Limit API request results per page (#7405)

This commit is contained in:
snipe 2019-09-03 14:02:08 -07:00 committed by GitHub
parent b381528668
commit b8f7cd81eb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 87 additions and 17 deletions

View file

@ -7,6 +7,7 @@ APP_KEY=ChangeMe
APP_URL=null APP_URL=null
APP_TIMEZONE='UTC' APP_TIMEZONE='UTC'
APP_LOCALE=en APP_LOCALE=en
MAX_RESULTS=500
# -------------------------------------------- # --------------------------------------------
# REQUIRED: DATABASE SETTINGS # REQUIRED: DATABASE SETTINGS

View file

@ -50,7 +50,11 @@ class AccessoriesController extends Controller
} }
$offset = (($accessories) && (request('offset') > $accessories->count())) ? 0 : request('offset', 0); $offset = (($accessories) && (request('offset') > $accessories->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

View file

@ -61,7 +61,10 @@ class AssetModelsController extends Controller
} }
$offset = (($assetmodels) && (request('offset') > $assetmodels->count())) ? 0 : request('offset', 0); $offset = (($assetmodels) && (request('offset') > $assetmodels->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'models.created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'models.created_at';

View file

@ -145,7 +145,10 @@ class AssetsController extends Controller
$request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : ''; $request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
$offset = (($assets) && (request('offset') > $assets->count())) ? 0 : request('offset', 0); $offset = (($assets) && (request('offset') > $assets->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
// This is used by the audit reporting routes // This is used by the audit reporting routes

View file

@ -31,7 +31,10 @@ class CategoriesController extends Controller
} }
$offset = (($categories) && (request('offset') > $categories->count())) ? 0 : request('offset', 0); $offset = (($categories) && (request('offset') > $categories->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
$categories->orderBy($sort, $order); $categories->orderBy($sort, $order);

View file

@ -42,7 +42,10 @@ class CompaniesController extends Controller
} }
$offset = (($companies) && (request('offset') > $companies->count())) ? 0 : request('offset', 0); $offset = (($companies) && (request('offset') > $companies->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
$companies->orderBy($sort, $order); $companies->orderBy($sort, $order);

View file

@ -44,7 +44,9 @@ class ComponentsController extends Controller
} }
$offset = (($components) && (request('offset') > $components->count())) ? 0 : request('offset', 0); $offset = (($components) && (request('offset') > $components->count())) ? 0 : request('offset', 0);
$limit = request('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image']; $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

View file

@ -45,7 +45,10 @@ class ConsumablesController extends Controller
$offset = (($consumables) && (request('offset') > $consumables->count())) ? 0 : request('offset', 0); $offset = (($consumables) && (request('offset') > $consumables->count())) ? 0 : request('offset', 0);
$limit = request('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image']; $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

View file

@ -40,7 +40,10 @@ class DepartmentsController extends Controller
} }
$offset = (($departments) && (request('offset') > $departments->count())) ? 0 : request('offset', 0); $offset = (($departments) && (request('offset') > $departments->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

View file

@ -29,7 +29,10 @@ class DepreciationsController extends Controller
} }
$offset = (($depreciations) && (request('offset') > $depreciations->count())) ? 0 : request('offset', 0); $offset = (($depreciations) && (request('offset') > $depreciations->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
$depreciations->orderBy($sort, $order); $depreciations->orderBy($sort, $order);

View file

@ -29,7 +29,10 @@ class GroupsController extends Controller
} }
$offset = (($groups) && (request('offset') > $groups->count())) ? 0 : request('offset', 0); $offset = (($groups) && (request('offset') > $groups->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
$groups->orderBy($sort, $order); $groups->orderBy($sort, $order);

View file

@ -83,7 +83,10 @@ class LicensesController extends Controller
$offset = (($licenses) && (request('offset') > $licenses->count())) ? 0 : request('offset', 0); $offset = (($licenses) && (request('offset') > $licenses->count())) ? 0 : request('offset', 0);
$limit = request('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

View file

@ -52,7 +52,10 @@ class LocationsController extends Controller
$offset = (($locations) && (request('offset') > $locations->count())) ? 0 : request('offset', 0); $offset = (($locations) && (request('offset') > $locations->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

View file

@ -40,7 +40,10 @@ class ManufacturersController extends Controller
$offset = (($manufacturers) && (request('offset') > $manufacturers->count())) ? 0 : request('offset', 0); $offset = (($manufacturers) && (request('offset') > $manufacturers->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
$manufacturers->orderBy($sort, $order); $manufacturers->orderBy($sort, $order);

View file

@ -31,7 +31,10 @@ class StatuslabelsController extends Controller
} }
$offset = (($statuslabels) && (request('offset') > $statuslabels->count())) ? 0 : request('offset', 0); $offset = (($statuslabels) && (request('offset') > $statuslabels->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
$statuslabels->orderBy($sort, $order); $statuslabels->orderBy($sort, $order);

View file

@ -34,7 +34,10 @@ class SuppliersController extends Controller
} }
$offset = (($suppliers) && (request('offset') > $suppliers->count())) ? 0 : request('offset', 0); $offset = (($suppliers) && (request('offset') > $suppliers->count())) ? 0 : request('offset', 0);
$limit = $request->input('limit', 50);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at'; $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
$suppliers->orderBy($sort, $order); $suppliers->orderBy($sort, $order);

View file

@ -88,7 +88,10 @@ class UsersController extends Controller
$order = $request->input('order') === 'asc' ? 'asc' : 'desc'; $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$offset = (($users) && (request('offset') > $users->count())) ? 0 : request('offset', 0); $offset = (($users) && (request('offset') > $users->count())) ? 0 : request('offset', 0);
$limit = request('limit', 20);
// Check to make sure the limit is not higher than the max allowed
(config('app.max_results') < $request->input('limit')) ? $limit = $request->input('limit') : $limit = config('app.max_results');
switch ($request->input('sort')) { switch ($request->input('sort')) {
case 'manager': case 'manager':

View file

@ -32,7 +32,15 @@ class ActionlogsTransformer
$meta_array = json_decode($actionlog->log_meta); $meta_array = json_decode($actionlog->log_meta);
foreach ($meta_array as $key => $value) { foreach ($meta_array as $key => $value) {
foreach ($value as $meta_key => $meta_value) { foreach ($value as $meta_key => $meta_value) {
$clean_meta[$key][$meta_key] = e($meta_value);
if (is_array($meta_value)) {
foreach ($meta_value as $meta_value_key => $meta_value_value) {
$clean_meta[$key][$meta_value_key] = e($meta_value_value);
}
} else {
$clean_meta[$key][$meta_key] = e($meta_value);
}
} }
} }
} }

View file

@ -36,6 +36,19 @@ return [
'env' => env('APP_ENV', 'production'), 'env' => env('APP_ENV', 'production'),
/*
|--------------------------------------------------------------------------
| Result Limit
|--------------------------------------------------------------------------
|
| This value determines the max number of results to return, even if a higher limit
| is passed in the API request. This is done to prevent server timeouts when
| custom scripts are requesting 100k assets at a time.
|
*/
'max_results' => env('MAX_RESULTS', 500),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Application Debug Mode | Application Debug Mode