Fixed ambiguous query on non-super admins with FCS

2024-09-20 07:47:41 -07:00 · 2017-12-12 21:14:12 -08:00 · 2017-12-12 21:14:12 -08:00 · f1a911d305
parent 9c108873e9
commit f1a911d305
3 changed files with 14 additions and 14 deletions
--- a/app/Http/Controllers/Api/AssetsController.php
+++ b/app/Http/Controllers/Api/AssetsController.php
@ -88,7 +88,7 @@ class AssetsController extends Controller
            $allowed_columns[]=$field->db_column_name();
        }

-        $assets = Company::scopeCompanyables(Asset::select('assets.*'))->with(
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")->with(
            'location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
            'model.category', 'model.manufacturer', 'model.fieldset','supplier');

--- a/app/Models/Asset.php
+++ b/app/Models/Asset.php
@ -769,7 +769,7 @@ class Asset extends Depreciable
    {
        $search = explode(' OR ', $search);

-        return $query->leftJoin('users as assets_users',function ($leftJoin) {
+         return $query->leftJoin('users as assets_users',function ($leftJoin) {
            $leftJoin->on("assets_users.id", "=", "assets.assigned_to")
                ->where("assets.assigned_type", "=", User::class);
        })->leftJoin('locations as assets_locations',function ($leftJoin) {
@ -805,7 +805,7 @@ class Asset extends Depreciable
                    });
                })->orWhere(function ($query) use ($search) {
                    $query->whereHas('company', function ($query) use ($search) {
-                        $query->where('companies.name', 'LIKE', '%'.$search.'%');
+                        $query->where('companies.name', 'LIKE', '%' . $search . '%');
                    });
                })->orWhere(function ($query) use ($search) {
                    $query->whereHas('defaultLoc', function ($query) use ($search) {
--- a/app/Models/Company.php
+++ b/app/Models/Company.php
@ -55,7 +55,7 @@ final class Company extends SnipeModel
        }
    }

-    private static function scopeCompanyablesDirectly($query, $column = 'company_id')
+    private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null )
    {
        if (Auth::user()) {
            $company_id = Auth::user()->company_id;
@ -63,7 +63,8 @@ final class Company extends SnipeModel
            $company_id = null;
        }

-        return $query->where($column, '=', $company_id);
+        $table = ($table_name) ? DB::getTablePrefix().$table_name."." : '';
+        return $query->where($table.$column, '=', $company_id); 
    }

    public static function getIdFromInput($unescaped_input)
@ -131,13 +132,13 @@ final class Company extends SnipeModel
        }
    }

-    public static function scopeCompanyables($query, $column = 'company_id')
+    public static function scopeCompanyables($query, $column = 'company_id', $table_name = null )
    {
        // If not logged in and hitting this, assume we are on the command line and don't scope?'
        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser()) || (!Auth::check())) {
            return $query;
        } else {
-            return static::scopeCompanyablesDirectly($query, $column);
+            return static::scopeCompanyablesDirectly($query, $column, $table_name);
        }
    }

@ -149,7 +150,6 @@ final class Company extends SnipeModel
            return $query;
        } else {
            $f = function ($q) {
-
                static::scopeCompanyablesDirectly($q);
            };

@ -166,31 +166,31 @@ final class Company extends SnipeModel

    public function users()
    {
-        return $this->hasMany(User::class);
+        return $this->hasMany(User::class, 'users.company_id');
    }

    public function assets()
    {
-        return $this->hasMany(Asset::class);
+        return $this->hasMany(Asset::class, 'assets.company_id');
    }

    public function licenses()
    {
-        return $this->hasMany(License::class);
+        return $this->hasMany(License::class, 'licenses.company_id');
    }
    public function accessories()
    {
-        return $this->hasMany(Accessory::class);
+        return $this->hasMany(Accessory::class, 'accessories.company_id');
    }

    public function consumables()
    {
-        return $this->hasMany(Consumable::class);
+        return $this->hasMany(Consumable::class, 'consumables.company_id');
    }

    public function components()
    {
-        return $this->hasMany(Component::class);
+        return $this->hasMany(Component::class, 'components.company_id');
    }

    /**