Revert "Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets"

This reverts commit b1e17743b8.
This commit is contained in:
snipe 2019-02-13 04:44:19 -08:00
parent b1e17743b8
commit e75d22ab73

View file

@ -3,14 +3,13 @@ namespace App\Http\Controllers\Api;
use App\Helpers\Helper;
use App\Http\Controllers\Controller;
use App\Http\Requests\AssetRequest;
use App\Http\Requests\AssetCheckoutRequest;
use App\Http\Transformers\AssetsTransformer;
use App\Http\Transformers\LicensesTransformer;
use App\Models\Asset;
use App\Models\AssetModel;
use App\Models\Company;
use App\Models\CustomField;
use App\Models\License;
use App\Models\Location;
use App\Models\Setting;
use App\Models\User;
@ -85,7 +84,7 @@ class AssetsController extends Controller
$filter = array();
if ($request->filled('filter')) {
if ($request->has('filter')) {
$filter = json_decode($request->input('filter'), true);
}
@ -102,7 +101,7 @@ class AssetsController extends Controller
// These are used by the API to query against specific ID numbers.
// They are also used by the individual searches on detail pages like
// locations, etc.
if ($request->filled('status_id')) {
if ($request->has('status_id')) {
$assets->where('assets.status_id', '=', $request->input('status_id'));
}
@ -110,40 +109,40 @@ class AssetsController extends Controller
$assets->where('assets.requestable', '=', '1');
}
if ($request->filled('model_id')) {
if ($request->has('model_id')) {
$assets->InModelList([$request->input('model_id')]);
}
if ($request->filled('category_id')) {
if ($request->has('category_id')) {
$assets->InCategory($request->input('category_id'));
}
if ($request->filled('location_id')) {
if ($request->has('location_id')) {
$assets->where('assets.location_id', '=', $request->input('location_id'));
}
if ($request->filled('supplier_id')) {
if ($request->has('supplier_id')) {
$assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
}
if (($request->filled('assigned_to')) && ($request->filled('assigned_type'))) {
if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
$assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
->where('assets.assigned_type', '=', $request->input('assigned_type'));
}
if ($request->filled('company_id')) {
if ($request->has('company_id')) {
$assets->where('assets.company_id', '=', $request->input('company_id'));
}
if ($request->filled('manufacturer_id')) {
if ($request->has('manufacturer_id')) {
$assets->ByManufacturer($request->input('manufacturer_id'));
}
if ($request->filled('depreciation_id')) {
if ($request->has('depreciation_id')) {
$assets->ByDepreciationId($request->input('depreciation_id'));
}
$request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
$request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
$offset = request('offset', 0);
$limit = $request->input('limit', 50);
@ -156,7 +155,7 @@ class AssetsController extends Controller
// I am sad. :(
switch ($request->input('status')) {
case 'Deleted':
$assets->onlyTrashed();
$assets->withTrashed()->Deleted();
break;
case 'Pending':
$assets->join('status_labels AS status_alias',function ($join) {
@ -202,7 +201,7 @@ class AssetsController extends Controller
break;
default:
if ((!$request->filled('status_id')) && ($settings->show_archived_in_list!='1')) {
if ((!$request->has('status_id')) && ($settings->show_archived_in_list!='1')) {
// terrible workaround for complex-query Laravel bug in fulltext
$assets->join('status_labels AS status_alias',function ($join) {
$join->on('status_alias.id', "=", "assets.status_id")
@ -221,7 +220,7 @@ class AssetsController extends Controller
if ((!is_null($filter)) && (count($filter)) > 0) {
$assets->ByFilter($filter);
} elseif ($request->filled('search')) {
} elseif ($request->has('search')) {
$assets->TextSearch($request->input('search'));
}
@ -234,8 +233,8 @@ class AssetsController extends Controller
// This handles all of the pivot sorting (versus the assets.* fields
// in the allowed_columns array)
$column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
// dd($column_sort);
switch ($sort_override) {
case 'model':
$assets->OrderModels($order);
@ -271,9 +270,9 @@ class AssetsController extends Controller
break;
}
$total = $assets->count();
$assets = $assets->skip($offset)->take($limit)->get();
// dd($assets);
return (new AssetsTransformer)->transformAssets($assets, $total);
}
@ -306,9 +305,9 @@ class AssetsController extends Controller
*/
public function showBySerial($serial)
{
$this->authorize('index', Asset::class);
if ($assets = Asset::with('assetstatus')->with('assignedTo')
->withTrashed()->where('serial',$serial)->get()) {
$this->authorize('view', $assets);
return (new AssetsTransformer)->transformAssets($assets, $assets->count());
}
return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
@ -326,22 +325,14 @@ class AssetsController extends Controller
*/
public function show($id)
{
if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()
->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->findOrFail($id)) {
if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->withCount('checkins', 'checkouts', 'userRequests')->findOrFail($id)) {
$this->authorize('view', $asset);
return (new AssetsTransformer)->transformAsset($asset);
}
}
public function licenses($id)
{
$this->authorize('view', Asset::class);
$this->authorize('view', License::class);
$asset = Asset::where('id', $id)->withTrashed()->first();
$licenses = $asset->licenses()->get();
return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
}
/**
* Gets a paginated collection for the select2 menus
@ -362,13 +353,13 @@ class AssetsController extends Controller
'assets.assigned_to',
'assets.assigned_type',
'assets.status_id'
])->with('model', 'assetstatus', 'assignedTo')->NotArchived(), 'company_id', 'assets');
])->with('model', 'assetstatus', 'assignedTo')->NotArchived(),'company_id', 'assets');
if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
if ($request->has('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
$assets = $assets->RTD();
}
if ($request->filled('search')) {
if ($request->has('search')) {
$assets = $assets->AssignedSearch($request->input('search'));
}
@ -408,7 +399,7 @@ class AssetsController extends Controller
* @since [v4.0]
* @return JsonResponse
*/
public function store(Request $request)
public function store(AssetRequest $request)
{
$this->authorize('create', Asset::class);
@ -439,7 +430,7 @@ class AssetsController extends Controller
// Update custom fields in the database.
// Validation for these fields is handled through the AssetRequest form request
$model = AssetModel::find($request->get('model_id'));
if (($model) && ($model->fieldset)) {
if ($model->fieldset) {
foreach ($model->fieldset->fields as $field) {
$asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug(), null));
}
@ -476,22 +467,21 @@ class AssetsController extends Controller
{
$this->authorize('update', Asset::class);
$asset->fill($request->all());
if ($asset = Asset::find($id)) {
($request->filled('model_id')) ?
$asset->model()->associate(AssetModel::find($request->get('model_id'))) : null;
($request->filled('rtd_location_id')) ?
$asset->location_id = $request->get('rtd_location_id') : '';
($request->filled('company_id')) ?
$asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';
$asset->fill($request->all());
($request->has('model_id')) ?
$asset->model()->associate(AssetModel::find($request->get('model_id'))) : null;
($request->has('company_id')) ?
$asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : null;
($request->has('rtd_location_id')) ?
$asset->location_id = $request->get('rtd_location_id') : null;
// Update custom fields
if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
foreach ($model->fieldset->fields as $field) {
if ($request->filled($field->convertUnicodeDbSlug())) {
if ($request->has($field->convertUnicodeDbSlug())) {
$asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
}
}
@ -500,11 +490,11 @@ class AssetsController extends Controller
if ($asset->save()) {
if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
$location = $target->location_id;
} elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
} elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
$location = $target->location_id;
} elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
} elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
$location = $target->id;
}
@ -659,7 +649,7 @@ class AssetsController extends Controller
$asset->name = Input::get('name');
$asset->location_id = $asset->rtd_location_id;
if ($request->filled('location_id')) {
if ($request->has('location_id')) {
$asset->location_id = $request->input('location_id');
}
@ -699,27 +689,13 @@ class AssetsController extends Controller
return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
}
$settings = Setting::getSettings();
$dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
$asset = Asset::where('asset_tag','=', $request->input('asset_tag'))->first();
if ($asset) {
// We don't want to log this as a normal update, so let's bypass that
$asset->unsetEventDispatcher();
$asset->next_audit_date = $dt;
if ($request->filled('next_audit_date')) {
$asset->next_audit_date = $request->input('next_audit_date');
}
// Check to see if they checked the box to update the physical location,
// not just note it in the audit notes
if ($request->input('update_location')=='1') {
$asset->location_id = $request->input('location_id');
}
$asset->next_audit_date = $request->input('next_audit_date');
$asset->last_audit_date = date('Y-m-d h:i:s');
if ($asset->save()) {
@ -727,7 +703,7 @@ class AssetsController extends Controller
return response()->json(Helper::formatStandardApiResponse('success', [
'asset_tag'=> e($asset->asset_tag),
'note'=> e($request->input('note')),
'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date)
'next_audit_date' => Helper::getFormattedDateObject($log->calcNextAuditDate())
], trans('admin/hardware/message.audit.success')));
}
}