mirror of
https://github.com/snipe/snipe-it.git
synced 2024-09-21 00:07:42 -07:00
e27065fe16
Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .all-contributorsrc # README.md # app/Console/Commands/ResetDemoSettings.php # app/Helpers/Helper.php # app/Http/Controllers/Api/AccessoriesController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/CategoriesController.php # app/Http/Controllers/Api/ComponentsController.php # app/Http/Controllers/Api/ConsumablesController.php # app/Http/Controllers/Api/LocationsController.php # app/Http/Controllers/Api/StatuslabelsController.php # app/Http/Controllers/Api/SuppliersController.php # app/Http/Controllers/AssetMaintenancesController.php # app/Http/Controllers/Auth/ForgotPasswordController.php # app/Http/Controllers/DepreciationsController.php # app/Http/Controllers/ReportsController.php # app/Http/Controllers/SettingsController.php # app/Http/Requests/ImageUploadRequest.php # app/Http/Transformers/ActionlogsTransformer.php # app/Http/Transformers/DepreciationsTransformer.php # app/Listeners/CheckoutableListener.php # app/Models/Accessory.php # app/Models/Asset.php # app/Models/Company.php # app/Models/Ldap.php # app/Models/User.php # app/Presenters/AssetPresenter.php # app/Presenters/CategoryPresenter.php # composer.json # composer.lock # config/version.php # database/factories/AssetModelFactory.php # database/migrations/2020_10_22_233743_move_accessory_checkout_note_to_join_table.php # database/seeds/AssetModelSeeder.php # package-lock.json # public/css/build/AdminLTE.css # public/css/build/app.css # public/css/build/overrides.css # public/css/dist/all.css # public/css/dist/bootstrap-table.css # public/css/dist/skins/skin-black-dark.css # public/css/dist/skins/skin-black-dark.min.css # public/css/dist/skins/skin-black.css # public/css/dist/skins/skin-black.min.css # public/css/dist/skins/skin-blue-dark.css # public/css/dist/skins/skin-blue-dark.min.css # public/css/dist/skins/skin-blue.css # public/css/dist/skins/skin-blue.min.css # public/css/dist/skins/skin-contrast.css # public/css/dist/skins/skin-contrast.min.css # public/css/dist/skins/skin-green-dark.css # public/css/dist/skins/skin-green-dark.min.css # public/css/dist/skins/skin-green.css # public/css/dist/skins/skin-green.min.css # public/css/dist/skins/skin-orange-dark.css # public/css/dist/skins/skin-orange-dark.min.css # public/css/dist/skins/skin-orange.css # public/css/dist/skins/skin-orange.min.css # public/css/dist/skins/skin-purple-dark.css # public/css/dist/skins/skin-purple-dark.min.css # public/css/dist/skins/skin-purple.css # public/css/dist/skins/skin-purple.min.css # public/css/dist/skins/skin-red-dark.css # public/css/dist/skins/skin-red-dark.min.css # public/css/dist/skins/skin-red.css # public/css/dist/skins/skin-red.min.css # public/css/dist/skins/skin-yellow-dark.css # public/css/dist/skins/skin-yellow-dark.min.css # public/css/dist/skins/skin-yellow.css # public/css/dist/skins/skin-yellow.min.css # public/js/build/app.js # public/js/build/vendor.js # public/js/dist/all.js # public/js/dist/bootstrap-table.js # public/mix-manifest.json # resources/assets/js/vue.js # resources/lang/af/validation.php # resources/lang/ar/admin/settings/general.php # resources/lang/ar/validation.php # resources/lang/bg/admin/settings/general.php # resources/lang/bg/validation.php # resources/lang/cs/admin/settings/general.php # resources/lang/cs/validation.php # resources/lang/cy/help.php # resources/lang/cy/validation.php # resources/lang/da/admin/settings/general.php # resources/lang/da/validation.php # resources/lang/de/admin/settings/general.php # resources/lang/de/validation.php # resources/lang/el/validation.php # resources/lang/en-GB/admin/settings/general.php # resources/lang/en-GB/validation.php # resources/lang/en-ID/admin/hardware/table.php # resources/lang/en-ID/admin/settings/general.php # resources/lang/en-ID/validation.php # resources/lang/es-CO/admin/settings/general.php # resources/lang/es-CO/auth/message.php # resources/lang/es-CO/button.php # resources/lang/es-CO/help.php # resources/lang/es-CO/validation.php # resources/lang/es-ES/admin/settings/general.php # resources/lang/es-ES/auth/message.php # resources/lang/es-ES/button.php # resources/lang/es-ES/help.php # resources/lang/es-ES/validation.php # resources/lang/es-MX/admin/settings/general.php # resources/lang/es-MX/validation.php # resources/lang/es-VE/admin/settings/general.php # resources/lang/es-VE/auth/message.php # resources/lang/es-VE/button.php # resources/lang/es-VE/help.php # resources/lang/es-VE/validation.php # resources/lang/et/validation.php # resources/lang/fa/validation.php # resources/lang/fi/admin/settings/general.php # resources/lang/fi/validation.php # resources/lang/fil/validation.php # resources/lang/fr/admin/settings/general.php # resources/lang/fr/validation.php # resources/lang/ga-IE/validation.php # resources/lang/he/admin/settings/general.php # resources/lang/he/general.php # resources/lang/he/validation.php # resources/lang/hr/validation.php # resources/lang/hu/validation.php # resources/lang/id/validation.php # resources/lang/is/admin/categories/general.php # resources/lang/is/admin/companies/message.php # resources/lang/is/admin/companies/table.php # resources/lang/is/admin/components/general.php # resources/lang/is/admin/components/table.php # resources/lang/is/admin/consumables/table.php # resources/lang/is/admin/depreciations/general.php # resources/lang/is/admin/depreciations/message.php # resources/lang/is/admin/hardware/form.php # resources/lang/is/admin/hardware/general.php # resources/lang/is/admin/hardware/message.php # resources/lang/is/admin/hardware/table.php # resources/lang/is/admin/kits/general.php # resources/lang/is/admin/licenses/form.php # resources/lang/is/admin/licenses/general.php # resources/lang/is/admin/locations/table.php # resources/lang/is/admin/manufacturers/table.php # resources/lang/is/admin/reports/message.php # resources/lang/is/admin/settings/general.php # resources/lang/is/admin/settings/message.php # resources/lang/is/admin/statuslabels/message.php # resources/lang/is/admin/suppliers/message.php # resources/lang/is/admin/suppliers/table.php # resources/lang/is/admin/users/table.php # resources/lang/is/mail.php # resources/lang/is/validation.php # resources/lang/it/admin/settings/general.php # resources/lang/it/validation.php # resources/lang/iu/validation.php # resources/lang/ja/mail.php # resources/lang/ja/validation.php # resources/lang/ko/validation.php # resources/lang/lt/validation.php # resources/lang/lv/validation.php # resources/lang/mi/validation.php # resources/lang/mk/validation.php # resources/lang/ml-IN/validation.php # resources/lang/mn/validation.php # resources/lang/ms/validation.php # resources/lang/nl/admin/settings/general.php # resources/lang/nl/validation.php # resources/lang/no/validation.php # resources/lang/pl/admin/settings/general.php # resources/lang/pl/validation.php # resources/lang/pt-BR/admin/settings/general.php # resources/lang/pt-BR/mail.php # resources/lang/pt-BR/validation.php # resources/lang/pt-PT/validation.php # resources/lang/ro/validation.php # resources/lang/ru/validation.php # resources/lang/sl/validation.php # resources/lang/sr-CS/admin/settings/general.php # resources/lang/sr-CS/validation.php # resources/lang/sv-SE/admin/settings/general.php # resources/lang/sv-SE/auth/message.php # resources/lang/sv-SE/button.php # resources/lang/sv-SE/mail.php # resources/lang/sv-SE/validation.php # resources/lang/ta/validation.php # resources/lang/th/validation.php # resources/lang/tl/validation.php # resources/lang/tr/mail.php # resources/lang/tr/validation.php # resources/lang/uk/admin/accessories/table.php # resources/lang/uk/admin/asset_maintenances/message.php # resources/lang/uk/admin/asset_maintenances/table.php # resources/lang/uk/validation.php # resources/lang/ur-PK/validation.php # resources/lang/vi/admin/settings/general.php # resources/lang/vi/validation.php # resources/lang/zh-CN/admin/settings/general.php # resources/lang/zh-CN/validation.php # resources/lang/zh-HK/validation.php # resources/lang/zh-TW/validation.php # resources/lang/zu/validation.php # resources/views/partials/bootstrap-table.blade.php # resources/views/partials/forms/edit/company-select.blade.php # routes/api.php
240 lines
7 KiB
PHP
240 lines
7 KiB
PHP
<?php
|
|
|
|
namespace App\Models;
|
|
|
|
use App\Models\Traits\Searchable;
|
|
use App\Presenters\Presentable;
|
|
use Auth;
|
|
use DB;
|
|
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
|
use Illuminate\Support\Facades\Gate;
|
|
use Watson\Validating\ValidatingTrait;
|
|
|
|
/**
|
|
* Model for Companies.
|
|
*
|
|
* @version v1.8
|
|
*/
|
|
final class Company extends SnipeModel
|
|
{
|
|
use HasFactory;
|
|
|
|
protected $table = 'companies';
|
|
|
|
// Declare the rules for the model validation
|
|
protected $rules = [
|
|
'name' => 'required|min:1|max:255|unique:companies,name',
|
|
];
|
|
|
|
protected $presenter = \App\Presenters\CompanyPresenter::class;
|
|
use Presentable;
|
|
|
|
/**
|
|
* Whether the model should inject it's identifier to the unique
|
|
* validation rules before attempting validation. If this property
|
|
* is not set in the model it will default to true.
|
|
*
|
|
* @var bool
|
|
*/
|
|
protected $injectUniqueIdentifier = true;
|
|
use ValidatingTrait;
|
|
use Searchable;
|
|
|
|
/**
|
|
* The attributes that should be included when searching the model.
|
|
*
|
|
* @var array
|
|
*/
|
|
protected $searchableAttributes = ['name', 'created_at', 'updated_at'];
|
|
|
|
/**
|
|
* The relations and their attributes that should be included when searching the model.
|
|
*
|
|
* @var array
|
|
*/
|
|
protected $searchableRelations = [];
|
|
|
|
/**
|
|
* The attributes that are mass assignable.
|
|
*
|
|
* @var array
|
|
*/
|
|
protected $fillable = ['name'];
|
|
|
|
private static function isFullMultipleCompanySupportEnabled()
|
|
{
|
|
$settings = Setting::getSettings();
|
|
|
|
// NOTE: this can happen when seeding the database
|
|
if (is_null($settings)) {
|
|
return false;
|
|
} else {
|
|
return $settings->full_multiple_companies_support == 1;
|
|
}
|
|
}
|
|
|
|
private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null)
|
|
{
|
|
if (Auth::user()) {
|
|
$company_id = Auth::user()->company_id;
|
|
} else {
|
|
$company_id = null;
|
|
}
|
|
|
|
$table = ($table_name) ? $table_name."." : $query->getModel()->getTable().".";
|
|
|
|
if (\Schema::hasColumn($query->getModel()->getTable(), $column)) {
|
|
return $query->where($table.$column, '=', $company_id);
|
|
} else {
|
|
return $query->join('users as users_comp', 'users_comp.id', 'user_id')->where('users_comp.company_id', '=', $company_id);
|
|
}
|
|
}
|
|
|
|
public static function getIdFromInput($unescaped_input)
|
|
{
|
|
$escaped_input = e($unescaped_input);
|
|
|
|
if ($escaped_input == '0') {
|
|
return null;
|
|
} else {
|
|
return $escaped_input;
|
|
}
|
|
}
|
|
|
|
public static function getIdForCurrentUser($unescaped_input)
|
|
{
|
|
if (! static::isFullMultipleCompanySupportEnabled()) {
|
|
return static::getIdFromInput($unescaped_input);
|
|
} else {
|
|
$current_user = Auth::user();
|
|
|
|
// Super users should be able to set a company to whatever they need
|
|
if ($current_user->isSuperUser()) {
|
|
return static::getIdFromInput($unescaped_input);
|
|
} else {
|
|
if ($current_user->company_id != null) {
|
|
return $current_user->company_id;
|
|
} else {
|
|
return static::getIdFromInput($unescaped_input);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
public static function isCurrentUserHasAccess($companyable)
|
|
{
|
|
if (is_null($companyable)) {
|
|
return false;
|
|
} elseif (! static::isFullMultipleCompanySupportEnabled()) {
|
|
return true;
|
|
} else {
|
|
if (Auth::user()) {
|
|
$current_user_company_id = Auth::user()->company_id;
|
|
$companyable_company_id = $companyable->company_id;
|
|
|
|
return $current_user_company_id == null || $current_user_company_id == $companyable_company_id || Auth::user()->isSuperUser();
|
|
}
|
|
}
|
|
}
|
|
|
|
public static function isCurrentUserAuthorized()
|
|
{
|
|
return (! static::isFullMultipleCompanySupportEnabled()) || (Auth::user()->isSuperUser());
|
|
}
|
|
|
|
public static function canManageUsersCompanies()
|
|
{
|
|
return ! static::isFullMultipleCompanySupportEnabled() || Auth::user()->isSuperUser() ||
|
|
Auth::user()->company_id == null;
|
|
}
|
|
|
|
/**
|
|
* Checks if company can be deleted
|
|
*
|
|
* @author [Dan Meltzer] [<dmeltzer.devel@gmail.com>]
|
|
* @since [v5.0]
|
|
* @return bool
|
|
*/
|
|
public function isDeletable()
|
|
{
|
|
return Gate::allows('delete', $this)
|
|
&& ($this->assets()->count() === 0)
|
|
&& ($this->accessories()->count() === 0)
|
|
&& ($this->consumables()->count() === 0)
|
|
&& ($this->components()->count() === 0)
|
|
&& ($this->users()->count() === 0);
|
|
}
|
|
|
|
public static function getIdForUser($unescaped_input)
|
|
{
|
|
if (! static::isFullMultipleCompanySupportEnabled() || Auth::user()->isSuperUser()) {
|
|
return static::getIdFromInput($unescaped_input);
|
|
} else {
|
|
return static::getIdForCurrentUser($unescaped_input);
|
|
}
|
|
}
|
|
|
|
public static function scopeCompanyables($query, $column = 'company_id', $table_name = null)
|
|
{
|
|
// If not logged in and hitting this, assume we are on the command line and don't scope?'
|
|
if (! static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser()) || (! Auth::check())) {
|
|
return $query;
|
|
} else {
|
|
return static::scopeCompanyablesDirectly($query, $column, $table_name);
|
|
}
|
|
}
|
|
|
|
public static function scopeCompanyableChildren(array $companyable_names, $query)
|
|
{
|
|
if (count($companyable_names) == 0) {
|
|
throw new Exception('No Companyable Children to scope');
|
|
} elseif (! static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
|
|
return $query;
|
|
} else {
|
|
$f = function ($q) {
|
|
static::scopeCompanyablesDirectly($q);
|
|
};
|
|
|
|
$q = $query->where(function ($q) use ($companyable_names, $f) {
|
|
$q2 = $q->whereHas($companyable_names[0], $f);
|
|
|
|
for ($i = 1; $i < count($companyable_names); $i++) {
|
|
$q2 = $q2->orWhereHas($companyable_names[$i], $f);
|
|
}
|
|
});
|
|
|
|
return $q;
|
|
}
|
|
}
|
|
|
|
public function users()
|
|
{
|
|
return $this->hasMany(User::class, 'company_id');
|
|
}
|
|
|
|
public function assets()
|
|
{
|
|
return $this->hasMany(Asset::class, 'company_id');
|
|
}
|
|
|
|
public function licenses()
|
|
{
|
|
return $this->hasMany(License::class, 'company_id');
|
|
}
|
|
|
|
public function accessories()
|
|
{
|
|
return $this->hasMany(Accessory::class, 'company_id');
|
|
}
|
|
|
|
public function consumables()
|
|
{
|
|
return $this->hasMany(Consumable::class, 'company_id');
|
|
}
|
|
|
|
public function components()
|
|
{
|
|
return $this->hasMany(Component::class, 'company_id');
|
|
}
|
|
}
|