DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-12-26 06:04:08 -08:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity

Allow the Assets API controller to handle depreciation reports

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2021-09-01 17:33:39 -07:00
parent 387018c44e
commit 2f25eb598b
1 changed files with 32 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
app/Http/Controllers/Api/AssetsController.php
View file

@ -7,6 +7,7 @@ use App\Helpers\Helper;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\AssetCheckoutRequest; use App\Http\Requests\AssetCheckoutRequest;
use App\Http\Transformers\AssetsTransformer; use App\Http\Transformers\AssetsTransformer;
use App\Http\Transformers\DepreciationReportTransformer;
use App\Http\Transformers\LicensesTransformer; use App\Http\Transformers\LicensesTransformer;
use App\Http\Transformers\SelectlistTransformer; use App\Http\Transformers\SelectlistTransformer;
use App\Models\Actionlog; use App\Models\Actionlog;
@ -29,6 +30,7 @@ use Slack;
use Str; use Str;
use TCPDF; use TCPDF;
use Validator; use Validator;
use Route;
/** /**
@ -52,7 +54,29 @@ class AssetsController extends Controller
public function index(Request $request, $audit = null) public function index(Request $request, $audit = null)
{ {
$this->authorize('index', Asset::class); \Log::debug(Route::currentRouteName());
/**
* This looks MAD janky (and it is), but the AssetsController@index does a LOT of heavy lifting throughout the
* app. This bit here just makes sure that someone without permission to view assets doesn't
* end up with priv escalations because they asked for a different endpoint.
*
* Since we never gave the specification for which transformer to use before, it should default
* gracefully to just use the AssetTransformer by default, which shouldn't break anything.
*
* It was either this mess, or repeating ALL of the searching and sorting and filtering code,
* which would have been far worse of a mess. *sad face* - snipe (Sept 1, 2021)
*/
if (Route::currentRouteName()=='api.depreciation-report.index') {
$transformer = 'App\Http\Transformers\DepreciationReportTransformer';
$this->authorize('reports.view');
} else {
$transformer = 'App\Http\Transformers\AssetsTransformer';
$this->authorize('index', Asset::class);
}
$settings = Setting::getSettings(); $settings = Setting::getSettings();
$allowed_columns = [ $allowed_columns = [
@ -295,8 +319,12 @@ class AssetsController extends Controller
$total = $assets->count(); $total = $assets->count();
$assets = $assets->skip($offset)->take($limit)->get(); $assets = $assets->skip($offset)->take($limit)->get();
// dd($assets);
return (new AssetsTransformer)->transformAssets($assets, $total); /**
* Here we're just determining which Transformer (via $transformer) to use based on the
* variables we set earlier on in this method - we default to AssetsTransformer.
*/
return (new $transformer)->transformAssets($assets, $total);
} }