snipe-it/app/Models/Company.php

313 lines
10 KiB
PHP
Raw Normal View History

2016-03-25 01:18:05 -07:00
<?php
2016-03-25 01:18:05 -07:00
namespace App\Models;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
2016-06-10 03:40:49 -07:00
use Auth;
2016-07-10 21:04:49 -07:00
use DB;
2021-06-10 13:19:27 -07:00
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Support\Facades\Gate;
Partialize forms (#2884) * Consolidate edit form elements into reusable partials. This is a large code change that doesn't do much immediately. It refactors all of the various edit.blade.php files to reference standardized partials, so that they all reference the same base html layout. This has the side effect of moving everything to the new fancy "required" indicators, and making things look consistent. In addition, I've gone ahead and renamed a few database fields. We had Assetmodel::modelno and Consumable::model_no, I've renamed both to model_number. We had items using ::note and ::notes, I've standardized on ::notes. Component used total_qty where consumables and accessories used qty, so I've moved everything to qty (And fixed a few bugs in the helper file in the process. TODO includes looking at how/where to place the modal javascripts to allow for on the fly creation from all places, rather than just the asset page. Rename assetmodel::modelno to model_number for clarity and consistency Rename consumable::model_no to model_number for clarity and consistency Rename assetmodel::note to notes for clarity and consistency Port asset and assetmodel to new partials layout. Adapt all code to the renamed model_number and notes database changes. Fix some stying. * Share a settings variable with all views. * Allow editing the per_page setting. We showed the value, but we never showed it on the edit page.. * use snipeSettings in all views instead of the long ugly path. * War on partials. Centralize all bootstrap table javascript * Use model_number instead of modelno in importer * Codacy fix. * More unification/deduplication. Create an edit form template layout that we use as the base for all edit forms. This gives the same interface for editing everything and makes the edit.blade.* files much easier to read. * Use a ViewComposer instead of sharing the variable directly. Fixes artisan optimize trying to hit the db--which ruins new installs * Fix DB seeder. * Base sql dump and csv's to import data from for tests. * Start some functional tests for creating items. * Add functional tests for all create methods. Still need to do tests for edits, deletes, and lots of other things * Improvements to functional tests. Use the built in DB seeding mechanism instead of doing it ourselves. Break the tests into multiple units, rather than testing everything in each function. * Some improvements to acceptance tests. Make sure we're only looking at the "trs" within the bootstrap table. Creation of assets is now tested at the functional level (and is faster) so ignore it here. I'm testing acceptance tests with the IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder imported. * A few things to make acceptance tests work. Add a name to the companies table, and make the locations table have the correct name * Use a .env.tests file for testing functional and unit to allow a separate database. * Add functional tests for compoents, groups, and licenses. * Now that the config is in the functional.yml, this just confuses things. * Start some functional tests for creating items. * Add functional tests for all create methods. Still need to do tests for edits, deletes, and lots of other things * Improvements to functional tests. Use the built in DB seeding mechanism instead of doing it ourselves. Break the tests into multiple units, rather than testing everything in each function. * Some improvements to acceptance tests. Make sure we're only looking at the "trs" within the bootstrap table. Creation of assets is now tested at the functional level (and is faster) so ignore it here. I'm testing acceptance tests with the IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder imported. * update db dump * Update tests to new reality * env for the test setup * only load the database at beginning of tests, not between each Functional test. * Fix a miss from renaming note to notes. * Set Termination date when creating an asset. It was only set on edit. * Rename serial_number to serial in components for consistency. * Update validation rules to match limits in database. Currently we just accepted the values and they were truncated when adding to DB. * Much more detailed functional testing of creating items. This checks to make sure all values on form have been successfully persisted to database.
2016-11-16 16:56:57 -08:00
use Watson\Validating\ValidatingTrait;
2016-03-25 01:18:05 -07:00
2016-04-07 13:21:09 -07:00
/**
* Model for Companies.
*
* @version v1.8
*/
Partialize forms (#2884) * Consolidate edit form elements into reusable partials. This is a large code change that doesn't do much immediately. It refactors all of the various edit.blade.php files to reference standardized partials, so that they all reference the same base html layout. This has the side effect of moving everything to the new fancy "required" indicators, and making things look consistent. In addition, I've gone ahead and renamed a few database fields. We had Assetmodel::modelno and Consumable::model_no, I've renamed both to model_number. We had items using ::note and ::notes, I've standardized on ::notes. Component used total_qty where consumables and accessories used qty, so I've moved everything to qty (And fixed a few bugs in the helper file in the process. TODO includes looking at how/where to place the modal javascripts to allow for on the fly creation from all places, rather than just the asset page. Rename assetmodel::modelno to model_number for clarity and consistency Rename consumable::model_no to model_number for clarity and consistency Rename assetmodel::note to notes for clarity and consistency Port asset and assetmodel to new partials layout. Adapt all code to the renamed model_number and notes database changes. Fix some stying. * Share a settings variable with all views. * Allow editing the per_page setting. We showed the value, but we never showed it on the edit page.. * use snipeSettings in all views instead of the long ugly path. * War on partials. Centralize all bootstrap table javascript * Use model_number instead of modelno in importer * Codacy fix. * More unification/deduplication. Create an edit form template layout that we use as the base for all edit forms. This gives the same interface for editing everything and makes the edit.blade.* files much easier to read. * Use a ViewComposer instead of sharing the variable directly. Fixes artisan optimize trying to hit the db--which ruins new installs * Fix DB seeder. * Base sql dump and csv's to import data from for tests. * Start some functional tests for creating items. * Add functional tests for all create methods. Still need to do tests for edits, deletes, and lots of other things * Improvements to functional tests. Use the built in DB seeding mechanism instead of doing it ourselves. Break the tests into multiple units, rather than testing everything in each function. * Some improvements to acceptance tests. Make sure we're only looking at the "trs" within the bootstrap table. Creation of assets is now tested at the functional level (and is faster) so ignore it here. I'm testing acceptance tests with the IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder imported. * A few things to make acceptance tests work. Add a name to the companies table, and make the locations table have the correct name * Use a .env.tests file for testing functional and unit to allow a separate database. * Add functional tests for compoents, groups, and licenses. * Now that the config is in the functional.yml, this just confuses things. * Start some functional tests for creating items. * Add functional tests for all create methods. Still need to do tests for edits, deletes, and lots of other things * Improvements to functional tests. Use the built in DB seeding mechanism instead of doing it ourselves. Break the tests into multiple units, rather than testing everything in each function. * Some improvements to acceptance tests. Make sure we're only looking at the "trs" within the bootstrap table. Creation of assets is now tested at the functional level (and is faster) so ignore it here. I'm testing acceptance tests with the IMPORT_{ASSETS,ACCESSORIES,CONSUMABLES}.csv in the tests/_data folder imported. * update db dump * Update tests to new reality * env for the test setup * only load the database at beginning of tests, not between each Functional test. * Fix a miss from renaming note to notes. * Set Termination date when creating an asset. It was only set on edit. * Rename serial_number to serial in components for consistency. * Update validation rules to match limits in database. Currently we just accepted the values and they were truncated when adding to DB. * Much more detailed functional testing of creating items. This checks to make sure all values on form have been successfully persisted to database.
2016-11-16 16:56:57 -08:00
final class Company extends SnipeModel
2016-03-25 01:18:05 -07:00
{
2021-06-10 13:17:44 -07:00
use HasFactory;
2016-03-25 01:18:05 -07:00
protected $table = 'companies';
// Declare the rules for the model validation
protected $rules = [
'name' => 'required|min:1|max:255|unique:companies,name',
2023-08-13 08:21:55 -07:00
'fax' => 'min:7|max:35|nullable',
'phone' => 'min:7|max:35|nullable',
'email' => 'email|max:150|nullable',
];
protected $presenter = \App\Presenters\CompanyPresenter::class;
use Presentable;
2016-03-25 01:18:05 -07:00
/**
* Whether the model should inject it's identifier to the unique
* validation rules before attempting validation. If this property
* is not set in the model it will default to true.
*
* @var bool
2016-03-25 01:18:05 -07:00
*/
protected $injectUniqueIdentifier = true;
use ValidatingTrait;
use Searchable;
/**
* The attributes that should be included when searching the model.
*
* @var array
*/
2023-08-13 08:21:55 -07:00
protected $searchableAttributes = ['name', 'phone', 'fax', 'email', 'created_at', 'updated_at'];
/**
* The relations and their attributes that should be included when searching the model.
*
* @var array
*/
protected $searchableRelations = [];
2016-03-25 01:18:05 -07:00
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name',
'phone',
'fax',
2023-08-13 08:21:55 -07:00
'email',
];
2016-03-25 01:18:05 -07:00
private static function isFullMultipleCompanySupportEnabled()
{
$settings = Setting::getSettings();
// NOTE: this can happen when seeding the database
if (is_null($settings)) {
return false;
} else {
return $settings->full_multiple_companies_support == 1;
}
}
public static function getIdFromInput($unescaped_input)
{
$escaped_input = e($unescaped_input);
if ($escaped_input == '0') {
return null;
} else {
return $escaped_input;
}
}
2024-02-05 12:49:29 -08:00
/**
* Get the company id for the current user taking into
* account the full multiple company support setting
* and if the current user is a super user.
*
* @param $unescaped_input
* @return int|mixed|string|null
*/
2016-03-25 01:18:05 -07:00
public static function getIdForCurrentUser($unescaped_input)
{
if (! static::isFullMultipleCompanySupportEnabled()) {
2016-03-25 01:18:05 -07:00
return static::getIdFromInput($unescaped_input);
} else {
$current_user = Auth::user();
2016-07-28 12:40:19 -07:00
// Super users should be able to set a company to whatever they need
if ($current_user->isSuperUser()) {
2016-03-25 01:18:05 -07:00
return static::getIdFromInput($unescaped_input);
2016-07-28 12:40:19 -07:00
} else {
if ($current_user->company_id != null) {
return $current_user->company_id;
} else {
return static::getIdFromInput($unescaped_input);
}
2016-03-25 01:18:05 -07:00
}
}
}
public static function isCurrentUserHasAccess($companyable)
{
if (is_null($companyable)) {
return false;
} elseif (! static::isFullMultipleCompanySupportEnabled()) {
2016-03-25 01:18:05 -07:00
return true;
} elseif (!$companyable instanceof Company && !\Schema::hasColumn($companyable->getModel()->getTable(), 'company_id')) {
// This is primary for the gate:allows-check in location->isDeletable()
// Locations don't have a company_id so without this it isn't possible to delete locations with FullMultipleCompanySupport enabled
// because this function is called by SnipePermissionsPolicy->before()
return true;
2016-03-25 01:18:05 -07:00
} else {
Squashed commit of the following: commit e321aeabaed580f8de6ee309b377654620f117be Merge: 8ec99ff43 37568ae9e Author: snipe <snipe@snipe.net> Date: Mon Aug 31 12:14:44 2020 -0700 Merge branch 'master' into integrations/2020-08-31-v5-rc # Conflicts: # .all-contributorsrc # .nvmrc # README.md # app/Console/Commands/LdapSync.php # app/Http/Controllers/Api/ConsumablesController.php # app/Http/Controllers/Api/ImportController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/LoginController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/LicensesController.php # app/Http/Controllers/UsersController.php # app/Importer/import_mappings.md # app/Models/Ldap.php # app/Models/Loggable.php # composer.json # composer.lock # config/version.php # public/css/build/all.css # public/css/dist/all.css # public/css/skins/skin-contrast.css # public/css/skins/skin-contrast.css.map # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/dist/all.js # public/mix-manifest.json # resources/assets/js/components/importer/importer-file.vue # resources/assets/less/overrides.less # resources/macros/macros.php # resources/views/custom_fields/fieldsets/view.blade.php # resources/views/hardware/edit.blade.php # resources/views/hardware/labels.blade.php # resources/views/hardware/view.blade.php # resources/views/layouts/default.blade.php # resources/views/modals/model.blade.php # resources/views/modals/user.blade.php # resources/views/users/index.blade.php # routes/api.php # routes/web/fields.php # tests/unit/UserTest.php commit 37568ae9ec021789d910de91bdef5f64e517451a Merge: 01a832169 32ad9050c Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:49:37 2020 -0700 Merge pull request #8365 from snipe/fixes/8338_google_maps_CSP Fixed #8338 - Added google maps to CSP commit 32ad9050cff8a9bfc89e5a832a9bbf1ad03dadd3 Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:48:53 2020 -0700 Added google maps to CSP commit 01a832169c7572960340e743e569fe9ffdc3f996 Merge: bcad49ce7 3c6883489 Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:38:31 2020 -0700 Merge pull request #8364 from snipe/fixes/8335_assigned_to_null_on_status_assetlist Fixed #8335 - added assignedTo scope on status labels API call for assetlist commit 3c6883489c030df8d90e2f18cab3ad96121205e5 Author: snipe <snipe@snipe.net> Date: Tue Aug 25 20:37:30 2020 -0700 Added assignedTo scope commit bcad49ce79ad7aab99bec8b273a78bb531c48ef0 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 16:10:22 2020 -0700 Try to better handle slack “too many requests” issue commit b5acca89d72a43f42fb81a4bf06e8b7c3da0b93b Author: snipe <snipe@snipe.net> Date: Fri Aug 14 16:02:15 2020 -0700 Check for admin for slack notifications commit e52919cf1b17871c6bf294cfb1a9be59f6033289 Merge: 714576be4 29f3a5c48 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:35:15 2020 -0700 Merge pull request #8327 from snipe/features/checkin_license_from_all_users Checkin license from all users cli tool commit 29f3a5c48f9b9fc4fcfb19cc6eebb1ce1e0e5a91 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:27:40 2020 -0700 Use more verbose annotation for Auth::user if/else commit 134e8e6fb9958e71b8fa960de53c041324bd9e1c Author: snipe <snipe@snipe.net> Date: Fri Aug 14 15:25:07 2020 -0700 Moved user email nulling until after the save commit 714576be45dabe9a2b23d3090ec0c72ab8ec28da Merge: b999c50a2 512899294 Author: Brady Wetherington <bwetherington@grokability.com> Date: Fri Aug 14 15:24:03 2020 -0700 Merge pull request #8328 from snipe/fix_deprecation_report Fix deprecation report for customers with many active assets commit 5128992940b8565e5e87a2a917d3bcde8e21b711 Author: Brady Wetherington <uberbrady@gmail.com> Date: Fri Aug 14 15:03:03 2020 -0700 Fix deprecation report for customers with many active assets commit 02913235020d242e959f274fec588d9ebf8e39fa Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:57:58 2020 -0700 Use the user as the target commit e0f6f9b83972ef9fde79dbc342555580a0574591 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:43:37 2020 -0700 Artisan command to check in licenses from all users commit f1a6308002caa865fe1a9b17b91d34fbfdd94a75 Author: snipe <snipe@snipe.net> Date: Fri Aug 14 14:43:07 2020 -0700 Check for Auth::user before trying to log id (for cli) commit b999c50a2eef14bdf44be8e4359f794194170d2d Merge: 9ca20e496 e3906b245 Author: snipe <snipe@snipe.net> Date: Wed Aug 12 12:37:47 2020 -0700 Merge pull request #8316 from Godmartinz/bug/ch15028/missing-or-incorrect-error-message-translation Looks great, thank you! commit e3906b245c9b85eca723bffa88b9af28f290e0fe Author: Godfrey M <godmartinz@gmail.com> Date: Wed Aug 12 12:27:18 2020 -0700 added translation for admin/licenses/message.not_found commit 9ca20e4964e57621af8f6b2e790e0d68b69b1afb Merge: e0644dbbf 456a74d88 Author: Brady Wetherington <bwetherington@grokability.com> Date: Tue Aug 11 17:33:19 2020 -0700 Merge pull request #8313 from snipe/improve_ldap_search_error_reporting Improve ldap search error reporting commit 456a74d88c1b1f14828aaf63e5122eb8b6831755 Author: Brady Wetherington <uberbrady@gmail.com> Date: Tue Aug 11 16:41:20 2020 -0700 De-merge out incorrectly merged files. Whoops! commit 799c059070eff849c81550423d16344748522bc7 Author: Brady Wetherington <uberbrady@gmail.com> Date: Tue Aug 11 16:21:18 2020 -0700 Add internationalized version of LDAP error message commit c62d43a77831dd798054b95e7ad9e72210f6accf Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Aug 10 17:04:17 2020 -0700 Improve Exception management in Artisan LDAP Sync method. Still need to localize this better commit b725bd0fae2b062d81a460283aa07b2186a99197 Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Aug 10 17:23:04 2020 -0700 Add @PeterUpfold as a contributor commit e0644dbbf6b5601b6712ca16877b481799e9652c Merge: 5b6925b00 004ecad05 Author: Brady Wetherington <bwetherington@grokability.com> Date: Mon Aug 10 17:22:31 2020 -0700 Merge pull request #8105 from PeterUpfold/PeterUpfold-7661workaround Propose workaround for #7661 — suppress E_DEPRECATED on ldap_control_paged_result() commit 5b6925b00c04b1abdea0235d04dda32c89215201 Author: snipe <snipe@snipe.net> Date: Tue Aug 4 21:00:37 2020 -0700 Removed debugging :( commit df17a859bfab8876d3e849c42692e01bdfdbd886 Author: snipe <snipe@snipe.net> Date: Tue Aug 4 20:59:54 2020 -0700 Changed modal IDs so manager creation modal works on user creation main page commit 24c43056ba9e738334eb2310db7c9920d9ab0613 Author: snipe <snipe@snipe.net> Date: Tue Aug 4 20:58:28 2020 -0700 Moved pGenerator script to default layout footer This fixes an issue where the password generator wouldn’t load in a modal in Chrome commit 606b7e905df1918336cef64984e54207ca6a7644 Author: snipe <snipe@snipe.net> Date: Fri Jul 31 17:02:33 2020 -0700 Small edits to PR template Slight text changes to ask specifics about versions commit d73ddad477cb9c675f15fbd54bdb1486bf8f14fc Author: snipe <snipe@snipe.net> Date: Fri Jul 31 16:59:26 2020 -0700 Created a PR template First draft of the PR guidelines template commit 9a39cf721e82aa25623e41eeb280d7bed3b3c178 Merge: 7410b1683 8994f3e15 Author: snipe <snipe@snipe.net> Date: Fri Jul 31 12:18:49 2020 -0700 Merge pull request #8258 from ballertv/features/consumable-api This looks great, thank you! commit 7410b16835bab1563bf2b7baaddb55377083a3a0 Merge: e955c983a b09e7d19b Author: Brady Wetherington <bwetherington@grokability.com> Date: Fri Jul 24 16:22:44 2020 -0700 Merge pull request #8270 from snipe/improve_ad_useraccountcontrol_v4 Add new useraccountcontrol value for valid AD users commit 8994f3e15e9fef5d1ec9c44764b424fa7edf9448 Author: andres <andresgutierrez535@gmail.com> Date: Wed Jul 22 19:57:06 2020 -0400 cleanup commit d23f1a77cac396a3a4962c5993cf1bdbfcf52a29 Author: andres <andresgutierrez535@gmail.com> Date: Wed Jul 22 18:46:02 2020 -0400 implement checkout API commit e955c983a3a9bd7793cf9a5f63b6e2c56d53d63f Merge: 2fa17ac18 eed41e454 Author: snipe <snipe@snipe.net> Date: Wed Jul 22 13:43:29 2020 -0700 Merge pull request #8250 from snipe/features/adds_addr_city_state_to_importer Added address, city, state and country to importer and city to bulk editor commit b09e7d19b3bc424d5960de9f5ffd272b2f19c272 Author: Brady Wetherington <uberbrady@gmail.com> Date: Wed Jul 22 13:32:16 2020 -0700 Add new useraccountcontrol value for valid AD users; document algorithm and values commit 2fa17ac18557969f5627953f6d041610207656a6 Merge: b90515437 3b1e46f72 Author: snipe <snipe@snipe.net> Date: Wed Jul 22 12:06:31 2020 -0700 Merge pull request #8254 from Godmartinz/gmartinez_adds_email_formats Added firstinitial.lastname, lastname_firstinitial, firstnamelastname… commit 3b1e46f72b81bd27e5ba0783c88f9d0d0038d611 Author: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com> Date: Wed Jul 22 11:25:57 2020 -0700 Update general.php commit 0c1a1de2a21dfd3639e3d2d2df995c3452c15a11 Author: Godfrey Martinez <47435081+Godmartinz@users.noreply.github.com> Date: Wed Jul 22 11:24:36 2020 -0700 Update general.php fixed typo commit 20c9ae5818ae22846bf2149f261e7f70cc8a7c71 Author: Godfrey M <godmartinz@gmail.com> Date: Wed Jul 22 10:21:19 2020 -0700 Added firstinitial.lastname, lastname_firstinitial, firstnamelastname and firstnamelastinitial to username formats commit eed41e454962bb6e9e6cbcf79cb4aed292ac2bbf Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:57:32 2020 -0700 Moved address down further, fixed broken HTML commit b750f4754f5f4245c0f490f6b6832b4c10615f27 Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:49:54 2020 -0700 Added city to bulk user importer commit c17a06792a76ee11215bd576f2df9732416b3e9d Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:49:38 2020 -0700 Added address, city, state, country to user importer commit 4f76cc6cfbad1eeded1981e8569e915ca37b87d9 Author: snipe <snipe@snipe.net> Date: Tue Jul 21 16:46:13 2020 -0700 I don’t actually know what this file is for commit b905154373bcf0b1ef64d57bb95f184557caba37 Author: snipe <snipe@snipe.net> Date: Mon Jul 20 14:29:32 2020 -0700 Fixed #8247 - added notes field to user details display commit daf748e531324215bfd746b406407fee7476d0ab Author: snipe <snipe@snipe.net> Date: Fri Jul 17 12:32:01 2020 -0700 Bumped hash commit 799a93c46a198a8235bbce1527ea7bf4929129c2 Author: snipe <snipe@snipe.net> Date: Fri Jul 17 12:11:32 2020 -0700 Allow for email/username search on users commit 34aa12e229fef497b355a492b5ef2c003337786b Merge: 81a633288 897757bd0 Author: snipe <snipe@snipe.net> Date: Thu Jul 16 17:44:13 2020 -0700 Merge pull request #8239 from snipe/fixes/api_rtd_to_location_on_create Set location_id to rtd_location_id on asset creation commit 897757bd0461cefd2e82aba344d416ed6843c49c Author: snipe <snipe@snipe.net> Date: Thu Jul 16 17:43:44 2020 -0700 Removed added line for location commit c7125c39375b101f852930536dabcc079f2d5e88 Author: snipe <snipe@snipe.net> Date: Thu Jul 16 16:34:39 2020 -0700 Set location_id to rtd_location_id on asset creation commit 81a6332889e9e4684ee65a669bc2b3bc1a3ced50 Author: snipe <snipe@snipe.net> Date: Tue Jul 14 13:55:38 2020 -0700 Removed license ID from seats table cookie info This typically wouldn’t be necessary, since most people would want to view the same *types* of data across licenses commit 6e563f6e4bfd9f8b52c8c8d39a60b466e64ba654 Merge: 5320f5c67 7f69ae953 Author: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:54 2020 -0700 Merge branch 'master' of https://github.com/snipe/snipe-it commit 5320f5c67ce7dbf4605cc5b7fd7be8773c8ee157 Author: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:45 2020 -0700 Disallow non-super users from editing their own permissions commit 7f69ae953b7990107bd0db3de16621e5238136e9 Merge: c79f8c1ba 17f6fbabf Author: snipe <snipe@snipe.net> Date: Mon Jul 13 21:16:00 2020 -0700 Merge pull request #8227 from snipe/fix_select2_ajax_pulldowns Changes how we do AJAX calls via Select2 for dynamic drop-down menus commit 17f6fbabfaa15f203a6accecf6a7b83c35d56ef8 Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Jul 13 21:12:03 2020 -0700 Switch to 'items' to maintain compatbility with other internal API's commit c79f8c1baf920f41d43827094691275eec529448 Merge: 12c92e30b 536401fe0 Author: snipe <snipe@snipe.net> Date: Mon Jul 13 17:42:16 2020 -0700 Merge pull request #8207 from EDVLeer/patch-1 Update snipeit.sh commit e7a820f7c91c14280f96e0e58f9921f73cf88c43 Author: Brady Wetherington <uberbrady@gmail.com> Date: Mon Jul 13 17:14:31 2020 -0700 Changes how we do AJAX calls via Select2 for dynamic drop-down menus commit 12c92e30b7a20ecd0e45b5a052b43c81dd35cc97 Author: snipe <snipe@snipe.net> Date: Fri Jul 10 16:21:27 2020 -0700 Show whether or not the user was imported via LDAP in the view page commit fd10b755b0241e354a265454c13965228a265a85 Author: snipe <snipe@snipe.net> Date: Fri Jul 10 11:30:01 2020 -0700 Removed the sr-only tag in table headers It was breaking Bootstrap Tables column selector :( commit dbbb7680d9d92ab42ffcca825fd93ff6cc3e5f89 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 21:12:50 2020 -0700 A few more fixes for the cli Do not check out a piece of software if it’s already been checked out to the user commit cf0dd5bbadef3689dd9110d96e7d060ddb5fc827 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:43:13 2020 -0700 Small fixes for cli tool commit 25e53d8c7f4ba1d5977bb5fbc5265ac9c8c543d9 Merge: ec6ed256f 89d433b41 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:27:01 2020 -0700 Merge pull request #8216 from snipe/features/checkout_license_to_all_users Added CLI tool to checkout license to all users commit 89d433b41aa0de862cb60142c8d6ef80f339a958 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:26:02 2020 -0700 Removed duplicate seat call commit e2570ada6f158dfc9acead583a0b2fa7fae17ca6 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:04:05 2020 -0700 CLI tool to checkout a license to ALL users commit 45afe725a1f039dddd87537e16470963684f0711 Author: snipe <snipe@snipe.net> Date: Thu Jul 9 20:03:47 2020 -0700 Only try to get the company if there is an auth’d user (Needed for command line tools, where no Auth::user() is present) commit 536401fe0ff97cd6a8077cef993bfe755ed46851 Author: EDVLeer <32170051+EDVLeer@users.noreply.github.com> Date: Tue Jul 7 08:21:36 2020 +0200 Update snipeit.sh Ubuntu 20.04 commit ec6ed256fbc7740f76ee22867b6fe2008ff7873e Author: snipe <snipe@snipe.net> Date: Mon Jul 6 18:45:43 2020 -0700 Bumped minor version commit 2aaa7bed2d4fad6e8f7b101ecdae1f46ab8a00c2 Merge: 339bdddc3 cc9f1577a Author: snipe <snipe@snipe.net> Date: Thu Jun 25 18:37:41 2020 -0700 Merge pull request #8183 from snipe/features/merge_users Added merge utility commit cc9f1577a47708a6e11dffeab4797982be243cfa Author: snipe <snipe@snipe.net> Date: Thu Jun 25 17:43:53 2020 -0700 Removed unused use directives commit ab1fe8be0c72522273c468dfd5551553d9f92665 Author: snipe <snipe@snipe.net> Date: Thu Jun 25 17:42:39 2020 -0700 Added merge utility commit 339bdddc384aa655fa186dc36e02cc587487d4af Author: snipe <snipe@snipe.net> Date: Thu Jun 25 11:00:33 2020 -0700 Fix for Vue js not loading due to CSP :( commit 35b9cf4b703b9ced785daec1d35973ca266cdc49 Author: snipe <snipe@snipe.net> Date: Tue Jun 23 02:41:59 2020 -0700 Fixed missing db prefix on scopeDueOrOverdueForAudit commit 7ccb41371e0efc46d51abc790f49a9fb73e9b8bc Author: snipe <snipe@snipe.net> Date: Tue Jun 23 01:09:39 2020 -0700 Removed unoptimized images directive securityheaders.com is claiming it’s onrecognized, even though I got that directive from their site, so… whatever. ¯\_(ツ)_/¯ commit 2e60a457bf45640a0563a2bc4b66e02b0d226271 Author: snipe <snipe@snipe.net> Date: Tue Jun 23 01:07:00 2020 -0700 Dumb fix for feature-policy being dumb. commit 2390d2160bff7b4b340696fa527b1bc871bddff1 Merge: b42801f6a 00b051b8c Author: snipe <snipe@snipe.net> Date: Tue Jun 23 00:27:47 2020 -0700 Merge pull request #8164 from snipe/features/additional_security_headers Additional security headers commit 00b051b8c7f1af5218a11f2b33fcab37934bd894 Author: snipe <snipe@snipe.net> Date: Tue Jun 23 00:26:09 2020 -0700 Added a few more comments commit 05b3a9ad7e72cc71b09ed8ef2e87db19fa3700ee Author: snipe <snipe@snipe.net> Date: Mon Jun 22 23:17:27 2020 -0700 Config variable for HSTS commit 4fb880384fd455bd59a3b91c4244c392d7198c48 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:37:14 2020 -0700 Changed comment commit 43042ad8412d8d89a9b09e47e5da8b276c9655f2 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:35:59 2020 -0700 Consolidated ReferrerPolicy into new SecurityHeaders file commit a716382ac43d0a58b96604a3ec15e389b7ae97c2 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:33:37 2020 -0700 Removed CSP middleware (it’s added in the general header) commit 36c8f7f4f116666c63ae7bc0d12e15f77a8fd6bc Author: snipe <snipe@snipe.net> Date: Mon Jun 22 22:31:01 2020 -0700 Additional security headers commit b42801f6ae635e843d9e062b4119d86fb3d05fc6 Merge: de4934f21 946129f20 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:47:35 2020 -0700 Merge pull request #8163 from snipe/fixes/fix-for-css-on-column-selector Fixed weird padlock display in asset listing with encrypted custom fields commit 946129f20614e65bbbecbbda70cfba81b89d0937 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:45:20 2020 -0700 Made quote style consistent commit b941ef1e08f84f40f503db6ebe67d0e8dca9c74a Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:41:40 2020 -0700 Pulled CSS font awesome styles out of the blade and into overrides.css commit d1aa11ec89347fb2c139d751719c4459c2448321 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 20:29:19 2020 -0700 Fix for weird padlock display in asset listing with encrypted custom fields commit de4934f21d34a628e57992fc6a59813f42c55d90 Merge: af06e4205 b10076b01 Author: snipe <snipe@snipe.net> Date: Mon Jun 22 17:28:38 2020 -0700 Merge pull request #8162 from Godmartinz/godfreymartinez-ghi-font-size-of-qr_text Fixed #8161 and #8114 - font-size for labels used static values in blade instead of using values from settings commit b10076b015ac0034fded62548135aaff3f1b2a0a Author: Godfrey M <godmartinz@gmail.com> Date: Mon Jun 22 17:04:39 2020 -0700 corrected an error where font-size for labels were static in settings. commit af06e4205627b29f583b2e2e770fd2913fce5e46 Author: snipe <snipe@snipe.net> Date: Wed Jun 17 11:17:25 2020 -0700 Bumped version commit 9a2440dc4b98a9c12b38a04504875c7c196a510c Merge: beae8efb2 2ac1c1636 Author: snipe <snipe@snipe.net> Date: Tue Jun 16 20:20:07 2020 -0700 Merge pull request #8141 from snipe/fixes/better_handling_when_license_is_invalid Better handle the logic to determine if we should display the license checkout blade [ch13792] commit 2ac1c1636c672db59d601bd5c73d4a8023533ec9 Author: snipe <snipe@snipe.net> Date: Tue Jun 16 16:12:57 2020 -0700 Better handle the logic to determine if we should display the license checkout blade commit 004ecad059d636cc5be62aa5f112e3c4f9762326 Author: Peter Upfold <pgithub@upfold.org.uk> Date: Wed Jun 3 08:59:50 2020 +0100 Force suppress deprecation warning on ldap_control_paged_result() commit beae8efb21c2675b3da4308a87d911c534e70361 Merge: d14ab7e3e 9839e5e56 Author: snipe <snipe@snipe.net> Date: Wed May 27 23:01:33 2020 -0700 Merge pull request #8088 from Godmartinz/Label_Woes Barcode resizing and text adjustment commit 9839e5e566f51f85abe6860dfc8377042834c89b Author: Godfrey M <godmartinz@gmail.com> Date: Wed May 27 12:27:40 2020 -0700 adjusted for all label text, removed local variable commit d14ab7e3e1bf09c931ad148fdb6b65ee5a3dc7b8 Author: snipe <snipe@snipe.net> Date: Wed May 27 00:22:44 2020 -0700 Porting change from #8053 to master Signed-off-by: snipe <snipe@snipe.net> commit e7f74d94c179730f8b8502da5e2c1c90fa8ec594 Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:22:45 2020 -0700 Label_Woes commit e97cf011b65df9e66826c26464fed7bf4001917a Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:15:39 2020 -0700 Label_Woes commit ed23505054cd1bdf2ef695b6b010e025382f38da Author: Godfrey M <godmartinz@gmail.com> Date: Tue May 26 17:10:45 2020 -0700 Label_Woes commit 001e721530c41fd8ad8e925cecdef2eb8c96ab4c Merge: f88683766 8210da6e8 Author: snipe <snipe@snipe.net> Date: Wed May 20 10:21:52 2020 -0700 Merge pull request #8063 from dmeltzer/backport-8092 BACKPORT: Fix Missing Category selection in Asset Model Modal dialog - [ch14635] commit 8210da6e82018afab07197abe591a7666a56af21 Author: Daniel Meltzer <dmeltzer.devel@gmail.com> Date: Wed May 20 10:29:27 2020 -0400 Fix Missing Category selection in Asset Model Modal dialog. A select html tag needs a full closing tag. is not valid. This was causing the select2 js to barf and eat additional information. commit f88683766b1c7e9636aebe2fc952e6f036d3882c Author: snipe <snipe@snipe.net> Date: Thu May 14 00:55:47 2020 -0700 Roll back previous change Signed-off-by: snipe <snipe@snipe.net> commit e4385c0f8c584061670a1f98b13bbe90a124ac05 Author: snipe <snipe@snipe.net> Date: Thu May 14 00:48:30 2020 -0700 Fixes #8051 regression Signed-off-by: snipe <snipe@snipe.net> commit 0550fe0ffa4e5569bd7ca28354ca282ca2ef2825 Author: snipe <snipe@snipe.net> Date: Tue May 12 10:31:54 2020 -0700 Fix for session fixation vulnerability Signed-off-by: snipe <snipe@snipe.net> commit 7fb3a9b82c09b3aab65bf2b00f76efc66356155e Merge: 9a2ed804c ecb1e87fe Author: snipe <snipe@snipe.net> Date: Mon May 11 22:41:36 2020 -0700 Merge pull request #8043 from snipe/features/backup-optional-in-import-and-ldap Added option to disable backup in import commit ecb1e87fe6e7ab67900936a0f158670cc4c21c56 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:45:15 2020 -0700 Updated assets Signed-off-by: snipe <snipe@snipe.net> commit f43df5f04147ded31cc625ef92f87127993e94b3 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:44:46 2020 -0700 Fixed form label Signed-off-by: snipe <snipe@snipe.net> commit 95cc48e422e54b373d3a88d20d15d7536a323dce Author: snipe <snipe@snipe.net> Date: Mon May 11 20:41:10 2020 -0700 Added option to disable backup in import Signed-off-by: snipe <snipe@snipe.net> commit 9a2ed804ca9f71a9705da604a2c721ceeb9a5567 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:28:42 2020 -0700 Fixed mismatched HTML header tags Signed-off-by: snipe <snipe@snipe.net> commit d20fad28e5e807c7577d9bd0e5146e5607affa33 Author: snipe <snipe@snipe.net> Date: Mon May 11 20:28:24 2020 -0700 Use more modern request helper Signed-off-by: snipe <snipe@snipe.net> commit ae813ddf75b21c45420016033c667ee35a9fc52b Author: snipe <snipe@snipe.net> Date: Mon May 11 18:11:16 2020 -0700 Add @alek13 as a contributor commit bb42109c0c76b6709f39190ae4a1daa55865d306 Author: snipe <snipe@snipe.net> Date: Mon May 11 18:10:45 2020 -0700 Added a clarifying comment Signed-off-by: snipe <snipe@snipe.net> commit f46ecf8ec0c1723e2e04036357c74644c30d4cb7 Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:20 2020 -0700 Updated composer lock Signed-off-by: snipe <snipe@snipe.net> commit b9e821c0e65e0745064b42aa6cccf9627c5df3e6 Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:14 2020 -0700 Small fix for Group Functional Tests Signed-off-by: snipe <snipe@snipe.net> commit 9ee28c7513616018f8ff0b8f5b167469e19070eb Author: snipe <snipe@snipe.net> Date: Mon May 11 18:07:02 2020 -0700 Switched to use info instead of danger on undeployable statuses Signed-off-by: snipe <snipe@snipe.net> commit 1a8ba06702727b1de870d05df53443270b35b8b7 Merge: 0fd232e70 ee4d69b1c Author: snipe <snipe@snipe.net> Date: Mon May 11 17:53:32 2020 -0700 Merge branch 'master' of https://github.com/snipe/snipe-it commit 0fd232e70d2be9ce845a73745ac98800bcfef9e2 Author: snipe <snipe@snipe.net> Date: Mon May 11 17:53:24 2020 -0700 Fixed group functional test (We had changed the minimum to 2 instead of 3) Signed-off-by: snipe <snipe@snipe.net> commit ee4d69b1c59c6baf832574da9e9bbbe67248a4bc Merge: 31c535094 d1ad11194 Author: snipe <snipe@snipe.net> Date: Mon May 11 17:52:45 2020 -0700 Merge pull request #8041 from alek13/patch-1 use supported package for slack commit d1ad11194936c51050d2e7a77d01c0daa1dde4fd Author: Alexander Chibrikin <alek13.me@gmail.com> Date: Mon May 11 20:31:13 2020 +0300 use supported package for slack see https://github.com/maknz/slack/issues/94 commit 31c5350941c7330aed01652b0670b61f6660b15b Author: snipe <snipe@snipe.net> Date: Fri May 1 01:05:48 2020 -0700 Fixed incorrect route for groups edit Signed-off-by: snipe <snipe@snipe.net> commit 7eb70e17e0b4d0f1ed1fe3ed7fbff1728eb077fb Merge: 5bb4f271a 3dfcb4699 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:50:37 2020 -0700 Merge pull request #7993 from snipe/fixes/7989_column_selector Fixed #7989 - Converted table heading icons in People to CSS glyphs commit 3dfcb469910456b3213e00c5cd2f839d25dbf2c7 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:41:08 2020 -0700 Minor formatting changes Signed-off-by: snipe <snipe@snipe.net> commit 96eb96f964c40b798d5ceed25eff2bbef4f0bc51 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:27:00 2020 -0700 Removed stray val (typo) Signed-off-by: snipe <snipe@snipe.net> commit a2f08bd3baa6fb23633ceb58e5408b125b0f0029 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:08:54 2020 -0700 Added comments Signed-off-by: snipe <snipe@snipe.net> commit e009fbe59f39a717a4ad7bea5027d39cb5323225 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 04:04:53 2020 -0700 Converted table heading icons in People to CSS glyphs Signed-off-by: snipe <snipe@snipe.net> commit 5bb4f271aaa42a0c211d25e06a500a76c5a224f4 Author: snipe <snipe@snipe.net> Date: Fri Apr 24 00:47:19 2020 -0700 Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets Signed-off-by: snipe <snipe@snipe.net>
2020-08-31 12:17:19 -07:00
if (Auth::user()) {
$current_user_company_id = Auth::user()->company_id;
$companyable_company_id = $companyable->company_id;
return $current_user_company_id == null || $current_user_company_id == $companyable_company_id || Auth::user()->isSuperUser();
}
2016-03-25 01:18:05 -07:00
}
}
public static function isCurrentUserAuthorized()
{
return (! static::isFullMultipleCompanySupportEnabled()) || (Auth::user()->isSuperUser());
2016-03-25 01:18:05 -07:00
}
public static function canManageUsersCompanies()
{
return ! static::isFullMultipleCompanySupportEnabled() || Auth::user()->isSuperUser() ||
Auth::user()->company_id == null;
2016-03-25 01:18:05 -07:00
}
/**
* Checks if company can be deleted
*
* @author [Dan Meltzer] [<dmeltzer.devel@gmail.com>]
* @since [v5.0]
* @return bool
*/
public function isDeletable()
{
return Gate::allows('delete', $this)
&& ($this->assets()->count() === 0)
&& ($this->accessories()->count() === 0)
&& ($this->consumables()->count() === 0)
&& ($this->components()->count() === 0)
&& ($this->users()->count() === 0);
}
/**
* @param $unescaped_input
* @return int|mixed|string|null
*/
2016-03-25 01:18:05 -07:00
public static function getIdForUser($unescaped_input)
{
if (! static::isFullMultipleCompanySupportEnabled() || Auth::user()->isSuperUser()) {
2016-03-25 01:18:05 -07:00
return static::getIdFromInput($unescaped_input);
} else {
return static::getIdForCurrentUser($unescaped_input);
}
}
public function users()
{
return $this->hasMany(User::class, 'company_id');
}
public function assets()
{
return $this->hasMany(Asset::class, 'company_id');
}
public function licenses()
{
return $this->hasMany(License::class, 'company_id');
}
public function accessories()
{
return $this->hasMany(Accessory::class, 'company_id');
}
public function consumables()
{
return $this->hasMany(Consumable::class, 'company_id');
}
public function components()
{
return $this->hasMany(Component::class, 'company_id');
}
/**
* START COMPANY SCOPING FOR FMCS
*/
/**
* Scoping table queries, determining if a logged in user is part of a company, and only allows the user to access items associated with that company if FMCS is enabled.
*
* This method is the one that the CompanyableTrait uses to contrain queries automatically, however that trait CANNOT be
* applied to the user's model, since it causes an infinite loop against the authenticated user.
*
* @todo - refactor that trait to handle the user's model as well.
*
* @author [A. Gianotto] <snipe@snipe.net>
* @param $query
* @param $column
* @param $table_name
* @return mixed
*/
public static function scopeCompanyables($query, $column = 'company_id', $table_name = null)
2016-03-25 01:18:05 -07:00
{
// If not logged in and hitting this, assume we are on the command line and don't scope?'
if (! static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser()) || (! Auth::check())) {
\Log::debug('Skip scoping in scopeCompanyableChildren. User is not logged in or is a superadmin');
2016-03-25 01:18:05 -07:00
return $query;
} else {
\Log::debug('Fire scopeCompanyablesDirectly.');
return static::scopeCompanyablesDirectly($query, $column, $table_name);
2016-03-25 01:18:05 -07:00
}
}
/**
* Scoping table queries, determining if a logged in user is part of a company, and only allows
* that user to see items associated with that company
*/
private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null)
{
// Get the company ID of the logged in user, or set it to null if there is no company assicoated with the user
if (Auth::user()) {
\Log::debug('Admin company is: '.Auth::user()->company_id);
$company_id = Auth::user()->company_id;
} else {
$company_id = null;
}
// Dynamically get the table name if it's not passed in, based on the model we're querying against
$table = ($table_name) ? $table_name."." : $query->getModel()->getTable().".";
\Log::debug('Model is: '.$query->getModel());
\Log::debug('Table is: '.$table);
// If the column exists in the table, use it to scope the query
if (\Schema::hasColumn($query->getModel()->getTable(), $column)) {
return $query->where($table.$column, '=', $company_id);
} else {
return $query->join('users as users_comp', 'users_comp.id', 'user_id')->where('users_comp.company_id', '=', $company_id);
}
}
/**
* I legit do not know what this method does, but we can't remove it (yet).
*
* This gets invoked by CompanyableChildScope, but I'm not sure what it does.
*
* @author [A. Gianotto] <snipe@snipe.net>
* @param array $companyable_names
* @param $query
* @return mixed
*/
2016-03-25 01:18:05 -07:00
public static function scopeCompanyableChildren(array $companyable_names, $query)
{
\Log::debug('Company Names in scopeCompanyableChildren: '.print_r($companyable_names, true));
2016-03-25 01:18:05 -07:00
if (count($companyable_names) == 0) {
throw new Exception('No Companyable Children to scope');
} elseif (! static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
\Log::debug('Skip scoping in scopeCompanyableChildren. User is not logged in or is a superadmin');
2016-03-25 01:18:05 -07:00
return $query;
} else {
$f = function ($q) {
\Log::debug('scopeCompanyablesDirectly firing ');
2016-03-25 01:18:05 -07:00
static::scopeCompanyablesDirectly($q);
};
$q = $query->where(function ($q) use ($companyable_names, $f) {
$q2 = $q->whereHas($companyable_names[0], $f);
for ($i = 1; $i < count($companyable_names); $i++) {
$q2 = $q2->orWhereHas($companyable_names[$i], $f);
}
});
2016-03-25 01:18:05 -07:00
return $q;
}
}
}