ouyang/snipe-it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b264bbf69fc3126cc88598797b176c88bb87de52
snipe-it/app/Http/Controllers/Api/NotesController.php
Nicky West b264bbf69f feat(api): Add API endpoints for managing asset history notes 
- Add POST endpoint to create a history note attached to an asset
- Add GET endpoint to retrieve history notes for an asset
- Add ActionLog factory state for manual notes
- Implement controller methods with authorization checks
- Add feature tests for note creation, retrieval, and access control
- Register new API routes for these endpoints

Supports automation by enabling programmatic asset history note management.
2025-07-28 15:55:37 -07:00

120 lines
4.9 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Api;
use App\Helpers\Helper;
use App\Http\Controllers\Controller;
use App\Models\Actionlog;
use App\Models\Asset;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
/**
* This class controls all API actions related to notes for
* the Snipe-IT Asset Management application.
*/
class NotesController extends Controller
{
/**
* Store a manual note on a specified asset and log the action.
*
* Checks authorization for updating assets, validates the presence of the 'note',
* attempts to find the asset by ID, and creates a new ActionLog entry if successful.
* Returns JSON responses indicating success or failure with appropriate HTTP status codes.
*
* @param \Illuminate\Http\Request $request The incoming HTTP request containing the 'note'.
* @param int|string $asset_id The ID of the asset to attach the note to.
* @return \Illuminate\Http\JsonResponse
*/
public function store(Request $request, $asset_id): JsonResponse
{
$this->authorize('update', Asset::class);
if ($request->input('note', '') == '') {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('validation.required', ['attribute' => 'note'])), 422);
}
try {
$asset = Asset::findOrFail($asset_id);
} catch (ModelNotFoundException $e) {
return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
} catch (\Exception $e) {
Log::debug('Error fetching asset: ' . $e->getMessage());
// Return generic server error response since something unexpected happened
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/settings/message.webhook.500')), 500);
}
$this->authorize('update', $asset);
// Create the note
$logaction = new ActionLog();
$logaction->item_type = get_class($asset);
$logaction->created_by = Auth::id();
$logaction->item_id = $asset->id;
$logaction->note = $request->input('note', '');
if($logaction->logaction('note added')) {
// Return a success response
return response()->json(Helper::formatStandardApiResponse('success', ['note' => $logaction->note, 'item_id' => $asset->id], trans('general.note_added')));
}
// Return an error response if something went wrong
return response()->json(Helper::formatStandardApiResponse('error', null, 'Something went wrong'), 500);
}
/**
* Retrieve a list of manual notes (action logs) for a given asset.
*
* Checks authorization to view assets, attempts to find the asset by ID,
* and fetches related action log entries of type 'note added', including
* user information for each note. Returns a JSON response with the notes or errors.
*
* @param \Illuminate\Http\Request $request The incoming HTTP request.
* @param int|string $asset_id The ID of the asset whose notes to retrieve.
* @return \Illuminate\Http\JsonResponse
*/
public function getList(Request $request, $asset_id): JsonResponse
{
$this->authorize('view', Asset::class);
try {
$asset = Asset::findOrFail($asset_id);
} catch (ModelNotFoundException $e) {
return response()->json(Helper::formatStandardApiResponse('error', null, $e->getMessage()), 404);
} catch (\Exception $e) {
// Return generic server error response since something unexpected happened
return response()->json(Helper::formatStandardApiResponse('error', null, $e->getMessage()), 500);
}
$this->authorize('view', $asset);
// Get the manual notes for the asset
$notes = ActionLog::with('user:id,username')
->where('item_type', Asset::class)
->where('item_id', $asset->id)
->where('action_type', 'note added')
->orderBy('created_at', 'desc')
->get(['id', 'created_at', 'note', 'created_by', 'item_id', 'item_type', 'action_type', 'target_id', 'target_type']);
$notesArray = $notes->map(function ($note) {
return [
'id' => $note->id,
'created_at' => $note->created_at,
'note' => $note->note,
'created_by' => $note->created_by,
'username' => $note->user?->username, // adding the username
'item_id' => $note->item_id,
'item_type' => $note->item_type,
'action_type' => $note->action_type,
];
});
// Return a success response
return response()->json(Helper::formatStandardApiResponse('success', ['notes' => $notesArray, 'asset_id' => $asset->id]));
}
}
Reference in New Issue View Git Blame Copy Permalink