Own route to inventory refused equipments (#18370)

* Use own controller for refused equipments re-inventory

* Do not rely on get data

* Cleanup

* No need for 2 distinct controllers here

* Update src/Glpi/Controller/InventoryController.php

Co-authored-by: Cédric Anne <[email protected]>

* Ignore false phpstan issue

* fix forward

---------

Co-authored-by: Cédric Anne <[email protected]>

Author: trasher

src/Glpi/Controller/IndexController.php

@@ -74,7 +74,7 @@ public function __invoke(Request $request): Response
         ) {
             // POST request from the inventory agent, forward it to the inventory controller.
             $sub_request = $request->duplicate(
-                attributes: ['_controller' => InventoryController::class]
+                attributes: ['_controller' => InventoryController::class . '::index']
             );
             return $this->http_kernel->handle($sub_request, HttpKernelInterface::SUB_REQUEST);
         }

src/Glpi/Controller/InventoryController.php

@@ -50,7 +50,7 @@ final class InventoryController extends AbstractController
     #[SecurityStrategy(Firewall::STRATEGY_NO_CHECK)]
     #[Route("/Inventory", name: "glpi_inventory", methods: ['GET', 'POST'])]
     #[Route("/front/inventory.php", name: "glpi_inventory_legacy", methods: ['GET', 'POST'])]
-    public function __invoke(Request $request): Response
+    public function index(Request $request): Response
     {
         $conf = new Conf();
         if ($conf->enabled_inventory != 1) {
@@ -59,25 +59,13 @@ public function __invoke(Request $request): Response
 
         $inventory_request = new \Glpi\Inventory\Request();
         $inventory_request->handleHeaders();
-        $refused_id = $request->get('refused');
 
         self::$is_running = true;
-        $refused = new \RefusedEquipment();
 
         try {
             $handle = true;
             $contents = '';
-            if ($refused_id) {
-                \Session::checkRight("config", READ);
-                if ($refused->getFromDB($refused_id) && ($inventory_file = $refused->getInventoryFileName()) !== null) {
-                    $contents = file_get_contents($inventory_file);
-                } else {
-                    throw new HttpException(
-                        404,
-                        sprintf('Invalid RefusedEquipment "%s" or inventory file missing', $refused_id)
-                    );
-                }
-            } else if (!$request->isMethod('POST')) {
+            if (!$request->isMethod('POST')) {
                 if ($request->get('action') === 'getConfig') {
                     /**
                      * Even if Fusion protocol is not supported for getConfig requests, they
@@ -106,19 +94,47 @@ public function __invoke(Request $request): Response
 
         $inventory_request->handleMessages();
 
-        if ($refused_id) {
-            $redirect_url = $refused->handleInventoryRequest($inventory_request);
-            $response = new RedirectResponse($redirect_url);
-        } else {
-            $response = new Response();
-            $response->setStatusCode($inventory_request->getHttpResponseCode());
-            $headers = $inventory_request->getHeaders(true);
-            foreach ($headers as $key => $value) {
-                $response->headers->set($key, $value);
+        $response = new Response();
+        $response->setStatusCode($inventory_request->getHttpResponseCode());
+        $headers = $inventory_request->getHeaders(true);
+        foreach ($headers as $key => $value) {
+            $response->headers->set($key, $value);
+        }
+        $response->setContent($inventory_request->getResponse());
+        return $response;
+    }
+
+    #[Route("/Inventory/RefusedEquipment", name: "glpi_refused_inventory", methods: 'POST')]
+    public function refusedEquipement(Request $request): Response
+    {
+        $conf = new Conf();
+        if ($conf->enabled_inventory != 1) {
+            throw new AccessDeniedHttpException("Inventory is disabled");
+        }
+
+        $inventory_request = new \Glpi\Inventory\Request();
+        $refused_id = (int)$request->get('id');
+
+        $refused = new \RefusedEquipment();
+
+        try {
+            \Session::checkRight("config", READ);
+            if ($refused->getFromDB($refused_id) && ($inventory_file = $refused->getInventoryFileName()) !== null) {
+                $contents = file_get_contents($inventory_file);
+            } else {
+                throw new HttpException(
+                    404,
+                    sprintf('Invalid RefusedEquipment "%s" or inventory file missing', $refused_id)
+                );
             }
-            $response->setContent($inventory_request->getResponse());
+            $inventory_request->handleRequest($contents);
+        } catch (\Throwable $e) {
+            //empty
+            $inventory_request->addError($e->getMessage());
         }
 
+        $redirect_url = $refused->handleInventoryRequest($inventory_request);
+        $response = new RedirectResponse($redirect_url);
         return $response;
     }
 }

src/Glpi/Features/Inventoriable.php

@@ -55,7 +55,7 @@ public function pre_purgeInventory()
     {
         $file_name = $this->getInventoryFileName();
         if ($file_name === null) {
-           //file does not exists
+           //file does not exist
             return true;
         }
 
@@ -81,7 +81,7 @@ public function getInventoryFileName(bool $prepend_dir_path = true): ?string
         $items_id = $this->agent->fields['items_id'] ?? $this->fields['id'];
 
         $conf = new Conf();
-        //Check for JSON file, and the XML if JSON does not exists
+        //Check for JSON file, and the XML if JSON does not exist
         $filename = $conf->buildInventoryFileName($itemtype, $items_id, 'json');
         if (!file_exists($inventory_dir_path . $filename)) {
             $filename = $conf->buildInventoryFileName($itemtype, $items_id, 'xml');
@@ -134,12 +134,18 @@ protected function showInventoryInfo()
                 \htmlescape($title)
             );
 
-            if (static::class == RefusedEquipment::class) {
-                echo sprintf(
-                    "<a href='%s' target='_blank' style='float: right;margin-right: .5em;'><i class='fas fa-redo' title='%s'></i></a>",
-                    $CFG_GLPI['root_doc'] . '/Inventory?refused=' . $this->fields['id'],
-                    __s('Try a reimport from stored inventory file')
-                );
+            if (static::class === RefusedEquipment::class) { //@phpstan-ignore-line - phpstan bug with traits
+                $url = $CFG_GLPI['root_doc'] . '/Inventory/RefusedEquipment';
+                $title = __s('Try a reimport from stored inventory file');
+                echo <<<HTML
+                        <button type="submit" class="btn btn-sm btn-ghost-secondary" name="redo_inventory"
+                                title="{$title}"
+                                data-bs-toggle="tooltip" data-bs-placement="top"
+                                style="float: right;margin-right: .5em;"
+                                formaction="{$url}">
+                           <i class="fas fa-redo"></i>
+                        </button>
+HTML;
             }
         } else {
             echo sprintf(