Merge remote-tracking branch 'origin/develop'

Signed-off-by: snipe <[email protected]> # Conflicts: # public/js/dist/all-defer.js # public/mix-manifest.json
snipe · Mar 27, 2024 · 3bb81d1 · 3bb81d1
2 parents 89d733d + 756c44f
commit 3bb81d1
Show file tree

Hide file tree

Showing 13 changed files with 129 additions and 18 deletions.
diff --git a/app/Http/Controllers/Api/AssetsController.php b/app/Http/Controllers/Api/AssetsController.php
@@ -591,6 +591,11 @@ public function store(StoreAssetRequest $request): JsonResponse
                         }
                     }
                 }
+                if ($field->element == 'checkbox') {
+                    if(is_array($field_val)) {
+                        $field_val = implode(',', $field_val);
+                    }
+                }
 
 
                 $asset->{$field->db_column} = $field_val;
@@ -659,13 +664,22 @@ public function update(ImageUploadRequest $request, $id)
             // Update custom fields
             if (($model) && (isset($model->fieldset))) {
                 foreach ($model->fieldset->fields as $field) {
+                    $field_val = $request->input($field->db_column, null);
+
                     if ($request->has($field->db_column)) {
                         if ($field->field_encrypted == '1') {
                             if (Gate::allows('admin')) {
-                                $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
+                                $asset->{$field->db_column} = Crypt::encrypt($field_val);
                             }
-                        } else {
-                            $asset->{$field->db_column} = $request->input($field->db_column);
+                        }
+                        if ($field->element == 'checkbox') {
+                            if(is_array($field_val)) {
+                                $field_val = implode(',', $field_val);
+                                $asset->{$field->db_column} = $field_val;
+                            }
+                        }
+                        else {
+                            $asset->{$field->db_column} = $field_val;
                         }
                     }
                 }

diff --git a/app/Http/Controllers/Api/UsersController.php b/app/Http/Controllers/Api/UsersController.php
@@ -560,7 +560,26 @@ public function assets(Request $request, $id)
     {
         $this->authorize('view', User::class);
         $this->authorize('view', Asset::class);
-        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
+        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model');
+
+
+        // Filter on category ID
+        if ($request->filled('category_id')) {
+            $assets = $assets->InCategory($request->input('category_id'));
+        }
+
+
+        // Filter on model ID
+        if ($request->filled('model_id')) {
+
+            $model_ids = $request->input('model_id');
+            if (!is_array($model_ids)) {
+                $model_ids = array($model_ids);
+            }
+            $assets = $assets->InModelList($model_ids);
+        }
+
+        $assets = $assets->get();
 
         return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
     }

diff --git a/app/Http/Controllers/AssetModelsController.php b/app/Http/Controllers/AssetModelsController.php
@@ -7,6 +7,7 @@
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
+use App\Models\CustomField;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
@@ -486,11 +487,11 @@ private function shouldAddDefaultValues(array $input)
      * @param  array      $defaultValues
      * @return void
      */
-    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
+    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues): bool
     {
         $data = array();
         foreach ($defaultValues as $customFieldId => $defaultValue) {
-            $customField = \App\Models\CustomField::find($customFieldId);
+            $customField = CustomField::find($customFieldId);
 
             $data[$customField->db_column] = $defaultValue;
         }

diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php
@@ -20,6 +20,7 @@
 use enshrined\svgSanitize\Sanitizer;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Validation\Rule;
 use Image;
 use Input;
 use Redirect;
@@ -499,6 +500,19 @@ public function getSecurity()
      */
     public function postSecurity(Request $request)
     {
+        $this->validate($request, [
+            'pwd_secure_complexity' => 'array',
+            'pwd_secure_complexity.*' => [
+                Rule::in([
+                    'disallow_same_pwd_as_user_fields',
+                    'letters',
+                    'numbers',
+                    'symbols',
+                    'case_diff',
+                ])
+            ]
+        ]);
+
         if (is_null($setting = Setting::getSettings())) {
             return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
         }

diff --git a/app/Models/CustomFieldset.php b/app/Models/CustomFieldset.php
@@ -5,6 +5,8 @@
 use Gate;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Validation\Rule;
 use Watson\Validating\ValidatingTrait;
 
 class CustomFieldset extends Model
@@ -92,8 +94,19 @@ public function validation_rules()
 
             array_push($rule, $field->attributes['format']);
             $rules[$field->db_column_name()] = $rule;
-            //add not_array to rules for all fields
-            $rules[$field->db_column_name()][] = 'not_array';
+
+            // add not_array to rules for all fields but checkboxes
+            if ($field->element != 'checkbox') {
+                $rules[$field->db_column_name()][] = 'not_array';
+            }
+
+            if ($field->element == 'checkbox') {
+                $rules[$field->db_column_name()][] = 'checkboxes';
+            }
+
+            if ($field->element == 'radio') {
+                $rules[$field->db_column_name()][] = 'radio_buttons';
+            }
         }
 
         return $rules;

diff --git a/app/Providers/ValidationServiceProvider.php b/app/Providers/ValidationServiceProvider.php
@@ -2,9 +2,12 @@
 
 namespace App\Providers;
 
+use App\Models\CustomField;
 use App\Models\Department;
 use App\Models\Setting;
 use DB;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Validation\Rule;
 use Validator;
@@ -294,6 +297,39 @@ public function boot()
         Validator::extend('not_array', function ($attribute, $value, $parameters, $validator) {
             return !is_array($value);
         });
+
+        // This is only used in Models/CustomFieldset.php - it does automatic validation for checkboxes by making sure
+        // that the submitted values actually exist in the options.
+        Validator::extend('checkboxes', function ($attribute, $value, $parameters, $validator){
+            $field = CustomField::where('db_column', $attribute)->first();
+            $options = $field->formatFieldValuesAsArray();
+
+            if(is_array($value)) {
+                $invalid = array_diff($value, $options);
+                if(count($invalid) > 0) {
+                    return false;
+                }
+            }
+
+            // for legacy, allows users to submit a comma separated string of options
+            elseif(!is_array($value)) {
+                $exploded = array_map('trim', explode(',', $value));
+                $invalid = array_diff($exploded, $options);
+                if(count($invalid) > 0) {
+                    return false;
+                }
+            }
+
+            return true;
+        });
+
+        // Validates that a radio button option exists
+        Validator::extend('radio_buttons', function ($attribute, $value) {
+            $field = CustomField::where('db_column', $attribute)->first();
+            $options = $field->formatFieldValuesAsArray();
+
+            return in_array($value, $options);
+        });
     }
 
     /**

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -33,7 +33,7 @@
         "acorn-import-assertions": "^1.9.0",
         "admin-lte": "^2.4.18",
         "ajv": "^6.12.6",
-        "alpinejs": "^3.13.5",
+        "alpinejs": "^3.13.6",
         "blueimp-file-upload": "^9.34.0",
         "bootstrap": "^3.4.1",
         "bootstrap-colorpicker": "^2.5.3",

diff --git a/public/js/dist/all-defer.js b/public/js/dist/all-defer.js
diff --git a/public/mix-manifest.json b/public/mix-manifest.json
@@ -33,7 +33,7 @@
     "/js/build/vendor.js": "/js/build/vendor.js?id=a2b971da417306a63385c8098acfe4af",
     "/js/dist/bootstrap-table.js": "/js/dist/bootstrap-table.js?id=857da5daffd13e0553510e5ccd410c79",
     "/js/dist/all.js": "/js/dist/all.js?id=fca6ea9956fd827d9790c08e0e982b22",
-    "/js/dist/all-defer.js": "/js/dist/all-defer.js?id=19ccc62a8f1ea103dede4808837384d4",
+    "/js/dist/all-defer.js": "/js/dist/all-defer.js?id=18d36546bdad8285c229008df799b343",
     "/css/dist/skins/skin-green.min.css": "/css/dist/skins/skin-green.min.css?id=b48f4d8af0e1ca5621c161e93951109f",
     "/css/dist/skins/skin-green-dark.min.css": "/css/dist/skins/skin-green-dark.min.css?id=0ed42b67f9b02a74815e885bfd9e3f66",
     "/css/dist/skins/skin-black.min.css": "/css/dist/skins/skin-black.min.css?id=1f33ca3d860461c1127ec465ab3ebb6b",

diff --git a/resources/lang/en-US/validation.php b/resources/lang/en-US/validation.php
@@ -105,6 +105,8 @@
     'gte'                  => [
         'numeric'          => 'Value cannot be negative'
     ],
+    'checkboxes'           => ':attribute contains invalid options.',
+    'radio_buttons'        => ':attribute is invalid.',
 
 
     /*
@@ -151,4 +153,10 @@
 
     'attributes' => [],
 
+    /*
+    |--------------------------------------------------------------------------
+    | Generic Validation Messages
+    |--------------------------------------------------------------------------
+    */
+    'invalid_value_in_field' => 'Invalid value included in this field',
 ];
diff --git a/resources/views/custom_fields/fields/edit.blade.php b/resources/views/custom_fields/fields/edit.blade.php
@@ -135,7 +135,7 @@
 
           @if (!$field->id)
               <!-- Encrypted  -->
-              <div class="col-md-9 col-md-offset-3">
+              <div class="col-md-9 col-md-offset-3" id="encryption_section">
                   <label class="form-control">
                       <input type="checkbox" value="1" name="field_encrypted" id="field_encrypted"{{ (Request::old('field_encrypted') || $field->field_encrypted) ? ' checked="checked"' : '' }}>
                       {{ trans('admin/custom_fields/general.encrypt_field') }}
@@ -146,7 +146,6 @@
                       <p><i class="fas fa-exclamation-triangle" aria-hidden="true"></i> {{ trans('admin/custom_fields/general.encrypt_field_help') }}</p>
                   </div>
               </div>
-
           @endif
 
 
@@ -298,11 +297,16 @@ class="fieldset"
         }).change();
 
         // Only display the field element if the type is not text
+        // and don't display encryption option for checkbox or radio
         $(".field_element").change(function(){
             $(this).find("option:selected").each(function(){
                 if (($(this).attr("value")!="text") && ($(this).attr("value")!="textarea")){
                     $("#field_values_text").show();
+                if ($(this).attr("value") == "checkbox" || $(this).attr("value") == "radio") {
+                    $("#encryption_section").hide();
+                }
                 } else{
+                    $("#encryption_section").show();
                     $("#field_values_text").hide();
                 }
             });

diff --git a/resources/views/settings/security.blade.php b/resources/views/settings/security.blade.php
@@ -74,12 +74,11 @@
 
 
                         <!-- Common Passwords -->
-                        <div class="form-group">
+                        <div class="form-group {{ $errors->has('pwd_secure_complexity.*') ? 'error' : '' }}">
                             <div class="col-md-3">
                                 {{ Form::label('pwd_secure_complexity', trans('admin/settings/general.pwd_secure_complexity')) }}
                             </div>
                             <div class="col-md-9">
-
                                 <label class="form-control">
                                     <span class="sr-only">{{ trans('admin/settings/general.pwd_secure_uncommon') }}</span>
                                     {{ Form::checkbox('pwd_secure_uncommon', '1', old('pwd_secure_uncommon', $setting->pwd_secure_uncommon),array( 'aria-label'=>'pwd_secure_uncommon')) }}
@@ -106,6 +105,9 @@
                                     {{ trans('admin/settings/general.pwd_secure_complexity_case_diff') }}
                                 </label>
 
+                                @if ($errors->has('pwd_secure_complexity.*'))
+                                    <span class="alert-msg">{{ trans('validation.invalid_value_in_field') }}</span>
+                                @endif
                                 <p class="help-block">
                                     {{ trans('admin/settings/general.pwd_secure_complexity_help') }}
                                 </p>