DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

two new test

Browse source
This commit is contained in:
spencerrlongg 2024-05-07 15:11:33 -05:00
parent 17ef20ea92
commit ad2ba252ee
2 changed files with 93 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
app/Http/Controllers/Assets/BulkAssetsController.php
View file

@ -15,6 +15,7 @@ use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Crypt; use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Gate;
use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Session;
use App\Http\Requests\AssetCheckoutRequest; use App\Http\Requests\AssetCheckoutRequest;
@ -379,28 +380,30 @@ class BulkAssetsController extends Controller
foreach ($asset->model->fieldset->fields as $field) { foreach ($asset->model->fieldset->fields as $field) {
if ((array_key_exists($field->db_column, $this->update_array)) && ($field->field_encrypted == '1')) { if ((array_key_exists($field->db_column, $this->update_array)) && ($field->field_encrypted == '1')) {
$decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column}); if (Gate::allows('admin')) {
$decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
/*
* Check if the decrypted existing value is different from one we just submitted
* and if not, pull it out of the object since it shouldn't really be updating at all.
* If we don't do this, it will try to re-encrypt it, and the same value encrypted two
* different times will have different values, so it will *look* like it was updated
* but it wasn't.
*/
if ($decrypted_old != $this->update_array[$field->db_column]) {
$asset->{$field->db_column} = Crypt::encrypt($this->update_array[$field->db_column]);
} else {
/* /*
* Remove the encrypted custom field from the update_array, since nothing changed * Check if the decrypted existing value is different from one we just submitted
* and if not, pull it out of the object since it shouldn't really be updating at all.
* If we don't do this, it will try to re-encrypt it, and the same value encrypted two
* different times will have different values, so it will *look* like it was updated
* but it wasn't.
*/ */
unset($this->update_array[$field->db_column]); if ($decrypted_old != $this->update_array[$field->db_column]) {
unset($asset->{$field->db_column}); $asset->{$field->db_column} = Crypt::encrypt($this->update_array[$field->db_column]);
} } else {
/*
* Remove the encrypted custom field from the update_array, since nothing changed
*/
unset($this->update_array[$field->db_column]);
unset($asset->{$field->db_column});
}
/* /*
* These custom fields aren't encrypted, just carry on as usual * These custom fields aren't encrypted, just carry on as usual
*/ */
}
} else { } else {
if ((array_key_exists($field->db_column, $this->update_array)) && ($asset->{$field->db_column} != $this->update_array[$field->db_column])) { if ((array_key_exists($field->db_column, $this->update_array)) && ($asset->{$field->db_column} != $this->update_array[$field->db_column])) {

76
tests/Feature/Assets/AssetsBulkEditTest.php
View file

@ -9,6 +9,7 @@ use App\Models\CustomField;
use App\Models\Statuslabel; use App\Models\Statuslabel;
use App\Models\Supplier; use App\Models\Supplier;
use App\Models\User; use App\Models\User;
use Illuminate\Support\Facades\Crypt;
use Tests\TestCase; use Tests\TestCase;
class AssetsBulkEditTest extends TestCase class AssetsBulkEditTest extends TestCase
@ -82,15 +83,16 @@ class AssetsBulkEditTest extends TestCase
{ {
$this->markIncompleteIfMySQL('Custom Fields tests do not work on MySQL'); $this->markIncompleteIfMySQL('Custom Fields tests do not work on MySQL');
CustomField::factory()->macAddress()->create();
CustomField::factory()->ram()->create(); CustomField::factory()->ram()->create();
CustomField::factory()->cpu()->create(); CustomField::factory()->cpu()->create();
$mac_address = CustomField::where('name', 'MAC Address')->first(); // when getting the custom field directly from the factory the field has not been fully created yet
// so we have to do a query afterwards to get the actual model :shrug:
$ram = CustomField::where('name', 'RAM')->first(); $ram = CustomField::where('name', 'RAM')->first();
$cpu = CustomField::where('name', 'CPU')->first(); $cpu = CustomField::where('name', 'CPU')->first();
$assets = Asset::factory()->count(10)->hasMultipleCustomFields([$mac_address, $ram, $cpu])->create([ $assets = Asset::factory()->count(10)->hasMultipleCustomFields([$ram, $cpu])->create([
$ram->db_column => 8, $ram->db_column => 8,
$cpu->db_column => '2.1', $cpu->db_column => '2.1',
]); ]);
@ -103,9 +105,75 @@ class AssetsBulkEditTest extends TestCase
$cpu->db_column => '4.1', $cpu->db_column => '4.1',
]); ]);
Asset::findMany($id_array)->each(function (Asset $asset) use ($ram, $cpu, $mac_address) { Asset::findMany($id_array)->each(function (Asset $asset) use ($ram, $cpu) {
$this->assertEquals(16, $asset->{$ram->db_column}); $this->assertEquals(16, $asset->{$ram->db_column});
$this->assertEquals('4.1', $asset->{$cpu->db_column}); $this->assertEquals('4.1', $asset->{$cpu->db_column});
}); });
} }
public function testBulkEditAssetsAcceptsAndUpdatesEncryptedCustomFields()
{
$this->markIncompleteIfMySQL('Custom Fields tests do not work on MySQL');
CustomField::factory()->testEncrypted()->create();
$encrypted = CustomField::where('name', 'Test Encrypted')->first();
$assets = Asset::factory()->count(10)->hasEncryptedCustomField($encrypted)->create([
$encrypted->db_column => Crypt::encrypt('Original Encrypted Text'),
]);
$id_array = $assets->pluck('id')->toArray();
$this->actingAs(User::factory()->admin()->create())->post(route('hardware/bulksave'), [
'ids' => $id_array,
$encrypted->db_column => 'New Encrypted Text',
]);
Asset::findMany($id_array)->each(function (Asset $asset) use ($encrypted) {
$this->assertEquals('New Encrypted Text', Crypt::decrypt($asset->{$encrypted->db_column}));
});
}
public function testBulkEditAssetsRequiresAdminUserToUpdateEncryptedCustomFields()
{
$this->markIncompleteIfMySQL('Custom Fields tests do not work on mysql');
$edit_user = User::factory()->editAssets()->create();
$admin_user = User::factory()->admin()->create();
CustomField::factory()->testEncrypted()->create();
$encrypted = CustomField::where('name', 'Test Encrypted')->first();
$admin_assets = Asset::factory()->count(5)->hasEncryptedCustomField($encrypted)->create([
$encrypted->db_column => Crypt::encrypt('Original Encrypted Text'),
]);
$standard_assets = Asset::factory()->count(5)->hasEncryptedCustomField($encrypted)->create([
$encrypted->db_column => Crypt::encrypt('Original Encrypted Text'),
]);
$admin_id_array = $admin_assets->pluck('id')->toArray();
$standard_id_array = $standard_assets->pluck('id')->toArray();
$this->actingAs($admin_user)->post(route('hardware/bulksave'), [
'ids' => $admin_id_array,
$encrypted->db_column => 'New Encrypted Text',
])->assertStatus(302);
// do we want to return an error when this happens???
$this->actingAs($edit_user)->post(route('hardware/bulksave'), [
'ids' => $standard_id_array,
$encrypted->db_column => 'New Encrypted Text',
])->assertStatus(302);
Asset::findMany($admin_id_array)->each(function (Asset $asset) use ($encrypted) {
$this->assertEquals('New Encrypted Text', Crypt::decrypt($asset->{$encrypted->db_column}));
});
Asset::findMany($standard_id_array)->each(function (Asset $asset) use ($encrypted) {
$this->assertEquals('Original Encrypted Text', Crypt::decrypt($asset->{$encrypted->db_column}));
});
}
} }