Fixed ambiguous query on non-super admins with FCS

This commit is contained in:
snipe 2017-12-12 21:14:12 -08:00
parent 9c108873e9
commit f1a911d305
3 changed files with 14 additions and 14 deletions

View file

@ -88,7 +88,7 @@ class AssetsController extends Controller
$allowed_columns[]=$field->db_column_name();
}
$assets = Company::scopeCompanyables(Asset::select('assets.*'))->with(
$assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")->with(
'location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
'model.category', 'model.manufacturer', 'model.fieldset','supplier');

View file

@ -769,7 +769,7 @@ class Asset extends Depreciable
{
$search = explode(' OR ', $search);
return $query->leftJoin('users as assets_users',function ($leftJoin) {
return $query->leftJoin('users as assets_users',function ($leftJoin) {
$leftJoin->on("assets_users.id", "=", "assets.assigned_to")
->where("assets.assigned_type", "=", User::class);
})->leftJoin('locations as assets_locations',function ($leftJoin) {
@ -805,7 +805,7 @@ class Asset extends Depreciable
});
})->orWhere(function ($query) use ($search) {
$query->whereHas('company', function ($query) use ($search) {
$query->where('companies.name', 'LIKE', '%'.$search.'%');
$query->where('companies.name', 'LIKE', '%' . $search . '%');
});
})->orWhere(function ($query) use ($search) {
$query->whereHas('defaultLoc', function ($query) use ($search) {

View file

@ -55,7 +55,7 @@ final class Company extends SnipeModel
}
}
private static function scopeCompanyablesDirectly($query, $column = 'company_id')
private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null )
{
if (Auth::user()) {
$company_id = Auth::user()->company_id;
@ -63,7 +63,8 @@ final class Company extends SnipeModel
$company_id = null;
}
return $query->where($column, '=', $company_id);
$table = ($table_name) ? DB::getTablePrefix().$table_name."." : '';
return $query->where($table.$column, '=', $company_id);
}
public static function getIdFromInput($unescaped_input)
@ -131,13 +132,13 @@ final class Company extends SnipeModel
}
}
public static function scopeCompanyables($query, $column = 'company_id')
public static function scopeCompanyables($query, $column = 'company_id', $table_name = null )
{
// If not logged in and hitting this, assume we are on the command line and don't scope?'
if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser()) || (!Auth::check())) {
return $query;
} else {
return static::scopeCompanyablesDirectly($query, $column);
return static::scopeCompanyablesDirectly($query, $column, $table_name);
}
}
@ -149,7 +150,6 @@ final class Company extends SnipeModel
return $query;
} else {
$f = function ($q) {
static::scopeCompanyablesDirectly($q);
};
@ -166,31 +166,31 @@ final class Company extends SnipeModel
public function users()
{
return $this->hasMany(User::class);
return $this->hasMany(User::class, 'users.company_id');
}
public function assets()
{
return $this->hasMany(Asset::class);
return $this->hasMany(Asset::class, 'assets.company_id');
}
public function licenses()
{
return $this->hasMany(License::class);
return $this->hasMany(License::class, 'licenses.company_id');
}
public function accessories()
{
return $this->hasMany(Accessory::class);
return $this->hasMany(Accessory::class, 'accessories.company_id');
}
public function consumables()
{
return $this->hasMany(Consumable::class);
return $this->hasMany(Consumable::class, 'consumables.company_id');
}
public function components()
{
return $this->hasMany(Component::class);
return $this->hasMany(Component::class, 'components.company_id');
}
/**