From c4fcc6c24e1c2a182822a13206419f384477164d Mon Sep 17 00:00:00 2001 From: snipe Date: Mon, 7 Jul 2025 12:26:30 +0100 Subject: [PATCH] Removed direct scoping calls Signed-off-by: snipe --- app/Http/Controllers/Api/CompaniesController.php | 5 ----- app/Http/Controllers/CompaniesController.php | 2 -- app/Models/Company.php | 14 ++++++++++---- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/app/Http/Controllers/Api/CompaniesController.php b/app/Http/Controllers/Api/CompaniesController.php index 0b91cd8457..70f52443b6 100644 --- a/app/Http/Controllers/Api/CompaniesController.php +++ b/app/Http/Controllers/Api/CompaniesController.php @@ -45,7 +45,6 @@ class CompaniesController extends Controller $query->AssetsForShow(); }])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count'); - $companies = Company::scopeCompanyables($companies, 'id', 'companies'); if ($request->filled('search')) { $companies->TextSearch($request->input('search')); @@ -122,7 +121,6 @@ class CompaniesController extends Controller $this->authorize('view', Company::class); $company = Company::findOrFail($id); $this->authorize('view', $company); - $company = Company::scopeCompanyables($company, 'id', 'companies'); return (new CompaniesTransformer)->transformCompany($company); } @@ -141,7 +139,6 @@ class CompaniesController extends Controller $this->authorize('update', Company::class); $company = Company::findOrFail($id); $this->authorize('update', $company); - $company = Company::scopeCompanyables($company, 'id', 'companies'); $company->fill($request->all()); $company = $request->handleImages($company); @@ -165,7 +162,6 @@ class CompaniesController extends Controller { $this->authorize('delete', Company::class); $company = Company::findOrFail($id); - $company = Company::scopeCompanyables($company, 'id', 'companies'); $this->authorize('delete', $company); if (! $company->isDeletable()) { @@ -195,7 +191,6 @@ class CompaniesController extends Controller 'companies.image', ]); - $companies = Company::scopeCompanyables($companies, 'id', 'companies'); if ($request->filled('search')) { $companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%'); diff --git a/app/Http/Controllers/CompaniesController.php b/app/Http/Controllers/CompaniesController.php index 993310780c..b1f01bc599 100644 --- a/app/Http/Controllers/CompaniesController.php +++ b/app/Http/Controllers/CompaniesController.php @@ -100,7 +100,6 @@ final class CompaniesController extends Controller { $this->authorize('update', $company); - $company = Company::scopeCompanyables($company, 'id', 'companies'); $company->name = $request->input('name'); $company->phone = $request->input('phone'); $company->fax = $request->input('fax'); @@ -132,7 +131,6 @@ final class CompaniesController extends Controller ->with('error', trans('admin/companies/message.not_found')); } - $company = Company::scopeCompanyables($company, 'id', 'companies'); $this->authorize('delete', $company); if (! $company->isDeletable()) { diff --git a/app/Models/Company.php b/app/Models/Company.php index b7bbc46e65..d20722b634 100644 --- a/app/Models/Company.php +++ b/app/Models/Company.php @@ -275,7 +275,7 @@ final class Company extends SnipeModel */ public static function scopeCompanyables($query, $column = 'company_id', $table_name = null) { - // If not logged in and hitting this, assume we are on the command line and don't scope?' + // If not logged in and hitting this, assume we are on the command line and don't scope? if (! static::isFullMultipleCompanySupportEnabled() || (Auth::hasUser() && auth()->user()->isSuperUser()) || (! Auth::hasUser())) { return $query; } else { @@ -292,11 +292,16 @@ final class Company extends SnipeModel private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null) { + $company_id = null; // Get the company ID of the logged-in user, or set it to null if there is no company associated with the user if (Auth::hasUser()) { $company_id = auth()->user()->company_id; - } else { - $company_id = null; + } + + + // If we are scoping the companies table itself, look for the company.id + if ($query->getModel()->getTable() == 'companies') { + return $query->where('companies.id', '=', $company_id); } @@ -309,6 +314,8 @@ final class Company extends SnipeModel return $query->where($table.$column, '=', $company_id); } + + } public function adminuser() @@ -336,7 +343,6 @@ final class Company extends SnipeModel return $query; } else { $f = function ($q) { - Log::debug('scopeCompanyablesDirectly firing '); static::scopeCompanyablesDirectly($q); };