From 1318dc611150bc83975dc5d6aec8ad756d26168d Mon Sep 17 00:00:00 2001 From: Tobias Regnery Date: Mon, 27 Feb 2023 13:54:41 +0100 Subject: [PATCH] Add a backward compatibility setting for locations with companies Now that locations have a company_id they get restricted to the users company with FullMultipleCompanySupport. This breaks backward compatibility, because before everyone can handle locations without restrictions. Add a setting right below FullMultipleCompanySupport so that everyone can switch to the desired behaviour. The default is off and the existing behaviour is preserved. --- .../Controllers/Api/LocationsController.php | 24 +++++++++++--- app/Http/Controllers/LocationsController.php | 16 +++++++++- app/Http/Controllers/SettingsController.php | 7 ++++ app/Models/Location.php | 12 ++++++- ..._27_092130_add_scope_locations_setting.php | 32 +++++++++++++++++++ .../lang/de-DE/admin/settings/general.php | 2 ++ .../lang/en-US/admin/settings/general.php | 2 ++ resources/views/modals/location.blade.php | 4 +-- resources/views/settings/general.blade.php | 18 ++++++++++- 9 files changed, 108 insertions(+), 9 deletions(-) create mode 100644 database/migrations/2023_02_27_092130_add_scope_locations_setting.php diff --git a/app/Http/Controllers/Api/LocationsController.php b/app/Http/Controllers/Api/LocationsController.php index 93ba287d4d..eb6d720f1a 100644 --- a/app/Http/Controllers/Api/LocationsController.php +++ b/app/Http/Controllers/Api/LocationsController.php @@ -11,6 +11,7 @@ use App\Http\Transformers\SelectlistTransformer; use App\Models\Asset; use App\Models\Company; use App\Models\Location; +use App\Models\Setting; use Illuminate\Http\Request; use Illuminate\Pagination\LengthAwarePaginator; use Illuminate\Support\Collection; @@ -77,7 +78,10 @@ class LocationsController extends Controller ->withCount('children as children_count') ->withCount('users as users_count'); - $locations = Company::scopeCompanyables($locations); + // Only scope locations if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $locations = Company::scopeCompanyables($locations); + } if ($request->filled('search')) { $locations = $locations->TextSearch($request->input('search')); @@ -159,9 +163,13 @@ class LocationsController extends Controller $this->authorize('create', Location::class); $location = new Location; $location->fill($request->all()); - $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); $location = $request->handleImages($location); + // Only scope location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); + } + if ($location->save()) { return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success'))); } @@ -223,7 +231,12 @@ class LocationsController extends Controller $location = $request->handleImages($location); if ($request->filled('company_id')) { - $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); + // Only scope location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); + } else { + $location->company_id = $request->get('company_id'); + } } if ($location->isValid()) { @@ -322,7 +335,10 @@ class LocationsController extends Controller 'locations.image', ]); - $locations = Company::scopeCompanyables($locations); + // Only scope locations if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $locations = Company::scopeCompanyables($locations); + } $page = 1; if ($request->filled('page')) { diff --git a/app/Http/Controllers/LocationsController.php b/app/Http/Controllers/LocationsController.php index 7784ad1825..e21f00b507 100755 --- a/app/Http/Controllers/LocationsController.php +++ b/app/Http/Controllers/LocationsController.php @@ -7,6 +7,7 @@ use App\Models\Actionlog; use App\Models\Asset; use App\Models\Company; use App\Models\Location; +use App\Models\Setting; use App\Models\User; use Illuminate\Support\Facades\Storage; use Illuminate\Http\Request; @@ -81,6 +82,13 @@ class LocationsController extends Controller $location->fax = request('fax'); $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); + // Only scope the location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); + } else { + $location->company_id = $request->input('company_id'); + } + $location = $request->handleImages($location); if ($location->save()) { @@ -140,7 +148,13 @@ class LocationsController extends Controller $location->fax = request('fax'); $location->ldap_ou = $request->input('ldap_ou'); $location->manager_id = $request->input('manager_id'); - $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); + + // Only scope the location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); + } else { + $location->company_id = $request->input('company_id'); + } $location = $request->handleImages($location); diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index aa773d9eea..5a3a35abb2 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -314,6 +314,13 @@ class SettingsController extends Controller } $setting->full_multiple_companies_support = $request->input('full_multiple_companies_support', '0'); + $setting->scope_locations_fmcs = $request->input('scope_locations_fmcs', '0'); + + // Backward compatibility for locations makes no sense without FullMultipleCompanySupport + if (!$setting->full_multiple_companies_support) { + $setting->scope_locations_fmcs = '0'; + } + $setting->unique_serial = $request->input('unique_serial', '0'); $setting->shortcuts_enabled = $request->input('shortcuts_enabled', '0'); $setting->show_images_in_email = $request->input('show_images_in_email', '0'); diff --git a/app/Models/Location.php b/app/Models/Location.php index 7f99c78531..dee2fbd271 100755 --- a/app/Models/Location.php +++ b/app/Models/Location.php @@ -4,6 +4,7 @@ namespace App\Models; use App\Http\Traits\UniqueUndeletedTrait; use App\Models\Asset; +use App\Models\Setting; use App\Models\SnipeModel; use App\Models\Traits\Searchable; use App\Models\User; @@ -17,12 +18,21 @@ use Watson\Validating\ValidatingTrait; class Location extends SnipeModel { + function __construct() { + parent::__construct(); + // This is a workaround for backward compatibility with older versions where locations doesn't get scoped. + // Normaly we would only add 'use CompanyableTrait;', but this has to be conditional on the setting. + // So instead of using the trait, add the scope directly if no backward compatibility is used + if (Setting::getSettings()->scope_locations_fmcs) { + static::addGlobalScope(new CompanyableScope); + } + } + use HasFactory; protected $presenter = \App\Presenters\LocationPresenter::class; use Presentable; use SoftDeletes; - use CompanyableTrait; protected $table = 'locations'; protected $rules = [ diff --git a/database/migrations/2023_02_27_092130_add_scope_locations_setting.php b/database/migrations/2023_02_27_092130_add_scope_locations_setting.php new file mode 100644 index 0000000000..c1e2ff83e9 --- /dev/null +++ b/database/migrations/2023_02_27_092130_add_scope_locations_setting.php @@ -0,0 +1,32 @@ +boolean('scope_locations_fmcs')->default('0')->after('full_multiple_companies_support'); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('settings', function (Blueprint $table) { + $table->dropColumn('scope_locations_fmcs'); + }); + } +} \ No newline at end of file diff --git a/resources/lang/de-DE/admin/settings/general.php b/resources/lang/de-DE/admin/settings/general.php index 6d01f0d10a..ebce8536c5 100644 --- a/resources/lang/de-DE/admin/settings/general.php +++ b/resources/lang/de-DE/admin/settings/general.php @@ -148,6 +148,8 @@ return [ 'logo_print_assets_help' => 'Firmenlogo anzeigen beim Drucken der Asset-Liste ', 'full_multiple_companies_support_help_text' => 'Beschränkung von Benutzern (inklusive Administratoren) die einer Firma zugewiesen sind zu den Assets der Firma.', 'full_multiple_companies_support_text' => 'Volle Mehrmandanten-Unterstützung für Firmen', + 'scope_locations_fmcs_support_text' => 'Beschränke Standorte mit voller Mehrmandanten-Unterstützung für Firmen', + 'scope_locations_fmcs_support_help_text' => 'Bis zu Version 7.0 waren Standorte nicht auf die Firma des Benutzers beschränkt. Wenn diese Einstellung deaktiviert ist, wird die Kompatibilität zu älteren Versionen gewahrt und die Standorte nicht beschränkt. Wenn diese Einstellung aktiviert ist, werden Standorte ebenfalls auf die Firma des Benutzers beschränkt.', 'show_in_model_list' => 'In Modell-Dropdown-Liste anzeigen', 'optional' => 'optional', 'per_page' => 'Ergebnisse pro Seite', diff --git a/resources/lang/en-US/admin/settings/general.php b/resources/lang/en-US/admin/settings/general.php index d656391edd..010dd3d5ec 100644 --- a/resources/lang/en-US/admin/settings/general.php +++ b/resources/lang/en-US/admin/settings/general.php @@ -148,6 +148,8 @@ return [ 'logo_print_assets_help' => 'Use branding on printable asset lists ', 'full_multiple_companies_support_help_text' => 'Restricting users (including admins) assigned to companies to their company\'s assets.', 'full_multiple_companies_support_text' => 'Full Multiple Companies Support', + 'scope_locations_fmcs_support_text' => 'Scope Locations with Full Multiple Companies Support', + 'scope_locations_fmcs_support_help_text' => 'Up until Version 7.0 locations were not restricted to the users company. If this setting is disabled, this preserves backward compatibility with older versions and locations are not restricted. If this setting is enabled, locations are also restricted to the users company', 'show_in_model_list' => 'Show in Model Dropdowns', 'optional' => 'optional', 'per_page' => 'Results Per Page', diff --git a/resources/views/modals/location.blade.php b/resources/views/modals/location.blade.php index 59c4516d98..6816f32869 100644 --- a/resources/views/modals/location.blade.php +++ b/resources/views/modals/location.blade.php @@ -11,8 +11,8 @@ @include('modals.partials.name', ['item' => new \App\Models\Location(), 'required' => 'true']) - - @if ($user->company) + + @if (($snipeSettings->scope_locations_fmcs == '1') && ($user->company)) @endif diff --git a/resources/views/settings/general.blade.php b/resources/views/settings/general.blade.php index 17c0a8ec81..74c0b27264 100644 --- a/resources/views/settings/general.blade.php +++ b/resources/views/settings/general.blade.php @@ -54,7 +54,24 @@

+ + +
+
+ {{ Form::label('scope_locations_fmcs', trans('admin/settings/general.scope_locations_fmcs_support_text')) }} +
+
+ + {!! $errors->first('scope_locations_fmcs', '') !!} +

+ {{ trans('admin/settings/general.scope_locations_fmcs_support_help_text') }} +

+
+
@@ -479,6 +496,5 @@ }); }); - @stop