Attempt to generalize companyable in company scope
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe
@@ -45,6 +45,8 @@ class CompaniesController extends Controller
|
||||
$query->AssetsForShow();
|
||||
}])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
|
||||
|
||||
$companies = Company::scopeCompanyables($companies, 'id', 'companies');
|
||||
|
||||
if ($request->filled('search')) {
|
||||
$companies->TextSearch($request->input('search'));
|
||||
}
|
||||
@@ -119,6 +121,8 @@ class CompaniesController extends Controller
|
||||
{
|
||||
$this->authorize('view', Company::class);
|
||||
$company = Company::findOrFail($id);
|
||||
$this->authorize('view', $company);
|
||||
$company = Company::scopeCompanyables($company, 'id', 'companies');
|
||||
return (new CompaniesTransformer)->transformCompany($company);
|
||||
|
||||
}
|
||||
@@ -136,6 +140,8 @@ class CompaniesController extends Controller
|
||||
{
|
||||
$this->authorize('update', Company::class);
|
||||
$company = Company::findOrFail($id);
|
||||
$this->authorize('update', $company);
|
||||
$company = Company::scopeCompanyables($company, 'id', 'companies');
|
||||
$company->fill($request->all());
|
||||
$company = $request->handleImages($company);
|
||||
|
||||
@@ -159,6 +165,7 @@ class CompaniesController extends Controller
|
||||
{
|
||||
$this->authorize('delete', Company::class);
|
||||
$company = Company::findOrFail($id);
|
||||
$company = Company::scopeCompanyables($company, 'id', 'companies');
|
||||
$this->authorize('delete', $company);
|
||||
|
||||
if (! $company->isDeletable()) {
|
||||
@@ -188,6 +195,8 @@ class CompaniesController extends Controller
|
||||
'companies.image',
|
||||
]);
|
||||
|
||||
$companies = Company::scopeCompanyables($companies, 'id', 'companies');
|
||||
|
||||
if ($request->filled('search')) {
|
||||
$companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%');
|
||||
}
|
||||
|
||||
@@ -83,6 +83,8 @@ final class CompaniesController extends Controller
|
||||
public function edit(Company $company) : View | RedirectResponse
|
||||
{
|
||||
$this->authorize('update', $company);
|
||||
Company::isCurrentUserHasAccess($company);
|
||||
// $company = Company::scopeCompanyables($company, 'id', 'companies');
|
||||
return view('companies/edit')->with('item', $company);
|
||||
}
|
||||
|
||||
@@ -98,6 +100,7 @@ final class CompaniesController extends Controller
|
||||
{
|
||||
|
||||
$this->authorize('update', $company);
|
||||
$company = Company::scopeCompanyables($company, 'id', 'companies');
|
||||
$company->name = $request->input('name');
|
||||
$company->phone = $request->input('phone');
|
||||
$company->fax = $request->input('fax');
|
||||
@@ -123,11 +126,14 @@ final class CompaniesController extends Controller
|
||||
*/
|
||||
public function destroy($companyId) : RedirectResponse
|
||||
{
|
||||
|
||||
if (is_null($company = Company::find($companyId))) {
|
||||
return redirect()->route('companies.index')
|
||||
->with('error', trans('admin/companies/message.not_found'));
|
||||
}
|
||||
|
||||
$company = Company::scopeCompanyables($company, 'id', 'companies');
|
||||
|
||||
$this->authorize('delete', $company);
|
||||
if (! $company->isDeletable()) {
|
||||
return redirect()->route('companies.index')
|
||||
|
||||
+15
-3
@@ -18,6 +18,8 @@ use Illuminate\Support\Facades\Schema;
|
||||
final class Company extends SnipeModel
|
||||
{
|
||||
use HasFactory;
|
||||
use CompanyableTrait;
|
||||
|
||||
|
||||
protected $table = 'companies';
|
||||
|
||||
@@ -146,10 +148,10 @@ final class Company extends SnipeModel
|
||||
if (!is_string($companyable)) {
|
||||
$company_table = $companyable->getModel()->getTable();
|
||||
try {
|
||||
// This is primary for the gate:allows-check in location->isDeletable()
|
||||
// This is primarily for the gate:allows-check in location->isDeletable()
|
||||
// Locations don't have a company_id so without this it isn't possible to delete locations with FullMultipleCompanySupport enabled
|
||||
// because this function is called by SnipePermissionsPolicy->before()
|
||||
if (!$companyable instanceof Company && !Schema::hasColumn($company_table, 'company_id')) {
|
||||
if (!Schema::hasColumn($company_table, 'company_id')) {
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -163,9 +165,19 @@ final class Company extends SnipeModel
|
||||
// Log::warning('Companyable is '.$companyable);
|
||||
$current_user_company_id = auth()->user()->company_id;
|
||||
$companyable_company_id = $companyable->company_id;
|
||||
return $current_user_company_id == null || $current_user_company_id == $companyable_company_id || auth()->user()->isSuperUser();
|
||||
|
||||
// Set this to check companyable on company
|
||||
if ($companyable instanceof Company) {
|
||||
\Log::error('This is a company!');
|
||||
$companyable_company_id = $companyable->id;
|
||||
\Log::error('Companyable object ID: '.$companyable_company_id);
|
||||
\Log::error('User company ID: '.$current_user_company_id);
|
||||
}
|
||||
return ($current_user_company_id == null) || ($current_user_company_id == $companyable_company_id) || auth()->user()->isSuperUser();
|
||||
}
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
public static function isCurrentUserAuthorized()
|
||||
|
||||
+1
-1
@@ -249,7 +249,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
|
||||
|
||||
|
||||
/**
|
||||
* Checks if the can edit their own profile
|
||||
* Checks if the user can edit their own profile
|
||||
*
|
||||
* @author A. Gianotto <snipe@snipe.net>
|
||||
* @since [v6.3.4]
|
||||
|
||||
@@ -2,10 +2,20 @@
|
||||
|
||||
namespace App\Policies;
|
||||
|
||||
use App\Models\Setting;
|
||||
|
||||
class CompanyPolicy extends SnipePermissionsPolicy
|
||||
{
|
||||
protected function columnName()
|
||||
{
|
||||
return 'companies';
|
||||
}
|
||||
|
||||
public function canEditThisCompany($company_id = null) {
|
||||
if ((Setting::getSettings()->scope_locations_fmcs) && ($this->company_id == $company_id)){
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -53,7 +53,7 @@ abstract class SnipePermissionsPolicy
|
||||
}
|
||||
|
||||
/**
|
||||
* If we got here by $this→authorize('something', $actualModel) then we can continue on Il but if we got here
|
||||
* If we got here by $this→authorize('something', $actualModel) then we can continue on, but if we got here
|
||||
* via $this→authorize('something', Model::class) then calling Company:: isCurrentUserHasAccess($item) gets weird.
|
||||
* Bail out here by returning "nothing" and allow the relevant method lower in this class to be called and handle authorization.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user