mirror of
https://github.com/snipe/snipe-it.git
synced 2024-09-19 23:37:38 -07:00
Merge pull request #13295 from inietov/fixes/admins_cannot_view_encrypted_fields
Fixed #11794 Admins Cannot View Encrypted Field
This commit is contained in:
commit
2e1c3fb51b
|
@ -102,10 +102,10 @@ class AssetsTransformer
|
|||
foreach ($asset->model->fieldset->fields as $field) {
|
||||
if ($field->isFieldDecryptable($asset->{$field->db_column})) {
|
||||
$decrypted = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
|
||||
$value = (Gate::allows('superadmin')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted'));
|
||||
$value = (Gate::allows('assets.view.encrypted_custom_fields')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted'));
|
||||
|
||||
if ($field->format == 'DATE'){
|
||||
if (Gate::allows('superadmin')){
|
||||
if (Gate::allows('assets.view.encrypted_custom_fields')){
|
||||
$value = Helper::getFormattedDateObject($value, 'date', false);
|
||||
} else {
|
||||
$value = strtoupper(trans('admin/custom_fields/general.encrypted'));
|
||||
|
|
|
@ -146,6 +146,11 @@ class AuthServiceProvider extends ServiceProvider
|
|||
}
|
||||
});
|
||||
|
||||
Gate::define('assets.view.encrypted_custom_fields', function ($user) {
|
||||
if($user->hasAccess('assets.view.encrypted_custom_fields')){
|
||||
return true;
|
||||
}
|
||||
});
|
||||
|
||||
// -----------------------------------------
|
||||
// Reports
|
||||
|
|
|
@ -106,6 +106,13 @@ return [
|
|||
'display' => true,
|
||||
],
|
||||
|
||||
[
|
||||
'permission' => 'assets.view.encrypted_custom_fields',
|
||||
'label' => 'View and Modify Encrypted Custom Fields',
|
||||
'note' => '',
|
||||
'display' => true,
|
||||
],
|
||||
|
||||
],
|
||||
|
||||
'Accessories' => [
|
||||
|
|
|
@ -410,7 +410,7 @@
|
|||
@endif
|
||||
|
||||
@if ($field->isFieldDecryptable($asset->{$field->db_column_name()} ))
|
||||
@can('superuser')
|
||||
@can('assets.view.encrypted_custom_fields')
|
||||
@if (($field->format=='URL') && ($asset->{$field->db_column_name()}!=''))
|
||||
<a href="{{ Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }}" target="_new">{{ Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }}</a>
|
||||
@elseif (($field->format=='DATE') && ($asset->{$field->db_column_name()}!=''))
|
||||
|
|
|
@ -53,7 +53,7 @@
|
|||
|
||||
|
||||
@else
|
||||
@if (($field->field_encrypted=='0') || (Gate::allows('admin')))
|
||||
@if (($field->field_encrypted=='0') || (Gate::allows('assets.view.encrypted_custom_fields')))
|
||||
<input type="text" value="{{ Request::old($field->db_column_name(),(isset($item) ? Helper::gracefulDecrypt($field, $item->{$field->db_column_name()}) : $field->defaultValue($model->id))) }}" id="{{ $field->db_column_name() }}" class="form-control" name="{{ $field->db_column_name() }}" placeholder="Enter {{ strtolower($field->format) }} text">
|
||||
@else
|
||||
<input type="text" value="{{ strtoupper(trans('admin/custom_fields/general.encrypted')) }}" class="form-control disabled" disabled>
|
||||
|
|
Loading…
Reference in a new issue