DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-09 23:24:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Switch GET to POST for asset request

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2021-12-16 20:36:08 -08:00
parent a05fe9c1f7
commit 9b2dd6522f
4 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Http/Controllers/ViewAssetsController.php
View file

@ -179,7 +179,7 @@ class ViewAssetsController extends Controller
$logaction->logaction('request canceled');
$settings->notify(new RequestAssetCancelation($data));
return redirect()->route('requestable-assets')
->with('success')->with('success', trans('admin/hardware/message.requests.cancel-success'));
->with('success')->with('success', trans('admin/hardware/message.requests.cancel'));
}
$logaction->logaction('requested');

2
resources/lang/en/admin/hardware/message.php
View file

@ -77,7 +77,7 @@ return array(
'requests' => array(
'error' => 'Asset was not requested, please try again',
'success' => 'Asset requested successfully.',
'canceled' => 'Checkout request successfully canceled'
'cancel' => 'Checkout request successfully canceled'
)
);

4
resources/views/partials/bootstrap-table.blade.php
View file

@ -365,9 +365,9 @@
// This is only used by the requestable assets section
function assetRequestActionsFormatter (row, value) {
if (value.available_actions.cancel == true) {
return '<form action="{{ url('/') }}/account/request-asset/'+ value.id + '" method="GET"><button class="btn btn-danger btn-sm" data-toggle="tooltip" title="Cancel this item request">{{ trans('button.cancel') }}</button></form>';
return '<form action="{{ url('/') }}/account/request-asset/'+ value.id + '" method="POST">@csrf<button class="btn btn-danger btn-sm" data-toggle="tooltip" title="Cancel this item request">{{ trans('button.cancel') }}</button></form>';
} else if (value.available_actions.request == true) {
return '<form action="{{ url('/') }}/account/request-asset/'+ value.id + '" method="GET"><button class="btn btn-primary btn-sm" data-toggle="tooltip" title="Request this item">{{ trans('button.request') }}</button></form>';
return '<form action="{{ url('/') }}/account/request-asset/'+ value.id + '" method="POST">@csrf<button class="btn btn-primary btn-sm" data-toggle="tooltip" title="Request this item">{{ trans('button.request') }}</button></form>';
}
}

2
routes/web.php
View file

@ -261,7 +261,7 @@ Route::group([ 'prefix' => 'account', 'middleware' => ['auth']], function () {
'requestable-assets',
[ 'as' => 'requestable-assets', 'uses' => 'ViewAssetsController@getRequestableIndex' ]
);
Route::get(
Route::post(
'request-asset/{assetId}',
[ 'as' => 'account/request-asset', 'uses' => 'ViewAssetsController@getRequestAsset' ]
);