From f3c4e556675d7dcd7920807bced18b3416b0b2ec Mon Sep 17 00:00:00 2001 From: Tobias Regnery Date: Mon, 14 Oct 2024 15:14:41 +0200 Subject: [PATCH 1/4] Refactor asset creation with API Commit fb4fe3004 restored the previous behaviour to check the company_id in case of FullMultipleCompanySupport. But after rereading the code and the laravel documentation, the check is already there where it belongs in AssetStoreRequest::prepareForValidation() The bug is the is_int-check of the request input in prepareForValidation(). Is is of type string even if it is a numeric value, so the call to getIdForCurrentUser() never happend. Fix this by removing the check and the now redundant call to getIdForCurrentUser(). Wrong values will get caught by the model-level validation rules. --- app/Http/Controllers/Api/AssetsController.php | 1 - app/Http/Requests/StoreAssetRequest.php | 9 +-------- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/app/Http/Controllers/Api/AssetsController.php b/app/Http/Controllers/Api/AssetsController.php index 00c5416afb..d4a103be37 100644 --- a/app/Http/Controllers/Api/AssetsController.php +++ b/app/Http/Controllers/Api/AssetsController.php @@ -598,7 +598,6 @@ class AssetsController extends Controller $asset->model()->associate(AssetModel::find((int) $request->get('model_id'))); $asset->fill($request->validated()); - $asset->company_id = Company::getIdForCurrentUser($request->validated()['company_id']); $asset->created_by = auth()->id(); /** diff --git a/app/Http/Requests/StoreAssetRequest.php b/app/Http/Requests/StoreAssetRequest.php index e1665e2136..26d01051b4 100644 --- a/app/Http/Requests/StoreAssetRequest.php +++ b/app/Http/Requests/StoreAssetRequest.php @@ -26,18 +26,11 @@ class StoreAssetRequest extends ImageUploadRequest public function prepareForValidation(): void { - // Guard against users passing in an array for company_id instead of an integer. - // If the company_id is not an integer then we simply use what was - // provided to be caught by model level validation later. - $idForCurrentUser = is_int($this->company_id) - ? Company::getIdForCurrentUser($this->company_id) - : $this->company_id; - $this->parseLastAuditDate(); $this->merge([ 'asset_tag' => $this->asset_tag ?? Asset::autoincrement_asset(), - 'company_id' => $idForCurrentUser, + 'company_id' => Company::getIdForCurrentUser($this->company_id), 'assigned_to' => $assigned_to ?? null, ]); } From b997d728fb508f00b28d1f5db7bdd7ecd6177c0b Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 15 Oct 2024 10:30:34 +0100 Subject: [PATCH 2/4] Added LLM note Signed-off-by: snipe --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0086c7b327..e0f4154f6c 100644 --- a/README.md +++ b/README.md @@ -84,7 +84,11 @@ Since the release of the JSON REST API, several third-party developers have been ### Contributing -Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview). +Please refrain from submitting issues or pull requests generated by fully-automated tools. Maintainers reserve the right, at their sole discretion, to close such submissions and to block any account responsible for them. + +Ideally, contributions should follow from a human-to-human discussion in the form of an issue. + +Please see the complete documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview). Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms. From d0d4159088e4452ff18dcfb80e3746475caedc88 Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 15 Oct 2024 12:42:09 +0100 Subject: [PATCH 3/4] Fixed typo Signed-off-by: snipe --- app/Models/Location.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Models/Location.php b/app/Models/Location.php index e6c310979b..014db3053e 100755 --- a/app/Models/Location.php +++ b/app/Models/Location.php @@ -42,7 +42,7 @@ class Location extends SnipeModel ]; /** - * Whether the model should inject it's identifier to the unique + * Whether the model should inject its identifier to the unique * validation rules before attempting validation. If this property * is not set in the model it will default to true. * From e9225ff3ea6952f83ec0cbda2749f0756d6f1de7 Mon Sep 17 00:00:00 2001 From: snipe Date: Tue, 15 Oct 2024 12:43:10 +0100 Subject: [PATCH 4/4] Switch to regular HTML for input form field Signed-off-by: snipe --- resources/views/locations/edit.blade.php | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/resources/views/locations/edit.blade.php b/resources/views/locations/edit.blade.php index 55d638a9f5..4b4e655a52 100755 --- a/resources/views/locations/edit.blade.php +++ b/resources/views/locations/edit.blade.php @@ -25,9 +25,15 @@ -
- {{ Form::text('currency', old('currency', $item->currency), array('class' => 'form-control','placeholder' => 'USD', 'maxlength'=>'3', 'style'=>'width: 60px;', 'aria-label'=>'currency', 'required' => (Helper::checkIfRequired($item, 'currency')) ? true : '')) }} - {!! $errors->first('currency', '') !!} +
+ + @error('currency') + + + {{ $message }} + + @enderror +
@@ -40,8 +46,13 @@ {{ trans('admin/locations/table.ldap_ou') }}
- {{ Form::text('ldap_ou', old('ldap_ou', $item->ldap_ou), array('class' => 'form-control', 'required' => (Helper::checkIfRequired($item, 'ldap_ou')) ? true : '')) }} - {!! $errors->first('ldap_ou', '') !!} + + @error('ldap_ou') + + + {{ $message }} + + @enderror
@endif