DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Add CustomFieldPermissionException handling

Browse source
This commit is contained in:
spencerrlongg 2024-11-19 17:45:35 -06:00
parent 9f815996c7
commit 3cf583ab03
5 changed files with 62 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
app/Actions/Assets/UpdateAssetAction.php
View file

@ -3,6 +3,7 @@
namespace App\Actions\Assets;
use App\Events\CheckoutableCheckedIn;
use App\Exceptions\CustomFieldPermissionException;
use App\Http\Requests\ImageUploadRequest;
use App\Models\Asset;
use App\Models\AssetModel;
@ -20,6 +21,7 @@ class UpdateAssetAction
{
/**
* @throws ValidationException
* @throws CustomFieldPermissionException
*/
public static function run(
Asset $asset,
@ -135,26 +137,50 @@ class UpdateAssetAction
// FIXME: No idea why this is returning a Builder error on db_column_name.
// Need to investigate and fix. Using static method for now.
//if (($model) && ($model->fieldset)) {
// dump($model->fieldset->fields);
// foreach ($model->fieldset->fields as $field) {
//
//
// if ($field->field_encrypted == '1') {
// if (Gate::allows('assets.view.encrypted_custom_fields')) {
// if (is_array($request->input($field->db_column))) {
// $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
// } else {
// $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
// }
// throw new CustomFieldPermissionException();
// continue;
// }
// } else {
// if (is_array($request->input($field->db_column))) {
// $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
// } else {
// $asset->{$field->db_column} = $request->input($field->db_column);
// }
// }
// }
//}
$model = $asset->model;
if (($model) && ($model->fieldset)) {
dump($model->fieldset->fields);
if (($model) && (isset($model->fieldset))) {
foreach ($model->fieldset->fields as $field) {
$field_val = $request->input($field->db_column, null);
if ($field->field_encrypted == '1') {
if (Gate::allows('assets.view.encrypted_custom_fields')) {
if (is_array($request->input($field->db_column))) {
$asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
} else {
$asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
if ($request->has($field->db_column)) {
if ($field->element == 'checkbox') {
if (is_array($field_val)) {
$field_val = implode(',', $field_val);
}
}
} else {
if (is_array($request->input($field->db_column))) {
$asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
} else {
$asset->{$field->db_column} = $request->input($field->db_column);
if ($field->field_encrypted == '1') {
if (Gate::allows('assets.view.encrypted_custom_fields')) {
$field_val = Crypt::encrypt($field_val);
} else {
throw new CustomFieldPermissionException();
continue;
}
}
$asset->{$field->db_column} = $field_val;
}
}
}

10
app/Exceptions/CustomFieldPermissionException.php Normal file
View file

@ -0,0 +1,10 @@
<?php
namespace App\Exceptions;
use Exception;
class CustomFieldPermissionException extends Exception
{
//
}

4
app/Http/Controllers/Api/AssetsController.php
View file

@ -7,6 +7,7 @@ use App\Actions\Assets\StoreAssetAction;
use App\Actions\Assets\UpdateAssetAction;
use App\Events\CheckoutableCheckedIn;
use App\Exceptions\CheckoutNotAllowed;
use App\Exceptions\CustomFieldPermissionException;
use App\Http\Requests\Assets\StoreAssetRequest;
use App\Http\Requests\Assets\UpdateAssetRequest;
use App\Http\Traits\MigratesLegacyAssetLocations;
@ -626,7 +627,6 @@ class AssetsController extends Controller
assigned_user: $request->validated('assigned_user'),
assigned_asset: $request->validated('assigned_asset'),
assigned_location: $request->validated('assigned_location'),
custom_fields: $custom_fields,
request: $request, //this is just for the handleImages method...
last_audit_date: $request->validated('last_audit_date'),
);
@ -657,6 +657,8 @@ class AssetsController extends Controller
return response()->json(Helper::formatStandardApiResponse('error', null, $e->getMessage()), 200);
} catch (ValidationException $e) {
return response()->json(Helper::formatStandardApiResponse('error', null, $e->getErrors()), 200);
} catch (CustomFieldPermissionException $e) {
return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.encrypted_warning')));
} catch (\Exception $e) {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.something_went_wrong')));
}

8
app/Http/Controllers/Assets/BulkAssetsController.php
View file

@ -4,6 +4,7 @@ namespace App\Http\Controllers\Assets;
use App\Actions\Assets\StoreAssetAction;
use App\Actions\Assets\UpdateAssetAction;
use App\Exceptions\CustomFieldPermissionException;
use App\Helpers\Helper;
use App\Http\Controllers\CheckInOutRequest;
use App\Http\Controllers\Controller;
@ -209,6 +210,7 @@ class BulkAssetsController extends Controller
$this->authorize('update', Asset::class);
// Get the back url from the session and then destroy the session
$bulk_back_url = route('hardware.index');
$custom_field_problem = false;
// is this necessary?
if (!$request->filled('ids') || count($request->input('ids')) == 0) {
return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.update.no_assets_selected'));
@ -242,6 +244,9 @@ class BulkAssetsController extends Controller
// catch exceptions
} catch (ValidationException $e) {
$errors[$key] = $e->getMessage();
} catch (CustomFieldPermissionException $e) {
$custom_field_problem = true;
} catch (\Exception $e) {
report($e);
$errors[$key] = trans('general.something_went_wrong');
@ -250,6 +255,9 @@ class BulkAssetsController extends Controller
if (!empty($errors)) {
return redirect($bulk_back_url)->with('bulk_asset_errors', $errors);
}
if ($custom_field_problem) {
return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.update.encrypted_warning'));
}
return redirect($bulk_back_url)->with('success', trans('bulk.update.success'));
}

3
tests/Feature/Assets/Api/UpdateAssetTest.php
View file

@ -80,14 +80,13 @@ class UpdateAssetTest extends TestCase
->assertStatusMessageIs('success')
->json();
dd($response);
$updatedAsset = Asset::find($response['payload']['id']);
$this->assertEquals('2024-06-02', $updatedAsset->asset_eol_date);
$this->assertEquals('random_string', $updatedAsset->asset_tag);
$this->assertEquals($userAssigned->id, $updatedAsset->assigned_to);
$this->assertTrue($updatedAsset->company->is($company));
$this->assertTrue($updatedAsset->location->is($location));
$this->assertTrue($updatedAsset->location->is($location)); //fix all location setting
$this->assertTrue($updatedAsset->model->is($model));
$this->assertEquals('A New Asset', $updatedAsset->name);
$this->assertEquals('Some notes', $updatedAsset->notes);