mirror of
https://github.com/snipe/snipe-it.git
synced 2024-09-19 23:37:38 -07:00
not quite done, api side needs some work
This commit is contained in:
parent
a70b94e707
commit
20ec420ba3
|
@ -427,7 +427,7 @@ class UsersController extends Controller
|
|||
* @param \Illuminate\Http\Request $request
|
||||
* @param int $id
|
||||
*/
|
||||
public function update(SaveUserRequest $request, $id) : JsonResponse
|
||||
public function update(SaveUserRequest $request, User $user): JsonResponse
|
||||
{
|
||||
$this->authorize('update', User::class);
|
||||
|
||||
|
|
|
@ -214,35 +214,30 @@ class UsersController extends Controller
|
|||
* @return \Illuminate\Http\RedirectResponse
|
||||
* @throws \Illuminate\Auth\Access\AuthorizationException
|
||||
*/
|
||||
public function update(SaveUserRequest $request, $id = null)
|
||||
public function update(SaveUserRequest $request, User $user)
|
||||
{
|
||||
$this->authorize('update', User::class);
|
||||
|
||||
// This is a janky hack to prevent people from changing admin demo user data on the public demo.
|
||||
// The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
|
||||
// Thanks, jerks. You are why we can't have nice things. - snipe
|
||||
|
||||
if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
|
||||
if ((($user->id == 1) || ($user->id == 2)) && (config('app.lock_passwords'))) {
|
||||
return redirect()->route('users.index')->with('error', trans('general.permission_denied_superuser_demo'));
|
||||
}
|
||||
|
||||
|
||||
// We need to reverse the UI specific logic for our
|
||||
// permissions here before we update the user.
|
||||
$permissions = $request->input('permissions', []);
|
||||
app('request')->request->set('permissions', $permissions);
|
||||
|
||||
$user = User::with(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed()->find($id);
|
||||
$user->load(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed();
|
||||
|
||||
// User is valid - continue...
|
||||
|
||||
|
||||
if ($user) {
|
||||
$this->authorize('update', $user);
|
||||
|
||||
if ($request->has('company_id') && $user->allAssignedCount() > 0 && Setting::getSettings()->full_multiple_companies_support) {
|
||||
return back()->with('error', trans('admin/users/message.multi_company_items_assigned'));
|
||||
}
|
||||
//see if i can get this working at request level
|
||||
//if ($request->has('company_id') && $user->allAssignedCount() > 0 && Setting::getSettings()->full_multiple_companies_support) {
|
||||
// return back()->with('error', trans('admin/users/message.multi_company_items_assigned'));
|
||||
//}
|
||||
|
||||
// Figure out of this user was an admin before this edit
|
||||
$orig_permissions_array = $user->decodePermissions();
|
||||
|
@ -270,7 +265,6 @@ class UsersController extends Controller
|
|||
$user->jobtitle = $request->input('jobtitle', null);
|
||||
$user->phone = $request->input('phone');
|
||||
$user->location_id = $request->input('location_id', null);
|
||||
|
||||
$user->company_id = Company::getIdForUser($request->input('company_id', null));
|
||||
$user->manager_id = $request->input('manager_id', null);
|
||||
$user->notes = $request->input('notes');
|
||||
|
@ -325,13 +319,7 @@ class UsersController extends Controller
|
|||
return redirect()->to(Helper::getRedirectOption($request, $user->id, 'Users'))
|
||||
->with('success', trans('admin/users/message.success.update'));
|
||||
}
|
||||
|
||||
return redirect()->back()->withInput()->withErrors($user->getErrors());
|
||||
|
||||
|
||||
}
|
||||
|
||||
return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -31,9 +31,19 @@ class SaveUserRequest extends FormRequest
|
|||
*/
|
||||
public function rules()
|
||||
{
|
||||
//dd($this->user);
|
||||
$rules = [
|
||||
'department_id' => 'nullable|exists:departments,id',
|
||||
'manager_id' => 'nullable|exists:users,id',
|
||||
'company_id' => [
|
||||
// determines if the user is being moved between companies and checks to see if they have any items assigned
|
||||
function ($attribute, $value, $fail) {
|
||||
dd($this->user);
|
||||
if (($this->has('company_id')) && ($this->user->allAssignedCount() > 0) && (Setting::getSettings()->full_multiple_companies_support)) {
|
||||
$fail(trans('admin/users/message.error.multi_company_items_assigned'));
|
||||
}
|
||||
}
|
||||
]
|
||||
];
|
||||
|
||||
switch ($this->method()) {
|
||||
|
|
|
@ -145,10 +145,13 @@ Route::group(['prefix' => 'users', 'middleware' => ['auth']], function () {
|
|||
]
|
||||
)->name('users/bulkeditsave');
|
||||
|
||||
|
||||
// pulling this out of the resource because I need route model binding in the request
|
||||
Route::patch('/{user}', [Users\UsersController::class, 'update'])->name('users.update');
|
||||
Route::put('/{user}', [Users\UsersController::class, 'update'])->name('users.put-update');
|
||||
});
|
||||
|
||||
Route::resource('users', Users\UsersController::class, [
|
||||
'middleware' => ['auth'],
|
||||
'parameters' => ['user' => 'user_id'],
|
||||
'except' => ['update']
|
||||
]);
|
Loading…
Reference in a new issue