From 7583b16e6f489080179c503cf37b6c41e8260bff Mon Sep 17 00:00:00 2001
From: Godfrey M <godmartinz@gmail.com>
Date: Thu, 7 Nov 2024 13:32:26 -0800
Subject: [PATCH 1/3] fix 500 error, add try/catch, refactor store method

---
 app.json                                      |  2 +-
 .../ConsumableCheckoutController.php          | 59 ++++++++++++-------
 .../lang/en-US/admin/consumables/message.php  |  3 +
 3 files changed, 42 insertions(+), 22 deletions(-)

diff --git a/app.json b/app.json
index 0bf523f5e402..408ebdfd3e0d 100644
--- a/app.json
+++ b/app.json
@@ -9,7 +9,7 @@
     "repository": "https://github.com/snipe/snipe-it",
     "logo": "https://pbs.twimg.com/profile_images/976748875733020672/K-HnZCCK_400x400.jpg",
     "success_url": "/setup",
-    "env": {
+    "": {
       "APP_ENV": {
         "description": "Laravel environment mode. Unless developing the application, this should be production.",
         "value": "production"
diff --git a/app/Http/Controllers/Consumables/ConsumableCheckoutController.php b/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
index e08da4122972..4cf4fbc114b6 100644
--- a/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
+++ b/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
@@ -10,6 +10,7 @@
 use Illuminate\Http\Request;
 use \Illuminate\Contracts\View\View;
 use \Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Facades\DB;
 
 class ConsumableCheckoutController extends Controller
 {
@@ -63,8 +64,9 @@ public function create($id) : View | RedirectResponse
      */
     public function store(Request $request, $consumableId)
     {
-        if (is_null($consumable = Consumable::with('users')->find($consumableId))) {
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
+        if (is_null($consumable = Consumable::find($consumableId))) {
+            return redirect()->route('consumables.index')
+                ->with('error', trans('admin/consumables/message.not_found'));
         }
 
         $this->authorize('checkout', $consumable);
@@ -74,10 +76,16 @@ public function store(Request $request, $consumableId)
         if (!isset($quantity) || !ctype_digit((string)$quantity) || $quantity <= 0) {
             $quantity = 1;
         }
+        // attaching large amounts of checkouts can exhaust memory.
+        if($quantity > 10000){
+            return redirect()->back()
+                ->with('error', trans('admin/consumables/message.checkout.large_quantity_error', ['requested' => $quantity, 'remaining' => $consumable->numRemaining() ]));
+        }
 
         // Make sure there is at least one available to checkout
-        if ($consumable->numRemaining() <= 0 || $quantity > $consumable->numRemaining()) {
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.checkout.unavailable', ['requested' => $quantity, 'remaining' => $consumable->numRemaining() ]));
+        if ($consumable->numRemaining() <= 0 || $quantity > $consumable->numRemaining() ){
+            return redirect()->route('consumables.index')
+                ->with('error', trans('admin/consumables/message.checkout.unavailable', ['requested' => $quantity, 'remaining' => $consumable->numRemaining() ]));
         }
 
         $admin_user = auth()->user();
@@ -86,26 +94,35 @@ public function store(Request $request, $consumableId)
         // Check if the user exists
         if (is_null($user = User::find($assigned_to))) {
             // Redirect to the consumable management page with error
-            return redirect()->route('consumables.checkout.show', $consumable)->with('error', trans('admin/consumables/message.checkout.user_does_not_exist'))->withInput();
+            return redirect()->route('consumables.checkout.show', $consumable)
+                ->with('error', trans('admin/consumables/message.checkout.user_does_not_exist'))
+                ->withInput();
         }
-
-        // Update the consumable data
-        $consumable->assigned_to = e($request->input('assigned_to'));
-
-        for ($i = 0; $i < $quantity; $i++){
-        $consumable->users()->attach($consumable->id, [
-            'consumable_id' => $consumable->id,
-            'created_by' => $admin_user->id,
-            'assigned_to' => e($request->input('assigned_to')),
-            'note' => $request->input('note'),
-        ]);
+        $now = now();
+
+        try {
+            $data = [
+                'consumable_id' => $consumable->id,
+                'created_by' => $admin_user->id,
+                'assigned_to' => $assigned_to,
+                'note' => $request->input('note') ?: null,
+                'created_at' => $now,
+                'updated_at' => $now,
+            ];
+
+            // Update the consumable data
+            $attachData = array_fill(0,$quantity, $data);
+
+            DB::transaction(function () use ($consumable, $attachData, $user, $request) {
+                $consumable->users()->attach($attachData);
+                event(new CheckoutableCheckedOut($consumable, $user, auth()->user(), $request->input('note')));
+            });
+        }catch(\Exception $e){
+           report ($e);
+           return redirect()->back()->with('error', trans('admin/consumables/message.checkout.checkout_error'));
         }
 
-        $consumable->checkout_qty = $quantity;
-        event(new CheckoutableCheckedOut($consumable, $user, auth()->user(), $request->input('note')));
-
-        $request->request->add(['checkout_to_type' => 'user']);
-        $request->request->add(['assigned_user' => $user->id]);
+        $request->request->add(['checkout_to_type' => 'user', 'assigned_user' => $user->id]);
 
         session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
 
diff --git a/resources/lang/en-US/admin/consumables/message.php b/resources/lang/en-US/admin/consumables/message.php
index e2591503bf36..03ac1fb93af8 100644
--- a/resources/lang/en-US/admin/consumables/message.php
+++ b/resources/lang/en-US/admin/consumables/message.php
@@ -5,6 +5,7 @@
     'invalid_category_type' => 'The category must be a consumable category.',
     'does_not_exist' => 'Consumable does not exist.',
 
+
     'create' => array(
         'error'   => 'Consumable was not created, please try again.',
         'success' => 'Consumable created successfully.'
@@ -26,6 +27,8 @@
         'success' 		=> 'Consumable checked out successfully.',
         'user_does_not_exist' => 'That user is invalid. Please try again.',
          'unavailable'      => 'There are not enough consumables for this checkout. Please check the quantity left. ',
+         'checkout_error' => 'Something went wrong with your Checkout',
+         'large_quantity_error' => '10,000 is the max quantity per checkout.',
     ),
 
     'checkin' => array(

From ad9d24cbf1665574b34a8b9250a6c2161fad00a6 Mon Sep 17 00:00:00 2001
From: Godfrey M <godmartinz@gmail.com>
Date: Thu, 7 Nov 2024 14:50:55 -0800
Subject: [PATCH 2/3] fixed typo

---
 app.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app.json b/app.json
index 408ebdfd3e0d..0bf523f5e402 100644
--- a/app.json
+++ b/app.json
@@ -9,7 +9,7 @@
     "repository": "https://github.com/snipe/snipe-it",
     "logo": "https://pbs.twimg.com/profile_images/976748875733020672/K-HnZCCK_400x400.jpg",
     "success_url": "/setup",
-    "": {
+    "env": {
       "APP_ENV": {
         "description": "Laravel environment mode. Unless developing the application, this should be production.",
         "value": "production"

From e77e6ca1835e22b800a4fe56b6b8e76a3f913fbb Mon Sep 17 00:00:00 2001
From: Godfrey M <godmartinz@gmail.com>
Date: Tue, 12 Nov 2024 10:25:22 -0800
Subject: [PATCH 3/3] pass through max_amount value rather than hardcode

---
 .../Controllers/Consumables/ConsumableCheckoutController.php    | 2 +-
 resources/lang/en-US/admin/consumables/message.php              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/Consumables/ConsumableCheckoutController.php b/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
index 4cf4fbc114b6..a77628d0384e 100644
--- a/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
+++ b/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
@@ -79,7 +79,7 @@ public function store(Request $request, $consumableId)
         // attaching large amounts of checkouts can exhaust memory.
         if($quantity > 10000){
             return redirect()->back()
-                ->with('error', trans('admin/consumables/message.checkout.large_quantity_error', ['requested' => $quantity, 'remaining' => $consumable->numRemaining() ]));
+                ->with('error', trans('admin/consumables/message.checkout.large_quantity_error', ['max_amount' => 10000]));
         }
 
         // Make sure there is at least one available to checkout
diff --git a/resources/lang/en-US/admin/consumables/message.php b/resources/lang/en-US/admin/consumables/message.php
index 03ac1fb93af8..f443c568ca87 100644
--- a/resources/lang/en-US/admin/consumables/message.php
+++ b/resources/lang/en-US/admin/consumables/message.php
@@ -28,7 +28,7 @@
         'user_does_not_exist' => 'That user is invalid. Please try again.',
          'unavailable'      => 'There are not enough consumables for this checkout. Please check the quantity left. ',
          'checkout_error' => 'Something went wrong with your Checkout',
-         'large_quantity_error' => '10,000 is the max quantity per checkout.',
+         'large_quantity_error' => ':max_amount is the max quantity per checkout.',
     ),
 
     'checkin' => array(