diff --git a/app/Http/Controllers/Assets/AssetCheckinController.php b/app/Http/Controllers/Assets/AssetCheckinController.php index 8526de08fd..4c0ac970a7 100644 --- a/app/Http/Controllers/Assets/AssetCheckinController.php +++ b/app/Http/Controllers/Assets/AssetCheckinController.php @@ -55,14 +55,14 @@ class AssetCheckinController extends Controller return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist')); } + if (is_null($target = $asset->assignedTo)) { + return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in')); + } $this->authorize('checkin', $asset); if ($asset->assignedType() == Asset::USER) { $user = $asset->assignedTo; } - if (is_null($target = $asset->assignedTo)) { - return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in')); - } $asset->expected_checkin = null; $asset->last_checkout = null; @@ -89,7 +89,6 @@ class AssetCheckinController extends Controller // Was the asset updated? if ($asset->save()) { - event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at)); if ((isset($user)) && ($backto =='user')) { diff --git a/app/Http/Controllers/Assets/AssetsController.php b/app/Http/Controllers/Assets/AssetsController.php index 6d354869d3..c6228d67d1 100755 --- a/app/Http/Controllers/Assets/AssetsController.php +++ b/app/Http/Controllers/Assets/AssetsController.php @@ -63,11 +63,7 @@ class AssetsController extends Controller public function index(Request $request) { $this->authorize('index', Asset::class); - if ($request->filled('company_id')) { - $company = Company::find($request->input('company_id')); - } else { - $company = null; - } + $company = Company::find($request->input('company_id')); return view('hardware/index')->with('company', $company); } diff --git a/app/Http/Controllers/Users/BulkUsersController.php b/app/Http/Controllers/Users/BulkUsersController.php index ea150f4b84..499eaa3a1c 100644 --- a/app/Http/Controllers/Users/BulkUsersController.php +++ b/app/Http/Controllers/Users/BulkUsersController.php @@ -33,9 +33,6 @@ class BulkUsersController extends Controller // Make sure there were users selected if (($request->filled('ids')) && (count($request->input('ids')) > 0)) { - - $statuslabel_list = Helper::statusLabelList(); - // Get the list of affected users $users = User::whereIn('id', array_keys(request('ids'))) ->with('groups', 'assets', 'licenses', 'accessories')->get(); @@ -45,17 +42,15 @@ class BulkUsersController extends Controller ->with('groups', Group::pluck('name', 'id')); } elseif ($request->input('bulk_actions') == 'delete') { - return view('users/confirm-bulk-delete', compact('users', 'statuslabel_list')); + return view('users/confirm-bulk-delete', compact('users', Helper::statusLabelList();)); } elseif ($request->input('bulk_actions') == 'bulkpasswordreset') { - if ($users) { - foreach ($users as $user) { - if (($user->activated=='1') && ($user->email!='')) { - $credentials = ['email' => $user->email]; - Password::sendResetLink($credentials, function (Message $message) { - $message->subject($this->getEmailSubject()); - }); - } + foreach ($users as $user) { + if (($user->activated=='1') && ($user->email!='')) { + $credentials = ['email' => $user->email]; + Password::sendResetLink($credentials, function (Message $message) { + $message->subject($this->getEmailSubject()); + }); } } return redirect()->back()->with('success', trans('admin/users/message.password_resets_sent')); diff --git a/app/Http/Controllers/Users/UsersController.php b/app/Http/Controllers/Users/UsersController.php index 89f5b51d6f..0e1953f02b 100755 --- a/app/Http/Controllers/Users/UsersController.php +++ b/app/Http/Controllers/Users/UsersController.php @@ -204,7 +204,7 @@ class UsersController extends Controller * @return \Illuminate\Http\RedirectResponse * @throws \Illuminate\Auth\Access\AuthorizationException */ - public function update(Request $request, $id = null) + public function update(SaveUserRequest $request, $id = null) { // We need to reverse the UI specific logic for our // permissions here before we update the user. @@ -221,25 +221,20 @@ class UsersController extends Controller try { $user = User::findOrFail($id); - app('App\Http\Requests\SaveUserRequest'); - - if ($user->id == $request->input('manager_id')) { - return redirect()->back()->withInput()->with('error', 'You cannot be your own manager.'); - } - $this->authorize('update', $user); - // Figure out of this user was an admin before this edit - $orig_permissions_array = $user->decodePermissions(); - $orig_superuser = '0'; - if (is_array($orig_permissions_array)) { - if (array_key_exists('superuser', $orig_permissions_array)) { - $orig_superuser = $orig_permissions_array['superuser']; - } - } } catch (ModelNotFoundException $e) { return redirect()->route('users.index') ->with('error', trans('admin/users/message.user_not_found', compact('id'))); } + $this->authorize('update', $user); + // Figure out of this user was an admin before this edit + $orig_permissions_array = $user->decodePermissions(); + $orig_superuser = '0'; + if (is_array($orig_permissions_array)) { + if (array_key_exists('superuser', $orig_permissions_array)) { + $orig_superuser = $orig_permissions_array['superuser']; + } + } // Only save groups if the user is a super user if (Auth::user()->isSuperUser()) { @@ -247,13 +242,11 @@ class UsersController extends Controller } + // Update the user if ($request->filled('username')) { $user->username = $request->input('username'); } $user->email = $request->input('email'); - - - // Update the user $user->first_name = $request->input('first_name'); $user->last_name = $request->input('last_name'); $user->two_factor_optin = $request->input('two_factor_optin') ?: 0; diff --git a/app/Http/Requests/SaveUserRequest.php b/app/Http/Requests/SaveUserRequest.php index 7399ff808d..ed44fc0939 100644 --- a/app/Http/Requests/SaveUserRequest.php +++ b/app/Http/Requests/SaveUserRequest.php @@ -33,7 +33,9 @@ class SaveUserRequest extends FormRequest public function rules() { - $rules = []; + $rules = [ + 'manager_id' => "nullable|exists:users,id|different:users.id" + ]; switch($this->method()) { diff --git a/app/Http/Transformers/SuppliersTransformer.php b/app/Http/Transformers/SuppliersTransformer.php index 95d15608d7..e24e399bd1 100644 --- a/app/Http/Transformers/SuppliersTransformer.php +++ b/app/Http/Transformers/SuppliersTransformer.php @@ -28,16 +28,16 @@ class SuppliersTransformer 'name' => e($supplier->name), 'image' => ($supplier->image) ? Storage::disk('public')->url('suppliers/'.e($supplier->image)) : null, 'url' => e($supplier->url), - 'address' => ($supplier->address) ? e($supplier->address) : null, - 'address2' => ($supplier->address2) ? e($supplier->address2) : null, - 'city' => ($supplier->city) ? e($supplier->city) : null, - 'state' => ($supplier->state) ? e($supplier->state) : null, - 'country' => ($supplier->country) ? e($supplier->country) : null, - 'zip' => ($supplier->zip) ? e($supplier->zip) : null, - 'fax' => ($supplier->fax) ? e($supplier->fax) : null, - 'phone' => ($supplier->phone) ? e($supplier->phone) : null, - 'email' => ($supplier->email) ? e($supplier->email) : null, - 'contact' => ($supplier->contact) ? e($supplier->contact) : null, + 'address' => e($supplier->address), + 'address2' => e($supplier->address2), + 'city' => e($supplier->city), + 'state' => e($supplier->state), + 'country' => e($supplier->country), + 'zip' => e($supplier->zip), + 'fax' => e($supplier->fax), + 'phone' => e($supplier->phone), + 'email' => e($supplier->email), + 'contact' => e($supplier->contact), 'assets_count' => (int) $supplier->assets_count, 'accessories_count' => (int) $supplier->accessories_count, 'licenses_count' => (int) $supplier->licenses_count,