diff --git a/app/Http/Controllers/Api/LocationsController.php b/app/Http/Controllers/Api/LocationsController.php index 7886593aecd8..2affe574b198 100644 --- a/app/Http/Controllers/Api/LocationsController.php +++ b/app/Http/Controllers/Api/LocationsController.php @@ -9,6 +9,7 @@ use App\Http\Transformers\LocationsTransformer; use App\Http\Transformers\SelectlistTransformer; use App\Models\Location; +use App\Models\Setting; use Illuminate\Http\Request; use Illuminate\Pagination\LengthAwarePaginator; use Illuminate\Support\Collection; @@ -68,7 +69,10 @@ public function index(Request $request) ->withCount('rtd_assets as rtd_assets_count') ->withCount('users as users_count'); - $locations = Company::scopeCompanyables($locations); + // Only scope locations if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $locations = Company::scopeCompanyables($locations); + } if ($request->filled('search')) { $locations = $locations->TextSearch($request->input('search')); @@ -147,9 +151,13 @@ public function store(ImageUploadRequest $request) $this->authorize('create', Location::class); $location = new Location; $location->fill($request->all()); - $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); $location = $request->handleImages($location); + // Only scope location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); + } + if ($location->save()) { return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success'))); } @@ -213,7 +221,12 @@ public function update(ImageUploadRequest $request, $id) $location = $request->handleImages($location); if ($request->filled('company_id')) { - $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); + // Only scope location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->get('company_id')); + } else { + $location->company_id = $request->get('company_id'); + } } if ($location->isValid()) { @@ -297,7 +310,10 @@ public function selectlist(Request $request) 'locations.image', ]); - $locations = Company::scopeCompanyables($locations); + // Only scope locations if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $locations = Company::scopeCompanyables($locations); + } $page = 1; if ($request->filled('page')) { diff --git a/app/Http/Controllers/LocationsController.php b/app/Http/Controllers/LocationsController.php index 1100d2740f02..3dbd0f558746 100755 --- a/app/Http/Controllers/LocationsController.php +++ b/app/Http/Controllers/LocationsController.php @@ -7,6 +7,7 @@ use App\Models\Company; use App\Models\Location; use App\Models\User; +use App\Models\Setting; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Storage; @@ -79,11 +80,17 @@ public function store(ImageUploadRequest $request) $location->zip = $request->input('zip'); $location->ldap_ou = $request->input('ldap_ou'); $location->manager_id = $request->input('manager_id'); - $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); $location->user_id = Auth::id(); $location->phone = request('phone'); $location->fax = request('fax'); + // Only scope the location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); + } else { + $location->company_id = $request->input('company_id'); + } + $location = $request->handleImages($location); if ($location->save()) { @@ -147,7 +154,13 @@ public function update(ImageUploadRequest $request, $locationId = null) $location->fax = request('fax'); $location->ldap_ou = $request->input('ldap_ou'); $location->manager_id = $request->input('manager_id'); - $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); + + // Only scope the location if the setting is enabled + if (Setting::getSettings()->scope_locations_fmcs) { + $location->company_id = Company::getIdForCurrentUser($request->input('company_id')); + } else { + $location->company_id = $request->input('company_id'); + } $location = $request->handleImages($location); diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index 7a7aa45b6e4a..f4bc1b12df94 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -341,6 +341,13 @@ public function postSettings(Request $request) } $setting->full_multiple_companies_support = $request->input('full_multiple_companies_support', '0'); + $setting->scope_locations_fmcs = $request->input('scope_locations_fmcs', '0'); + + // Backward compatibility for locations makes no sense without FullMultipleCompanySupport + if (!$setting->full_multiple_companies_support) { + $setting->scope_locations_fmcs = '0'; + } + $setting->unique_serial = $request->input('unique_serial', '0'); $setting->show_images_in_email = $request->input('show_images_in_email', '0'); $setting->show_archived_in_list = $request->input('show_archived_in_list', '0'); diff --git a/app/Models/Location.php b/app/Models/Location.php index 67a93aa0b6fd..7d2dd0365599 100755 --- a/app/Models/Location.php +++ b/app/Models/Location.php @@ -4,6 +4,7 @@ use App\Http\Traits\UniqueUndeletedTrait; use App\Models\Asset; +use App\Models\Setting; use App\Models\SnipeModel; use App\Models\Traits\Searchable; use App\Models\User; @@ -17,12 +18,21 @@ class Location extends SnipeModel { + function __construct() { + parent::__construct(); + // This is a workaround for backward compatibility with older versions where locations doesn't get scoped. + // Normaly we would only add 'use CompanyableTrait;', but this has to be conditional on the setting. + // So instead of using the trait, add the scope directly if no backward compatibility is used + if (Setting::getSettings()->scope_locations_fmcs) { + static::addGlobalScope(new CompanyableScope); + } + } + use HasFactory; protected $presenter = \App\Presenters\LocationPresenter::class; use Presentable; use SoftDeletes; - use CompanyableTrait; protected $table = 'locations'; protected $rules = [ diff --git a/database/migrations/2023_02_27_092130_add_scope_locations_setting.php b/database/migrations/2023_02_27_092130_add_scope_locations_setting.php new file mode 100644 index 000000000000..c1e2ff83e9fe --- /dev/null +++ b/database/migrations/2023_02_27_092130_add_scope_locations_setting.php @@ -0,0 +1,32 @@ +boolean('scope_locations_fmcs')->default('0')->after('full_multiple_companies_support'); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('settings', function (Blueprint $table) { + $table->dropColumn('scope_locations_fmcs'); + }); + } +} \ No newline at end of file diff --git a/resources/lang/de/admin/settings/general.php b/resources/lang/de/admin/settings/general.php index e991825b4a57..a4bd8d2bbcef 100644 --- a/resources/lang/de/admin/settings/general.php +++ b/resources/lang/de/admin/settings/general.php @@ -144,6 +144,8 @@ 'logo_print_assets_help' => 'Firmenlogo anzeigen beim Drucken der Asset-Liste ', 'full_multiple_companies_support_help_text' => 'Beschränkung von Benutzern (inklusive Administratoren) die einer Firma zugewiesen sind zu den Assets der Firma.', 'full_multiple_companies_support_text' => 'Volle Mehrmandanten-Unterstützung für Firmen', + 'scope_locations_fmcs_support_text' => 'Beschränke Standorte mit voller Mehrmandanten-Unterstützung für Firmen', + 'scope_locations_fmcs_support_help_text' => 'Bis zu Version 6.x waren Standorte nicht auf die Firma des Benutzers beschränkt. Wenn diese Einstellung deaktiviert ist, wird die Kompatibilität zu älteren Versionen gewahrt und die Standorte nicht beschränkt. Wenn diese Einstellung aktiviert ist, werden Standorte ebenfalls auf die Firma des Benutzers beschränkt.', 'show_in_model_list' => 'In Modell-Dropdown-Liste anzeigen', 'optional' => 'optional', 'per_page' => 'Ergebnisse pro Seite', diff --git a/resources/lang/en/admin/settings/general.php b/resources/lang/en/admin/settings/general.php index 0516bb6a8322..2d94403b6738 100644 --- a/resources/lang/en/admin/settings/general.php +++ b/resources/lang/en/admin/settings/general.php @@ -144,6 +144,8 @@ 'logo_print_assets_help' => 'Use branding on printable asset lists ', 'full_multiple_companies_support_help_text' => 'Restricting users (including admins) assigned to companies to their company\'s assets.', 'full_multiple_companies_support_text' => 'Full Multiple Companies Support', + 'scope_locations_fmcs_support_text' => 'Scope Locations with Full Multiple Companies Support', + 'scope_locations_fmcs_support_help_text' => 'Up until Version 6.x locations were not restricted to the users company. If this setting is disabled, this preserves backward compatibility with older versions and locations are not restricted. If this setting is enabled, locations are also restricted to the users company', 'show_in_model_list' => 'Show in Model Dropdowns', 'optional' => 'optional', 'per_page' => 'Results Per Page', diff --git a/resources/views/modals/location.blade.php b/resources/views/modals/location.blade.php index 9f30192ca0d0..25fba7fd19c0 100644 --- a/resources/views/modals/location.blade.php +++ b/resources/views/modals/location.blade.php @@ -10,8 +10,8 @@ - - @if ($user->company) + + @if (($snipeSettings->scope_locations_fmcs == '1') && ($user->company)) @endif diff --git a/resources/views/settings/general.blade.php b/resources/views/settings/general.blade.php index 49620d2e0bbb..adc4f88df23a 100644 --- a/resources/views/settings/general.blade.php +++ b/resources/views/settings/general.blade.php @@ -54,7 +54,24 @@

+ + +
+
+ {{ Form::label('scope_locations_fmcs', trans('admin/settings/general.scope_locations_fmcs_support_text')) }} +
+
+ + {!! $errors->first('scope_locations_fmcs', '') !!} +

+ {{ trans('admin/settings/general.scope_locations_fmcs_support_help_text') }} +

+
+
@@ -446,6 +463,5 @@ }); }); - @stop