Merge remote-tracking branch 'origin/develop'

2024-09-23 01:07:42 -07:00 · 2023-10-09 15:19:29 +01:00 · 2023-10-09 15:19:29 +01:00 · 2789f67bb4
parent a1f3a5c624 7a0d3f788f
commit 2789f67bb4
6 changed files with 17 additions and 16 deletions
--- a/app/Http/Controllers/Accessories/AccessoriesFilesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesFilesController.php
@ -146,9 +146,8 @@ class AccessoriesFilesController extends Controller
            $this->authorize('view', $accessory);
            $this->authorize('accessories.files', $accessory);

-            if (! $log = Actionlog::find($fileId)) {
-                return response('No matching record for that asset/file', 500)
-                    ->header('Content-Type', 'text/plain');
+            if (! $log = Actionlog::find($fileId)->whereNotNull('filename')->where('item_id', $accessory->id)->first()) {
+                return redirect()->route('accessories.index')->with('error',  trans('admin/users/message.log_record_not_found'));
            }

            $file = 'private_uploads/accessories/'.$log->filename;
--- a/app/Http/Controllers/Assets/AssetFilesController.php
+++ b/app/Http/Controllers/Assets/AssetFilesController.php
@ -86,7 +86,7 @@ class AssetFilesController extends Controller
        if (isset($asset->id)) {
            $this->authorize('view', $asset);

-            if (! $log = Actionlog::find($fileId)) {
+            if (! $log = Actionlog::find($fileId)->whereNotNull('filename')->where('item_id', $asset->id)->first()) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
--- a/app/Http/Controllers/Consumables/ConsumablesFilesController.php
+++ b/app/Http/Controllers/Consumables/ConsumablesFilesController.php
@ -140,7 +140,7 @@ class ConsumablesFilesController extends Controller
            $this->authorize('view', $consumable);
            $this->authorize('consumables.files', $consumable);

-            if (! $log = Actionlog::find($fileId)) {
+            if (! $log = Actionlog::find($fileId)->whereNotNull('filename')->where('item_id', $consumable->id)->first()) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
--- a/app/Http/Controllers/Licenses/LicenseFilesController.php
+++ b/app/Http/Controllers/Licenses/LicenseFilesController.php
@ -137,7 +137,7 @@ class LicenseFilesController extends Controller
            $this->authorize('view', $license);
            $this->authorize('licenses.files', $license);

-            if (! $log = Actionlog::find($fileId)) {
+            if (! $log = Actionlog::find($fileId)->whereNotNull('filename')->where('item_id', $license->id)->first()) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
--- a/app/Http/Controllers/Users/UserFilesController.php
+++ b/app/Http/Controllers/Users/UserFilesController.php
@ -143,18 +143,20 @@ class UserFilesController extends Controller

            $this->authorize('view', $user);

-            $log = Actionlog::find($fileId);
+            if ($log = Actionlog::find($fileId)->whereNotNull('filename')->where('item_id', $user->id)->first()) {

-            // Display the file inline
-            if (request('inline') == 'true') {
-                $headers = [
-                    'Content-Disposition' => 'inline',
-                ];
-                return Storage::download('private_uploads/users/'.$log->filename, $log->filename, $headers);
+                // Display the file inline
+                if (request('inline') == 'true') {
+                    $headers = [
+                        'Content-Disposition' => 'inline',
+                    ];
+                    return Storage::download('private_uploads/users/'.$log->filename, $log->filename, $headers);
+                }
+
+                return Storage::download('private_uploads/users/'.$log->filename);
            }

-            return Storage::download('private_uploads/users/'.$log->filename);
-
+            return redirect()->route('users.index')->with('error',  trans('admin/users/message.log_record_not_found'));
        }

        // Redirect to the user management page if the user doesn't exist
--- a/resources/lang/en/admin/users/message.php
+++ b/resources/lang/en/admin/users/message.php
@ -15,7 +15,7 @@ return array(
    'password_resets_sent'      => 'The selected users who are activated and have a valid email addresses have been sent a password reset link.',
    'password_reset_sent'       => 'A password reset link has been sent to :email!',
    'user_has_no_email'         => 'This user does not have an email address in their profile.',
-    'user_has_no_assets_assigned'   => 'This user does not have any assets assigned',
+    'log_record_not_found'        => 'A matching log record for this user could not be found.',


    'success' => array(