Fixed #18172 - correctly dencrypt custom fields in custom asset report

2026-04-22 12:49:48 +01:00
parent 34cd5dcf7c
commit c513ed5fc3
2 changed files with 41 additions and 1 deletions
@@ -32,6 +32,7 @@ use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Illuminate\Mail\Mailable;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Mail;
 use League\Csv\EscapeFormula;
@@ -1070,7 +1071,13 @@ class ReportsController extends Controller
                    foreach ($customfields as $customfield) {
                        $column_name = $customfield->db_column_name();
                        if ($request->filled($customfield->db_column_name())) {
-                            $row[] = $asset->$column_name;
+                            $value = $asset->$column_name;
+
+                            if (($customfield->field_encrypted == '1') && Gate::allows('assets.view.encrypted_custom_fields')) {
+                                $value = Helper::gracefulDecrypt($customfield, $value);
+                            }
+
+                            $row[] = $value;
                        }
                    }

@@ -4,10 +4,12 @@ namespace Tests\Feature\Reporting;

 use App\Models\Asset;
 use App\Models\Company;
+use App\Models\CustomField;
 use App\Models\ReportTemplate;
 use App\Models\User;
 use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Testing\TestResponse;
+use Illuminate\Support\Facades\Crypt;
 use League\Csv\Reader;
 use PHPUnit\Framework\Assert;
 use PHPUnit\Framework\Attributes\Group;
@@ -174,4 +176,35 @@ class CustomReportTest extends TestCase implements TestsPermissionsRequirement
            ->assertSeeTextInStreamedResponse('Asset D')
            ->assertDontSeeTextInStreamedResponse('Asset E');
    }
+
+    public function test_custom_report_decrypts_encrypted_custom_fields_when_user_has_permission(): void
+    {
+        $customField = CustomField::factory()->encrypt()->create();
+        $columnName = $customField->db_column_name();
+
+        $asset = Asset::factory()->create(['name' => 'Encrypted Asset']);
+        $asset->{$columnName} = Crypt::encrypt('super-secret-value');
+        $asset->save();
+
+        $user = User::factory()->create([
+            'permissions' => json_encode([
+                'reports.view' => '1',
+                'assets.view.encrypted_custom_fields' => '1',
+            ]),
+        ]);
+
+        $response = $this->actingAs($user)
+            ->post('reports/custom', [
+                'asset_name' => '1',
+                $columnName => '1',
+            ])
+            ->assertOk()
+            ->assertHeader('content-type', 'text/csv; charset=utf-8');
+
+        $records = collect(Reader::createFromString($response->streamedContent())->getRecords())
+            ->flatten()
+            ->filter();
+
+        $this->assertTrue($records->contains('super-secret-value'));
+    }
 }