Merge remote-tracking branch 'origin/develop'

This commit is contained in:
snipe 2024-11-21 19:58:49 +00:00
commit 9f395d1f6a
8 changed files with 253 additions and 25 deletions

View file

@ -309,9 +309,7 @@ class ComponentsController extends Controller
public function checkin(Request $request, $component_asset_id) : JsonResponse
{
if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
if (is_null($component = Component::find($component_assets->component_id))) {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.not_found')));
}
@ -319,17 +317,13 @@ class ComponentsController extends Controller
$max_to_checkin = $component_assets->assigned_qty;
if ($max_to_checkin > 1) {
$validator = Validator::make($request->all(), [
"checkin_qty" => "required|numeric|between:1,$max_to_checkin"
]);
if ($validator->fails()) {
return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and '.$max_to_checkin));
}
$validator = Validator::make($request->all(), [
"checkin_qty" => "required|numeric|between:1,$max_to_checkin"
]);
if ($validator->fails()) {
return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and ' . $max_to_checkin));
}
// Validation passed, so let's figure out what we have to do here.
$qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty', 1));
@ -339,28 +333,23 @@ class ComponentsController extends Controller
$component_assets->assigned_qty = $qty_remaining_in_checkout;
Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
DB::table('components_assets')->where('id',
$component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
DB::table('components_assets')->where('id', $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
// If the checked-in qty is exactly the same as the assigned_qty,
// we can simply delete the associated components_assets record
if ($qty_remaining_in_checkout == 0) {
if ($qty_remaining_in_checkout === 0) {
DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
}
$asset = Asset::find($component_assets->asset_id);
event(new CheckoutableCheckedIn($component, $asset, auth()->user(), $request->input('note'), Carbon::now()));
return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/components/message.checkin.success')));
}
return response()->json(Helper::formatStandardApiResponse('error', null, 'No matching checkouts for that component join record'));
}
}

View file

@ -2,6 +2,8 @@
namespace App\Models;
use App\Rules\AlphaEncrypted;
use App\Rules\NumericEncrypted;
use Gate;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
@ -95,6 +97,19 @@ class CustomFieldset extends Model
array_push($rule, $field->attributes['format']);
$rules[$field->db_column_name()] = $rule;
// these are to replace the standard 'numeric' and 'alpha' rules if the custom field is also encrypted.
// the values need to be decrypted first, because encrypted strings are alphanumeric
if ($field->format === 'NUMERIC' && $field->field_encrypted) {
$numericKey = array_search('numeric', $rules[$field->db_column_name()]);
$rules[$field->db_column_name()][$numericKey] = new NumericEncrypted;
}
if ($field->format === 'ALPHA' && $field->field_encrypted) {
$alphaKey = array_search('alpha', $rules[$field->db_column_name()]);
$rules[$field->db_column_name()][$alphaKey] = new AlphaEncrypted;
}
// add not_array to rules for all fields but checkboxes
if ($field->element != 'checkbox') {
$rules[$field->db_column_name()][] = 'not_array';

View file

@ -0,0 +1,29 @@
<?php
namespace App\Rules;
use Closure;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Support\Facades\Crypt;
class AlphaEncrypted implements ValidationRule
{
/**
* Run the validation rule.
*
* @param \Closure(string): \Illuminate\Translation\PotentiallyTranslatedString $fail
*/
public function validate(string $attribute, mixed $value, Closure $fail): void
{
try {
$attributeName = trim(preg_replace('/_+|snipeit|\d+/', ' ', $attribute));
$decrypted = Crypt::decrypt($value);
if (!ctype_alpha($decrypted) && !is_null($decrypted)) {
$fail(trans('validation.alpha', ['attribute' => $attributeName]));
}
} catch (\Exception $e) {
report($e);
$fail(trans('general.something_went_wrong'));
}
}
}

View file

@ -0,0 +1,31 @@
<?php
namespace App\Rules;
use Closure;
use Illuminate\Contracts\Encryption\DecryptException;
use Illuminate\Contracts\Validation\ValidationRule;
use Illuminate\Support\Facades\Crypt;
class NumericEncrypted implements ValidationRule
{
/**
* Run the validation rule.
*
* @param \Closure(string): \Illuminate\Translation\PotentiallyTranslatedString $fail
*/
public function validate(string $attribute, mixed $value, Closure $fail): void
{
try {
$attributeName = trim(preg_replace('/_+|snipeit|\d+/', ' ', $attribute));
$decrypted = Crypt::decrypt($value);
if (!is_numeric($decrypted) && !is_null($decrypted)) {
$fail(trans('validation.numeric', ['attribute' => $attributeName]));
}
} catch (\Exception $e) {
report($e->getMessage());
$fail(trans('general.something_went_wrong'));
}
}
}

View file

@ -60,7 +60,7 @@ return [
'item_checked_reminder' => 'This is a reminder that you currently have :count items checked out to you that you have not accepted or declined. Please click the link below to confirm your decision.',
'license_expiring_alert' => 'There is :count license expiring in the next :threshold days.|There are :count licenses expiring in the next :threshold days.',
'link_to_update_password' => 'Please click on the following link to update your :web password:',
'login' => 'Login:',
'login' => 'Login',
'login_first_admin' => 'Login to your new Snipe-IT installation using the credentials below:',
'low_inventory_alert' => 'There is :count item that is below minimum inventory or will soon be low.|There are :count items that are below minimum inventory or will soon be low.',
'min_QTY' => 'Min QTY',

View file

@ -1,8 +1,8 @@
@component('mail::message')
{{ trans('mail.hello') }} {{ $first_name }} {{$last_name}},
{{ trans('mail.login') }} {{ $username }} <br>
{{ trans('mail.password') }} {{ $password }}
{{ trans('mail.login') }}: {{ $username }} <br>
{{ trans('mail.password') }}: {{ $password }}
@component('mail::button', ['url' => $url])
Go To {{$snipeSettings->site_name}}

View file

@ -3,8 +3,8 @@
{{ trans('mail.admin_has_created', ['web' => $snipeSettings->site_name]) }}
{{ trans('mail.login') }} {{ $username }} <br>
{{ trans('mail.password') }} {{ $password }}
{{ trans('mail.login') }}: {{ $username }} <br>
{{ trans('mail.password') }}: {{ $password }}
@component('mail::button', ['url' => $url])
Go To {{$snipeSettings->site_name}}

View file

@ -0,0 +1,164 @@
<?php
namespace Tests\Feature\Checkins\Api;
use App\Events\CheckoutableCheckedIn;
use App\Models\Asset;
use App\Models\Company;
use App\Models\Component;
use App\Models\User;
use Illuminate\Support\Facades\Event;
use Tests\Concerns\TestsFullMultipleCompaniesSupport;
use Tests\Concerns\TestsPermissionsRequirement;
use Tests\TestCase;
class ComponentCheckinTest extends TestCase implements TestsFullMultipleCompaniesSupport, TestsPermissionsRequirement
{
public function testRequiresPermission()
{
$component = Component::factory()->checkedOutToAsset()->create();
$this->actingAsForApi(User::factory()->create())
->postJson(route('api.components.checkin', $component->assets->first()->pivot->id))
->assertForbidden();
}
public function testHandlesNonExistentPivotId()
{
$this->actingAsForApi(User::factory()->checkinComponents()->create())
->postJson(route('api.components.checkin', 1000), [
'checkin_qty' => 1,
])
->assertOk()
->assertStatusMessageIs('error');
}
public function testHandlesNonExistentComponent()
{
$component = Component::factory()->checkedOutToAsset()->create();
$pivotId = $component->assets->first()->pivot->id;
$component->delete();
$this->actingAsForApi(User::factory()->checkinComponents()->create())
->postJson(route('api.components.checkin', $pivotId), [
'checkin_qty' => 1,
])
->assertOk()
->assertStatusMessageIs('error');
}
public function testCannotCheckinMoreThanCheckedOut()
{
$component = Component::factory()->checkedOutToAsset()->create();
$pivot = $component->assets->first()->pivot;
$pivot->update(['assigned_qty' => 1]);
$this->actingAsForApi(User::factory()->checkinComponents()->create())
->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
'checkin_qty' => 3,
])
->assertOk()
->assertStatusMessageIs('error');
}
public function testCanCheckinComponent()
{
Event::fake([CheckoutableCheckedIn::class]);
$user = User::factory()->checkinComponents()->create();
$component = Component::factory()->checkedOutToAsset()->create();
$pivot = $component->assets->first()->pivot;
$pivot->update(['assigned_qty' => 3]);
$this->actingAsForApi($user)
->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
'checkin_qty' => 2,
'note' => 'my note',
])
->assertOk()
->assertStatusMessageIs('success');
$this->assertEquals(1, $component->fresh()->assets->first()->pivot->assigned_qty);
Event::assertDispatched(function (CheckoutableCheckedIn $event) use ($user, $component) {
return $event->checkoutable->is($component)
&& $event->checkedOutTo->is($component->assets->first())
&& $event->checkedInBy->is($user)
&& $event->note === 'my note';
});
}
public function testCheckingInEntireAssignedQuantityClearsThePivotRecordFromTheDatabase()
{
Event::fake([CheckoutableCheckedIn::class]);
$user = User::factory()->checkinComponents()->create();
$component = Component::factory()->checkedOutToAsset()->create();
$pivot = $component->assets->first()->pivot;
$pivot->update(['assigned_qty' => 3]);
$this->actingAsForApi($user)
->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
'checkin_qty' => 3,
'note' => 'my note',
])
->assertOk()
->assertStatusMessageIs('success');
$this->assertEmpty($component->fresh()->assets);
Event::assertDispatched(function (CheckoutableCheckedIn $event) use ($user, $component) {
return $event->checkoutable->is($component)
&& $event->checkedOutTo->is($component->assets->first())
&& $event->checkedInBy->is($user)
&& $event->note === 'my note';
});
}
public function testAdheresToFullMultipleCompaniesSupportScoping()
{
$this->settings->enableMultipleFullCompanySupport();
[$companyA, $companyB] = Company::factory()->count(2)->create();
$componentInCompanyA = Component::factory()->for($companyA)->checkedOutToAsset()->create();
$userInCompanyB = User::factory()->for($companyB)->create();
$pivotId = $componentInCompanyA->assets->first()->pivot->id;
$this->actingAsForApi($userInCompanyB)
->postJson(route('api.components.checkin', $pivotId), [
'checkin_qty' => 1,
])
->assertOk()
->assertStatusMessageIs('error');
}
public function testCheckinIsLogged()
{
$user = User::factory()->checkinComponents()->create();
$component = Component::factory()->checkedOutToAsset()->create();
$pivot = $component->assets->first()->pivot;
$pivot->update(['assigned_qty' => 3]);
$this->actingAsForApi($user)
->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
'checkin_qty' => 3,
'note' => 'my note',
]);
$this->assertDatabaseHas('action_logs', [
'created_by' => $user->id,
'action_type' => 'checkin from',
'target_id' => $component->assets->first()->id,
'target_type' => Asset::class,
'note' => 'my note',
'item_id' => $component->id,
'item_type' => Component::class,
]);
}
}