From 8f4e016c0164db6af8a98524cd81cdeae51ebab6 Mon Sep 17 00:00:00 2001 From: snipe Date: Wed, 12 Oct 2016 12:48:37 -0700 Subject: [PATCH] Fixes #2768 and #2753 --- app/Http/routes.php | 16 ++-- resources/views/hardware/view.blade.php | 103 ++++++++++++++++------ resources/views/layouts/default.blade.php | 3 + resources/views/models/view.blade.php | 2 + 4 files changed, 90 insertions(+), 34 deletions(-) diff --git a/app/Http/routes.php b/app/Http/routes.php index 62ea12fca2..2a30385002 100755 --- a/app/Http/routes.php +++ b/app/Http/routes.php @@ -354,19 +354,19 @@ Route::group( ]); # Asset Model Management - Route::group([ 'prefix' => 'models', 'middleware' => 'auth' ], function () { + Route::group([ 'prefix' => 'models', 'middleware' => ['auth'] ], function () { - Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ]); - Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate' ]); + Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate', 'middleware' => ['authorize:superuser'] ]); Route::post('create', 'AssetModelsController@postCreate'); - Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' ]); - Route::post('{modelId}/edit', 'AssetModelsController@postEdit'); + Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' , 'middleware' => ['authorize:superuser']]); + Route::post('{modelId}/edit', [ 'uses' => 'AssetModelsController@postEdit', 'middleware' => ['authorize:superuser']]); Route::get('{modelId}/clone', [ 'as' => 'clone/model', 'uses' => 'AssetModelsController@getClone' ]); Route::post('{modelId}/clone', 'AssetModelsController@postCreate'); - Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete' ]); + Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete', 'middleware' => ['authorize:superuser'] ]); Route::get('{modelId}/view', [ 'as' => 'view/model', 'uses' => 'AssetModelsController@getView' ]); - Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore' ]); + Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore', 'middleware' => ['authorize:superuser'] ]); Route::get('{modelId}/custom_fields', ['as' => 'custom_fields/model','uses' => 'AssetModelsController@getCustomFields']); + Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ,'middleware' => ['authorize:superuser'] ]); }); Route::get('/', [ @@ -730,7 +730,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () [ 'as' => 'update/location', 'uses' => 'LocationsController@getEdit' ] ); Route::post('{locationId}/edit', 'LocationsController@postEdit'); - Route::get('{locationId}/view', 'LocationsController@getView'); + Route::get('{locationId}/view', [ 'as' => 'view/location', 'uses' => 'LocationsController@getView' ]); Route::get( '{locationId}/delete', [ 'as' => 'delete/location', 'uses' => 'LocationsController@getDelete' ] diff --git a/resources/views/hardware/view.blade.php b/resources/views/hardware/view.blade.php index 5aad0b8c2e..c63ff798b0 100755 --- a/resources/views/hardware/view.blade.php +++ b/resources/views/hardware/view.blade.php @@ -94,28 +94,40 @@ @endif @if ($asset->model->manufacturer) - - {{ trans('admin/hardware/form.manufacturer') }} - - - {{ $asset->model->manufacturer->name }} - - - - - {{ trans('admin/hardware/form.model') }} - - - {{ $asset->model->name }} - - - - - {{ trans('admin/models/table.modelnumber') }} - - {{ $asset->model->modelno }} - - + + + {{ trans('admin/hardware/form.manufacturer') }} + + @can('superuser') + + {{ $asset->model->manufacturer->name }} + + @else + {{ $asset->model->manufacturer->name }} + @endcan + + + + + {{ trans('admin/hardware/form.model') }} + + @can('superuser') + + {{ $asset->model->name }} + + @else + {{ $asset->model->name }} + @endcan + + + + + {{ trans('admin/models/table.modelnumber') }} + + {{ $asset->model->modelno }} + + + @endif @if ($asset->model->fieldset) @@ -132,7 +144,7 @@ @if ($field->isFieldDecryptable($asset->{$field->db_column_name()} )) - @can('admin') + @can('superuser') @if (($field->format=='URL') && ($asset->{$field->db_column_name()}!='')) {{ \App\Helpers\Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }} @else @@ -188,9 +200,13 @@ {{ trans('admin/hardware/form.supplier') }} - - {{ $asset->supplier->name }} - + @can ('superuser') + + {{ $asset->supplier->name }} + + @else + {{ $asset->supplier->name }} + @endcan @endif @@ -260,6 +276,8 @@ @endif + + @if ($asset->expected_checkin!='') {{ trans('admin/hardware/form.expected_checkin') }} @@ -280,6 +298,39 @@ @endif + + @if ($asset->assetloc) + + {{ trans('general.location') }} + + @can('superuser') + + {{ $asset->assetloc->name }} + + @else + {{ $asset->assetloc->name }} + @endcan + + + @endif + + @if ($asset->assetloc) + + {{ trans('admin/hardware/form.default_location') }} + + @can('superuser') + + {{ $asset->defaultLoc->name }} + + @else + {{ $asset->defaultLoc->name }} + @endcan + + + @endif + + + diff --git a/resources/views/layouts/default.blade.php b/resources/views/layouts/default.blade.php index 63b352817c..9bd361d98c 100644 --- a/resources/views/layouts/default.blade.php +++ b/resources/views/layouts/default.blade.php @@ -441,8 +441,11 @@ {{ trans('general.bulk_checkout') }} + + @can('superuser') @lang('general.asset_models')
  • @lang('general.categories')
  • + @endcan @lang('general.deleted')
  • @lang('general.asset_maintenances')
  • @lang('general.import')
  • diff --git a/resources/views/models/view.blade.php b/resources/views/models/view.blade.php index 1f1a9bc82f..21b4717e17 100755 --- a/resources/views/models/view.blade.php +++ b/resources/views/models/view.blade.php @@ -8,6 +8,7 @@ @stop @section('header_right') + @can('superuser')
    + @endcan @stop {{-- Page content --}}