diff --git a/app/Http/Controllers/Account/AcceptanceController.php b/app/Http/Controllers/Account/AcceptanceController.php index 8ad24a60f2..030e069bd2 100644 --- a/app/Http/Controllers/Account/AcceptanceController.php +++ b/app/Http/Controllers/Account/AcceptanceController.php @@ -69,7 +69,7 @@ class AcceptanceController extends Controller } if (! Company::isCurrentUserHasAccess($acceptance->checkoutable)) { - return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions')); + return redirect()->route('account.accept')->with('error', trans('general.error_user_company')); } return view('account/accept.create', compact('acceptance')); diff --git a/app/Http/Controllers/Assets/AssetCheckoutController.php b/app/Http/Controllers/Assets/AssetCheckoutController.php index e6326da6b1..bc5465e4be 100644 --- a/app/Http/Controllers/Assets/AssetCheckoutController.php +++ b/app/Http/Controllers/Assets/AssetCheckoutController.php @@ -89,6 +89,14 @@ class AssetCheckoutController extends Controller } } + $settings = \App\Models\Setting::getSettings(); + + if ($settings->full_multiple_companies_support){ + if ($target->company_id != $asset->company_id){ + return redirect()->to("hardware/$assetId/checkout")->with('error', trans('general.error_user_company')); + } + } + if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) { return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success')); } diff --git a/resources/lang/en/general.php b/resources/lang/en/general.php index 3fa8092891..d8f5bb887d 100644 --- a/resources/lang/en/general.php +++ b/resources/lang/en/general.php @@ -457,6 +457,8 @@ return [ 'serial_number' => 'Serial Number', 'item_notes' => ':item Notes', 'item_name_var' => ':item Name', + 'error_user_company' => 'User and Asset companies missmatch', + 'error_user_company_accept_view' => 'An Asset assigned to you belongs to a different company so you can\'t accept nor deny it, please check with your manager', 'importer' => [ 'checked_out_to_fullname' => 'Checked Out to: Full Name', 'checked_out_to_first_name' => 'Checked Out to: First Name', diff --git a/resources/views/account/accept/index.blade.php b/resources/views/account/accept/index.blade.php index f2a9bc56f2..b627135a4d 100755 --- a/resources/views/account/accept/index.blade.php +++ b/resources/views/account/accept/index.blade.php @@ -41,8 +41,13 @@
@foreach ($acceptances as $acceptance)