Fixed #15366 - use permission for encrypted custom fields

Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2024-08-22 14:58:09 +01:00
parent ca8864c061
commit 56e31d2303
2 changed files with 4 additions and 4 deletions

View file

@ -602,7 +602,7 @@ class AssetsController extends Controller
if ($field->field_encrypted == '1') { if ($field->field_encrypted == '1') {
Log::debug('This model field is encrypted in this fieldset.'); Log::debug('This model field is encrypted in this fieldset.');
if (Gate::allows('admin')) { if (Gate::allows('assets.view.encrypted_custom_fields')) {
// If input value is null, use custom field's default value // If input value is null, use custom field's default value
if (($field_val == null) && ($request->has('model_id') != '')) { if (($field_val == null) && ($request->has('model_id') != '')) {
@ -695,7 +695,7 @@ class AssetsController extends Controller
} }
} }
if ($field->field_encrypted == '1') { if ($field->field_encrypted == '1') {
if (Gate::allows('admin')) { if (Gate::allows('assets.view.encrypted_custom_fields')) {
$field_val = Crypt::encrypt($field_val); $field_val = Crypt::encrypt($field_val);
} else { } else {
$problems_updating_encrypted_custom_fields = true; $problems_updating_encrypted_custom_fields = true;

View file

@ -165,7 +165,7 @@ class AssetsController extends Controller
if (($model) && ($model->fieldset)) { if (($model) && ($model->fieldset)) {
foreach ($model->fieldset->fields as $field) { foreach ($model->fieldset->fields as $field) {
if ($field->field_encrypted == '1') { if ($field->field_encrypted == '1') {
if (Gate::allows('admin')) { if (Gate::allows('assets.view.encrypted_custom_fields')) {
if (is_array($request->input($field->db_column))) { if (is_array($request->input($field->db_column))) {
$asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column))); $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
} else { } else {
@ -388,7 +388,7 @@ class AssetsController extends Controller
foreach ($model->fieldset->fields as $field) { foreach ($model->fieldset->fields as $field) {
if ($field->field_encrypted == '1') { if ($field->field_encrypted == '1') {
if (Gate::allows('admin')) { if (Gate::allows('assets.view.encrypted_custom_fields')) {
if (is_array($request->input($field->db_column))) { if (is_array($request->input($field->db_column))) {
$asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column))); $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
} else { } else {