Skip to content

Commit

Permalink
Merge pull request #15373 from snipe/fixes/#15366_custom_fields
Browse files Browse the repository at this point in the history 
Fixed #15366 use the non-admin edit encrypted custom fields permissions
  • Loading branch information
@snipe
snipe authored Aug 22, 2024
2 parents ec365b0 + 56e31d2 commit 833dace
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions app/Http/Controllers/Api/AssetsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -602,7 +602,7 @@ public function store(StoreAssetRequest $request): JsonResponse
if ($field->field_encrypted == '1') {
Log::debug('This model field is encrypted in this fieldset.');

if (Gate::allows('admin')) {
if (Gate::allows('assets.view.encrypted_custom_fields')) {

// If input value is null, use custom field's default value
if (($field_val == null) && ($request->has('model_id') != '')) {
Expand Down Expand Up @@ -695,7 +695,7 @@ public function update(UpdateAssetRequest $request, Asset $asset): JsonResponse
}
}
if ($field->field_encrypted == '1') {
if (Gate::allows('admin')) {
if (Gate::allows('assets.view.encrypted_custom_fields')) {
$field_val = Crypt::encrypt($field_val);
} else {
$problems_updating_encrypted_custom_fields = true;
Expand Down
4 changes: 2 additions & 2 deletions app/Http/Controllers/Assets/AssetsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ public function store(ImageUploadRequest $request) : RedirectResponse
if (($model) && ($model->fieldset)) {
foreach ($model->fieldset->fields as $field) {
if ($field->field_encrypted == '1') {
if (Gate::allows('admin')) {
if (Gate::allows('assets.view.encrypted_custom_fields')) {
if (is_array($request->input($field->db_column))) {
$asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
} else {
Expand Down Expand Up @@ -388,7 +388,7 @@ public function update(ImageUploadRequest $request, $assetId = null) : RedirectR
foreach ($model->fieldset->fields as $field) {

if ($field->field_encrypted == '1') {
if (Gate::allows('admin')) {
if (Gate::allows('assets.view.encrypted_custom_fields')) {
if (is_array($request->input($field->db_column))) {
$asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
} else {
Expand Down

0 comments on commit 833dace

Please sign in to comment.