WIP - multiple companies for users in FMCS

app/Http/Controllers/Api/CompaniesController.php

@@ -42,7 +42,7 @@ public function index(Request $request) : JsonResponse | array
 
         $companies = Company::withCount(['assets as assets_count'  => function ($query) {
             $query->AssetsForShow();
-        }])->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
+        }])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
 
         if ($request->filled('search')) {
             $companies->TextSearch($request->input('search'));
@@ -62,10 +62,11 @@ public function index(Request $request) : JsonResponse | array
 
 
         // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $companies->count()) ? $companies->count() : app('api_offset_value');
+        $offset = ($request->input('offset') > $companies->count()) ? 0 : app('api_offset_value');
         $limit = app('api_limit_value');
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $sort_override =  $request->input('sort');
+
         $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
 
         switch ($sort_override) {

app/Http/Controllers/Api/ConsumablesController.php

@@ -40,7 +40,7 @@ public function index(Request $request) : array
         }
 
         if ($request->filled('company_id')) {
-            $consumables->where('company_id', '=', $request->input('company_id'));
+            $consumables->where('consumables.company_id', '=', $request->input('company_id'));
         }
 
         if ($request->filled('category_id')) {

app/Http/Controllers/Api/UsersController.php

@@ -47,7 +47,6 @@ public function index(Request $request) : array
             'users.address',
             'users.avatar',
             'users.city',
-            'users.company_id',
             'users.country',
             'users.created_by',
             'users.created_at',
@@ -80,7 +79,7 @@ public function index(Request $request) : array
             'users.autoassign_licenses',
             'users.website',
 
-        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy', 'managesUsers', 'managedLocations')
+        ])->with('groups', 'userloc', 'companies', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy', 'managesUsers', 'managedLocations', 'manager')
             ->withCount([
                 'assets as assets_count' => function(Builder $query) {
                     $query->withoutTrashed();
@@ -102,7 +101,7 @@ public function index(Request $request) : array
         }
 
         if ($request->filled('company_id')) {
-            $users = $users->where('users.company_id', '=', $request->input('company_id'));
+            $users = $users->ByCompany($request->get('company_id'));
         }
 
         if ($request->filled('location_id')) {
@@ -243,9 +242,9 @@ public function index(Request $request) : array
             case 'created_by':
                 $users = $users->OrderByCreatedBy($order);
                 break;
-            case 'company':
-                $users = $users->OrderCompany($order);
-                break;
+//            case 'company':
+//                $users = $users->OrderCompany($order);
+//                break;
             case 'first_name':
                 $users->orderBy('first_name', $order);
                 $users->orderBy('last_name', $order);
@@ -412,6 +411,8 @@ public function store(SaveUserRequest $request) : JsonResponse
                 $user->groups()->sync([]);
             }
 
+            $user->companies()->sync($request->input('companies'));
+
             return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
         }
 
@@ -512,6 +513,7 @@ public function update(SaveUserRequest $request, User $user): JsonResponse
 
                     // Sync the groups since the user is a superuser and the groups pass validation
                     $user->groups()->sync($request->input('groups'));
+                    $user->companies()->sync($request->input('companies'));
                 }
                 return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
             }

app/Http/Controllers/Users/UsersController.php

@@ -62,6 +62,7 @@ public function create(Request $request)
     {
         $this->authorize('create', User::class);
         $groups = Group::pluck('name', 'id');
+        $companies = Company::pluck('name', 'id');
 
         $userGroups = collect();
 
@@ -75,7 +76,7 @@ public function create(Request $request)
 
         $user = new User;
 
-        return view('users/edit', compact('groups', 'userGroups', 'permissions', 'userPermissions'))
+        return view('users/edit', compact('groups', 'userGroups', 'permissions', 'userPermissions', 'companies'))
             ->with('user', $user);
     }
 
@@ -142,6 +143,8 @@ public function store(SaveUserRequest $request)
                 $user->groups()->sync([]);
             }
 
+            $user->companies()->sync($request->input('companies'));
+
             if (($request->input('email_user') == 1) && ($request->filled('email'))) {
                 // Send the credentials through email
                 $data = [];
@@ -192,13 +195,14 @@ public function edit($id)
 
             $permissions = config('permissions');
             $groups = Group::pluck('name', 'id');
+            $companies = Company::pluck('name', 'id');
 
             $userGroups = $user->groups()->pluck('name', 'id');
             $user->permissions = $user->decodePermissions();
             $userPermissions = Helper::selectedPermissionsArray($permissions, $user->permissions);
             $permissions = $this->filterDisplayable($permissions);
 
-            return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions'))->with('item', $user);
+            return view('users/edit', compact('user', 'groups', 'userGroups', 'permissions', 'userPermissions', 'companies'))->with('item', $user);
         }
 
         return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
@@ -302,6 +306,7 @@ public function update(SaveUserRequest $request, User $user)
         }
 
         $user->permissions = json_encode($permissions_array);
+        $user->companies()->sync($request->input('companies'));
 
         // Handle uploaded avatar
         app(ImageUploadRequest::class)->handleImages($user, 600, 'avatar', 'avatars', 'avatar');

app/Http/Transformers/UsersTransformer.php

@@ -55,7 +55,6 @@ public function transformUser(User $user)
                     'name'=> e($user->userloc->name),
                 ] : null,
                 'notes'=> Helper::parseEscapedMarkedownInline($user->notes),
-                'permissions' => $user->decodePermissions(),
                 'activated' => ($user->activated == '1') ? true : false,
                 'autoassign_licenses' => ($user->autoassign_licenses == '1') ? true : false,
                 'ldap_import' => ($user->ldap_import == '1') ? true : false,
@@ -67,7 +66,9 @@ public function transformUser(User $user)
                 'consumables_count' => (int) $user->consumables_count,
                 'manages_users_count' => (int) $user->manages_users_count,
                 'manages_locations_count' => (int) $user->manages_locations_count,
-                'company' => ($user->company) ? ['id' => (int) $user->company->id, 'name'=> e($user->company->name)] : null,
+                'company' => ($user->company) ? ['id' => (int) $user->company->id, 'name'=> e($user->company->name)] : null, // Legacy
+                'companies' => ($user->companies) ? [$user->companies->pluck('name', 'id')] : [],
+                'permissions' => $user->decodePermissions(),
                 'created_by' => ($user->createdBy) ? [
                     'id' => (int) $user->createdBy->id,
                     'name'=> e($user->createdBy->present()->fullName),

app/Models/Company.php

@@ -211,10 +211,15 @@ public static function getIdForUser($unescaped_input)
         }
     }
 
-
-    public function users()
-    {
-        return $this->hasMany(User::class, 'company_id');
+    public function users() {
+        return $this->hasManyThrough(
+            User::class,
+            UserCompany::class,
+            'path_id',
+            'course_id',
+            'id',
+            'course_id'
+        );
     }
 
     public function assets()
@@ -249,11 +254,6 @@ public function components()
     /**
      * Scoping table queries, determining if a logged in user is part of a company, and only allows the user to access items associated with that company if FMCS is enabled.
      *
-     * This method is the one that the CompanyableTrait uses to contrain queries automatically, however that trait CANNOT be
-     * applied to the user's model, since it causes an infinite loop against the authenticated user.
-     *
-     * @todo - refactor that trait to handle the user's model as well.
-     *
      * @author [A. Gianotto] <snipe@snipe.net>
      * @param $query
      * @param $column
@@ -279,11 +279,13 @@ public static function scopeCompanyables($query, $column = 'company_id', $table_
     private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null)
     {
 
-        // Get the company ID of the logged-in user, or set it to null if there is no company associated with the user
+        // Get the company IDs of the logged-in user, or set it to null if there is no company associated with the user
         if (Auth::hasUser()) {
-            $company_id = auth()->user()->company_id;
+            $companies = auth()->user()->companies()->pluck('companies.id');
+            \Log::debug(auth()->user()->id);
+            \Log::debug(print_r($companies, true));
         } else {
-            $company_id = null;
+            $companies = [];
         }
 
 
@@ -293,7 +295,7 @@ private static function scopeCompanyablesDirectly($query, $column = 'company_id'
             // Dynamically get the table name if it's not passed in, based on the model we're querying against
             $table = ($table_name) ? $table_name."." : $query->getModel()->getTable().".";
 
-            return $query->where($table.$column, '=', $company_id);
+            return $query->whereIn($table.$column, $companies);
         }
 
     }

app/Models/User.php

@@ -255,6 +255,25 @@ public function company()
         return $this->belongsTo(\App\Models\Company::class, 'company_id');
     }
 
+    /**
+     * Establishes the user -> companies relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v7.1.7]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function companies()
+    {
+        return $this->hasManyThrough(
+            Company::class,
+            UserCompany::class,
+            'user_id', // this key in pivot
+            'id', // company ID in companies table
+            'company_id_fart',
+            'company_id',
+        );
+    }
+
     /**
      * Establishes the user -> department relationship
      *
@@ -769,6 +788,21 @@ public function scopeByGroup($query, $id)
         });
     }
 
+    /**
+     * Query builder scope to return users by company
+     *
+     * @param  \Illuminate\Database\Query\Builder $query Query builder instance
+     * @param  int $id
+     * @return \Illuminate\Database\Query\Builder
+     */
+    public function scopeByCompany($query, $id)
+    {
+        return $query->whereHas('companies', function ($query) use ($id) {
+            $query->where('users_companies.company_id', '=', $id);
+        });
+    }
+
+
 
     /**
      * Query builder scope to order on manager
@@ -781,7 +815,9 @@ public function scopeByGroup($query, $id)
     public function scopeOrderManager($query, $order)
     {
         // Left join here, or it will only return results with parents
-        return $query->leftJoin('users as users_manager', 'users.manager_id', '=', 'users_manager.id')->orderBy('users_manager.first_name', $order)->orderBy('users_manager.last_name', $order);
+        return $query->leftJoin('users as users_manager', 'users.manager_id', '=', 'users_manager.id')
+            ->orderBy('users_manager.first_name', $order)
+            ->orderBy('users_manager.last_name', $order);
     }
 
     /**
@@ -827,18 +863,6 @@ public function scopeOrderByCreatedBy($query, $order)
     }
 
 
-    /**
-     * Query builder scope to order on company
-     *
-     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
-     * @param  text                              $order         Order
-     *
-     * @return Illuminate\Database\Query\Builder          Modified query builder
-     */
-    public function scopeOrderCompany($query, $order)
-    {
-        return $query->leftJoin('companies as companies_user', 'users.company_id', '=', 'companies_user.id')->orderBy('companies_user.name', $order);
-    }
 
     public function preferredLocale()
     {

app/Models/UserCompany.php

@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Relations\Pivot;
+
+class UserCompany extends Pivot
+{
+    //
+    protected $table = 'users_companies';
+}

database/migrations/2025_01_23_124938_add_users_company_table.php

@@ -0,0 +1,30 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+
+        Schema::create('users_companies', function (Blueprint $table) {
+            $table->increments('id');
+            $table->integer('user_id');
+            $table->integer('company_id');
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('users_companies');
+    }
+};

resources/views/users/edit.blade.php

@@ -289,7 +289,40 @@ class="form-control"
                       <div id="optional_user_details" class="col-md-12" style="display:none">
                           <!-- everything here should be what is considered optional -->
                           <br>
-                          <!-- Company -->
+                          <!-- Companies -->
+
+                          <div class="form-group{{ $errors->has('companies') ? ' has-error' : '' }}">
+                              <label class="col-md-3 control-label" for="companies[]"> {{ trans('general.companies') }}</label>
+                              <div class="col-md-6">
+
+                                  @if ($companies->count())
+                                          <div class="controls">
+                                              <select
+                                                      name="companies[]"
+                                                      aria-label="companies[]"
+                                                      id="companies[]"
+                                                      multiple="multiple"
+                                                      class="form-control">
+
+                                                  @foreach ($companies as $id => $company)
+                                                      <option value="{{ $id }}"{!! ($user->companies->pluck('id')->contains($id) ? ' selected="selected"' : '') !!}>
+                                                          {{ $company }}
+                                                      </option>
+                                                  @endforeach
+                                              </select>
+
+                                              <span class="help-block">
+                                      {{ trans('admin/users/table.groupnotes') }}
+                                    </span>
+                                          </div>
+                                  @else
+                                      <p>{{ trans('admin/users/table.nogroup') }} <code>{{ trans('admin/settings/general.admin_settings') }} <i class="fa fa-cogs"></i> > {{ trans('general.groups') }} <i class="fas fa-user-friends"></i></code> </p>
+                                  @endif
+
+
+                          </div>
+                      </div>
+
                           @if (\App\Models\Company::canManageUsersCompanies())
                               @include ('partials.forms.edit.company-select', ['translated_name' => trans('general.select_company'), 'fieldname' => 'company_id'])
                           @endif