From e0df8cc4aa97a5a75abd145aac262183ca90090a Mon Sep 17 00:00:00 2001 From: Ivan Nieto Vivanco Date: Tue, 11 Jul 2023 17:21:32 -0600 Subject: [PATCH 1/4] Add admin role to show encrypted customfield values --- app/Http/Transformers/AssetsTransformer.php | 4 ++-- resources/views/hardware/view.blade.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/Http/Transformers/AssetsTransformer.php b/app/Http/Transformers/AssetsTransformer.php index 0ad93b43ef..9f70d14e8f 100644 --- a/app/Http/Transformers/AssetsTransformer.php +++ b/app/Http/Transformers/AssetsTransformer.php @@ -101,10 +101,10 @@ class AssetsTransformer foreach ($asset->model->fieldset->fields as $field) { if ($field->isFieldDecryptable($asset->{$field->db_column})) { $decrypted = Helper::gracefulDecrypt($field, $asset->{$field->db_column}); - $value = (Gate::allows('superadmin')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted')); + $value = (Gate::allows('superadmin') || Gate::allows('admin')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted')); if ($field->format == 'DATE'){ - if (Gate::allows('superadmin')){ + if (Gate::allows('superadmin') || Gate::allows('admin')){ $value = Helper::getFormattedDateObject($value, 'date', false); } else { $value = strtoupper(trans('admin/custom_fields/general.encrypted')); diff --git a/resources/views/hardware/view.blade.php b/resources/views/hardware/view.blade.php index d183df09b3..df6ea83d2e 100755 --- a/resources/views/hardware/view.blade.php +++ b/resources/views/hardware/view.blade.php @@ -460,7 +460,7 @@ @endif @if ($field->isFieldDecryptable($asset->{$field->db_column_name()} )) - @can('superuser') + @canany(['superuser', 'admin']) @if (($field->format=='URL') && ($asset->{$field->db_column_name()}!='')) {{ Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }} @elseif (($field->format=='DATE') && ($asset->{$field->db_column_name()}!='')) @@ -470,7 +470,7 @@ @endif @else {{ strtoupper(trans('admin/custom_fields/general.encrypted')) }} - @endcan + @endcanany @else @if (($field->format=='BOOLEAN') && ($asset->{$field->db_column_name()}!='')) From 3b4a2b0f5baea9b60bd0b45e1570e69c5ae39bcf Mon Sep 17 00:00:00 2001 From: Ivan Nieto Vivanco Date: Wed, 19 Jul 2023 14:57:57 -0600 Subject: [PATCH 2/4] Add permission to view and modify encrypted custom fields --- config/permissions.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/config/permissions.php b/config/permissions.php index 0b65a4e26b..10c44a1896 100644 --- a/config/permissions.php +++ b/config/permissions.php @@ -106,6 +106,13 @@ return [ 'display' => true, ], + [ + 'permission' => 'assets.view.encrypted_custom_fields', + 'label' => 'View and Modify Encrypted Custom Fields', + 'note' => '', + 'display' => true, + ], + ], 'Accessories' => [ From 705411eb4d363e2f3941283f7ae9ca62be58b074 Mon Sep 17 00:00:00 2001 From: Ivan Nieto Vivanco Date: Wed, 19 Jul 2023 19:44:59 -0600 Subject: [PATCH 3/4] Create the Gate that goes with the permission --- app/Providers/AuthServiceProvider.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index f1e817ca16..9d493e85bb 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -146,6 +146,11 @@ class AuthServiceProvider extends ServiceProvider } }); + Gate::define('assets.view.encrypted_custom_fields', function ($user) { + if($user->hasAccess('assets.view.encrypted_custom_fields')){ + return true; + } + }); // ----------------------------------------- // Reports From ecf522243b8f08e4c2ae1d9bf68516b94fe980ae Mon Sep 17 00:00:00 2001 From: Ivan Nieto Vivanco Date: Wed, 19 Jul 2023 19:52:03 -0600 Subject: [PATCH 4/4] Add the new rule to proper views and also in the Asset Transformer --- app/Http/Transformers/AssetsTransformer.php | 4 ++-- resources/views/hardware/view.blade.php | 4 ++-- resources/views/models/custom_fields_form.blade.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/app/Http/Transformers/AssetsTransformer.php b/app/Http/Transformers/AssetsTransformer.php index 9f70d14e8f..9413defec6 100644 --- a/app/Http/Transformers/AssetsTransformer.php +++ b/app/Http/Transformers/AssetsTransformer.php @@ -101,10 +101,10 @@ class AssetsTransformer foreach ($asset->model->fieldset->fields as $field) { if ($field->isFieldDecryptable($asset->{$field->db_column})) { $decrypted = Helper::gracefulDecrypt($field, $asset->{$field->db_column}); - $value = (Gate::allows('superadmin') || Gate::allows('admin')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted')); + $value = (Gate::allows('assets.view.encrypted_custom_fields')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted')); if ($field->format == 'DATE'){ - if (Gate::allows('superadmin') || Gate::allows('admin')){ + if (Gate::allows('assets.view.encrypted_custom_fields')){ $value = Helper::getFormattedDateObject($value, 'date', false); } else { $value = strtoupper(trans('admin/custom_fields/general.encrypted')); diff --git a/resources/views/hardware/view.blade.php b/resources/views/hardware/view.blade.php index df6ea83d2e..a154065ed9 100755 --- a/resources/views/hardware/view.blade.php +++ b/resources/views/hardware/view.blade.php @@ -460,7 +460,7 @@ @endif @if ($field->isFieldDecryptable($asset->{$field->db_column_name()} )) - @canany(['superuser', 'admin']) + @can('assets.view.encrypted_custom_fields') @if (($field->format=='URL') && ($asset->{$field->db_column_name()}!='')) {{ Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }} @elseif (($field->format=='DATE') && ($asset->{$field->db_column_name()}!='')) @@ -470,7 +470,7 @@ @endif @else {{ strtoupper(trans('admin/custom_fields/general.encrypted')) }} - @endcanany + @endcan @else @if (($field->format=='BOOLEAN') && ($asset->{$field->db_column_name()}!='')) diff --git a/resources/views/models/custom_fields_form.blade.php b/resources/views/models/custom_fields_form.blade.php index cbc6a731ab..011ad4ca9b 100644 --- a/resources/views/models/custom_fields_form.blade.php +++ b/resources/views/models/custom_fields_form.blade.php @@ -53,7 +53,7 @@ @else - @if (($field->field_encrypted=='0') || (Gate::allows('admin'))) + @if (($field->field_encrypted=='0') || (Gate::allows('assets.view.encrypted_custom_fields'))) @else