DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-10 07:34:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #8606 from uberbrady/fix_cant_manage_self

Browse source 
Add a new custom validator for Users
This commit is contained in:
snipe 2020-10-23 19:16:11 -07:00 committed by GitHub
parent d317052ede 0eda53c484
commit 89e36dbc42
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Models/User.php
View file

@ -74,7 +74,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
'password' => 'required|min:8', 'password' => 'required|min:8',
'locale' => 'max:10|nullable', 'locale' => 'max:10|nullable',
'website' => 'url|nullable', 'website' => 'url|nullable',
'manager_id' => 'nullable|exists:users,id', 'manager_id' => 'nullable|exists:users,id|cant_manage_self',
'location_id' => 'exists:locations,id|nullable', 'location_id' => 'exists:locations,id|nullable',
]; ];

21
app/Providers/ValidationServiceProvider.php
View file

@ -107,6 +107,27 @@ class ValidationServiceProvider extends ServiceProvider
return preg_match('/\p{Z}|\p{S}|\p{P}/', $value); return preg_match('/\p{Z}|\p{S}|\p{P}/', $value);
}); });
Validator::extend('cant_manage_self', function ($attribute, $value, $parameters, $validator) {
// $value is the actual *value* of the thing that's being validated
// $attribute is the name of the field that the validation is running on - probably manager_id in our case
// $parameters are the optional parameters - an array for everything, split on commas. But we don't take any params here.
// $validator gives us proper access to the rest of the actual data
$data = $validator->getData();
if(array_key_exists("id", $data)) {
if ($value && $value == $data['id']) {
// if you definitely have an ID - you're saving an existing user - and your ID matches your manager's ID - fail.
return false;
} else {
return true;
}
} else {
// no 'id' key to compare against (probably because this is a new user)
// so it automatically passes this validation
return true;
}
});
} }

1
resources/lang/en/validation.php
View file

@ -117,6 +117,7 @@ return array(
"hashed_pass" => "Your current password is incorrect", "hashed_pass" => "Your current password is incorrect",
"statuslabel_type" => "You must select a valid status label type", "statuslabel_type" => "You must select a valid status label type",
], ],
'cant_manage_self' => "A user cannot be their own manager",
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------