Only accept a new value for encrypted fields if the user is an admin

app/Http/Controllers/AssetsController.php

@@ -436,14 +436,22 @@ public function postEdit(AssetRequest $request, $assetId = null)
  $model = AssetModel::find($request->get('model_id'));
  if ($model->fieldset) {
  foreach ($model->fieldset->fields as $field) {
- $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = e($request->input(\App\Models\CustomField::name_to_db_name($field->name)));
- // LOG::debug($field->name);
- // LOG::debug(\App\Models\CustomField::name_to_db_name($field->name));
- // LOG::debug($field->db_column_name());
+
+
+ if ($field->field_encrypted=='1') {
+ if (Gate::allows('admin')) {
+ $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = \Crypt::encrypt(e($request->input(\App\Models\CustomField::name_to_db_name($field->name))));
+ }
+
+ } else {
+ $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = e($request->input(\App\Models\CustomField::name_to_db_name($field->name)));
+ }
+
 
  }
  }
 
+
  if ($asset->save()) {
  // Redirect to the new asset page
  \Session::flash('success', trans('admin/hardware/message.update.success'));