Skip to content

Commit

Permalink
Revert "Fixed #6704 - don’t apply gate to $arrays collection, just ch…
Browse files Browse the repository at this point in the history 
…eck that they can view assets"

This reverts commit b1e1774.
  • Loading branch information
@snipe
snipe committed Feb 13, 2019
1 parent b1e1774 commit e75d22a
Showing 1 changed file with 40 additions and 64 deletions.
104 changes: 40 additions & 64 deletions app/Http/Controllers/Api/AssetsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,13 @@

use App\Helpers\Helper;
use App\Http\Controllers\Controller;
use App\Http\Requests\AssetRequest;
use App\Http\Requests\AssetCheckoutRequest;
use App\Http\Transformers\AssetsTransformer;
use App\Http\Transformers\LicensesTransformer;
use App\Models\Asset;
use App\Models\AssetModel;
use App\Models\Company;
use App\Models\CustomField;
use App\Models\License;
use App\Models\Location;
use App\Models\Setting;
use App\Models\User;
Expand Down Expand Up @@ -85,7 +84,7 @@ public function index(Request $request)

$filter = array();

if ($request->filled('filter')) {
if ($request->has('filter')) {
$filter = json_decode($request->input('filter'), true);
}

Expand All @@ -102,48 +101,48 @@ public function index(Request $request)
// These are used by the API to query against specific ID numbers.
// They are also used by the individual searches on detail pages like
// locations, etc.
if ($request->filled('status_id')) {
if ($request->has('status_id')) {
$assets->where('assets.status_id', '=', $request->input('status_id'));
}

if ($request->input('requestable')=='true') {
$assets->where('assets.requestable', '=', '1');
}

if ($request->filled('model_id')) {
if ($request->has('model_id')) {
$assets->InModelList([$request->input('model_id')]);
}

if ($request->filled('category_id')) {
if ($request->has('category_id')) {
$assets->InCategory($request->input('category_id'));
}

if ($request->filled('location_id')) {
if ($request->has('location_id')) {
$assets->where('assets.location_id', '=', $request->input('location_id'));
}

if ($request->filled('supplier_id')) {
if ($request->has('supplier_id')) {
$assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
}

if (($request->filled('assigned_to')) && ($request->filled('assigned_type'))) {
if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
$assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
->where('assets.assigned_type', '=', $request->input('assigned_type'));
}

if ($request->filled('company_id')) {
if ($request->has('company_id')) {
$assets->where('assets.company_id', '=', $request->input('company_id'));
}

if ($request->filled('manufacturer_id')) {
if ($request->has('manufacturer_id')) {
$assets->ByManufacturer($request->input('manufacturer_id'));
}

if ($request->filled('depreciation_id')) {
if ($request->has('depreciation_id')) {
$assets->ByDepreciationId($request->input('depreciation_id'));
}

$request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
$request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';

$offset = request('offset', 0);
$limit = $request->input('limit', 50);
Expand All @@ -156,7 +155,7 @@ public function index(Request $request)
// I am sad. :(
switch ($request->input('status')) {
case 'Deleted':
$assets->onlyTrashed();
$assets->withTrashed()->Deleted();
break;
case 'Pending':
$assets->join('status_labels AS status_alias',function ($join) {
Expand Down Expand Up @@ -202,7 +201,7 @@ public function index(Request $request)
break;
default:

if ((!$request->filled('status_id')) && ($settings->show_archived_in_list!='1')) {
if ((!$request->has('status_id')) && ($settings->show_archived_in_list!='1')) {
// terrible workaround for complex-query Laravel bug in fulltext
$assets->join('status_labels AS status_alias',function ($join) {
$join->on('status_alias.id', "=", "assets.status_id")
Expand All @@ -221,7 +220,7 @@ public function index(Request $request)

if ((!is_null($filter)) && (count($filter)) > 0) {
$assets->ByFilter($filter);
} elseif ($request->filled('search')) {
} elseif ($request->has('search')) {
$assets->TextSearch($request->input('search'));
}

Expand All @@ -234,8 +233,8 @@ public function index(Request $request)
// This handles all of the pivot sorting (versus the assets.* fields
// in the allowed_columns array)
$column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
// dd($column_sort);

switch ($sort_override) {
case 'model':
$assets->OrderModels($order);
Expand Down Expand Up @@ -271,9 +270,9 @@ public function index(Request $request)
break;
}


$total = $assets->count();
$assets = $assets->skip($offset)->take($limit)->get();
// dd($assets);
return (new AssetsTransformer)->transformAssets($assets, $total);
}

Expand Down Expand Up @@ -306,9 +305,9 @@ public function showByTag($tag)
*/
public function showBySerial($serial)
{
$this->authorize('index', Asset::class);
if ($assets = Asset::with('assetstatus')->with('assignedTo')
->withTrashed()->where('serial',$serial)->get()) {
$this->authorize('view', $assets);
return (new AssetsTransformer)->transformAssets($assets, $assets->count());
}
return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
Expand All @@ -326,22 +325,14 @@ public function showBySerial($serial)
*/
public function show($id)
{
if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()
->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->findOrFail($id)) {
if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->withCount('checkins', 'checkouts', 'userRequests')->findOrFail($id)) {
$this->authorize('view', $asset);
return (new AssetsTransformer)->transformAsset($asset);
}


}
public function licenses($id)
{
$this->authorize('view', Asset::class);
$this->authorize('view', License::class);
$asset = Asset::where('id', $id)->withTrashed()->first();
$licenses = $asset->licenses()->get();
return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
}


/**
* Gets a paginated collection for the select2 menus
Expand All @@ -362,13 +353,13 @@ public function selectlist(Request $request)
'assets.assigned_to',
'assets.assigned_type',
'assets.status_id'
])->with('model', 'assetstatus', 'assignedTo')->NotArchived(), 'company_id', 'assets');
])->with('model', 'assetstatus', 'assignedTo')->NotArchived(),'company_id', 'assets');

if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
if ($request->has('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
$assets = $assets->RTD();
}

if ($request->filled('search')) {
if ($request->has('search')) {
$assets = $assets->AssignedSearch($request->input('search'));
}

Expand Down Expand Up @@ -408,7 +399,7 @@ public function selectlist(Request $request)
* @since [v4.0]
* @return JsonResponse
*/
public function store(Request $request)
public function store(AssetRequest $request)
{

$this->authorize('create', Asset::class);
Expand Down Expand Up @@ -439,7 +430,7 @@ public function store(Request $request)
// Update custom fields in the database.
// Validation for these fields is handled through the AssetRequest form request
$model = AssetModel::find($request->get('model_id'));
if (($model) && ($model->fieldset)) {
if ($model->fieldset) {
foreach ($model->fieldset->fields as $field) {
$asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug(), null));
}
Expand Down Expand Up @@ -476,22 +467,21 @@ public function update(Request $request, $id)
{
$this->authorize('update', Asset::class);

$asset->fill($request->all());
if ($asset = Asset::find($id)) {

$asset->fill($request->all());

if ($asset = Asset::find($id)) {
($request->filled('model_id')) ?
($request->has('model_id')) ?
$asset->model()->associate(AssetModel::find($request->get('model_id'))) : null;
($request->filled('rtd_location_id')) ?
$asset->location_id = $request->get('rtd_location_id') : '';
($request->filled('company_id')) ?
$asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';

($request->has('company_id')) ?
$asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : null;
($request->has('rtd_location_id')) ?
$asset->location_id = $request->get('rtd_location_id') : null;

// Update custom fields
if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
foreach ($model->fieldset->fields as $field) {
if ($request->filled($field->convertUnicodeDbSlug())) {
if ($request->has($field->convertUnicodeDbSlug())) {
$asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
}
}
Expand All @@ -500,11 +490,11 @@ public function update(Request $request, $id)

if ($asset->save()) {

if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
$location = $target->location_id;
} elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
} elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
$location = $target->location_id;
} elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
} elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
$location = $target->id;
}

Expand Down Expand Up @@ -659,7 +649,7 @@ public function checkin(Request $request, $asset_id)
$asset->name = Input::get('name');
$asset->location_id = $asset->rtd_location_id;

if ($request->filled('location_id')) {
if ($request->has('location_id')) {
$asset->location_id = $request->input('location_id');
}

Expand Down Expand Up @@ -699,35 +689,21 @@ public function audit(Request $request) {
return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
}

$settings = Setting::getSettings();
$dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();

$asset = Asset::where('asset_tag','=', $request->input('asset_tag'))->first();


if ($asset) {
// We don't want to log this as a normal update, so let's bypass that
$asset->unsetEventDispatcher();
$asset->next_audit_date = $dt;

if ($request->filled('next_audit_date')) {
$asset->next_audit_date = $request->input('next_audit_date');
}

// Check to see if they checked the box to update the physical location,
// not just note it in the audit notes
if ($request->input('update_location')=='1') {
$asset->location_id = $request->input('location_id');
}

$asset->next_audit_date = $request->input('next_audit_date');
$asset->last_audit_date = date('Y-m-d h:i:s');

if ($asset->save()) {
$log = $asset->logAudit(request('note'),request('location_id'));
return response()->json(Helper::formatStandardApiResponse('success', [
'asset_tag'=> e($asset->asset_tag),
'note'=> e($request->input('note')),
'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date)
'next_audit_date' => Helper::getFormattedDateObject($log->calcNextAuditDate())
], trans('admin/hardware/message.audit.success')));
}
}
Expand Down

0 comments on commit e75d22a

Please sign in to comment.