From a728fad675575ca4af1144e828f04185a40a5c8a Mon Sep 17 00:00:00 2001 From: Godfrey M Date: Wed, 2 Jul 2025 11:06:35 -0700 Subject: [PATCH 1/7] perform orderBy on query before converting to a Collection --- .../Assets/BulkAssetsController.php | 75 ++++++++++--------- 1 file changed, 39 insertions(+), 36 deletions(-) diff --git a/app/Http/Controllers/Assets/BulkAssetsController.php b/app/Http/Controllers/Assets/BulkAssetsController.php index f875bad56a..b091c85bcf 100644 --- a/app/Http/Controllers/Assets/BulkAssetsController.php +++ b/app/Http/Controllers/Assets/BulkAssetsController.php @@ -112,11 +112,47 @@ class BulkAssetsController extends Controller // This handles all of the pivot sorting below (versus the assets.* fields in the allowed_columns array) $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.id'; - $assets = Asset::with('assignedTo', 'location', 'model') + $query = Asset::with('assignedTo', 'location', 'model') ->whereIn('assets.id', $asset_ids) ->withTrashed(); - $assets = $assets->get(); + + switch ($sort_override) { + case 'model': + $query->OrderModels($order); + break; + case 'model_number': + $query->OrderModelNumber($order); + break; + case 'category': + $query->OrderCategory($order); + break; + case 'manufacturer': + $query->OrderManufacturer($order); + break; + case 'company': + $query->OrderCompany($order); + break; + case 'location': + $query->OrderLocation($order); + break; + case 'rtd_location': + $query->OrderRtdLocation($order); + break; + case 'status_label': + $query->OrderStatus($order); + break; + case 'supplier': + $query->OrderSupplier($order); + break; + case 'assigned_to': + $query->OrderAssigned($order); + break; + default: + $query->orderBy($column_sort, $order); + break; + } + $assets = $query->get(); if ($assets->isEmpty()) { Log::debug('No assets were found for the provided IDs', ['ids' => $asset_ids]); @@ -169,40 +205,7 @@ class BulkAssetsController extends Controller } } - switch ($sort_override) { - case 'model': - $assets->OrderModels($order); - break; - case 'model_number': - $assets->OrderModelNumber($order); - break; - case 'category': - $assets->OrderCategory($order); - break; - case 'manufacturer': - $assets->OrderManufacturer($order); - break; - case 'company': - $assets->OrderCompany($order); - break; - case 'location': - $assets->OrderLocation($order); - case 'rtd_location': - $assets->OrderRtdLocation($order); - break; - case 'status_label': - $assets->OrderStatus($order); - break; - case 'supplier': - $assets->OrderSupplier($order); - break; - case 'assigned_to': - $assets->OrderAssigned($order); - break; - default: - $assets->orderBy($column_sort, $order); - break; - } + return redirect()->back()->with('error', 'No action selected'); } From e18df250f8b80f6d68d7ab22c1307e270ca01091 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 3 Jul 2025 20:08:08 +0100 Subject: [PATCH 2/7] Removed console debugging Signed-off-by: snipe --- resources/views/partials/bootstrap-table.blade.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/resources/views/partials/bootstrap-table.blade.php b/resources/views/partials/bootstrap-table.blade.php index b198372bb4..1435fea97c 100644 --- a/resources/views/partials/bootstrap-table.blade.php +++ b/resources/views/partials/bootstrap-table.blade.php @@ -52,7 +52,6 @@ // This allows us to override the table defaults set below using the data-dash attributes var table = this; var data_with_default = function (key,default_value) { - console.dir($(table).data()); attrib_val = $(table).data(key); if(attrib_val !== undefined) { return attrib_val; @@ -916,7 +915,6 @@ function fileUploadNameFormatter(value) { - console.dir(value); if ((value) && (value.filename) && (value.url)) { return '' + value.filename + ''; } From 3e9098907a38b788c6233ace310e11ed4611e609 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 3 Jul 2025 20:11:31 +0100 Subject: [PATCH 3/7] Use config file for file types/mimes Signed-off-by: snipe --- app/Http/Requests/UploadFileRequest.php | 2 +- config/filesystems.php | 57 ++++++++++++++++++++ resources/lang/en-US/general.php | 2 +- resources/views/modals/upload-file.blade.php | 4 +- 4 files changed, 61 insertions(+), 4 deletions(-) diff --git a/app/Http/Requests/UploadFileRequest.php b/app/Http/Requests/UploadFileRequest.php index 0ab5426e38..2cb8ff0008 100644 --- a/app/Http/Requests/UploadFileRequest.php +++ b/app/Http/Requests/UploadFileRequest.php @@ -31,7 +31,7 @@ class UploadFileRequest extends Request $max_file_size = Helper::file_upload_max_size(); return [ - 'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,xlsx,lic,xml,rtf,json,webp,avif|max:'.$max_file_size, + 'file.*' => 'required|mimes:'.config('filesystems.allowed_upload_extensions_for_validator').'|max:'.$max_file_size, ]; } diff --git a/config/filesystems.php b/config/filesystems.php index 50b2675589..2aae01c055 100644 --- a/config/filesystems.php +++ b/config/filesystems.php @@ -99,10 +99,67 @@ $config = [ ], + ]; // copy the selected PUBLIC_FILESYSTEM_DISK's configuration to the 'public' key for easy use // (by default, the PUBLIC_FILESYSTEM DISK is 'local_public', in the public/uploads directory) $config['disks']['public'] = $config['disks'][env('PUBLIC_FILESYSTEM_DISK','local_public')]; +// This is used to determine which files to accept, and also to populate the language strings for the upload-file blade +$config['allowed_upload_extensions_array'] = [ + 'avif', + 'doc', + 'doc', + 'docx', + 'docx', + 'gif', + 'ico', + 'jpeg', + 'jpg', + 'json', + 'key', + 'lic', + 'mov', + 'mp3', + 'mp4', + 'ogg', + 'pdf', + 'png', + 'rar', + 'rtf', + 'svg', + 'txt', + 'wav', + 'webm', + 'webp', + 'xls', + 'xlsx', + 'xml', + 'zip', +]; + + + +$config['allowed_upload_mimetypes_array'] = [ + 'application/json', + 'application/msword', + 'application/pdf', + 'application/vnd.ms-excel', + 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', + 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', + 'application/x-rar-compressed', + 'application/zip', + 'audio/*', + 'image/*', + 'text/plain', + 'text/rtf', + 'text/xml', + 'video/*', +]; + +$config['allowed_upload_mimetypes'] = implode(',', $config['allowed_upload_mimetypes_array']); +$config['allowed_upload_extensions_for_validator'] = implode(',', $config['allowed_upload_extensions_array']); +$config['allowed_upload_extensions'] = '.'.implode(', .', $config['allowed_upload_extensions_array']); + return $config; \ No newline at end of file diff --git a/resources/lang/en-US/general.php b/resources/lang/en-US/general.php index 138232b6b3..f41afdc500 100644 --- a/resources/lang/en-US/general.php +++ b/resources/lang/en-US/general.php @@ -311,7 +311,7 @@ return [ 'username' => 'Username', 'update' => 'Update', 'updating_item' => 'Updating :item', - 'upload_filetypes_help' => 'Allowed filetypes are png, gif, jpg, jpeg, doc, docx, pdf, xls, xlsx, txt, lic, xml, zip, rtf and rar. Max upload size allowed is :size.', + 'upload_filetypes_help' => 'Allowed filetypes are: :allowed_filetypes. Max upload size allowed is :size.', 'uploaded' => 'Uploaded', 'user' => 'User', 'accepted' => 'accepted', diff --git a/resources/views/modals/upload-file.blade.php b/resources/views/modals/upload-file.blade.php index caeac9a761..a4738286d1 100644 --- a/resources/views/modals/upload-file.blade.php +++ b/resources/views/modals/upload-file.blade.php @@ -21,7 +21,7 @@ @@ -29,7 +29,7 @@
-

{{ trans('general.upload_filetypes_help', ['size' => Helper::file_upload_max_size_readable()]) }}

+

{{ trans('general.upload_filetypes_help', ['allowed_filetypes' => config('filesystems.allowed_upload_extensions'), 'size' => Helper::file_upload_max_size_readable()]) }}

From 62651f381c1f69c2b5ad16deb063bfc7fd9c9066 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 3 Jul 2025 20:13:57 +0100 Subject: [PATCH 4/7] Expand safe allowed inline files Signed-off-by: snipe --- app/Helpers/StorageHelper.php | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/app/Helpers/StorageHelper.php b/app/Helpers/StorageHelper.php index 5c17a9fb4d..6ca1216784 100644 --- a/app/Helpers/StorageHelper.php +++ b/app/Helpers/StorageHelper.php @@ -41,15 +41,21 @@ class StorageHelper { $allowed_inline = [ - 'pdf', - 'svg', - 'jpg', - 'gif', - 'svg', 'avif', - 'webp', - 'png', 'gif', + 'gif', + 'jpg', + 'mov', + 'mp3', + 'mp4', + 'ogg', + 'pdf', + 'png', + 'svg', + 'svg', + 'wav', + 'webm', + 'webp', ]; From dc43d85323e3c74081a65ad592b0f57c34f1a9c9 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 3 Jul 2025 20:15:30 +0100 Subject: [PATCH 5/7] Check for audio files Signed-off-by: snipe --- app/Helpers/Helper.php | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/app/Helpers/Helper.php b/app/Helpers/Helper.php index f544f2bc36..176e38f7f5 100644 --- a/app/Helpers/Helper.php +++ b/app/Helpers/Helper.php @@ -869,7 +869,28 @@ class Helper $filetype = @finfo_file($finfo, $file); finfo_close($finfo); - if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif') || ($filetype == 'image/avif') || ($filetype == 'image/webp')) { + if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif') || ($filetype == 'image/avif') || ($filetype == 'image/webp') || ($filetype == 'video/mp4') || ($filetype == 'video/quicktime') || ($filetype == 'video/mpeg') || ($filetype == 'video/ogg') || ($filetype == 'video/webm') || ($filetype == 'video/x-msvide')) { + return $filetype; + } + + return false; + } + + /** + * Check if the file is an image, so we can show a preview + * + * @author [A. Gianotto] [] + * @since [v3.0] + * @param File $file + * @return string | Boolean + */ + public static function checkUploadIsAudio($file) + { + $finfo = @finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension + $filetype = @finfo_file($finfo, $file); + finfo_close($finfo); + + if (($filetype == 'audio/mpeg') || ($filetype == 'audio/ogg')) { return $filetype; } @@ -1170,6 +1191,15 @@ class Helper // Misc 'pdf' => 'far fa-file-pdf', 'lic' => 'far fa-save', + + // video + 'mov' => 'fa-solid fa-video', + 'mp4' => 'fa-solid fa-video', + + // audio + 'ogg' => 'fa-solid fa-file-audio', + 'mp3' => 'fa-solid fa-file-audio', + 'wav' => 'fa-solid fa-file-audio', ]; if ($extension && array_key_exists($extension, $allowedExtensionMap)) { From 4db3b3ba0e7b4a1555a570aaff8eff209905b28b Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 3 Jul 2025 20:19:13 +0100 Subject: [PATCH 6/7] Use config array for extensions in restore tool Signed-off-by: snipe --- app/Console/Commands/RestoreFromBackup.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/Console/Commands/RestoreFromBackup.php b/app/Console/Commands/RestoreFromBackup.php index 35e67a82e7..5765260ecd 100644 --- a/app/Console/Commands/RestoreFromBackup.php +++ b/app/Console/Commands/RestoreFromBackup.php @@ -329,9 +329,9 @@ class RestoreFromBackup extends Command } } } - $good_extensions = ['png', 'gif', 'jpg', 'svg', 'jpeg', 'doc', 'docx', 'pdf', 'txt', - 'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico', 'avif' - ]; + + $good_extensions = config('filesystems.allowed_upload_extensions_array'); + foreach (array_merge($private_files, $public_files) as $file) { $has_wildcard = (strpos($file, '*') !== false); if ($has_wildcard) { From 4ef0158da41fa69baec59d490b514583b2b29211 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 3 Jul 2025 20:19:29 +0100 Subject: [PATCH 7/7] Use preview instead of image text Signed-off-by: snipe --- resources/views/blade/filestable.blade.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/resources/views/blade/filestable.blade.php b/resources/views/blade/filestable.blade.php index 9d8e76212f..4d51ecfee0 100644 --- a/resources/views/blade/filestable.blade.php +++ b/resources/views/blade/filestable.blade.php @@ -32,7 +32,7 @@ {{trans('general.file_type')}} - {{ trans('general.image') }} + {{ trans('general.preview') }} {{ trans('general.file_name') }} @@ -76,6 +76,11 @@ + @elseif (Helper::checkUploadIsAudio($file->get_src(str_plural(strtolower(class_basename(get_class($object))))))) + @else {{ trans('general.preview_not_available') }} @endif