DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #16003 from snipe/asset_maintenance_api_fix
Some checks failed
Crowdin Action / upload-sources-to-crowdin (push) Has been cancelled
Details
Docker images (Alpine) / docker (push) Has been cancelled
Details
Docker images / docker (push) Has been cancelled
Details
Tests in MySQL / PHP ${{ matrix.php-version }} (8.1) (push) Has been cancelled
Details
Tests in MySQL / PHP ${{ matrix.php-version }} (8.2) (push) Has been cancelled
Details
Tests in MySQL / PHP ${{ matrix.php-version }} (8.3) (push) Has been cancelled
Details
Tests in SQLite / PHP ${{ matrix.php-version }} (8.1.1) (push) Has been cancelled
Details
CodeQL Security Scan / CodeQL Security Scan (javascript) (push) Has been cancelled
Details
Codacy Security Scan / Codacy Security Scan (push) Has been cancelled
Details

Browse source 
Check for valid asset before accessing properties
This commit is contained in:
snipe 2024-12-26 10:31:47 +00:00 committed by GitHub
parent 3edb501973 d410f168bd
commit 8fc1227974
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 9 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/Http/Controllers/Api/AssetMaintenancesController.php
View file

@ -122,7 +122,7 @@ class AssetMaintenancesController extends Controller
* @version v1.0
* @since [v1.8]
*/
public function store(Request $request) : JsonResponse
public function store(Request $request) : JsonResponse | array
{
$this->authorize('update', Asset::class);
// create a new model instance
@ -149,7 +149,7 @@ class AssetMaintenancesController extends Controller
* @version v1.0
* @since [v4.0]
*/
public function update(Request $request, $id) : JsonResponse
public function update(Request $request, $id) : JsonResponse | array
{
$this->authorize('update', Asset::class);
@ -186,7 +186,7 @@ class AssetMaintenancesController extends Controller
* @version v1.0
* @since [v4.0]
*/
public function destroy($assetMaintenanceId) : JsonResponse
public function destroy($assetMaintenanceId) : JsonResponse | array
{
$this->authorize('update', Asset::class);
// Check if the asset maintenance exists
@ -208,7 +208,7 @@ class AssetMaintenancesController extends Controller
* @version v1.0
* @since [v4.0]
*/
public function show($assetMaintenanceId) : JsonResponse
public function show($assetMaintenanceId) : JsonResponse | array
{
$this->authorize('view', Asset::class);
$assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);

9
app/Http/Transformers/AssetMaintenancesTransformer.php
View file

@ -29,14 +29,15 @@ class AssetMaintenancesTransformer
'name'=> ($assetmaintenance->asset->name) ? e($assetmaintenance->asset->name) : null,
'asset_tag'=> e($assetmaintenance->asset->asset_tag),
'serial'=> e($assetmaintenance->asset->serial),
'deleted_at'=> e($assetmaintenance->asset->deleted_at),
'created_at'=> e($assetmaintenance->asset->created_at),
'deleted_at'=> Helper::getFormattedDateObject($assetmaintenance->asset->deleted_at, 'datetime'),
'created_at' => Helper::getFormattedDateObject($assetmaintenance->asset->created_at, 'datetime'),
'updated_at' => Helper::getFormattedDateObject($assetmaintenance->asset->updated_at, 'datetime'),
] : null,
'model' => (($assetmaintenance->asset) && ($assetmaintenance->asset->model)) ? [
'id' => (int) $assetmaintenance->asset->model->id,
'name'=> ($assetmaintenance->asset->model->name) ? e($assetmaintenance->asset->model->name).' '.e($assetmaintenance->asset->model->model_number) : null,
] : null,
'status_label' => ($assetmaintenance->asset->assetstatus) ? [
'status_label' => (($assetmaintenance->asset) && ($assetmaintenance->asset->assetstatus)) ? [
'id' => (int) $assetmaintenance->asset->assetstatus->id,
'name'=> e($assetmaintenance->asset->assetstatus->name),
'status_type'=> e($assetmaintenance->asset->assetstatus->getStatuslabelType()),
@ -79,7 +80,7 @@ class AssetMaintenancesTransformer
];
$permissions_array['available_actions'] = [
'update' => (Gate::allows('update', Asset::class) && ($assetmaintenance->asset->deleted_at=='')) ? true : false,
'update' => (Gate::allows('update', Asset::class) && ((($assetmaintenance->asset) && $assetmaintenance->asset->deleted_at==''))) ? true : false,
'delete' => Gate::allows('delete', Asset::class),
];