diff --git a/app/Http/Controllers/Api/ComponentsController.php b/app/Http/Controllers/Api/ComponentsController.php
index 8ee5b80e8..0f594f5e7 100644
--- a/app/Http/Controllers/Api/ComponentsController.php
+++ b/app/Http/Controllers/Api/ComponentsController.php
@@ -309,9 +309,7 @@ class ComponentsController extends Controller
public function checkin(Request $request, $component_asset_id) : JsonResponse
{
if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
-
if (is_null($component = Component::find($component_assets->component_id))) {
-
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.not_found')));
}
@@ -319,17 +317,13 @@ class ComponentsController extends Controller
$max_to_checkin = $component_assets->assigned_qty;
- if ($max_to_checkin > 1) {
-
- $validator = Validator::make($request->all(), [
- "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
- ]);
-
- if ($validator->fails()) {
- return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and '.$max_to_checkin));
- }
+ $validator = Validator::make($request->all(), [
+ "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+ ]);
+
+ if ($validator->fails()) {
+ return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and ' . $max_to_checkin));
}
-
// Validation passed, so let's figure out what we have to do here.
$qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty', 1));
@@ -339,28 +333,23 @@ class ComponentsController extends Controller
$component_assets->assigned_qty = $qty_remaining_in_checkout;
Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
-
- DB::table('components_assets')->where('id',
- $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
+
+ DB::table('components_assets')->where('id', $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
// If the checked-in qty is exactly the same as the assigned_qty,
// we can simply delete the associated components_assets record
- if ($qty_remaining_in_checkout == 0) {
+ if ($qty_remaining_in_checkout === 0) {
DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
}
-
$asset = Asset::find($component_assets->asset_id);
event(new CheckoutableCheckedIn($component, $asset, auth()->user(), $request->input('note'), Carbon::now()));
return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/components/message.checkin.success')));
-
}
return response()->json(Helper::formatStandardApiResponse('error', null, 'No matching checkouts for that component join record'));
-
-
}
}
diff --git a/app/Models/CustomFieldset.php b/app/Models/CustomFieldset.php
index 71be28e8a..d6bd7a1be 100644
--- a/app/Models/CustomFieldset.php
+++ b/app/Models/CustomFieldset.php
@@ -2,6 +2,8 @@
namespace App\Models;
+use App\Rules\AlphaEncrypted;
+use App\Rules\NumericEncrypted;
use Gate;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
@@ -95,6 +97,19 @@ class CustomFieldset extends Model
array_push($rule, $field->attributes['format']);
$rules[$field->db_column_name()] = $rule;
+
+ // these are to replace the standard 'numeric' and 'alpha' rules if the custom field is also encrypted.
+ // the values need to be decrypted first, because encrypted strings are alphanumeric
+ if ($field->format === 'NUMERIC' && $field->field_encrypted) {
+ $numericKey = array_search('numeric', $rules[$field->db_column_name()]);
+ $rules[$field->db_column_name()][$numericKey] = new NumericEncrypted;
+ }
+
+ if ($field->format === 'ALPHA' && $field->field_encrypted) {
+ $alphaKey = array_search('alpha', $rules[$field->db_column_name()]);
+ $rules[$field->db_column_name()][$alphaKey] = new AlphaEncrypted;
+ }
+
// add not_array to rules for all fields but checkboxes
if ($field->element != 'checkbox') {
$rules[$field->db_column_name()][] = 'not_array';
diff --git a/app/Rules/AlphaEncrypted.php b/app/Rules/AlphaEncrypted.php
new file mode 100644
index 000000000..f4ed1d6c3
--- /dev/null
+++ b/app/Rules/AlphaEncrypted.php
@@ -0,0 +1,29 @@
+ $attributeName]));
+ }
+ } catch (\Exception $e) {
+ report($e);
+ $fail(trans('general.something_went_wrong'));
+ }
+ }
+}
diff --git a/app/Rules/NumericEncrypted.php b/app/Rules/NumericEncrypted.php
new file mode 100644
index 000000000..f3cb3ba76
--- /dev/null
+++ b/app/Rules/NumericEncrypted.php
@@ -0,0 +1,31 @@
+ $attributeName]));
+ }
+ } catch (\Exception $e) {
+ report($e->getMessage());
+ $fail(trans('general.something_went_wrong'));
+ }
+ }
+}
diff --git a/resources/lang/en-US/mail.php b/resources/lang/en-US/mail.php
index 76c0c1773..7663a0167 100644
--- a/resources/lang/en-US/mail.php
+++ b/resources/lang/en-US/mail.php
@@ -60,7 +60,7 @@ return [
'item_checked_reminder' => 'This is a reminder that you currently have :count items checked out to you that you have not accepted or declined. Please click the link below to confirm your decision.',
'license_expiring_alert' => 'There is :count license expiring in the next :threshold days.|There are :count licenses expiring in the next :threshold days.',
'link_to_update_password' => 'Please click on the following link to update your :web password:',
- 'login' => 'Login:',
+ 'login' => 'Login',
'login_first_admin' => 'Login to your new Snipe-IT installation using the credentials below:',
'low_inventory_alert' => 'There is :count item that is below minimum inventory or will soon be low.|There are :count items that are below minimum inventory or will soon be low.',
'min_QTY' => 'Min QTY',
diff --git a/resources/views/notifications/FirstAdmin.blade.php b/resources/views/notifications/FirstAdmin.blade.php
index b6d8e89db..83a5c8bf0 100644
--- a/resources/views/notifications/FirstAdmin.blade.php
+++ b/resources/views/notifications/FirstAdmin.blade.php
@@ -1,8 +1,8 @@
@component('mail::message')
{{ trans('mail.hello') }} {{ $first_name }} {{$last_name}},
-{{ trans('mail.login') }} {{ $username }}
-{{ trans('mail.password') }} {{ $password }}
+{{ trans('mail.login') }}: {{ $username }}
+{{ trans('mail.password') }}: {{ $password }}
@component('mail::button', ['url' => $url])
Go To {{$snipeSettings->site_name}}
diff --git a/resources/views/notifications/Welcome.blade.php b/resources/views/notifications/Welcome.blade.php
index 82dcd3e15..e6e72ad2c 100644
--- a/resources/views/notifications/Welcome.blade.php
+++ b/resources/views/notifications/Welcome.blade.php
@@ -3,8 +3,8 @@
{{ trans('mail.admin_has_created', ['web' => $snipeSettings->site_name]) }}
-{{ trans('mail.login') }} {{ $username }}
-{{ trans('mail.password') }} {{ $password }}
+{{ trans('mail.login') }}: {{ $username }}
+{{ trans('mail.password') }}: {{ $password }}
@component('mail::button', ['url' => $url])
Go To {{$snipeSettings->site_name}}
diff --git a/tests/Feature/Checkins/Api/ComponentCheckinTest.php b/tests/Feature/Checkins/Api/ComponentCheckinTest.php
new file mode 100644
index 000000000..0497a8135
--- /dev/null
+++ b/tests/Feature/Checkins/Api/ComponentCheckinTest.php
@@ -0,0 +1,164 @@
+checkedOutToAsset()->create();
+
+ $this->actingAsForApi(User::factory()->create())
+ ->postJson(route('api.components.checkin', $component->assets->first()->pivot->id))
+ ->assertForbidden();
+ }
+
+ public function testHandlesNonExistentPivotId()
+ {
+ $this->actingAsForApi(User::factory()->checkinComponents()->create())
+ ->postJson(route('api.components.checkin', 1000), [
+ 'checkin_qty' => 1,
+ ])
+ ->assertOk()
+ ->assertStatusMessageIs('error');
+ }
+
+ public function testHandlesNonExistentComponent()
+ {
+ $component = Component::factory()->checkedOutToAsset()->create();
+ $pivotId = $component->assets->first()->pivot->id;
+ $component->delete();
+
+ $this->actingAsForApi(User::factory()->checkinComponents()->create())
+ ->postJson(route('api.components.checkin', $pivotId), [
+ 'checkin_qty' => 1,
+ ])
+ ->assertOk()
+ ->assertStatusMessageIs('error');
+ }
+
+ public function testCannotCheckinMoreThanCheckedOut()
+ {
+ $component = Component::factory()->checkedOutToAsset()->create();
+
+ $pivot = $component->assets->first()->pivot;
+ $pivot->update(['assigned_qty' => 1]);
+
+ $this->actingAsForApi(User::factory()->checkinComponents()->create())
+ ->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
+ 'checkin_qty' => 3,
+ ])
+ ->assertOk()
+ ->assertStatusMessageIs('error');
+ }
+
+ public function testCanCheckinComponent()
+ {
+ Event::fake([CheckoutableCheckedIn::class]);
+
+ $user = User::factory()->checkinComponents()->create();
+
+ $component = Component::factory()->checkedOutToAsset()->create();
+ $pivot = $component->assets->first()->pivot;
+ $pivot->update(['assigned_qty' => 3]);
+
+
+ $this->actingAsForApi($user)
+ ->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
+ 'checkin_qty' => 2,
+ 'note' => 'my note',
+ ])
+ ->assertOk()
+ ->assertStatusMessageIs('success');
+
+ $this->assertEquals(1, $component->fresh()->assets->first()->pivot->assigned_qty);
+
+ Event::assertDispatched(function (CheckoutableCheckedIn $event) use ($user, $component) {
+ return $event->checkoutable->is($component)
+ && $event->checkedOutTo->is($component->assets->first())
+ && $event->checkedInBy->is($user)
+ && $event->note === 'my note';
+ });
+ }
+
+ public function testCheckingInEntireAssignedQuantityClearsThePivotRecordFromTheDatabase()
+ {
+ Event::fake([CheckoutableCheckedIn::class]);
+
+ $user = User::factory()->checkinComponents()->create();
+
+ $component = Component::factory()->checkedOutToAsset()->create();
+ $pivot = $component->assets->first()->pivot;
+ $pivot->update(['assigned_qty' => 3]);
+
+ $this->actingAsForApi($user)
+ ->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
+ 'checkin_qty' => 3,
+ 'note' => 'my note',
+ ])
+ ->assertOk()
+ ->assertStatusMessageIs('success');
+
+ $this->assertEmpty($component->fresh()->assets);
+
+ Event::assertDispatched(function (CheckoutableCheckedIn $event) use ($user, $component) {
+ return $event->checkoutable->is($component)
+ && $event->checkedOutTo->is($component->assets->first())
+ && $event->checkedInBy->is($user)
+ && $event->note === 'my note';
+ });
+ }
+
+ public function testAdheresToFullMultipleCompaniesSupportScoping()
+ {
+ $this->settings->enableMultipleFullCompanySupport();
+
+ [$companyA, $companyB] = Company::factory()->count(2)->create();
+
+ $componentInCompanyA = Component::factory()->for($companyA)->checkedOutToAsset()->create();
+ $userInCompanyB = User::factory()->for($companyB)->create();
+ $pivotId = $componentInCompanyA->assets->first()->pivot->id;
+
+ $this->actingAsForApi($userInCompanyB)
+ ->postJson(route('api.components.checkin', $pivotId), [
+ 'checkin_qty' => 1,
+ ])
+ ->assertOk()
+ ->assertStatusMessageIs('error');
+ }
+
+ public function testCheckinIsLogged()
+ {
+ $user = User::factory()->checkinComponents()->create();
+
+ $component = Component::factory()->checkedOutToAsset()->create();
+ $pivot = $component->assets->first()->pivot;
+ $pivot->update(['assigned_qty' => 3]);
+
+ $this->actingAsForApi($user)
+ ->postJson(route('api.components.checkin', $component->assets->first()->pivot->id), [
+ 'checkin_qty' => 3,
+ 'note' => 'my note',
+ ]);
+
+ $this->assertDatabaseHas('action_logs', [
+ 'created_by' => $user->id,
+ 'action_type' => 'checkin from',
+ 'target_id' => $component->assets->first()->id,
+ 'target_type' => Asset::class,
+ 'note' => 'my note',
+ 'item_id' => $component->id,
+ 'item_type' => Component::class,
+ ]);
+ }
+}