mirror of
https://github.com/snipe/snipe-it.git
synced 2024-11-14 01:24:06 -08:00
Merge remote-tracking branch 'origin/develop'
Some checks are pending
CodeQL Security Scan / CodeQL Security Scan (javascript) (push) Waiting to run
Codacy Security Scan / Codacy Security Scan (push) Waiting to run
Docker images (Alpine) / docker (push) Waiting to run
Docker images / docker (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.1) (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.2) (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.3) (push) Waiting to run
Tests in SQLite / PHP ${{ matrix.php-version }} (8.1.1) (push) Waiting to run
Some checks are pending
CodeQL Security Scan / CodeQL Security Scan (javascript) (push) Waiting to run
Codacy Security Scan / Codacy Security Scan (push) Waiting to run
Docker images (Alpine) / docker (push) Waiting to run
Docker images / docker (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.1) (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.2) (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.3) (push) Waiting to run
Tests in SQLite / PHP ${{ matrix.php-version }} (8.1.1) (push) Waiting to run
This commit is contained in:
commit
83b4bf9cf8
|
@ -16,8 +16,14 @@ class UserCannotSwitchCompaniesIfItemsAssigned implements ValidationRule
|
|||
public function validate(string $attribute, mixed $value, Closure $fail): void
|
||||
{
|
||||
$user = User::find(request()->route('user')->id);
|
||||
if (($value) && ($user->allAssignedCount() > 0) && (Setting::getSettings()->full_multiple_companies_support)) {
|
||||
$fail(trans('admin/users/message.error.multi_company_items_assigned'));
|
||||
|
||||
if (($value) && ($user->allAssignedCount() > 0) && (Setting::getSettings()->full_multiple_companies_support=='1')) {
|
||||
|
||||
// Check for assets with a different company_id than the selected company_id
|
||||
$user_assets = $user->assets()->where('assets.company_id', '!=', $value)->count();
|
||||
if ($user_assets > 0) {
|
||||
$fail(trans('admin/users/message.error.multi_company_items_assigned'));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -53,7 +53,7 @@ return array(
|
|||
'ldap_could_not_search' => 'Could not search the LDAP server. Please check your LDAP server configuration in the LDAP config file. <br>Error from LDAP Server:',
|
||||
'ldap_could_not_get_entries' => 'Could not get entries from the LDAP server. Please check your LDAP server configuration in the LDAP config file. <br>Error from LDAP Server:',
|
||||
'password_ldap' => 'The password for this account is managed by LDAP/Active Directory. Please contact your IT department to change your password. ',
|
||||
'multi_company_items_assigned' => 'This user has items assigned, please check them in before moving companies.'
|
||||
'multi_company_items_assigned' => 'This user has items assigned that belong to a different company. Please check them in or edit their company.'
|
||||
),
|
||||
|
||||
'deletefile' => array(
|
||||
|
|
|
@ -83,9 +83,9 @@
|
|||
<div class="tab-content">
|
||||
<div class="tab-pane active" id="details">
|
||||
<div class="row">
|
||||
|
||||
<div class="info-stack-container">
|
||||
<!-- Start button column -->
|
||||
<div class="col-md-3 col-xs-12 col-sm-push-9">
|
||||
<div class="col-md-3 col-xs-12 col-sm-push-9 info-stack">
|
||||
|
||||
@if ($consumable->image!='')
|
||||
<div class="col-md-12 text-center" style="padding-bottom: 20px;">
|
||||
|
@ -151,7 +151,7 @@
|
|||
|
||||
<!-- End button column -->
|
||||
|
||||
<div class="col-md-9 col-xs-12 col-sm-pull-3">
|
||||
<div class="col-md-9 col-xs-12 col-sm-pull-3 info-stack">
|
||||
|
||||
<div class="row-new-striped" style="margin: 0px;">
|
||||
|
||||
|
@ -386,6 +386,7 @@
|
|||
@endif
|
||||
</div> <!--/end striped container-->
|
||||
</div> <!-- end col-md-9 -->
|
||||
</div><!-- end info-stack-container -->
|
||||
</div> <!--/.row-->
|
||||
</div><!-- /.tab-pane -->
|
||||
|
||||
|
|
|
@ -426,7 +426,7 @@ dir="{{ Helper::determineLanguageDirection() }}">
|
|||
<!-- sidebar: style can be found in sidebar.less -->
|
||||
<section class="sidebar">
|
||||
<!-- sidebar menu: : style can be found in sidebar.less -->
|
||||
<ul class="sidebar-menu" data-widget="tree">
|
||||
<ul class="sidebar-menu" data-widget="tree" {{ \App\Helpers\Helper::determineLanguageDirection() == 'rtl' ? 'style="margin-right:12px' : '' }}>
|
||||
@can('admin')
|
||||
<li {!! (\Request::route()->getName()=='home' ? ' class="active"' : '') !!} class="firstnav">
|
||||
<a href="{{ route('home') }}">
|
||||
|
|
|
@ -330,7 +330,13 @@
|
|||
{{ trans('general.company') }}
|
||||
</div>
|
||||
<div class="col-md-9">
|
||||
{{ $user->company->name }}
|
||||
@can('view', 'App\Models\Company')
|
||||
<a href="{{ route('companies.show', $user->company->id) }}">
|
||||
{{ $user->company->name }}
|
||||
</a>
|
||||
@else
|
||||
{{ $user->company->name }}
|
||||
@endcan
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
|
|
@ -422,7 +422,7 @@ class UpdateUserTest extends TestCase
|
|||
$this->assertTrue($user->refresh()->groups->contains($groupB));
|
||||
}
|
||||
|
||||
public function testMultiCompanyUserCannotBeMovedIfHasAsset()
|
||||
public function testMultiCompanyUserCannotBeMovedIfHasAssetInDifferentCompany()
|
||||
{
|
||||
$this->settings->enableMultipleFullCompanySupport();
|
||||
|
||||
|
@ -434,7 +434,9 @@ class UpdateUserTest extends TestCase
|
|||
]);
|
||||
$superUser = User::factory()->superuser()->create();
|
||||
|
||||
$asset = Asset::factory()->create();
|
||||
$asset = Asset::factory()->create([
|
||||
'company_id' => $companyA->id,
|
||||
]);
|
||||
|
||||
// no assets assigned, therefore success
|
||||
$this->actingAsForApi($superUser)->patchJson(route('api.users.update', $user), [
|
||||
|
@ -465,4 +467,49 @@ class UpdateUserTest extends TestCase
|
|||
])->assertStatusMessageIs('error');
|
||||
}
|
||||
|
||||
public function testMultiCompanyUserCanBeUpdatedIfHasAssetInSameCompany()
|
||||
{
|
||||
$this->settings->enableMultipleFullCompanySupport();
|
||||
|
||||
$companyA = Company::factory()->create();
|
||||
$companyB = Company::factory()->create();
|
||||
|
||||
$user = User::factory()->create([
|
||||
'company_id' => $companyA->id,
|
||||
]);
|
||||
$superUser = User::factory()->superuser()->create();
|
||||
|
||||
$asset = Asset::factory()->create([
|
||||
'company_id' => $companyA->id,
|
||||
]);
|
||||
|
||||
// no assets assigned from other company, therefore success
|
||||
$this->actingAsForApi($superUser)->patchJson(route('api.users.update', $user), [
|
||||
'username' => 'test',
|
||||
'company_id' => $companyB->id,
|
||||
])->assertStatusMessageIs('success');
|
||||
|
||||
// same test but PUT
|
||||
$this->actingAsForApi($superUser)->putJson(route('api.users.update', $user), [
|
||||
'username' => 'test',
|
||||
'first_name' => 'Test',
|
||||
'company_id' => $companyB->id,
|
||||
])->assertStatusMessageIs('success');
|
||||
|
||||
$asset->checkOut($user, $superUser);
|
||||
|
||||
// asset assigned from other company, therefore error
|
||||
$this->actingAsForApi($superUser)->patchJson(route('api.users.update', $user), [
|
||||
'username' => 'test',
|
||||
'company_id' => $companyB->id,
|
||||
])->assertStatusMessageIs('error');
|
||||
|
||||
// same test but PUT
|
||||
$this->actingAsForApi($superUser)->putJson(route('api.users.update', $user), [
|
||||
'username' => 'test',
|
||||
'first_name' => 'Test',
|
||||
'company_id' => $companyB->id,
|
||||
])->assertStatusMessageIs('error');
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -82,7 +82,7 @@ class UpdateUserTest extends TestCase
|
|||
$this->assertEquals(1, $admin->refresh()->activated);
|
||||
}
|
||||
|
||||
public function testMultiCompanyUserCannotBeMovedIfHasAsset()
|
||||
public function testMultiCompanyUserCannotBeMovedIfHasAssetInDifferentCompany()
|
||||
{
|
||||
$this->settings->enableMultipleFullCompanySupport();
|
||||
|
||||
|
@ -94,7 +94,9 @@ class UpdateUserTest extends TestCase
|
|||
]);
|
||||
$superUser = User::factory()->superuser()->create();
|
||||
|
||||
$asset = Asset::factory()->create();
|
||||
$asset = Asset::factory()->create([
|
||||
'company_id' => $companyA->id,
|
||||
]);
|
||||
|
||||
// no assets assigned, therefore success
|
||||
$this->actingAs($superUser)->put(route('users.update', $user), [
|
||||
|
@ -116,4 +118,40 @@ class UpdateUserTest extends TestCase
|
|||
|
||||
$this->followRedirects($response)->assertSee('error');
|
||||
}
|
||||
|
||||
public function testMultiCompanyUserCanBeUpdatedIfHasAssetInSameCompany()
|
||||
{
|
||||
$this->settings->enableMultipleFullCompanySupport();
|
||||
|
||||
$companyA = Company::factory()->create();
|
||||
|
||||
$user = User::factory()->create([
|
||||
'company_id' => $companyA->id,
|
||||
]);
|
||||
$superUser = User::factory()->superuser()->create();
|
||||
|
||||
$asset = Asset::factory()->create([
|
||||
'company_id' => $companyA->id,
|
||||
]);
|
||||
|
||||
// no assets assigned, therefore success
|
||||
$this->actingAs($superUser)->put(route('users.update', $user), [
|
||||
'first_name' => 'test',
|
||||
'username' => 'test',
|
||||
'company_id' => $companyA->id,
|
||||
'redirect_option' => 'index'
|
||||
])->assertRedirect(route('users.index'));
|
||||
|
||||
$asset->checkOut($user, $superUser);
|
||||
|
||||
// asset assigned, therefore error
|
||||
$response = $this->actingAs($superUser)->patchJson(route('users.update', $user), [
|
||||
'first_name' => 'test',
|
||||
'username' => 'test',
|
||||
'company_id' => $companyA->id,
|
||||
'redirect_option' => 'index'
|
||||
]);
|
||||
|
||||
$this->followRedirects($response)->assertSee('success');
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue