mirror/snipe-it
3
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2026-02-05 03:25:32 +00:00
Code Issues Projects Releases Wiki Activity

Refactor asset creation with API

Browse Source 
Commit fb4fe3004 restored the previous behaviour to check the company_id in case of FullMultipleCompanySupport.
But after rereading the code and the laravel documentation, the check is already there where it belongs in AssetStoreRequest::prepareForValidation()
The bug is the is_int-check of the request input in prepareForValidation(). Is is of type string even if it is a numeric value, so the call to getIdForCurrentUser() never happend.
Fix this by removing the check and the now redundant call to getIdForCurrentUser().
Wrong values will get caught by the model-level validation rules.
This commit is contained in:
Tobias Regnery
2024-10-14 15:14:41 +02:00
parent 0d35335da7
commit f3c4e55667
2 changed files with 1 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/Http/Controllers/Api/AssetsController.php
View File

@ -598,7 +598,6 @@ class AssetsController extends Controller
$asset->model()->associate(AssetModel::find((int) $request->get('model_id')));
$asset->fill($request->validated());
$asset->company_id = Company::getIdForCurrentUser($request->validated()['company_id']);
$asset->created_by = auth()->id();
/**