gavin/snipe-it
1
0
Fork 0
mirror of https://github.com/grokability/snipe-it.git synced 2026-03-12 17:52:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixed #18288: Allow users to change preferences even if profile editing is not permitted

Browse Source
This commit is contained in:
snipe
2025-12-04 13:21:04 +00:00
parent 4f610ac1af
commit 621ce1777f
6 changed files with 97 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
app/Http/Controllers/ProfileController.php
View File

@@ -35,7 +35,7 @@ class ProfileController extends Controller
*/
public function getIndex() : View
{
$this->authorize('self.profile');
$user = auth()->user();
return view('account/profile', compact('user'));
}
@@ -48,22 +48,25 @@ class ProfileController extends Controller
*/
public function postIndex(ImageUploadRequest $request) : RedirectResponse
{
$this->authorize('self.profile');
$user = auth()->user();
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
$user->website = $request->input('website');
$user->gravatar = $request->input('gravatar');
$user->phone = $request->input('phone');
if ((Gate::allows('self.profile')) && (! config('app.lock_passwords'))) {
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
$user->website = $request->input('website');
$user->gravatar = $request->input('gravatar');
$user->phone = $request->input('phone');
}
$user->enable_sounds = $request->input('enable_sounds', false);
$user->enable_confetti = $request->input('enable_confetti', false);
$user->link_light_color = $request->input('link_light_color', '#296282');
$user->link_dark_color = $request->input('link_dark_color', '#296282');
$user->nav_link_color = $request->input('nav_link_color', '#FFFFFF');
$user->locale = $request->input('locale');
if (! config('app.lock_passwords')) {
$user->locale = $request->input('locale');
}
if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled == '1') && (! config('app.lock_passwords')))) {
$user->two_factor_optin = $request->input('two_factor_optin', '0');

5
resources/lang/en-US/general.php
View File

@@ -129,7 +129,7 @@ return [
'details' => 'Details',
'download' => 'Download',
'download_all' => 'Download All',
'editprofile' => 'Edit Your Profile',
'editprofile' => 'Edit Profile',
'eol' => 'EOL',
'email_domain' => 'Email Domain',
'employee_number' => 'Employee Number',
@@ -538,6 +538,9 @@ return [
'item_name_var' => ':item Name',
'light_mode' => 'Light Mode',
'dark_mode' => 'Dark Mode',
'light_dark' => 'Light/Dark Mode',
'system_default' => 'Use System Default',
'theme' => 'Theme',
'error_user_company' => 'Checkout target company and asset company do not match',
'error_user_company_multiple' => 'One or more of the checkout target company and asset company do not match',
'error_user_company_accept_view' => 'An Asset assigned to you belongs to a different company so you can\'t accept nor deny it, please check with your manager',

59
resources/views/account/profile.blade.php
View File

@@ -8,8 +8,9 @@
{{-- Account page content --}}
@section('content')
<div class="row">
<div class="col-md-9">
<div class="col-md-6 col-md-offset-3">
<form method="POST" action="{{ route('profile.update') }}" accept-charset="UTF-8" class="form-horizontal" autocomplete="off" enctype="multipart/form-data">
<!-- CSRF Token -->
<input type="hidden" name="_token" value="{{ csrf_token() }}" />
@@ -21,6 +22,21 @@
{{ trans('admin/settings/general.legends.display') }}
</x-form-legend>
<!-- Language -->
<div class="form-group {{ $errors->has('locale') ? 'has-error' : '' }}">
<label class="col-md-3 control-label" for="locale">{{ trans('general.language') }}</label>
<div class="col-md-6">
@if (!config('app.lock_passwords'))
<x-input.locale-select name="locale" :selected="old('locale', $user->locale)"/>
{!! $errors->first('locale', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
@else
<p class="help-block">{{ trans('general.feature_disabled') }}</p>
@endif
</div>
</div>
<!-- Nav Link color -->
<div class="form-group {{ $errors->has('nav_link_color') ? 'error' : '' }}">
<label for="nav_link_color" class="col-md-3 control-label">{{ trans('admin/settings/general.nav_link_color') }}</label>
@@ -32,10 +48,10 @@
</div>
<!-- Light Link color -->
<div class="form-group {{ $errors->has('link_light_color') ? 'error' : '' }}">
<div class="form-group {{ $errors->has('link_dark_color') ? 'error' : '' }}">
<label for="link_light_color" class="col-md-3 control-label">{{ trans('admin/settings/general.link_light_color') }}</label>
<div class="col-md-9">
<x-input.colorpicker :item="$user" id="link_light_color" placeholder="#296282" :value="old('link_light_color', ($user->link_light_color ?? '#296282'))" name="link_light_color" />
<x-input.colorpicker :item="$user" id="link_light_color" placeholder="{{ $link_dark_color }}" :value="old('link_light_color', ($user->link_dark_color ?? $link_dark_color))" name="link_light_color" />
{!! $errors->first('link_light_color', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
<p class="help-block">{{ trans('admin/settings/general.link_light_color_help') }}</p>
</div>
@@ -45,12 +61,23 @@
<div class="form-group {{ $errors->has('link_dark_color') ? 'error' : '' }}">
<label for="link_dark_color" class="col-md-3 control-label">{{ trans('admin/settings/general.link_dark_color') }}</label>
<div class="col-md-9">
<x-input.colorpicker :item="$user" id="link_dark_color" placeholder="5fa4cc" :value="old('link_dark_color', ($user->link_dark_color ?? '#5fa4cc'))" name="link_dark_color" />
<x-input.colorpicker :item="$user" id="link_dark_color" placeholder="{{ $link_light_color }}" :value="old('link_dark_color', $link_light_color)" name="link_dark_color" />
{!! $errors->first('link_dark_color', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
<p class="help-block">{{ trans('admin/settings/general.link_dark_color_help') }}</p>
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label" for="locale">{{ trans('general.light_dark') }}</label>
<div class="col-md-9">
<p class="form-control-static" style="padding-top: 7px;">
<a data-theme-toggle-clear class="btn btn-default btn-sm" href="{{ route('profile') }}">
{{ trans('general.system_default') }}
</a>
</p>
</div>
</div>
<div class="form-group">
<div class="col-md-9 col-md-offset-3">
@@ -69,14 +96,19 @@
</label>
</div>
</div>
</fieldset>
@can('self.profile')
<fieldset name="user-preferences">
<x-form-legend>
{{ trans('admin/settings/general.legends.your_details') }}
</x-form-legend>
<!-- First Name -->
<!-- First Name -->
<div class="form-group {{ $errors->has('first_name') ? ' has-error' : '' }}">
<label for="first_name" class="col-md-3 control-label">{{ trans('general.first_name') }}
</label>
@@ -104,21 +136,6 @@
@endcan
<!-- Language -->
<div class="form-group {{ $errors->has('locale') ? 'has-error' : '' }}">
<label class="col-md-3 control-label" for="locale">{{ trans('general.language') }}</label>
<div class="col-md-7">
@if (!config('app.lock_passwords'))
<x-input.locale-select name="locale" :selected="old('locale', $user->locale)"/>
{!! $errors->first('locale', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
@else
<p class="help-block">{{ trans('general.feature_disabled') }}</p>
@endif
</div>
</div>
<!-- Phone -->
<div class="form-group {{ $errors->has('phone') ? 'has-error' : '' }}">
<label class="col-md-3 control-label" for="phone">{{ trans('admin/users/table.phone') }}</label>
@@ -151,6 +168,7 @@
@endif
</div>
</div>
<div class="form-group">
<div class="col-md-9 col-md-offset-3">
<img src="{{ (($user->isAvatarExternal()) ? $user->avatar : Storage::disk('public')->url(app('users_upload_path').e($user->avatar))) }}" class="img-responsive">
@@ -213,6 +231,7 @@
</div>
@endif
</fieldset>
@endcan

4
resources/views/account/view-assets.blade.php
View File

@@ -144,7 +144,8 @@
</div>
@endcan
@if ($user->ldap_import!='1')
@can('self.profile')
@if (Auth::user()->ldap_import!='1')
<div class="col-md-12" style="padding-top: 5px;">
<a href="{{ route('account.password.index') }}" style="width: 100%;" class="btn btn-sm btn-primary btn-social btn-block hidden-print" rel="noopener">
<x-icon type="password" class="fa-fw" />
@@ -152,6 +153,7 @@
</a>
</div>
@endif
@endcan
@can('self.api')
<div class="col-md-12" style="padding-top: 5px;">

46
resources/views/layouts/default.blade.php
View File

@@ -175,6 +175,7 @@
input[type="text"],
input[type="url"],
input[type="email"],
input[type="password"],
option:active,
option[active],
option[selected],
@@ -243,6 +244,7 @@
input[type="date"]:focus,
input[type="email"]:focus,
input[type="number"]:focus,
input[type="password"]:focus,
textarea:focus
{
border-color: hsl(from var(--main-theme-color) h s calc(l - 5)) !important;
@@ -275,8 +277,13 @@
.btn-danger,
.btn-danger:hover,
.btn-danger:focus,
.btn-warning,
.btn-warning:hover,
.btn-warning:focus,
.btn-primary,
.btn-primary:hover,
.btn-primary:focus,
.modal-danger,
.modal-danger h2,
.modal-header h2,
@@ -285,9 +292,15 @@
color: white !important;
}
.btn-default,
.btn-default:hover
{
color: #3d4144 !important;
}
body {
color: var(--color-bg);
background-color: var(--color-bg);
color: var(--color-fg);
}
@@ -1057,11 +1070,14 @@
</a>
<ul class="dropdown-menu">
<!-- User image -->
@can('self.profile')
<li {!! (request()->is('account/profile') ? ' class="active"' : '') !!}>
<a href="{{ route('view-assets') }}">
<x-icon type="checkmark" class="fa-fw" />
{{ trans('general.viewassets') }}
</a></li>
</a>
</li>
@can('viewRequestable', \App\Models\Asset::class)
<li {!! (request()->is('account/requested') ? ' class="active"' : '') !!}>
@@ -1075,18 +1091,18 @@
<a href="{{ route('account.accept') }}">
<x-icon type="checkmark" class="fa-fw" />
{{ trans('general.accept_assets_menu') }}
</a></li>
</a>
</li>
@can('self.profile')
@endcan
<li>
<a href="{{ route('profile') }}">
<x-icon type="user" class="fa-fw" />
{{ trans('general.editprofile') }}
</a>
</li>
@endcan
@can('self.profile')
@if (Auth::user()->ldap_import!='1')
<li>
<a href="{{ route('account.password.index') }}">
@@ -1095,9 +1111,10 @@
</a>
</li>
@endif
@endcan
<li>
<a type="button" data-theme-toggle aria-label="Light mode" class="btn-link btn-anchor" href="" onclick="event.preventDefault();">
<a type="button" data-theme-toggle aria-label="Dark mode" class="btn-link btn-anchor" href="" onclick="event.preventDefault();">
{{ trans('general.dark_mode') }}
</a>
</li>
@@ -1815,7 +1832,7 @@
*/
function updateButton({ buttonEl, isDark }) {
const newCta = isDark ? '<i class="fa-regular fa-sun fa-fw"></i> {{ trans('general.light_mode') }}' : '<i class="fa-solid fa-moon fa-fw"></i> {{ trans('general.dark_mode') }}';
// use an aria-label if you are omitting text on the button
// use an aria-label if omitting text on the button
// and using a sun/moon icon, for example
buttonEl.setAttribute("aria-label", newCta);
buttonEl.innerHTML = newCta;
@@ -1836,9 +1853,11 @@
/**
* 1. Grab what we need from the DOM and system settings on page load
*/
const button = document.querySelector("[data-theme-toggle]");
const localStorageTheme = localStorage.getItem("theme");
const systemSettingDark = window.matchMedia("(prefers-color-scheme: dark)");
const clearButton = document.querySelector("[data-theme-toggle-clear]");
/**
* 2. Work out the current site settings
@@ -1846,7 +1865,7 @@
let currentThemeSetting = calculateSettingAsThemeString({ localStorageTheme, systemSettingDark });
/**
* 3. Update the theme setting and button text accoridng to current settings
* 3. Update the theme setting and button text according to current settings
*/
updateButton({ buttonEl: button, isDark: currentThemeSetting === "dark" });
updateThemeOnHtmlEl({ theme: currentThemeSetting });
@@ -1864,6 +1883,15 @@
currentThemeSetting = newTheme;
});
/**
* 5. Add an event listener to toggle the reset
*/
clearButton.addEventListener("click", (event) => {
localStorage.removeItem("theme");
});
$.fn.datepicker.dates['{{ app()->getLocale() }}'] = {
days: [
"{{ trans('datepicker.days.sunday') }}",

2
resources/views/settings/branding.blade.php
View File

@@ -106,7 +106,7 @@
<div class="form-group {{ $errors->has('link_dark_color') ? 'error' : '' }}">
<label for="link_dark_color" class="col-md-3 control-label">{{ trans('admin/settings/general.link_dark_color') }}</label>
<div class="col-md-9">
<x-input.colorpicker :item="$setting" id="link_dark_color" placeholder="5fa4cc" :value="old('link_dark_color', ($setting->link_dark_color ?? '#5fa4cc'))" name="link_dark_color" />
<x-input.colorpicker :item="$setting" id="link_dark_color" placeholder="#5fa4cc" :value="old('link_dark_color', ($setting->link_dark_color ?? '#5fa4cc'))" name="link_dark_color" />
{!! $errors->first('link_dark_color', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
<p class="help-block">{{ trans('admin/settings/general.link_dark_color_help') }}</p>
</div>