snipe-it/app/Http/Controllers/Api/SettingsController.php

310 lines
11 KiB
PHP
Raw Normal View History

2017-01-12 19:40:20 -08:00
<?php
namespace App\Http\Controllers\Api;
use App\Http\Transformers\BackupsTransformer;
use Illuminate\Http\Request;
2017-01-12 19:40:20 -08:00
use App\Http\Controllers\Controller;
use App\Models\Ldap;
2017-10-16 07:07:21 -07:00
use App\Models\Setting;
use Mail;
use App\Notifications\SlackTest;
use App\Notifications\MailTest;
use GuzzleHttp\Client;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Notification;
use Illuminate\Support\Facades\Storage;
Merge master down into develop Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .all-contributorsrc # README.md # app/Exceptions/Handler.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/SettingsController.php # app/Http/Controllers/CustomFieldsController.php # app/Http/Controllers/SettingsController.php # app/Http/Transformers/AssetsTransformer.php # app/Models/Setting.php # config/version.php # resources/lang/af/button.php # resources/lang/ar/button.php # resources/lang/bg/button.php # resources/lang/cs/button.php # resources/lang/cy/button.php # resources/lang/da/button.php # resources/lang/de/button.php # resources/lang/el/button.php # resources/lang/en-GB/button.php # resources/lang/en-ID/button.php # resources/lang/es-CO/admin/groups/message.php # resources/lang/es-MX/button.php # resources/lang/et/admin/custom_fields/general.php # resources/lang/et/admin/hardware/table.php # resources/lang/et/admin/kits/general.php # resources/lang/et/admin/manufacturers/message.php # resources/lang/et/admin/models/general.php # resources/lang/et/admin/settings/general.php # resources/lang/et/button.php # resources/lang/et/mail.php # resources/lang/fa/button.php # resources/lang/fa/help.php # resources/lang/fi/button.php # resources/lang/fil/button.php # resources/lang/fr/button.php # resources/lang/ga-IE/button.php # resources/lang/he/button.php # resources/lang/hr/button.php # resources/lang/hu/admin/settings/general.php # resources/lang/hu/auth/message.php # resources/lang/hu/button.php # resources/lang/hu/mail.php # resources/lang/id/admin/hardware/table.php # resources/lang/id/button.php # resources/lang/it/button.php # resources/lang/iu/button.php # resources/lang/ja/button.php # resources/lang/ko/button.php # resources/lang/lt/button.php # resources/lang/lv/button.php # resources/lang/mi/button.php # resources/lang/mk/button.php # resources/lang/ml-IN/button.php # resources/lang/mn/button.php # resources/lang/ms/admin/hardware/table.php # resources/lang/ms/admin/kits/general.php # resources/lang/ms/admin/models/general.php # resources/lang/ms/admin/models/message.php # resources/lang/ms/admin/settings/general.php # resources/lang/ms/button.php # resources/lang/nl/button.php # resources/lang/no/admin/hardware/table.php # resources/lang/no/admin/kits/general.php # resources/lang/no/admin/settings/general.php # resources/lang/no/auth/message.php # resources/lang/no/button.php # resources/lang/no/help.php # resources/lang/no/mail.php # resources/lang/pl/button.php # resources/lang/pt-BR/button.php # resources/lang/pt-PT/auth/message.php # resources/lang/pt-PT/button.php # resources/lang/pt-PT/mail.php # resources/lang/ro/button.php # resources/lang/ru/admin/settings/general.php # resources/lang/ru/button.php # resources/lang/ru/help.php # resources/lang/sl/admin/custom_fields/general.php # resources/lang/sl/admin/hardware/table.php # resources/lang/sl/admin/kits/general.php # resources/lang/sl/admin/manufacturers/message.php # resources/lang/sl/admin/models/general.php # resources/lang/sl/admin/settings/general.php # resources/lang/sl/admin/users/general.php # resources/lang/sl/auth/message.php # resources/lang/sl/button.php # resources/lang/sl/help.php # resources/lang/sr-CS/button.php # resources/lang/ta/button.php # resources/lang/th/button.php # resources/lang/th/mail.php # resources/lang/tl/button.php # resources/lang/tr/admin/settings/general.php # resources/lang/tr/auth/message.php # resources/lang/tr/button.php # resources/lang/uk/button.php # resources/lang/ur-PK/button.php # resources/lang/vi/button.php # resources/lang/zh-CN/button.php # resources/lang/zh-HK/button.php # resources/lang/zh-TW/admin/hardware/table.php # resources/lang/zh-TW/button.php # resources/lang/zu/button.php # resources/views/models/custom_fields_form.blade.php # resources/views/reports/custom.blade.php # resources/views/settings/slack.blade.php
2021-12-16 14:26:24 -08:00
use Illuminate\Support\Facades\Validator;
use App\Http\Requests\SlackSettingsRequest;
use App\Http\Transformers\LoginAttemptsTransformer;
2017-01-12 19:40:20 -08:00
class SettingsController extends Controller
{
2017-10-16 07:07:21 -07:00
2017-07-07 23:44:48 -07:00
public function ldaptest()
{
$settings = Setting::getSettings();
if ($settings->ldap_enabled!='1') {
\Log::debug('LDAP is not enabled cannot test.');
return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
2017-07-07 23:44:48 -07:00
}
\Log::debug('Preparing to test LDAP connection');
2017-10-16 07:07:21 -07:00
$message = []; //where we collect together test messages
2017-10-16 06:34:04 -07:00
try {
$connection = Ldap::connectToLdap();
try {
$message['bind'] = ['message' => 'Successfully bound to LDAP server.'];
\Log::debug('attempting to bind to LDAP for LDAP test');
Ldap::bindAdminToLdap($connection);
$message['login'] = [
'message' => 'Successfully connected to LDAP server.',
];
$users = collect(Ldap::findLdapUsers(null,10))->filter(function ($value, $key) {
return is_int($key);
})->slice(0, 10)->map(function ($item) use ($settings) {
return (object) [
'username' => $item[$settings['ldap_username_field']][0] ?? null,
'employee_number' => $item[$settings['ldap_emp_num']][0] ?? null,
'lastname' => $item[$settings['ldap_lname_field']][0] ?? null,
'firstname' => $item[$settings['ldap_fname_field']][0] ?? null,
'email' => $item[$settings['ldap_email']][0] ?? null,
];
});
if ($users->count() > 0) {
$message['user_sync'] = [
'users' => $users,
];
} else {
$message['user_sync'] = [
'message' => 'Connection to LDAP was successful, however there were no users returned from your query. You should confirm the Base Bind DN above.',
];
return response()->json($message, 400);
}
return response()->json($message, 200);
} catch (\Exception $e) {
\Log::debug('Bind failed');
\Log::debug("Exception was: ".$e->getMessage());
return response()->json(['message' => $e->getMessage()], 400);
//return response()->json(['message' => $e->getMessage()], 500);
}
} catch (\Exception $e) {
\Log::debug('Connection failed but we cannot debug it any further on our end.');
return response()->json(['message' => $e->getMessage()], 500);
2017-10-16 06:34:04 -07:00
}
2017-10-16 06:34:04 -07:00
}
public function ldaptestlogin(Request $request)
{
if (Setting::getSettings()->ldap_enabled != '1') {
\Log::debug('LDAP is not enabled. Cannot test.');
return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
}
$rules = array(
'ldaptest_user' => 'required',
'ldaptest_password' => 'required'
);
$validator = Validator::make($request->all(), $rules);
if ($validator->fails()) {
\Log::debug('LDAP Validation test failed.');
$validation_errors = implode(' ',$validator->errors()->all());
return response()->json(['message' => $validator->errors()->all()], 400);
}
\Log::debug('Preparing to test LDAP login');
try {
$connection = Ldap::connectToLdap();
try {
Ldap::bindAdminToLdap($connection);
\Log::debug('Attempting to bind to LDAP for LDAP test');
try {
$ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
if ($ldap_user) {
\Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
}
return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
} catch (\Exception $e) {
\Log::debug('LDAP login failed');
return response()->json(['message' => $e->getMessage()], 400);
}
} catch (\Exception $e) {
\Log::debug('Bind failed');
return response()->json(['message' => $e->getMessage()], 400);
//return response()->json(['message' => $e->getMessage()], 500);
}
} catch (\Exception $e) {
\Log::debug('Connection failed');
return response()->json(['message' => $e->getMessage()], 500);
}
}
public function slacktest(SlackSettingsRequest $request)
2018-02-22 16:35:34 -08:00
{
$validator = Validator::make($request->all(), [
'slack_endpoint' => 'url|required_with:slack_channel|starts_with:https://hooks.slack.com/|nullable',
'slack_channel' => 'required_with:slack_endpoint|starts_with:#|nullable',
2020-09-15 23:05:27 -07:00
]);
if ($validator->fails()) {
return response()->json(['message' => 'Validation failed', 'errors' => $validator->errors()], 422);
}
// If validation passes, continue to the curl request
$slack = new Client([
'base_url' => e($request->input('slack_endpoint')),
'defaults' => [
'exceptions' => false,
],
2020-09-15 23:05:27 -07:00
]);
2018-02-22 16:35:34 -08:00
$payload = json_encode(
[
'channel' => e($request->input('slack_channel')),
'text' => trans('general.slack_test_msg'),
'username' => e($request->input('slack_botname')),
'icon_emoji' => ':heart:',
]);
try {
$slack->post($request->input('slack_endpoint'), ['body' => $payload]);
return response()->json(['message' => 'Success'], 200);
2018-02-22 16:35:34 -08:00
} catch (\Exception $e) {
Merge master down into develop Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .all-contributorsrc # README.md # app/Exceptions/Handler.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/SettingsController.php # app/Http/Controllers/CustomFieldsController.php # app/Http/Controllers/SettingsController.php # app/Http/Transformers/AssetsTransformer.php # app/Models/Setting.php # config/version.php # resources/lang/af/button.php # resources/lang/ar/button.php # resources/lang/bg/button.php # resources/lang/cs/button.php # resources/lang/cy/button.php # resources/lang/da/button.php # resources/lang/de/button.php # resources/lang/el/button.php # resources/lang/en-GB/button.php # resources/lang/en-ID/button.php # resources/lang/es-CO/admin/groups/message.php # resources/lang/es-MX/button.php # resources/lang/et/admin/custom_fields/general.php # resources/lang/et/admin/hardware/table.php # resources/lang/et/admin/kits/general.php # resources/lang/et/admin/manufacturers/message.php # resources/lang/et/admin/models/general.php # resources/lang/et/admin/settings/general.php # resources/lang/et/button.php # resources/lang/et/mail.php # resources/lang/fa/button.php # resources/lang/fa/help.php # resources/lang/fi/button.php # resources/lang/fil/button.php # resources/lang/fr/button.php # resources/lang/ga-IE/button.php # resources/lang/he/button.php # resources/lang/hr/button.php # resources/lang/hu/admin/settings/general.php # resources/lang/hu/auth/message.php # resources/lang/hu/button.php # resources/lang/hu/mail.php # resources/lang/id/admin/hardware/table.php # resources/lang/id/button.php # resources/lang/it/button.php # resources/lang/iu/button.php # resources/lang/ja/button.php # resources/lang/ko/button.php # resources/lang/lt/button.php # resources/lang/lv/button.php # resources/lang/mi/button.php # resources/lang/mk/button.php # resources/lang/ml-IN/button.php # resources/lang/mn/button.php # resources/lang/ms/admin/hardware/table.php # resources/lang/ms/admin/kits/general.php # resources/lang/ms/admin/models/general.php # resources/lang/ms/admin/models/message.php # resources/lang/ms/admin/settings/general.php # resources/lang/ms/button.php # resources/lang/nl/button.php # resources/lang/no/admin/hardware/table.php # resources/lang/no/admin/kits/general.php # resources/lang/no/admin/settings/general.php # resources/lang/no/auth/message.php # resources/lang/no/button.php # resources/lang/no/help.php # resources/lang/no/mail.php # resources/lang/pl/button.php # resources/lang/pt-BR/button.php # resources/lang/pt-PT/auth/message.php # resources/lang/pt-PT/button.php # resources/lang/pt-PT/mail.php # resources/lang/ro/button.php # resources/lang/ru/admin/settings/general.php # resources/lang/ru/button.php # resources/lang/ru/help.php # resources/lang/sl/admin/custom_fields/general.php # resources/lang/sl/admin/hardware/table.php # resources/lang/sl/admin/kits/general.php # resources/lang/sl/admin/manufacturers/message.php # resources/lang/sl/admin/models/general.php # resources/lang/sl/admin/settings/general.php # resources/lang/sl/admin/users/general.php # resources/lang/sl/auth/message.php # resources/lang/sl/button.php # resources/lang/sl/help.php # resources/lang/sr-CS/button.php # resources/lang/ta/button.php # resources/lang/th/button.php # resources/lang/th/mail.php # resources/lang/tl/button.php # resources/lang/tr/admin/settings/general.php # resources/lang/tr/auth/message.php # resources/lang/tr/button.php # resources/lang/uk/button.php # resources/lang/ur-PK/button.php # resources/lang/vi/button.php # resources/lang/zh-CN/button.php # resources/lang/zh-HK/button.php # resources/lang/zh-TW/admin/hardware/table.php # resources/lang/zh-TW/button.php # resources/lang/zu/button.php # resources/views/models/custom_fields_form.blade.php # resources/views/reports/custom.blade.php # resources/views/settings/slack.blade.php
2021-12-16 14:26:24 -08:00
return response()->json(['message' => 'Please check the channel name and webhook endpoint URL ('.e($request->input('slack_endpoint')).'). Slack responded with: '.$e->getMessage()], 400);
}
2018-02-22 16:35:34 -08:00
//}
2020-09-15 23:05:27 -07:00
return response()->json(['message' => 'Something went wrong :( '], 400);
2018-02-22 16:35:34 -08:00
}
/**
* Test the email configuration
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
* @return Redirect
*/
public function ajaxTestEmail()
{
if (!config('app.lock_passwords')) {
try {
Notification::send(Setting::first(), new MailTest());
2017-11-03 14:58:49 -07:00
return response()->json(['message' => 'Mail sent to '.config('mail.reply_to.address')], 200);
2020-11-12 14:27:59 -08:00
} catch (\Exception $e) {
return response()->json(['message' => $e->getMessage()], 500);
}
}
return response()->json(['message' => 'Mail would have been sent, but this application is in demo mode! '], 200);
}
/**
* Delete server-cached barcodes
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v5.0.0]
* @return Response
*/
public function purgeBarcodes()
{
$file_count = 0;
$files = Storage::disk('public')->files('barcodes');
foreach ($files as $file) { // iterate files
$file_parts = explode('.', $file);
$extension = end($file_parts);
\Log::debug($extension);
// Only generated barcodes would have a .png file extension
if ($extension == 'png') {
\Log::debug('Deleting: '.$file);
try {
Storage::disk('public')->delete($file);
\Log::debug('Deleting: '.$file);
$file_count++;
} catch (\Exception $e) {
\Log::debug($e);
}
}
}
return response()->json(['message' => 'Deleted '.$file_count.' barcodes'], 200);
}
/**
* Get a list of login attempts
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v5.0.0]
* @param \Illuminate\Http\Request $request
* @return array
*/
public function showLoginAttempts(Request $request)
{
$allowed_columns = ['id', 'username', 'remote_ip', 'user_agent', 'successful', 'created_at'];
$login_attempts = DB::table('login_attempts');
$order = $request->input('order') === 'asc' ? 'asc' : 'desc';
$sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'created_at';
$total = $login_attempts->count();
$login_attempts->orderBy($sort, $order);
$login_attempt_results = $login_attempts->skip(request('offset', 0))->take(request('limit', 20))->get();
return (new LoginAttemptsTransformer)->transformLoginAttempts($login_attempt_results, $total);
}
public function listBackups() {
$settings = Setting::getSettings();
$path = 'app/backups';
$backup_files = Storage::files($path);
$files_raw = [];
$count = 0;
if (count($backup_files) > 0) {
for ($f = 0; $f < count($backup_files); $f++) {
// Skip dotfiles like .gitignore and .DS_STORE
if ((substr(basename($backup_files[$f]), 0, 1) != '.')) {
$file_timestamp = Storage::lastModified($backup_files[$f]);
$files_raw[] = [
'filename' => basename($backup_files[$f]),
'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
'modified_value' => $file_timestamp,
'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
];
$count++;
}
}
}
$files = array_reverse($files_raw);
return (new BackupsTransformer())->transformBackups($files, $count);
}
public function downloadBackup($file) {
$path = '';
return response()->download($path, $file->name, $headers);
}
}