diff --git a/app/Http/Requests/SaveUserRequest.php b/app/Http/Requests/SaveUserRequest.php
index 5a47362cfc..4051e98043 100644
--- a/app/Http/Requests/SaveUserRequest.php
+++ b/app/Http/Requests/SaveUserRequest.php
@@ -33,9 +33,9 @@ class SaveUserRequest extends FormRequest
public function rules()
{
$rules = [
- 'department_id' => 'nullable|exists:departments,id',
+ 'department_id' => 'nullable|integer|exists:departments,id',
'manager_id' => 'nullable|exists:users,id',
- 'company_id' => ['nullable','exists:companies,id']
+ 'company_id' => ['nullable', 'integer', 'exists:companies,id']
];
switch ($this->method()) {
diff --git a/resources/views/locations/view.blade.php b/resources/views/locations/view.blade.php
index b10cb315e0..770e004d00 100644
--- a/resources/views/locations/view.blade.php
+++ b/resources/views/locations/view.blade.php
@@ -157,7 +157,42 @@
-
+
+
+
{{ trans('admin/locations/message.current_location') }}
+
+
+ @include('partials.asset-bulk-actions')
+
+
+
+
+
+
+
+
{{ trans('general.users') }}
@include('partials.users-bulk-actions')
@@ -188,37 +223,6 @@
-
-
{{ trans('admin/locations/message.current_location') }}
-
-
- @include('partials.asset-bulk-actions')
-
-
-
-
diff --git a/resources/views/reports/custom.blade.php b/resources/views/reports/custom.blade.php
index f89866ed21..2ef3acfd7d 100644
--- a/resources/views/reports/custom.blade.php
+++ b/resources/views/reports/custom.blade.php
@@ -627,7 +627,11 @@
>
@foreach($report_templates as $savedTemplate)
-
@endforeach
@@ -774,7 +778,7 @@
$('#saved_report_select')
.on('select2:select', function (event) {
- window.location.href = '/reports/templates/' + event.params.data.id;
+ window.location.href = event.params.data.element.dataset.route;
});
$('#dataConfirmModal').on('show.bs.modal', function (event) {
diff --git a/tests/Feature/Users/Api/StoreUsersTest.php b/tests/Feature/Users/Api/StoreUsersTest.php
new file mode 100644
index 0000000000..41cb04e3c4
--- /dev/null
+++ b/tests/Feature/Users/Api/StoreUsersTest.php
@@ -0,0 +1,78 @@
+actingAsForApi(User::factory()->create())
+ ->postJson(route('api.users.store'), [
+ 'first_name' => 'Joe',
+ 'username' => 'joe',
+ 'password' => 'joe_password',
+ 'password_confirmation' => 'joe_password',
+ ])
+ ->assertForbidden();
+ }
+
+ public function testCompanyIdNeedsToBeInteger()
+ {
+ $company = Company::factory()->create();
+
+ $this->actingAsForApi(User::factory()->createUsers()->create())
+ ->postJson(route('api.users.store'), [
+ 'company_id' => [$company->id],
+ 'first_name' => 'Joe',
+ 'username' => 'joe',
+ 'password' => 'joe_password',
+ 'password_confirmation' => 'joe_password',
+ ])
+ ->assertStatusMessageIs('error')
+ ->assertJson(function (AssertableJson $json) {
+ $json->has('messages.company_id')->etc();
+ });
+ }
+
+ public function testDepartmentIdNeedsToBeInteger()
+ {
+ $department = Department::factory()->create();
+
+ $this->actingAsForApi(User::factory()->createUsers()->create())
+ ->postJson(route('api.users.store'), [
+ 'department_id' => [$department->id],
+ 'first_name' => 'Joe',
+ 'username' => 'joe',
+ 'password' => 'joe_password',
+ 'password_confirmation' => 'joe_password',
+ ])
+ ->assertStatusMessageIs('error')
+ ->assertJson(function (AssertableJson $json) {
+ $json->has('messages.department_id')->etc();
+ });
+ }
+
+ public function testCanStoreUser()
+ {
+ $this->actingAsForApi(User::factory()->createUsers()->create())
+ ->postJson(route('api.users.store'), [
+ 'first_name' => 'Darth',
+ 'username' => 'darthvader',
+ 'password' => 'darth_password',
+ 'password_confirmation' => 'darth_password',
+ ])
+ ->assertStatusMessageIs('success')
+ ->assertOk();
+
+ $this->assertDatabaseHas('users', [
+ 'first_name' => 'Darth',
+ 'username' => 'darthvader',
+ ]);
+ }
+}