/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$toolID = $request->route('tools');
$tool = \App\Models\Tool::find($toolID);
$toolType = \App\Models\Tool::find($toolID)->type;
$userID = \App\Models\Tool::find($toolID)->user_id;
// any user trying to access personal tools
if ($toolType == "Personal") {
if (\Auth::user()->id != $userID) {
if ($request->ajax()) {
return response('Unauthorized', 401);
} else {
return redirect()->guest('noAccess');
}
}
}
// any user trying to access company tools
if ($toolType == "Company") {
// if a user is not an admin or a super
if (\Auth::user()->admin == "No" && \Auth::user()->super == "No") {
if ($request->ajax()) {
return response('Unauthorized', 401);
} else {
return redirect()->guest('noAccess');
}
}
// if an admin user is trying to access a company tool that does not belong to their site
if (\Auth::user()->admin == "Yes") {
if (\Auth::user()->site_id != $tool->user->site_id) {
if ($request->ajax()) {
return response('Unauthorized', 401);
} else {
return redirect()->guest('noAccess');
}
}
}
// if a super user is trying to access a company tool that does not belong to their company
if (\Auth::user()->super == "Yes") {
if (\Auth::user()->site->company_id != $tool->user->site->company_id) {
if ($request->ajax()) {
return response('Unauthorized', 401);
} else {
return redirect()->guest('noAccess');
}
}
}
}
// end of $toolType == "Company" if statement
return $next($request);
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
* @return \Illuminate\Http\Response
*/
public function update(UpdateToolRequest $request, $id)
{
//
$tool = \App\Models\Tool::find($id);
$tool->fill($request->all());
$type = \Request::get("type");
// if company tool has been transferred
$iPreviousSiteID = $tool->user->site_id;
if ($tool->user->site_id != $request->get("site_id")) {
$iNewSiteID = \App\Models\Site::find($request->get("site_id"))->users()->where("admin", "=", "Yes")->first()->site_id;
$tool->user_id = \App\Models\Site::find($request->get("site_id"))->users()->where("admin", "=", "Yes")->first()->id;
// send notification
$notification = new \App\Models\Notification();
$notification->message = '<a href="' . url("tools/" . $tool->id) . '">' . $tool->name . '</a>' . " has been transferred to this job site.";
$notification->user_id = $tool->user_id;
$notification->save();
//send email
Mail::send('emails.transfers', ['tool' => $tool], function ($m) {
$m->from('*****@*****.**', 'Tag and Track');
$m->to('*****@*****.**', 'Leanne')->subject('Company Tool has been transferred');
});
// transfers table
$transfer = new \App\Models\Transfer();
$transfer->previous_site_id = $iPreviousSiteID;
$transfer->current_site_id = $iNewSiteID;
$transfer->tool_id = $tool->id;
$transfer->save();
}
// reset notifications flags, when retag date changes
if ($tool->retag_date != $request->get("retag_date")) {
$tool->five_notice = 0;
$tool->three_notice = 0;
$tool->one_notice = 0;
}
$tool->save();
if ($request->has('tech_name')) {
$name = $request->get('tech_name');
$company = $request->get('tech_company');
$phone = $request->get('contact_number');
$technician = \App\Models\Technician::where("tech_name", '=', $name)->where("tech_company", '=', $company)->where("contact_number", '=', $phone)->first();
// if technician doesn't exist
if ($technician == false) {
$technician = Technician::create($request->all());
}
$tool->technician_id = $technician->id;
$tool->save();
}
if ($type == "Company") {
return redirect('tools?type=Company')->with('message-update', 'Update successful.');
} else {
return redirect('tools?type=Personal')->with('message-update', 'Update successful.');
}
}
