diff --git a/app/Http/Controllers/Licenses/LicensesController.php b/app/Http/Controllers/Licenses/LicensesController.php index a3607c181..7acceb378 100755 --- a/app/Http/Controllers/Licenses/LicensesController.php +++ b/app/Http/Controllers/Licenses/LicensesController.php @@ -234,6 +234,12 @@ class LicensesController extends Controller public function show($licenseId = null) { $license = License::with('assignedusers')->find($licenseId); + + if (!$license) { + return redirect()->route('licenses.index') + ->with('error', trans('admin/licenses/message.does_not_exist')); + } + $users_count = User::where('autoassign_licenses', '1')->count(); $total_seats_count = $license->totalSeatsByLicenseID(); $available_seats_count = $license->availCount()->count(); @@ -245,17 +251,13 @@ class LicensesController extends Controller \Log::debug('Checkedout: '.$checkedout_seats_count); - if ($license) { - $this->authorize('view', $license); - return view('licenses.view', compact('license')) - ->with('users_count', $users_count) - ->with('total_seats_count', $total_seats_count) - ->with('available_seats_count', $available_seats_count) - ->with('checkedout_seats_count', $checkedout_seats_count); - } + $this->authorize('view', $license); + return view('licenses.view', compact('license')) + ->with('users_count', $users_count) + ->with('total_seats_count', $total_seats_count) + ->with('available_seats_count', $available_seats_count) + ->with('checkedout_seats_count', $checkedout_seats_count); - return redirect()->route('licenses.view') - ->with('error', trans('admin/licenses/message.does_not_exist')); } diff --git a/app/Http/Controllers/Users/UsersController.php b/app/Http/Controllers/Users/UsersController.php index b83953365..25a64e5cb 100755 --- a/app/Http/Controllers/Users/UsersController.php +++ b/app/Http/Controllers/Users/UsersController.php @@ -210,7 +210,6 @@ class UsersController extends Controller */ public function update(SaveUserRequest $request, $id = null) { - // We need to reverse the UI specific logic for our // permissions here before we update the user. $permissions = $request->input('permissions', []); @@ -268,7 +267,8 @@ class UsersController extends Controller $user->city = $request->input('city', null); $user->state = $request->input('state', null); $user->country = $request->input('country', null); - $user->activated = $request->input('activated', 0); + // if a user is editing themselves we should always keep activated true + $user->activated = $request->input('activated', $request->user()->is($user) ? 1 : 0); $user->zip = $request->input('zip', null); $user->remote = $request->input('remote', 0); $user->vip = $request->input('vip', 0); @@ -670,4 +670,4 @@ class UsersController extends Controller return redirect()->back()->with('error', 'User is not activated, is LDAP synced, or does not have an email address '); } -} \ No newline at end of file +} diff --git a/config/session.php b/config/session.php index dee8d9103..688340c9e 100644 --- a/config/session.php +++ b/config/session.php @@ -130,7 +130,7 @@ return [ | */ - 'path' => '/', + 'path' => env('SESSION_COOKIE_PATH', '/'), /* |-------------------------------------------------------------------------- diff --git a/resources/views/layouts/default.blade.php b/resources/views/layouts/default.blade.php index 9eb43d35a..d11d3c541 100644 --- a/resources/views/layouts/default.blade.php +++ b/resources/views/layouts/default.blade.php @@ -483,8 +483,7 @@ class="fas fa-times text-red fa-fw"> {{ trans('general.all') }} {{ trans('general.undeployable') }} - ({{ (isset($total_undeployable_sidebar)) ? $total_undeployable_sidebar : '' }} - ) + ({{ (isset($total_undeployable_sidebar)) ? $total_undeployable_sidebar : '' }}) admin()->create(); + $user = User::factory()->create(['activated' => false]); + + $this->actingAs($admin) + ->put(route('users.update', $user), [ + 'first_name' => $user->first_name, + 'username' => $user->username, + 'activated' => 1, + ]); + + $this->assertTrue($user->refresh()->activated); + } + + public function testUsersCanBeDeactivated() + { + $admin = User::factory()->admin()->create(); + $user = User::factory()->create(['activated' => true]); + + $this->actingAs($admin) + ->put(route('users.update', $user), [ + 'first_name' => $user->first_name, + 'username' => $user->username, + // checkboxes that are not checked are + // not included in the request payload + // 'activated' => 0, + ]); + + $this->assertFalse($user->refresh()->activated); + } + + public function testUsersUpdatingThemselvesDoNotDeactivateTheirAccount() + { + $admin = User::factory()->admin()->create(['activated' => true]); + + $this->actingAs($admin) + ->put(route('users.update', $admin), [ + 'first_name' => $admin->first_name, + 'username' => $admin->username, + // checkboxes that are disabled are not + // included in the request payload + // even if they are checked + // 'activated' => 0, + ]); + + $this->assertTrue($admin->refresh()->activated); + } +}