ouyang/snipe-it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Manager View Feature

Browse Source
This commit is contained in:
Lukas Kraic
2025-06-04 09:05:27 +02:00
parent 724f38abc2
commit 84ec5aea26
9 changed files with 212 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/Http/Controllers/SettingsController.php
View File

@@ -352,6 +352,7 @@ class SettingsController extends Controller
$setting->dash_chart_type = $request->input('dash_chart_type');
$setting->profile_edit = $request->input('profile_edit', 0);
$setting->require_checkinout_notes = $request->input('require_checkinout_notes', 0);
$setting->manager_view_enabled = $request->input('manager_view_enabled', 0);
if ($request->input('per_page') != '') {

91
app/Http/Controllers/ViewAssetsController.php
View File

@@ -27,50 +27,89 @@ use Exception;
class ViewAssetsController extends Controller
{
/**
* Redirect to the profile page.
* Show user's assigned assets with optional manager view functionality.
*
*/
public function getIndex() : View | RedirectResponse
public function getIndex(Request $request) : View | RedirectResponse
{
$user = User::with(
$authUser = auth()->user();
$settings = Setting::getSettings();
$subordinates = collect();
$selectedUserId = $authUser->id;
// Check if manager view is enabled and get subordinates if applicable
if ($settings->manager_view_enabled) {
// Get all subordinates including self, sorted for the dropdown
if ($authUser->isSuperUser()) {
// SuperAdmin sees all users
$subordinates = User::select('id', 'first_name', 'last_name', 'username')
->where('activated', 1)
->orderBy('last_name')
->orderBy('first_name')
->get();
} else {
// Regular manager sees only their subordinates + self (recursive)
$managedUsers = $authUser->getAllSubordinates(false); // Don't include self yet
// Only show dropdown if user actually has subordinates
if ($managedUsers->count() > 0) {
$subordinates = collect([$authUser])->merge($managedUsers) // Add self at beginning
->sortBy('last_name')
->sortBy('first_name');
} else {
// User has no subordinates, so they only see themselves
$subordinates = collect([$authUser]);
}
}
// If the user has subordinates and a user_id is provided in the request
if ($subordinates->count() > 1 && $request->filled('user_id')) {
$requestedUserId = (int) $request->input('user_id');
// Validate if the requested user is allowed (self or subordinate)
if ($subordinates->contains('id', $requestedUserId)) {
$selectedUserId = $requestedUserId;
}
// If invalid ID or not authorized, $selectedUserId remains $authUser->id (default)
}
}
// Load the data for the user to be viewed (either auth user or selected subordinate)
$userToView = User::with([
'assets',
'assets.model',
'assets.model.fieldset.fields',
'consumables',
'accessories',
'licenses',
)->find(auth()->id());
'licenses'
])->find($selectedUserId);
$field_array = array();
// Loop through all the custom fields that are applied to any model the user has assigned
foreach ($user->assets as $asset) {
// Make sure the model has a custom fieldset before trying to loop through the associated fields
if ($asset->model->fieldset) {
// If the user to view couldn't be found (shouldn't happen with proper logic), redirect with error
if (!$userToView) {
return redirect()->route('view-assets')->with('error', trans('admin/users/message.user_not_found'));
}
// Process custom fields for the user being viewed
$field_array = [];
foreach ($userToView->assets as $asset) {
if ($asset->model && $asset->model->fieldset) {
foreach ($asset->model->fieldset->fields as $field) {
// check and make sure they're allowed to see the value of the custom field
if ($field->display_in_user_view == '1') {
$field_array[$field->db_column] = $field->name;
}
}
}
}
array_unique($field_array); // Remove duplicate field names
// Since some models may re-use the same fieldsets/fields, let's make the array unique so we don't repeat columns
array_unique($field_array);
if (isset($user->id)) {
return view('account/view-assets', compact('user', 'field_array' ))
->with('settings', Setting::getSettings());
}
// Redirect to the user management page
return redirect()->route('users.index')
->with('error', trans('admin/users/message.user_not_found', $user->id));
// Pass the necessary data to the view
return view('account/view-assets', [
'user' => $userToView, // Use 'user' for compatibility with the existing view
'field_array' => $field_array,
'settings' => $settings,
'subordinates' => $subordinates,
'selectedUserId' => $selectedUserId
]);
}
/**

2
app/Models/Setting.php
View File

@@ -67,11 +67,13 @@ class Setting extends Model
'google_login',
'google_client_id',
'google_client_secret',
'manager_view_enabled',
];
protected $casts = [
'label2_asset_logo' => 'boolean',
'require_checkinout_notes' => 'boolean',
'manager_view_enabled' => 'boolean',
];
/**

65
app/Models/User.php
View File

@@ -956,5 +956,70 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
}
/**
* Get all direct and indirect subordinates for this user.
*
* @param bool $includeSelf Include the current user in the results
* @return \Illuminate\Support\Collection
*/
public function getAllSubordinates($includeSelf = false)
{
$subordinates = collect();
if ($includeSelf) {
$subordinates->push($this);
}
// Use a recursive helper function to avoid scope issues
$this->fetchSubordinatesRecursive($this, $subordinates);
return $subordinates->unique('id'); // Ensure uniqueness
}
/**
* Recursive helper function to fetch subordinates.
*
* @param User $manager
* @param \Illuminate\Support\Collection $subordinatesCollection
*/
protected function fetchSubordinatesRecursive(User $manager, \Illuminate\Support\Collection &$subordinatesCollection)
{
// Eager load 'managesUsers' to prevent N+1 queries in recursion
$directSubordinates = $manager->managesUsers()->with('managesUsers')->get();
foreach ($directSubordinates as $directSubordinate) {
// Add subordinate if not already in the collection
if (!$subordinatesCollection->contains('id', $directSubordinate->id)) {
$subordinatesCollection->push($directSubordinate);
// Recursive call for this subordinate's subordinates
$this->fetchSubordinatesRecursive($directSubordinate, $subordinatesCollection);
}
}
}
/**
* Check if the current user is a direct or indirect manager of the given user.
*
* @param User $userToCheck
* @return bool
*/
public function isManagerOf(User $userToCheck): bool
{
// Optimization: If it's the same user, they are not their own manager
if ($this->id === $userToCheck->id) {
return false;
}
// Eager load manager relationship to potentially reduce queries in the loop
$manager = $userToCheck->load('manager')->manager;
while ($manager) {
if ($manager->id === $this->id) {
return true;
}
// Move up the hierarchy (load relationship if not already loaded)
$manager = $manager->load('manager')->manager;
}
return false;
}
}

34
database/migrations/2025_06_03_000000_add_manager_view_enabled_to_settings_table.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
if (!Schema::hasColumn('settings', 'manager_view_enabled')) {
Schema::table('settings', function (Blueprint $table) {
$table->boolean('manager_view_enabled')
->default(false)
->comment('Allow managers to view assets assigned to their subordinates');
});
}
}
/**
* Reverse the migrations.
*/
public function down(): void
{
if (Schema::hasColumn('settings', 'manager_view_enabled')) {
Schema::table('settings', function (Blueprint $table) {
$table->dropColumn('manager_view_enabled');
});
}
}
};

3
resources/lang/en-US/admin/settings/general.php
View File

@@ -401,6 +401,9 @@ return [
'due_checkin_days_help' => 'How many days before the expected checkin of an asset should it be listed in the "Due for checkin" page?',
'no_groups' => 'No groups have been created yet. Visit <code>Admin Settings > Permission Groups</code> to add one.',
'text' => 'Text',
'manager_view' => 'Manager View',
'manager_view_enabled_text' => 'Enable Manager View',
'manager_view_enabled_help' => 'Allow managers to view assets assigned to their direct and indirect reports in their account view.',
'username_formats' => [
'username_format' => 'Username Format',

3
resources/lang/en-US/general.php
View File

@@ -318,6 +318,9 @@ return [
'viewall' => 'View All',
'viewassets' => 'View Assigned Assets',
'viewassetsfor' => 'View Assets for :name',
'view_user_assets' => 'View User Assets',
'select_user' => 'Select User',
'me' => 'Me',
'website' => 'Website',
'welcome' => 'Welcome, :name',
'years' => 'years',

24
resources/views/account/view-assets.blade.php
View File

@@ -9,6 +9,30 @@
{{-- Account page content --}}
@section('content')
{{-- Manager View Dropdown --}}
@if (isset($settings) && $settings->manager_view_enabled && isset($subordinates) && $subordinates->count() > 1)
<div class="row hidden-print" style="margin-bottom: 15px;">
<div class="col-md-12">
<form method="GET" action="{{ route('view-assets') }}" class="pull-right" role="form">
<div class="form-group" style="margin-bottom: 0;">
<label for="user_id" class="control-label" style="margin-right: 10px;">
<i class="fas fa-users"></i> {{ trans('general.view_user_assets') }}:
</label>
<select name="user_id" id="user_id" class="form-control select2" onchange="this.form.submit()" style="width: 250px; display: inline-block;">
@foreach ($subordinates as $subordinate)
<option value="{{ $subordinate->id }}" {{ (int)$selectedUserId === (int)$subordinate->id ? ' selected' : '' }}>
{{ $subordinate->present()->fullName() }}
@if ($subordinate->id == auth()->id())
({{ trans('general.me') }})
@endif
</option>
@endforeach
</select>
</div>
</form>
</div>
</div>
@endif
@if ($acceptances = \App\Models\CheckoutAcceptance::forUser(Auth::user())->pending()->count())
<div class="row">

15
resources/views/settings/general.blade.php
View File

@@ -325,6 +325,21 @@
<p class="help-block">{{ trans('admin/settings/general.require_checkinout_notes_help_text') }}</p>
</div>
</div>
<!-- Manager View -->
<div class="form-group {{ $errors->has('manager_view_enabled') ? 'error' : '' }}">
<div class="col-md-3">
<strong>{{ trans('admin/settings/general.manager_view') }}</strong>
</div>
<div class="col-md-8 col-md-offset-3">
<label class="form-control">
<input type="checkbox" value="1" name="manager_view_enabled" {{ (old('manager_view_enabled', $setting->manager_view_enabled)) == '1' ? ' checked="checked"' : '' }} aria-label="manager_view_enabled">
{{ trans('admin/settings/general.manager_view_enabled_text') }}
</label>
<p class="help-block">{{ trans('admin/settings/general.manager_view_enabled_help') }}</p>
{!! $errors->first('manager_view_enabled', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
</div>
</div>
<!-- /.form-group -->
</fieldset>