mirror of
https://github.com/snipe/snipe-it.git
synced 2024-11-15 10:04:13 -08:00
f3c4e55667
Commit fb4fe3004 restored the previous behaviour to check the company_id in case of FullMultipleCompanySupport.
But after rereading the code and the laravel documentation, the check is already there where it belongs in AssetStoreRequest::prepareForValidation()
The bug is the is_int-check of the request input in prepareForValidation(). Is is of type string even if it is a numeric value, so the call to getIdForCurrentUser() never happend.
Fix this by removing the check and the now redundant call to getIdForCurrentUser().
Wrong values will get caught by the model-level validation rules.
96 lines
2.9 KiB
PHP
96 lines
2.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Requests;
|
|
|
|
use App\Http\Requests\Traits\MayContainCustomFields;
|
|
use App\Models\Asset;
|
|
use App\Models\Company;
|
|
use App\Models\Setting;
|
|
use Carbon\Carbon;
|
|
use Carbon\Exceptions\InvalidFormatException;
|
|
use Illuminate\Support\Facades\Gate;
|
|
use App\Rules\AssetCannotBeCheckedOutToNondeployableStatus;
|
|
|
|
class StoreAssetRequest extends ImageUploadRequest
|
|
{
|
|
use MayContainCustomFields;
|
|
/**
|
|
* Determine if the user is authorized to make this request.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function authorize(): bool
|
|
{
|
|
return Gate::allows('create', new Asset);
|
|
}
|
|
|
|
public function prepareForValidation(): void
|
|
{
|
|
$this->parseLastAuditDate();
|
|
|
|
$this->merge([
|
|
'asset_tag' => $this->asset_tag ?? Asset::autoincrement_asset(),
|
|
'company_id' => Company::getIdForCurrentUser($this->company_id),
|
|
'assigned_to' => $assigned_to ?? null,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Get the validation rules that apply to the request.
|
|
*
|
|
* @return array
|
|
*/
|
|
public function rules(): array
|
|
{
|
|
$modelRules = (new Asset)->getRules();
|
|
|
|
if (Setting::getSettings()->digit_separator === '1.234,56' && is_string($this->input('purchase_cost'))) {
|
|
// If purchase_cost was submitted as a string with a comma separator
|
|
// then we need to ignore the normal numeric rules.
|
|
// Since the original rules still live on the model they will be run
|
|
// right before saving (and after purchase_cost has been
|
|
// converted to a float via setPurchaseCostAttribute).
|
|
$modelRules = $this->removeNumericRulesFromPurchaseCost($modelRules);
|
|
}
|
|
|
|
return array_merge(
|
|
$modelRules,
|
|
['status_id' => [new AssetCannotBeCheckedOutToNondeployableStatus()]],
|
|
parent::rules(),
|
|
);
|
|
}
|
|
|
|
private function parseLastAuditDate(): void
|
|
{
|
|
if ($this->input('last_audit_date')) {
|
|
try {
|
|
$lastAuditDate = Carbon::parse($this->input('last_audit_date'));
|
|
|
|
$this->merge([
|
|
'last_audit_date' => $lastAuditDate->startOfDay()->format('Y-m-d H:i:s'),
|
|
]);
|
|
} catch (InvalidFormatException $e) {
|
|
// we don't need to do anything here...
|
|
// we'll keep the provided date in an
|
|
// invalid format so validation picks it up later
|
|
}
|
|
}
|
|
}
|
|
|
|
private function removeNumericRulesFromPurchaseCost(array $rules): array
|
|
{
|
|
$purchaseCost = $rules['purchase_cost'];
|
|
|
|
// If rule is in "|" format then turn it into an array
|
|
if (is_string($purchaseCost)) {
|
|
$purchaseCost = explode('|', $purchaseCost);
|
|
}
|
|
|
|
$rules['purchase_cost'] = array_filter($purchaseCost, function ($rule) {
|
|
return $rule !== 'numeric' && $rule !== 'gte:0';
|
|
});
|
|
|
|
return $rules;
|
|
}
|
|
}
|