Only decrypt if the user is an admin

snipe · Aug 26, 2016 · 96eb832 · 96eb832
1 parent 130c798
commit 96eb832
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 13 deletions.
diff --git a/app/Http/Controllers/AssetsController.php b/app/Http/Controllers/AssetsController.php
@@ -1786,10 +1786,26 @@ public function getDatatable(Request $request, $status = null)
  'companyName' => is_null($asset->company) ? '' : e($asset->company->name)
  );
  foreach ($all_custom_fields as $field) {
- if (($field->format=='URL') && ($asset->{$field->db_column_name()}!='')) {
- $row[$field->db_column_name()] = '<a href="'.$asset->{$field->db_column_name()}.'" target="_blank">'.$asset->{$field->db_column_name()}.'</a>';
+ $column_name = $field->db_column_name();
+
+ if ($field->isFieldDecryptable($asset->{$column_name})) {
+
+ if (Gate::allows('admin')) {
+ if (($field->format=='URL') && ($asset->{$column_name}!='')) {
+ $row[$column_name] = '<a href="'.Helper::gracefulDecrypt($field, $asset->{$column_name}).'" target="_blank">'.Helper::gracefulDecrypt($field, $asset->{$column_name}).'</a>';
+ } else {
+ $row[$column_name] = Helper::gracefulDecrypt($field, $asset->{$column_name});
+ }
+
+ } else {
+ $row[$field->db_column_name()] = strtoupper(trans('admin/custom_fields/general.encrypted'));
+ }
  } else {
- $row[$field->db_column_name()] = e($asset->{$field->db_column_name()});
+ if (($field->format=='URL') && ($asset->{$field->db_column_name()}!='')) {
+ $row[$field->db_column_name()] = '<a href="'.$asset->{$field->db_column_name()}.'" target="_blank">'.$asset->{$field->db_column_name()}.'</a>';
+ } else {
+ $row[$field->db_column_name()] = e($asset->{$field->db_column_name()});
+ }
  }
 
  }

diff --git a/resources/views/hardware/index.blade.php b/resources/views/hardware/index.blade.php
@@ -95,7 +95,16 @@ class="table table-striped"
  <th data-sortable="true" data-searchable="true" data-field="last_checkout">{{ trans('admin/hardware/table.checkout_date') }}</th>
  <th data-sortable="true" data-field="expected_checkin" data-searchable="true">{{ trans('admin/hardware/form.expected_checkin') }}</th>
  @foreach(\App\Models\CustomField::all() AS $field)
- <th data-sortable="true" data-visible="false" data-field="{{$field->db_column_name()}}">{{$field->name}}</th>
+
+
+ <th data-sortable="{{ ($field->field_encrypted=='1' ? 'false' : 'true') }}" data-visible="false" data-field="{{$field->db_column_name()}}">
+ @if ($field->field_encrypted=='1')
+ <i class="fa fa-lock"></i>
+ @endif
+
+ {{$field->name}}
+ </th>
+
  @endforeach
  <th data-sortable="true" data-field="created_at" data-searchable="true" data-visible="false">{{ trans('general.created_at') }}</th>
  <th data-switchable="false" data-searchable="false" data-sortable="false" data-field="change">{{ trans('admin/hardware/table.change') }}</th>

diff --git a/resources/views/hardware/view.blade.php b/resources/views/hardware/view.blade.php
@@ -121,15 +121,34 @@
  @if ($asset->model->fieldset)
  @foreach($asset->model->fieldset->fields as $field)
  <tr>
- <td>{{ $field->name }}</td>
+ <td>{{ $field->name }}
+
+
+ </td>
  <td>
+ @if ($field->field_encrypted=='1')
+ <i class="fa fa-lock" data-toggle="tooltip" data-placement="top" title="{{ trans('admin/custom_fields/general.value_encrypted') }}"></i>
+ @endif
+
+ @if ($field->isFieldDecryptable($asset->{$field->db_column_name()} ))
+
+ @can('admin')
+ @if (($field->format=='URL') && ($asset->{$field->db_column_name()}!=''))
+ <a href="{{ \App\Helpers\Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }}" target="_new">{{ \App\Helpers\Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }}</a>
+ @else
+ {{ \App\Helpers\Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) }}
+ @endif
+ @else
+ {{ strtoupper(trans('admin/custom_fields/general.encrypted')) }}
+ @endcan
 
- @if (($field->format=='URL') && ($asset->{$field->db_column_name()}!=''))
- <a href="{{ $asset->{$field->db_column_name()} }}" target="_new">{{ $asset->{$field->db_column_name()} }}</a>
  @else
- {{ $asset->{$field->db_column_name()} }}
+ @if (($field->format=='URL') && ($asset->{$field->db_column_name()}!=''))
+ <a href="{{ $asset->{$field->db_column_name()} }}" target="_new">{{ $asset->{$field->db_column_name()} }}</a>
+ @else
+ {{ $asset->{$field->db_column_name()} }}
+ @endif
  @endif
-
 
  </td>
  </tr>

diff --git a/resources/views/models/custom_fields_form.blade.php b/resources/views/models/custom_fields_form.blade.php
@@ -5,16 +5,17 @@
  <div class="col-md-7 col-sm-12{{ ($field->pivot->required=='1') ? ' required' : '' }}">
 
  @if ($field->element!='text')
-
+ <!-- Listbox -->
  @if ($field->element=='listbox')
  {{ Form::select($field->db_column_name(), $field->formatFieldValuesAsArray(), Input::old($field->db_column_name(), $asset->{$field->db_column_name()}), ['class'=>'format select2 form-control']) }}
- @elseif ($field->element=='checkbox')
 
+ @elseif ($field->element=='checkbox')
+ <!-- Checkboxes -->
  @foreach ($field->formatFieldValuesAsArray() as $key => $value)
 
  <div>
  <label>
- <input type="checkbox" value="1" name="{{ $key }}[]" class="minimal" {{ Input::old($field->db_column_name()) == '1' ? ' checked="checked"' : '' }}> {{ $value }}
+ <input type="checkbox" value="1" name="{{ $field->db_column_name() }}[]" class="minimal" {{ Input::old($field->db_column_name()) != '' ? ' checked="checked"' : '' }}> key: {{ $key }} value: {{ $value }}
  </label>
  </div>
  @endforeach
@@ -23,7 +24,13 @@
 
 
  @else
- <input type="text" value="{{ Input::old($field->db_column_name(),(isset($asset) ? $asset->{$field->db_column_name()} : "")) }}" id="{{ $field->db_column_name() }}" class="form-control" name="{{ $field->db_column_name() }}">
+ <!-- Text field -->
+
+ @can('admin')
+ <input type="text" value="{{ Input::old($field->db_column_name(),(isset($asset) ? \App\Helpers\Helper::gracefulDecrypt($field, $asset->{$field->db_column_name()}) : "")) }}" id="{{ $field->db_column_name() }}" class="form-control" name="{{ $field->db_column_name() }}" placeholder="Enter {{ strtolower($field->format) }} text">
+ @else
+ <input type="text" value="{{ strtoupper(trans('admin/custom_fields/general.encrypted')) }}" class="form-control disabled" disabled>
+ @endcan
 
  @endif
 
@@ -35,6 +42,12 @@
  }
  ?>
  </div>
+
+ @if ($field->field_encrypted)
+ <div class="col-md-1 col-sm-1 text-left">
+ <i class="fa fa-lock" data-toggle="tooltip" data-placement="top" title="{{ trans('admin/custom_fields/general.value_encrypted') }}"></i>
+ </div>
+ @endif
  </div>
  @endforeach
 @endif