DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Add CustomFieldPermissionException handling

Browse source
This commit is contained in:
spencerrlongg 2024-11-19 17:45:35 -06:00
parent 9f815996c7
commit 3cf583ab03
5 changed files with 62 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
app/Actions/Assets/UpdateAssetAction.php
View file

@ -3,6 +3,7 @@
namespace App\Actions\Assets; namespace App\Actions\Assets;
use App\Events\CheckoutableCheckedIn; use App\Events\CheckoutableCheckedIn;
use App\Exceptions\CustomFieldPermissionException;
use App\Http\Requests\ImageUploadRequest; use App\Http\Requests\ImageUploadRequest;
use App\Models\Asset; use App\Models\Asset;
use App\Models\AssetModel; use App\Models\AssetModel;
@ -20,6 +21,7 @@ class UpdateAssetAction
{ {
/** /**
* @throws ValidationException * @throws ValidationException
* @throws CustomFieldPermissionException
*/ */
public static function run( public static function run(
Asset $asset, Asset $asset,
@ -135,26 +137,50 @@ class UpdateAssetAction
// FIXME: No idea why this is returning a Builder error on db_column_name. // FIXME: No idea why this is returning a Builder error on db_column_name.
// Need to investigate and fix. Using static method for now. // Need to investigate and fix. Using static method for now.
//if (($model) && ($model->fieldset)) {
// dump($model->fieldset->fields);
// foreach ($model->fieldset->fields as $field) {
//
//
// if ($field->field_encrypted == '1') {
// if (Gate::allows('assets.view.encrypted_custom_fields')) {
// if (is_array($request->input($field->db_column))) {
// $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
// } else {
// $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
// }
// throw new CustomFieldPermissionException();
// continue;
// }
// } else {
// if (is_array($request->input($field->db_column))) {
// $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
// } else {
// $asset->{$field->db_column} = $request->input($field->db_column);
// }
// }
// }
//}
$model = $asset->model; $model = $asset->model;
if (($model) && ($model->fieldset)) { if (($model) && (isset($model->fieldset))) {
dump($model->fieldset->fields);
foreach ($model->fieldset->fields as $field) { foreach ($model->fieldset->fields as $field) {
$field_val = $request->input($field->db_column, null);
if ($request->has($field->db_column)) {
if ($field->field_encrypted == '1') { if ($field->element == 'checkbox') {
if (Gate::allows('assets.view.encrypted_custom_fields')) { if (is_array($field_val)) {
if (is_array($request->input($field->db_column))) { $field_val = implode(',', $field_val);
$asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
} else {
$asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
} }
} }
} else { if ($field->field_encrypted == '1') {
if (is_array($request->input($field->db_column))) { if (Gate::allows('assets.view.encrypted_custom_fields')) {
$asset->{$field->db_column} = implode(', ', $request->input($field->db_column)); $field_val = Crypt::encrypt($field_val);
} else { } else {
$asset->{$field->db_column} = $request->input($field->db_column); throw new CustomFieldPermissionException();
continue;
}
} }
$asset->{$field->db_column} = $field_val;
} }
} }
} }

10
app/Exceptions/CustomFieldPermissionException.php Normal file
View file

@ -0,0 +1,10 @@
<?php
namespace App\Exceptions;
use Exception;
class CustomFieldPermissionException extends Exception
{
//
}

4
app/Http/Controllers/Api/AssetsController.php
View file

@ -7,6 +7,7 @@ use App\Actions\Assets\StoreAssetAction;
use App\Actions\Assets\UpdateAssetAction; use App\Actions\Assets\UpdateAssetAction;
use App\Events\CheckoutableCheckedIn; use App\Events\CheckoutableCheckedIn;
use App\Exceptions\CheckoutNotAllowed; use App\Exceptions\CheckoutNotAllowed;
use App\Exceptions\CustomFieldPermissionException;
use App\Http\Requests\Assets\StoreAssetRequest; use App\Http\Requests\Assets\StoreAssetRequest;
use App\Http\Requests\Assets\UpdateAssetRequest; use App\Http\Requests\Assets\UpdateAssetRequest;
use App\Http\Traits\MigratesLegacyAssetLocations; use App\Http\Traits\MigratesLegacyAssetLocations;
@ -626,7 +627,6 @@ class AssetsController extends Controller
assigned_user: $request->validated('assigned_user'), assigned_user: $request->validated('assigned_user'),
assigned_asset: $request->validated('assigned_asset'), assigned_asset: $request->validated('assigned_asset'),
assigned_location: $request->validated('assigned_location'), assigned_location: $request->validated('assigned_location'),
custom_fields: $custom_fields,
request: $request, //this is just for the handleImages method... request: $request, //this is just for the handleImages method...
last_audit_date: $request->validated('last_audit_date'), last_audit_date: $request->validated('last_audit_date'),
); );
@ -657,6 +657,8 @@ class AssetsController extends Controller
return response()->json(Helper::formatStandardApiResponse('error', null, $e->getMessage()), 200); return response()->json(Helper::formatStandardApiResponse('error', null, $e->getMessage()), 200);
} catch (ValidationException $e) { } catch (ValidationException $e) {
return response()->json(Helper::formatStandardApiResponse('error', null, $e->getErrors()), 200); return response()->json(Helper::formatStandardApiResponse('error', null, $e->getErrors()), 200);
} catch (CustomFieldPermissionException $e) {
return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.encrypted_warning')));
} catch (\Exception $e) { } catch (\Exception $e) {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.something_went_wrong'))); return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.something_went_wrong')));
} }

8
app/Http/Controllers/Assets/BulkAssetsController.php
View file

@ -4,6 +4,7 @@ namespace App\Http\Controllers\Assets;
use App\Actions\Assets\StoreAssetAction; use App\Actions\Assets\StoreAssetAction;
use App\Actions\Assets\UpdateAssetAction; use App\Actions\Assets\UpdateAssetAction;
use App\Exceptions\CustomFieldPermissionException;
use App\Helpers\Helper; use App\Helpers\Helper;
use App\Http\Controllers\CheckInOutRequest; use App\Http\Controllers\CheckInOutRequest;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
@ -209,6 +210,7 @@ class BulkAssetsController extends Controller
$this->authorize('update', Asset::class); $this->authorize('update', Asset::class);
// Get the back url from the session and then destroy the session // Get the back url from the session and then destroy the session
$bulk_back_url = route('hardware.index'); $bulk_back_url = route('hardware.index');
$custom_field_problem = false;
// is this necessary? // is this necessary?
if (!$request->filled('ids') || count($request->input('ids')) == 0) { if (!$request->filled('ids') || count($request->input('ids')) == 0) {
return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.update.no_assets_selected')); return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.update.no_assets_selected'));
@ -242,6 +244,9 @@ class BulkAssetsController extends Controller
// catch exceptions // catch exceptions
} catch (ValidationException $e) { } catch (ValidationException $e) {
$errors[$key] = $e->getMessage(); $errors[$key] = $e->getMessage();
} catch (CustomFieldPermissionException $e) {
$custom_field_problem = true;
} catch (\Exception $e) { } catch (\Exception $e) {
report($e); report($e);
$errors[$key] = trans('general.something_went_wrong'); $errors[$key] = trans('general.something_went_wrong');
@ -250,6 +255,9 @@ class BulkAssetsController extends Controller
if (!empty($errors)) { if (!empty($errors)) {
return redirect($bulk_back_url)->with('bulk_asset_errors', $errors); return redirect($bulk_back_url)->with('bulk_asset_errors', $errors);
} }
if ($custom_field_problem) {
return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.update.encrypted_warning'));
}
return redirect($bulk_back_url)->with('success', trans('bulk.update.success')); return redirect($bulk_back_url)->with('success', trans('bulk.update.success'));
} }

3
tests/Feature/Assets/Api/UpdateAssetTest.php
View file

@ -80,14 +80,13 @@ class UpdateAssetTest extends TestCase
->assertStatusMessageIs('success') ->assertStatusMessageIs('success')
->json(); ->json();
dd($response);
$updatedAsset = Asset::find($response['payload']['id']); $updatedAsset = Asset::find($response['payload']['id']);
$this->assertEquals('2024-06-02', $updatedAsset->asset_eol_date); $this->assertEquals('2024-06-02', $updatedAsset->asset_eol_date);
$this->assertEquals('random_string', $updatedAsset->asset_tag); $this->assertEquals('random_string', $updatedAsset->asset_tag);
$this->assertEquals($userAssigned->id, $updatedAsset->assigned_to); $this->assertEquals($userAssigned->id, $updatedAsset->assigned_to);
$this->assertTrue($updatedAsset->company->is($company)); $this->assertTrue($updatedAsset->company->is($company));
$this->assertTrue($updatedAsset->location->is($location)); $this->assertTrue($updatedAsset->location->is($location)); //fix all location setting
$this->assertTrue($updatedAsset->model->is($model)); $this->assertTrue($updatedAsset->model->is($model));
$this->assertEquals('A New Asset', $updatedAsset->name); $this->assertEquals('A New Asset', $updatedAsset->name);
$this->assertEquals('Some notes', $updatedAsset->notes); $this->assertEquals('Some notes', $updatedAsset->notes);