Merge pull request #13400 from inietov/fixes/asset_acceptance_user_error

Fixed Asset acceptance error when user company and asset company don't match
This commit is contained in:
snipe 2023-08-22 15:49:56 +01:00 committed by GitHub
commit 79b330f492
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 1 deletions

View file

@ -69,7 +69,7 @@ class AcceptanceController extends Controller
}
if (! Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
return redirect()->route('account.accept')->with('error', trans('general.error_user_company'));
}
return view('account/accept.create', compact('acceptance'));

View file

@ -89,6 +89,14 @@ class AssetCheckoutController extends Controller
}
}
$settings = \App\Models\Setting::getSettings();
if ($settings->full_multiple_companies_support){
if ($target->company_id != $asset->company_id){
return redirect()->to("hardware/$assetId/checkout")->with('error', trans('general.error_user_company'));
}
}
if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
}

View file

@ -457,6 +457,8 @@ return [
'serial_number' => 'Serial Number',
'item_notes' => ':item Notes',
'item_name_var' => ':item Name',
'error_user_company' => 'User and Asset companies missmatch',
'error_user_company_accept_view' => 'An Asset assigned to you belongs to a different company so you can\'t accept nor deny it, please check with your manager',
'importer' => [
'checked_out_to_fullname' => 'Checked Out to: Full Name',
'checked_out_to_first_name' => 'Checked Out to: First Name',

View file

@ -41,8 +41,13 @@
<tbody>
@foreach ($acceptances as $acceptance)
<tr>
@if ($acceptance->checkoutable)
<td>{{ ($acceptance->checkoutable) ? $acceptance->checkoutable->present()->name : '' }}</td>
<td><a href="{{ route('account.accept.item', $acceptance) }}" class="btn btn-default btn-sm">{{ trans('general.accept_decline') }}</a></td>
@else
<td> ----- </td>
<td> {{ trans('general.error_user_company_accept_view') }} </td>
@endif
</tr>
@endforeach
</tbody>