mirror/snipe-it
3
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2026-03-29 20:04:21 +00:00
Code Issues Projects Releases Wiki Activity

List users code refactoring

Browse Source
This commit is contained in:
Lukas Kraic
2025-06-05 20:05:38 +02:00
parent ad6fe855a9
commit 16fb1018a2
1 changed files with 61 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
app/Http/Controllers/ViewAssetsController.php
View File

@ -47,6 +47,63 @@ class ViewAssetsController extends Controller
return array_unique($fieldArray);
}
/**
* Get list of users viewable by the current user.
*
* @param User $authUser
* @return \Illuminate\Support\Collection
*/
private function getViewableUsers(User $authUser): \Illuminate\Support\Collection
{
// SuperAdmin sees all users
if ($authUser->isSuperUser()) {
return User::select('id', 'first_name', 'last_name', 'username')
->where('activated', 1)
->orderBy('last_name')
->orderBy('first_name')
->get();
}
// Regular manager sees only their subordinates + self
$managedUsers = $authUser->getAllSubordinates();
// If user has subordinates, show them with self at beginning
if ($managedUsers->count() > 0) {
return collect([$authUser])->merge($managedUsers)
->sortBy('last_name')
->sortBy('first_name');
}
// User has no subordinates, only sees themselves
return collect([$authUser]);
}
/**
* Get the selected user ID from request or default to current user.
*
* @param Request $request
* @param \Illuminate\Support\Collection $subordinates
* @param int $defaultUserId
* @return int
*/
private function getSelectedUserId(Request $request, \Illuminate\Support\Collection $subordinates, int $defaultUserId): int
{
// If no subordinates or no user_id in request, return default
if ($subordinates->count() <= 1 || !$request->filled('user_id')) {
return $defaultUserId;
}
$requestedUserId = (int) $request->input('user_id');
// Validate if the requested user is allowed
if ($subordinates->contains('id', $requestedUserId)) {
return $requestedUserId;
}
// If invalid ID or not authorized, return default
return $defaultUserId;
}
/**
* Show user's assigned assets with optional manager view functionality.
*
@ -58,41 +115,11 @@ class ViewAssetsController extends Controller
$subordinates = collect();
$selectedUserId = $authUser->id;
// Check if manager view is enabled and get subordinates if applicable
// Process manager view if enabled
if ($settings->manager_view_enabled) {
// Get all subordinates including self, sorted for the dropdown
if ($authUser->isSuperUser()) {
// SuperAdmin sees all users
$subordinates = User::select('id', 'first_name', 'last_name', 'username')
->where('activated', 1)
->orderBy('last_name')
->orderBy('first_name')
->get();
} else {
// Regular manager sees only their subordinates + self (recursive)
$managedUsers = $authUser->getAllSubordinates();
// Only show dropdown if user actually has subordinates
if ($managedUsers->count() > 0) {
$subordinates = collect([$authUser])->merge($managedUsers) // Add self at beginning
->sortBy('last_name')
->sortBy('first_name');
} else {
// User has no subordinates, so they only see themselves
$subordinates = collect([$authUser]);
}
}//end if
// If the user has subordinates and a user_id is provided in the request
if ($subordinates->count() > 1 && $request->filled('user_id')) {
$requestedUserId = (int) $request->input('user_id');
// Validate if the requested user is allowed (self or subordinate)
if ($subordinates->contains('id', $requestedUserId)) {
$selectedUserId = $requestedUserId;
}
// If invalid ID or not authorized, $selectedUserId remains $authUser->id (default)
}
}//end if
$subordinates = $this->getViewableUsers($authUser);
$selectedUserId = $this->getSelectedUserId($request, $subordinates, $authUser->id);
}
// Load the data for the user to be viewed (either auth user or selected subordinate)
$userToView = User::with([