From bddb7fca238798a153f3ffad1ec00b97f68a1ca7 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Fri, 25 Mar 2016 15:50:08 -0700
Subject: [PATCH] Additional doc blocks, added private_uploads path

---
 .../Controllers/AccessoriesController.php     |  2 +-
 .../AssetMaintenancesController.php           | 62 +++++++++++--------
 app/Http/Controllers/AssetsController.php     | 12 ++--
 app/Http/Controllers/CategoriesController.php | 11 +++-
 .../Controllers/ChangeEmailController.php     |  8 +++
 .../Controllers/ChangePasswordController.php  |  8 +++
 app/Http/Controllers/CompaniesController.php  | 11 +++-
 app/Http/Controllers/ComponentsController.php | 11 +++-
 .../Controllers/ConsumablesController.php     | 11 +++-
 .../Controllers/CustomFieldsController.php    |  8 +++
 app/Http/Controllers/DashboardController.php  |  8 +++
 .../Controllers/DepreciationsController.php   |  8 +++
 app/Http/Controllers/GroupsController.php     |  8 +++
 app/Http/Controllers/LicensesController.php   | 13 +++-
 app/Http/Controllers/LocationsController.php  |  9 +++
 .../Controllers/ManufacturersController.php   |  8 +++
 app/Http/Controllers/ProfileController.php    |  9 +++
 app/Http/Controllers/ReportsController.php    |  9 +++
 app/Http/Controllers/SettingsController.php   |  6 +-
 .../Controllers/StatuslabelsController.php    |  9 +++
 app/Http/Controllers/SuppliersController.php  |  9 +++
 app/Http/Controllers/UsersController.php      |  4 +-
 app/Http/Controllers/ViewAssetsController.php | 10 +++
 config/app.php                                | 18 +++++-
 storage/private_uploads/backups/.gitignore    |  2 +
 25 files changed, 229 insertions(+), 45 deletions(-)
 create mode 100644 storage/private_uploads/backups/.gitignore

diff --git a/app/Http/Controllers/AccessoriesController.php b/app/Http/Controllers/AccessoriesController.php
index ed25e7a88..74e4318ed 100755
--- a/app/Http/Controllers/AccessoriesController.php
+++ b/app/Http/Controllers/AccessoriesController.php
@@ -5,7 +5,7 @@
  *
  * PHP version 5.5.9
  * @package    Snipe-IT
- * @version    v3.0
+ * @version    v1.0
  */
 
 namespace App\Http\Controllers;
diff --git a/app/Http/Controllers/AssetMaintenancesController.php b/app/Http/Controllers/AssetMaintenancesController.php
index 2ebe3c500..98de1d52b 100644
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -1,26 +1,34 @@
 <?php
+/**
+ * This controller handles all actions related to Asset Maintenance for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v2.0
+ */
 
-    namespace App\Http\Controllers;
+namespace App\Http\Controllers;
 
-    use App\Models\AssetMaintenance;
-    use Carbon\Carbon;
-    use App\Models\Company;
-    use DB;
-    use Input;
-    use Lang;
-    use Log;
-    use Mail;
-    use Redirect;
-    use Response;
-    use Slack;
-    use Str;
-    use App\Models\Supplier;
-    use TCPDF;
-    use Validator;
-    use View;
-    use App\Models\Setting;
-    use App\Models\Asset;
-    use App\Helpers\Helper;
+use App\Models\AssetMaintenance;
+use Carbon\Carbon;
+use App\Models\Company;
+use DB;
+use Input;
+use Lang;
+use Log;
+use Mail;
+use Redirect;
+use Response;
+use Slack;
+use Str;
+use App\Models\Supplier;
+use TCPDF;
+use Validator;
+use View;
+use App\Models\Setting;
+use App\Models\Asset;
+use App\Helpers\Helper;
 
 class AssetMaintenancesController extends Controller
 {
@@ -30,13 +38,13 @@ class AssetMaintenancesController extends Controller
           ->with('error', Lang::get('general.insufficient_permissions'));
     }
 
-  /**
-       * getIndex
-       *
-       * @return mixed
-       * @author  Vincent Sposato <vincent.sposato@gmail.com>
-       * @version v1.0
-       */
+    /**
+    * getIndex
+    *
+    * @return mixed
+    * @author  Vincent Sposato <vincent.sposato@gmail.com>
+    * @version v1.0
+    */
     public function getIndex()
     {
 
diff --git a/app/Http/Controllers/AssetsController.php b/app/Http/Controllers/AssetsController.php
index 424676507..acef53905 100755
--- a/app/Http/Controllers/AssetsController.php
+++ b/app/Http/Controllers/AssetsController.php
@@ -734,7 +734,7 @@ class AssetsController extends Controller
     public function getImportUpload()
     {
 
-        $path = storage_path().'/app/private_uploads/imports/assets';
+        $path = config('app.private_uploads').'/imports/assets';
         $files = array();
 
         if (!Company::isCurrentUserAuthorized()) {
@@ -780,7 +780,7 @@ class AssetsController extends Controller
         } elseif (!config('app.lock_passwords')) {
 
             $files = Input::file('files');
-            $path = storage_path().'/app/private_uploads/imports/assets';
+            $path = config('app.private_uploads').'/imports/assets';
             $results = array();
 
             foreach ($files as $file) {
@@ -838,9 +838,9 @@ class AssetsController extends Controller
         }
 
         $output = new BufferedOutput;
-        Artisan::call('asset-import:csv', ['filename'=> storage_path().'/app/private_uploads/imports/assets/'.$filename, '--email_format'=>'firstname.lastname', '--username_format'=>'firstname.lastname'], $output);
+        Artisan::call('asset-import:csv', ['filename'=> config('app.private_uploads').'/imports/assets/'.$filename, '--email_format'=>'firstname.lastname', '--username_format'=>'firstname.lastname'], $output);
         $display_output =  $output->fetch();
-        $file = storage_path().'/app/private_uploads/imports/assets/'.str_replace('.csv', '', $filename).'-output-'.date("Y-m-d-his").'.txt';
+        $file = config('app.private_uploads').'/imports/assets/'.str_replace('.csv', '', $filename).'-output-'.date("Y-m-d-his").'.txt';
         file_put_contents($file, $display_output);
 
 
@@ -948,7 +948,7 @@ class AssetsController extends Controller
         }
 
         // the asset is valid
-        $destinationPath = storage_path().'/private_uploads/app/imports/assets';
+        $destinationPath = config('app.private_uploads').'/imports/assets';
 
 
 
@@ -1001,7 +1001,7 @@ class AssetsController extends Controller
     public function getDeleteFile($assetId = null, $fileId = null)
     {
         $asset = Asset::find($assetId);
-        $destinationPath = storage_path().'private_uploads/app/imports/assets';
+        $destinationPath = config('app.private_uploads').'/imports/assets';
 
         // the asset is valid
         if (isset($asset->id)) {
diff --git a/app/Http/Controllers/CategoriesController.php b/app/Http/Controllers/CategoriesController.php
index 5b3c385d7..e2609ef6a 100755
--- a/app/Http/Controllers/CategoriesController.php
+++ b/app/Http/Controllers/CategoriesController.php
@@ -1,4 +1,13 @@
-<?php namespace App\Http\Controllers;
+<?php
+/**
+ * This controller handles all actions related to Asset Categories for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
 use App\Models\Category as Category;
diff --git a/app/Http/Controllers/ChangeEmailController.php b/app/Http/Controllers/ChangeEmailController.php
index 183780184..d08a2b02b 100755
--- a/app/Http/Controllers/ChangeEmailController.php
+++ b/app/Http/Controllers/ChangeEmailController.php
@@ -1,4 +1,12 @@
 <?php
+/**
+ * This controller handles all actions for users changing their email address in their profile
+ *  for the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
 namespace App\Http\Controllers;
 
 use Input;
diff --git a/app/Http/Controllers/ChangePasswordController.php b/app/Http/Controllers/ChangePasswordController.php
index 4bf7b8532..e73035ca1 100755
--- a/app/Http/Controllers/ChangePasswordController.php
+++ b/app/Http/Controllers/ChangePasswordController.php
@@ -1,4 +1,12 @@
 <?php
+/**
+ * This controller handles all actions related to users changing
+ * their passwords in the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
 namespace App\Http\Controllers;
 
 use Input;
diff --git a/app/Http/Controllers/CompaniesController.php b/app/Http/Controllers/CompaniesController.php
index 8df33d381..082a059da 100644
--- a/app/Http/Controllers/CompaniesController.php
+++ b/app/Http/Controllers/CompaniesController.php
@@ -1,4 +1,13 @@
-<?php namespace App\Http\Controllers;
+<?php
+/**
+ * This controller handles all actions related to Company support for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v2.0
+ */
+ namespace App\Http\Controllers;
 
 use App\Models\Company;
 use Input;
diff --git a/app/Http/Controllers/ComponentsController.php b/app/Http/Controllers/ComponentsController.php
index 2aa5cd1bb..d2f7bc973 100644
--- a/app/Http/Controllers/ComponentsController.php
+++ b/app/Http/Controllers/ComponentsController.php
@@ -1,4 +1,13 @@
-<?php namespace App\Http\Controllers;
+<?php
+/**
+ * This controller handles all actions related to Asset Models for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+ namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
 use App\Models\Actionlog;
diff --git a/app/Http/Controllers/ConsumablesController.php b/app/Http/Controllers/ConsumablesController.php
index f6ece0c75..86e1eb4e0 100644
--- a/app/Http/Controllers/ConsumablesController.php
+++ b/app/Http/Controllers/ConsumablesController.php
@@ -1,4 +1,13 @@
-<?php namespace App\Http\Controllers;
+<?php
+/**
+ * This controller handles all actions related to Consumables for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.8
+ */
+ namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
 use App\Models\Actionlog;
diff --git a/app/Http/Controllers/CustomFieldsController.php b/app/Http/Controllers/CustomFieldsController.php
index 8ca3e614d..3b79a4e3b 100644
--- a/app/Http/Controllers/CustomFieldsController.php
+++ b/app/Http/Controllers/CustomFieldsController.php
@@ -1,4 +1,12 @@
 <?php
+/**
+ * This controller handles all actions related to Custom Asset Fields for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v2.0
+ */
 namespace App\Http\Controllers;
 
 use View;
diff --git a/app/Http/Controllers/DashboardController.php b/app/Http/Controllers/DashboardController.php
index e0c9393c9..2f3544679 100755
--- a/app/Http/Controllers/DashboardController.php
+++ b/app/Http/Controllers/DashboardController.php
@@ -1,4 +1,12 @@
 <?php
+/**
+ * This controller handles all actions related to the admin dashboard
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
 namespace App\Http\Controllers;
 
 use App\Http\Controllers\AdminController;
diff --git a/app/Http/Controllers/DepreciationsController.php b/app/Http/Controllers/DepreciationsController.php
index e0714d266..57e5d4733 100755
--- a/app/Http/Controllers/DepreciationsController.php
+++ b/app/Http/Controllers/DepreciationsController.php
@@ -1,4 +1,12 @@
 <?php
+/**
+ * This controller handles all actions related to Asset Depreciation
+ * for the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
 namespace App\Http\Controllers;
 
 use Input;
diff --git a/app/Http/Controllers/GroupsController.php b/app/Http/Controllers/GroupsController.php
index fb10a913f..6f9a11c7e 100755
--- a/app/Http/Controllers/GroupsController.php
+++ b/app/Http/Controllers/GroupsController.php
@@ -1,4 +1,12 @@
 <?php
+/**
+ * This controller handles all actions related to User Groups for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
 namespace App\Http\Controllers;
 
 use Config;
diff --git a/app/Http/Controllers/LicensesController.php b/app/Http/Controllers/LicensesController.php
index 693deaaa8..148afb732 100755
--- a/app/Http/Controllers/LicensesController.php
+++ b/app/Http/Controllers/LicensesController.php
@@ -1,4 +1,13 @@
 <?php
+/**
+ * This controller handles all actions related to Licenses and
+ * License Seats for the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+
 namespace App\Http\Controllers;
 
 use Assets;
@@ -790,7 +799,7 @@ class LicensesController extends Controller
         $license = License::find($licenseId);
 
         // the license is valid
-        $destinationPath = storage_path().'/app/private_uploads';
+        $destinationPath = config('app.private_uploads').'/licenses';
 
         if (isset($license->id)) {
 
@@ -866,7 +875,7 @@ class LicensesController extends Controller
     public function getDeleteFile($licenseId = null, $fileId = null)
     {
         $license = License::find($licenseId);
-        $destinationPath = storage_path().'/app/private_uploads';
+        $destinationPath = config('app.private_uploads').'/licenses';
 
         // the license is valid
         if (isset($license->id)) {
diff --git a/app/Http/Controllers/LocationsController.php b/app/Http/Controllers/LocationsController.php
index e9841bf86..494ccc769 100755
--- a/app/Http/Controllers/LocationsController.php
+++ b/app/Http/Controllers/LocationsController.php
@@ -1,4 +1,13 @@
 <?php
+/**
+ * This controller handles all actions related to Locations for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+
 namespace App\Http\Controllers;
 
 use Input;
diff --git a/app/Http/Controllers/ManufacturersController.php b/app/Http/Controllers/ManufacturersController.php
index 65f37eb62..316526e2e 100755
--- a/app/Http/Controllers/ManufacturersController.php
+++ b/app/Http/Controllers/ManufacturersController.php
@@ -1,4 +1,12 @@
 <?php
+/**
+ * This controller handles all actions related to Manufacturers for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
 namespace App\Http\Controllers;
 
 use App\Models\Company;
diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php
index dd0067167..2f1de589d 100755
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -1,4 +1,13 @@
 <?php
+/**
+ * This controller handles user profile editing 
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+
 namespace App\Http\Controllers;
 
 use Image;
diff --git a/app/Http/Controllers/ReportsController.php b/app/Http/Controllers/ReportsController.php
index 0a014a235..2f37fed1e 100644
--- a/app/Http/Controllers/ReportsController.php
+++ b/app/Http/Controllers/ReportsController.php
@@ -1,4 +1,13 @@
 <?php
+/**
+ * This controller handles all reporting actions for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+
 namespace App\Http\Controllers;
 
 use App\Models\Accessory;
diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php
index 79d90fc17..913095fde 100755
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -421,7 +421,9 @@ class SettingsController extends Controller
     */
     public function getBackups()
     {
-        $path = storage_path().'/app/'.config('laravel-backup.destination.path');
+
+        $path = config('app.private_uploads').'/backups';
+
         $files = array();
 
         if ($handle = opendir($path)) {
@@ -479,7 +481,7 @@ class SettingsController extends Controller
     public function downloadFile($filename = null)
     {
         if (!config('app.lock_passwords')) {
-            $path = storage_path().'/app/'.config('laravel-backup.destination.path');
+            $path = config('app.private_uploads').'/backups';
             $file = $path.'/'.$filename;
             if (file_exists($file)) {
                 return Response::download($file);
diff --git a/app/Http/Controllers/StatuslabelsController.php b/app/Http/Controllers/StatuslabelsController.php
index ce1788c82..adafae1df 100755
--- a/app/Http/Controllers/StatuslabelsController.php
+++ b/app/Http/Controllers/StatuslabelsController.php
@@ -1,4 +1,13 @@
 <?php
+/**
+ * This controller handles all actions related to Status Labels for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+
 namespace App\Http\Controllers;
 
 use Input;
diff --git a/app/Http/Controllers/SuppliersController.php b/app/Http/Controllers/SuppliersController.php
index 54af9eb27..28bbda360 100755
--- a/app/Http/Controllers/SuppliersController.php
+++ b/app/Http/Controllers/SuppliersController.php
@@ -1,4 +1,13 @@
 <?php
+/**
+ * This controller handles all actions related to Suppliers for
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+
 namespace App\Http\Controllers;
 
 use Image;
diff --git a/app/Http/Controllers/UsersController.php b/app/Http/Controllers/UsersController.php
index 4b70c2cd4..30a24179a 100755
--- a/app/Http/Controllers/UsersController.php
+++ b/app/Http/Controllers/UsersController.php
@@ -938,7 +938,7 @@ class UsersController extends Controller
 
 
         $user = User::find($userId);
-        $destinationPath = storage_path() . '/app/private_uploads/users';
+        $destinationPath = config('app.private_uploads') . '/users';
 
         if (isset($user->id)) {
 
@@ -986,7 +986,7 @@ class UsersController extends Controller
     public function getDeleteFile($userId = null, $fileId = null)
     {
         $user = User::find($userId);
-        $destinationPath = app_path() . '/private_uploads';
+        $destinationPath = config('app.private_uploads').'/users';
 
         // the license is valid
         if (isset($user->id)) {
diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 68776609a..8f046652a 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -1,4 +1,14 @@
 <?php
+/**
+ * This controller handles all actions that allow a logged in user
+ * to view the assets assigned to them (and request an asset) for 
+ * the Snipe-IT Asset Management application.
+ *
+ * PHP version 5.5.9
+ * @package    Snipe-IT
+ * @version    v1.0
+ */
+
 namespace App\Http\Controllers;
 
 use App\Models\Accessory;
diff --git a/config/app.php b/config/app.php
index 2cabe4891..4841c5650 100644
--- a/config/app.php
+++ b/config/app.php
@@ -111,13 +111,29 @@ return [
     'log' => env('APP_LOG', 'single'),
 
 
+    /*
+    |--------------------------------------------------------------------------
+    | Default Storage path for private uploads
+    |--------------------------------------------------------------------------
+    | This is the path for any uploaded files that have to be run through the
+    | auth system to ensure they are not visible to the public. These should be
+    | stored somewhere outside of the web root so that an unautenticated user
+    | cannot access them.
+    |
+    | For example: license keys, contracts, etc.
+    |
+    */
+
+    'private_uploads' => storage_path().'/private_uploads',
+
+
     /*
     |--------------------------------------------------------------------------
     | Demo Mode Lockdown
     |--------------------------------------------------------------------------
     |
     | Normal users will never need to edit this. This option lets you run a
-    | version of Snipe-IT with limited functionality to prevent demo abuse. 
+    | version of Snipe-IT with limited functionality to prevent demo abuse.
     |
     */
 
diff --git a/storage/private_uploads/backups/.gitignore b/storage/private_uploads/backups/.gitignore
new file mode 100644
index 000000000..c96a04f00
--- /dev/null
+++ b/storage/private_uploads/backups/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file