diff --git a/app/Http/Controllers/Api/AssetsController.php b/app/Http/Controllers/Api/AssetsController.php index dc20588b75d5..9b21af560803 100644 --- a/app/Http/Controllers/Api/AssetsController.php +++ b/app/Http/Controllers/Api/AssetsController.php @@ -585,49 +585,8 @@ public function store(StoreAssetRequest $request): JsonResponse } $asset = $request->handleImages($asset); + $asset = $asset->handleCustomFieldsForStoring($request); - // Update custom fields in the database. - $model = AssetModel::find($request->input('model_id')); - - // Check that it's an object and not a collection - // (Sometimes people send arrays here and they shouldn't - if (($model) && ($model instanceof AssetModel) && ($model->fieldset)) { - foreach ($model->fieldset->fields as $field) { - - // Set the field value based on what was sent in the request - $field_val = $request->input($field->db_column, null); - - // If input value is null, use custom field's default value - if ($field_val == null) { - Log::debug('Field value for '.$field->db_column.' is null'); - $field_val = $field->defaultValue($request->get('model_id')); - Log::debug('Use the default fieldset value of '.$field->defaultValue($request->get('model_id'))); - } - - // if the field is set to encrypted, make sure we encrypt the value - if ($field->field_encrypted == '1') { - Log::debug('This model field is encrypted in this fieldset.'); - - if (Gate::allows('admin')) { - - // If input value is null, use custom field's default value - if (($field_val == null) && ($request->has('model_id') != '')) { - $field_val = Crypt::encrypt($field->defaultValue($request->get('model_id'))); - } else { - $field_val = Crypt::encrypt($request->input($field->db_column)); - } - } - } - if ($field->element == 'checkbox') { - if(is_array($field_val)) { - $field_val = implode(',', $field_val); - } - } - - - $asset->{$field->db_column} = $field_val; - } - } if ($asset->save()) { if ($request->get('assigned_user')) { @@ -688,32 +647,7 @@ public function update(ImageUploadRequest $request, $id) } $asset = $request->handleImages($asset); - $model = AssetModel::find($asset->model_id); - - // Update custom fields - $problems_updating_encrypted_custom_fields = false; - if (($model) && (isset($model->fieldset))) { - foreach ($model->fieldset->fields as $field) { - $field_val = $request->input($field->db_column, null); - - if ($request->has($field->db_column)) { - if ($field->element == 'checkbox') { - if(is_array($field_val)) { - $field_val = implode(',', $field_val); - } - } - if ($field->field_encrypted == '1') { - if (Gate::allows('admin')) { - $field_val = Crypt::encrypt($field_val); - } else { - $problems_updating_encrypted_custom_fields = true; - continue; - } - } - $asset->{$field->db_column} = $field_val; - } - } - } + $asset = $asset->handleCustomFieldsForStoring($request); if ($asset->save()) { diff --git a/app/Http/Controllers/Assets/AssetsController.php b/app/Http/Controllers/Assets/AssetsController.php index 1f4c787a632d..313a5684f189 100755 --- a/app/Http/Controllers/Assets/AssetsController.php +++ b/app/Http/Controllers/Assets/AssetsController.php @@ -160,29 +160,7 @@ public function store(ImageUploadRequest $request) $asset = $request->handleImages($asset); } - // Update custom fields in the database. - // Validation for these fields is handled through the AssetRequest form request - $model = AssetModel::find($request->get('model_id')); - - if (($model) && ($model->fieldset)) { - foreach ($model->fieldset->fields as $field) { - if ($field->field_encrypted == '1') { - if (Gate::allows('admin')) { - if (is_array($request->input($field->db_column))) { - $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column))); - } else { - $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column)); - } - } - } else { - if (is_array($request->input($field->db_column))) { - $asset->{$field->db_column} = implode(', ', $request->input($field->db_column)); - } else { - $asset->{$field->db_column} = $request->input($field->db_column); - } - } - } - } + $asset = $asset->handleCustomFieldsForStoring($request); // Validate the asset before saving if ($asset->isValid() && $asset->save()) { @@ -370,32 +348,7 @@ public function update(ImageUploadRequest $request, $assetId = null) $asset->notes = $request->input('notes'); $asset = $request->handleImages($asset); - - // Update custom fields in the database. - // Validation for these fields is handlded through the AssetRequest form request - // FIXME: No idea why this is returning a Builder error on db_column_name. - // Need to investigate and fix. Using static method for now. - $model = AssetModel::find($request->get('model_id')); - if (($model) && ($model->fieldset)) { - foreach ($model->fieldset->fields as $field) { - if ($field->field_encrypted == '1') { - if (Gate::allows('admin')) { - if (is_array($request->input($field->db_column))) { - $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column))); - } else { - $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column)); - } - } - } else { - if (is_array($request->input($field->db_column))) { - $asset->{$field->db_column} = implode(', ', $request->input($field->db_column)); - } else { - $asset->{$field->db_column} = $request->input($field->db_column); - } - } - } - } - + $asset = $asset->handleCustomFieldsForStoring($request); if ($asset->save()) { return redirect()->route('hardware.show', $assetId) diff --git a/app/Models/Asset.php b/app/Models/Asset.php index a3d603551ff0..bed97b56f1c7 100644 --- a/app/Models/Asset.php +++ b/app/Models/Asset.php @@ -13,10 +13,12 @@ use App\Presenters\AssetPresenter; use Illuminate\Support\Facades\Auth; use Carbon\Carbon; +use Illuminate\Support\Facades\Crypt; use Illuminate\Support\Facades\DB; use Illuminate\Database\Eloquent\Builder; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\SoftDeletes; +use Illuminate\Support\Facades\Gate; use Illuminate\Support\Facades\Storage; use Watson\Validating\ValidatingTrait; use Illuminate\Database\Eloquent\Casts\Attribute; @@ -966,6 +968,46 @@ public function getComponentCost(){ return $cost; } + public function handleCustomFieldsForStoring($request) : Asset + { + $model = AssetModel::find($this->model_id); + + if (($model) && ($model instanceof AssetModel) && ($model->fieldset)) { + + foreach ($model->fieldset->fields as $field) { + + /* + * Check if the decrypted existing value is different from one we just submitted + * and if not, pull it out of the object since it shouldn't really be updating at all. + * If we don't do this, it will try to re-encrypt it, and the same value encrypted two + * different times will have different values, so it will *look* like it was updated + * but it wasn't. + */ + if ($request->input($field->db_column)!='') { + + if ($field->field_encrypted == '1') { + if (Gate::allows('admin')) { + if (is_array($request->input($field->db_column))) { + $this->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column))); + } else { + $this->{$field->db_column} = Crypt::encrypt($request->input($field->db_column)); + } + } + + } else { + if (is_array($request->input($field->db_column))) { + $this->{$field->db_column} = implode(', ', $request->input($field->db_column)); + } else { + $this->{$field->db_column} = $request->input($field->db_column); + } + } + } + } + } + + return $this; + } + /** * ----------------------------------------------- * BEGIN MUTATORS