · 2024-08-14 13:53:29 -05:00 · 20ec420ba3
parent a70b94e707
commit 20ec420ba3
4 changed files with 70 additions and 69 deletions
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@ -427,7 +427,7 @@ class UsersController extends Controller
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
     */
-    public function update(SaveUserRequest $request, $id) : JsonResponse
+    public function update(SaveUserRequest $request, User $user): JsonResponse
    {
        $this->authorize('update', User::class);

--- a/app/Http/Controllers/Users/UsersController.php
+++ b/app/Http/Controllers/Users/UsersController.php
@ -214,35 +214,30 @@ class UsersController extends Controller
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function update(SaveUserRequest $request, $id = null)
+    public function update(SaveUserRequest $request, User $user)
    {
        $this->authorize('update', User::class);

        // This is a janky hack to prevent people from changing admin demo user data on the public demo.
        // The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
        // Thanks, jerks. You are why we can't have nice things. - snipe
-
-        if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
+        if ((($user->id == 1) || ($user->id == 2)) && (config('app.lock_passwords'))) {
            return redirect()->route('users.index')->with('error', trans('general.permission_denied_superuser_demo'));
        }

-
        // We need to reverse the UI specific logic for our
        // permissions here before we update the user.
        $permissions = $request->input('permissions', []);
        app('request')->request->set('permissions', $permissions);

-        $user = User::with(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed()->find($id);
+        $user->load(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed();

-        // User is valid - continue...
-
-
-        if ($user) {
        $this->authorize('update', $user);

-            if ($request->has('company_id') && $user->allAssignedCount() > 0 && Setting::getSettings()->full_multiple_companies_support) {
-                return back()->with('error', trans('admin/users/message.multi_company_items_assigned'));
-            }
+        //see if i can get this working at request level
+        //if ($request->has('company_id') && $user->allAssignedCount() > 0 && Setting::getSettings()->full_multiple_companies_support) {
+        //    return back()->with('error', trans('admin/users/message.multi_company_items_assigned'));
+        //}

            // Figure out of this user was an admin before this edit
        $orig_permissions_array = $user->decodePermissions();
@ -270,7 +265,6 @@ class UsersController extends Controller
        $user->jobtitle = $request->input('jobtitle', null);
        $user->phone = $request->input('phone');
        $user->location_id = $request->input('location_id', null);
-
        $user->company_id = Company::getIdForUser($request->input('company_id', null));
        $user->manager_id = $request->input('manager_id', null);
        $user->notes = $request->input('notes');
@ -325,13 +319,7 @@ class UsersController extends Controller
                return redirect()->to(Helper::getRedirectOption($request, $user->id, 'Users'))
                    ->with('success', trans('admin/users/message.success.update'));
            }
-
            return redirect()->back()->withInput()->withErrors($user->getErrors());
-
-
-        }
-
-        return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
    }

    /**
--- a/app/Http/Requests/SaveUserRequest.php
+++ b/app/Http/Requests/SaveUserRequest.php
@ -31,9 +31,19 @@ class SaveUserRequest extends FormRequest
     */
    public function rules()
    {
+        //dd($this->user);
        $rules = [
            'department_id' => 'nullable|exists:departments,id',
            'manager_id' => 'nullable|exists:users,id',
+            'company_id' => [
+                // determines if the user is being moved between companies and checks to see if they have any items assigned
+                function ($attribute, $value, $fail) {
+                    dd($this->user);
+                    if (($this->has('company_id')) && ($this->user->allAssignedCount() > 0) && (Setting::getSettings()->full_multiple_companies_support)) {
+                        $fail(trans('admin/users/message.error.multi_company_items_assigned'));
+                    }
+                }
+            ]
        ];

        switch ($this->method()) {
--- a/routes/web/users.php
+++ b/routes/web/users.php
@ -145,10 +145,13 @@ Route::group(['prefix' => 'users', 'middleware' => ['auth']], function () {
        ]
    )->name('users/bulkeditsave');

-
+    // pulling this out of the resource because I need route model binding in the request
+    Route::patch('/{user}', [Users\UsersController::class, 'update'])->name('users.update');
+    Route::put('/{user}', [Users\UsersController::class, 'update'])->name('users.put-update');
 });

 Route::resource('users', Users\UsersController::class, [
    'middleware' => ['auth'],
    'parameters' => ['user' => 'user_id'],
+    'except' => ['update']
 ]);