snipe-it/app/Http/Controllers/SettingsController.php

1375 lines
50 KiB
PHP
Raw Normal View History

2016-03-25 01:18:05 -07:00
<?php
2016-03-25 01:18:05 -07:00
namespace App\Http\Controllers;
2020-04-21 04:08:25 -07:00
use App\Helpers\Helper;
use App\Helpers\StorageHelper;
2020-04-21 04:08:25 -07:00
use App\Http\Requests\ImageUploadRequest;
2020-05-05 07:06:19 -07:00
use App\Http\Requests\SettingsSamlRequest;
use App\Http\Requests\SetupUserRequest;
2023-09-27 16:51:53 -07:00
use App\Models\CustomField;
use App\Models\Group;
2016-03-25 01:18:05 -07:00
use App\Models\Setting;
use App\Models\Asset;
2016-03-25 19:26:22 -07:00
use App\Models\User;
use App\Notifications\FirstAdminNotification;
use App\Notifications\MailTest;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\App;
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
use Illuminate\Support\Facades\Storage;
use Illuminate\Validation\Rule;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\JsonResponse;
use \Illuminate\Contracts\View\View;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Artisan;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\File;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\URL;
use Illuminate\Support\Facades\Validator;
use Symfony\Component\HttpFoundation\BinaryFileResponse;
2016-12-27 17:31:53 -08:00
2016-03-25 01:18:05 -07:00
/**
2016-04-07 13:21:09 -07:00
* This controller handles all actions related to Settings for
* the Snipe-IT Asset Management application.
*
* @version v1.0
2016-03-25 01:18:05 -07:00
*/
class SettingsController extends Controller
{
/**
* Checks to see whether or not the database has a migrations table
* and a user, otherwise display the setup view.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*
* @return \Illuminate\Contracts\View\View | \Illuminate\Http\Response
*/
public function getSetupIndex() : View
2016-03-25 01:18:05 -07:00
{
2018-08-02 21:36:18 -07:00
$start_settings['php_version_min'] = false;
2016-03-25 01:18:05 -07:00
2018-08-02 21:36:18 -07:00
if (version_compare(PHP_VERSION, config('app.min_php'), '<')) {
return response('<center><h1>This software requires PHP version '.config('app.min_php').' or greater. This server is running '.PHP_VERSION.'. </h1><h2>Please upgrade PHP on this server and try again. </h2></center>', 500);
2018-08-02 21:36:18 -07:00
}
2016-03-25 01:18:05 -07:00
try {
$conn = DB::select('select 2 + 2');
$start_settings['db_conn'] = true;
$start_settings['db_name'] = DB::connection()->getDatabaseName();
2016-03-25 01:18:05 -07:00
$start_settings['db_error'] = null;
} catch (\PDOException $e) {
$start_settings['db_conn'] = false;
$start_settings['db_name'] = config('database.connections.mysql.database');
2016-03-25 01:18:05 -07:00
$start_settings['db_error'] = $e->getMessage();
}
2024-06-05 13:46:43 -07:00
$start_settings['url_config'] = trim(config('app.url'), '/'). '/setup';
$start_settings['real_url'] = request()->url();
$start_settings['url_valid'] = $start_settings['url_config'] === $start_settings['real_url'];
2018-08-02 21:36:18 -07:00
$start_settings['php_version_min'] = true;
// Curl the .env file to make sure it's not accessible via a browser
$start_settings['env_exposed'] = $this->dotEnvFileIsExposed();
2016-03-25 01:18:05 -07:00
if (App::Environment('production') && (true == config('app.debug'))) {
2016-03-25 01:18:05 -07:00
$start_settings['debug_exposed'] = true;
} else {
$start_settings['debug_exposed'] = false;
}
$environment = app()->environment();
if ('production' != $environment) {
$start_settings['env'] = $environment;
2016-03-25 01:18:05 -07:00
$start_settings['prod'] = false;
} else {
$start_settings['env'] = $environment;
2016-03-25 01:18:05 -07:00
$start_settings['prod'] = true;
}
$start_settings['owner'] = '';
2016-06-22 12:27:41 -07:00
if (function_exists('posix_getpwuid')) { // Probably Linux
$owner = posix_getpwuid(fileowner($_SERVER['SCRIPT_FILENAME']));
// This *should* be an array, but we've seen this return a bool in some chrooted environments
if (is_array($owner)) {
$start_settings['owner'] = $owner['name'];
}
}
2016-03-25 01:18:05 -07:00
if (($start_settings['owner'] === 'root') || ($start_settings['owner'] === '0')) {
2016-03-25 01:18:05 -07:00
$start_settings['owner_is_admin'] = true;
} else {
$start_settings['owner_is_admin'] = false;
}
$start_settings['writable'] = $this->storagePathIsWritable();
2016-03-25 01:18:05 -07:00
$start_settings['gd'] = extension_loaded('gd');
return view('setup/index')
2020-04-21 04:08:25 -07:00
->with('step', 1)
->with('start_settings', $start_settings)
->with('section', 'Pre-Flight Check');
2016-03-25 01:18:05 -07:00
}
/**
* Determine if the .env file accessible via a browser.
*
* @return bool This method will return true when exceptions (such as curl exception) is thrown.
* Check the log files to see more details about the exception.
*/
protected function dotEnvFileIsExposed() : bool
{
try {
return Http::withoutVerifying()->timeout(10)
->accept('*/*')
->get(URL::to('.env'))
->successful();
} catch (\Exception $e) {
Log::debug($e->getMessage());
return true;
}
}
/**
* Determine if the app storage path is writable.
*/
protected function storagePathIsWritable(): bool
{
return File::isWritable(storage_path()) &&
File::isWritable(storage_path('framework')) &&
File::isWritable(storage_path('framework/cache')) &&
File::isWritable(storage_path('framework/sessions')) &&
File::isWritable(storage_path('framework/views')) &&
File::isWritable(storage_path('logs'));
}
2016-03-25 01:18:05 -07:00
/**
* Save the first admin user from Setup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
*
*/
public function postSaveFirstAdmin(SetupUserRequest $request) : RedirectResponse
{
$user = new User();
$user->first_name = $data['first_name'] = $request->input('first_name');
$user->last_name = $request->input('last_name');
$user->email = $data['email'] = $request->input('email');
$user->activated = 1;
$permissions = ['superuser' => 1];
2016-05-14 15:04:59 -07:00
$user->permissions = json_encode($permissions);
$user->username = $data['username'] = $request->input('username');
$user->password = bcrypt($request->input('password'));
$data['password'] = $request->input('password');
2016-03-25 01:18:05 -07:00
$settings = new Setting();
$settings->full_multiple_companies_support = $request->input('full_multiple_companies_support', 0);
$settings->site_name = $request->input('site_name');
$settings->alert_email = $request->input('email');
$settings->alerts_enabled = 1;
$settings->pwd_secure_min = 10;
$settings->brand = 1;
$settings->locale = $request->input('locale', 'en-US');
$settings->default_currency = $request->input('default_currency', 'USD');
$settings->user_id = 1;
$settings->email_domain = $request->input('email_domain');
$settings->email_format = $request->input('email_format');
$settings->next_auto_tag_base = 1;
$settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
$settings->auto_increment_prefix = $request->input('auto_increment_prefix');
Merge branch 'develop' into integrations/2020-04-15-v5-merge # Conflicts: # README.md # app/Http/Controllers/AccessoriesController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/LicensesController.php # app/Http/Controllers/Api/LocationsController.php # app/Http/Controllers/Api/SettingsController.php # app/Http/Controllers/Api/UsersController.php # app/Http/Controllers/AssetModelsController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/ForgotPasswordController.php # app/Http/Controllers/CategoriesController.php # app/Http/Controllers/CompaniesController.php # app/Http/Controllers/ComponentsController.php # app/Http/Controllers/ConsumablesController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/DepartmentsController.php # app/Http/Controllers/LicensesController.php # app/Http/Controllers/LocationsController.php # app/Http/Controllers/ManufacturersController.php # app/Http/Controllers/SettingsController.php # app/Http/Controllers/SuppliersController.php # app/Http/Controllers/UsersController.php # app/Http/Requests/AssetRequest.php # app/Http/Requests/ImageUploadRequest.php # app/Models/LicenseSeat.php # app/Models/Location.php # app/Models/Setting.php # composer.json # composer.lock # config/database.php # config/version.php # npm-shrinkwrap.json # package.json # public/css/AdminLTE.css # public/css/AdminLTE.css.map # public/css/overrides.css # public/css/overrides.css.map # public/css/skins/skin-blue-light.css # public/css/skins/skin-blue.css # public/css/skins/skin-green-dark.min.css # public/js/app.js # public/js/bootstrap-table.js # public/js/bootstrap/js/bootstrap.js # public/js/bootstrap/js/bootstrap.min.js # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/demo.js # public/js/ekko-lightbox.js # public/js/ekko-lightbox.min.js # public/js/extensions/export/bootstrap-table-export.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.min.js # public/js/extensions/toolbar/bootstrap-table-toolbar.min.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # public/js/plugins/timepicker/bootstrap-timepicker.js # public/js/plugins/timepicker/bootstrap-timepicker.min.js # public/js/vue.js # public/mix-manifest.json # resources/assets/js/bootstrap-js.js # resources/assets/js/bootstrap.min.js # resources/assets/js/ekko-lightbox.js # resources/assets/js/ekko-lightbox.min.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # resources/assets/js/plugins/chartjs/Chart.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.min.js # resources/assets/less/AdminLTE.less # resources/assets/less/overrides.less # resources/assets/less/skins/_all-skins.less # resources/assets/less/skins/skin-black.less # resources/assets/less/skins/skin-blue.less # resources/assets/less/skins/skin-green.less # resources/assets/less/skins/skin-purple.less # resources/assets/less/skins/skin-red.less # resources/assets/less/skins/skin-yellow.less # resources/assets/less/variables.less # resources/js/components/importer/importer-file.vue # resources/lang/en/auth/message.php # resources/lang/en/passwords.php # resources/lang/es-CO/general.php # resources/lang/es-ES/general.php # resources/lang/es-VE/general.php # resources/less/skins/skin-black-dark.less # resources/less/skins/skin-blue-dark.less # resources/less/skins/skin-contrast.less # resources/less/skins/skin-green-dark.less # resources/less/skins/skin-orange-dark.less # resources/less/skins/skin-orange.less # resources/less/skins/skin-purple-dark.less # resources/less/skins/skin-red-dark.less # resources/less/skins/skin-yellow-dark.less # resources/views/accessories/checkin.blade.php # resources/views/accessories/checkout.blade.php # resources/views/accessories/edit.blade.php # resources/views/account/profile.blade.php # resources/views/account/view-assets.blade.php # resources/views/asset_maintenances/edit.blade.php # resources/views/auth/passwords/email.blade.php # resources/views/auth/passwords/reset.blade.php # resources/views/categories/edit.blade.php # resources/views/companies/edit.blade.php # resources/views/components/checkin.blade.php # resources/views/components/checkout.blade.php # resources/views/components/edit.blade.php # resources/views/consumables/checkout.blade.php # resources/views/consumables/edit.blade.php # resources/views/custom_fields/fields/edit.blade.php # resources/views/custom_fields/fieldsets/edit.blade.php # resources/views/dashboard.blade.php # resources/views/departments/edit.blade.php # resources/views/groups/edit.blade.php # resources/views/hardware/audit.blade.php # resources/views/hardware/bulk-checkout.blade.php # resources/views/hardware/bulk.blade.php # resources/views/hardware/checkin.blade.php # resources/views/hardware/checkout.blade.php # resources/views/hardware/edit.blade.php # resources/views/hardware/index.blade.php # resources/views/hardware/quickscan.blade.php # resources/views/hardware/view.blade.php # resources/views/importer/import.blade.php # resources/views/layouts/basic.blade.php # resources/views/layouts/default.blade.php # resources/views/layouts/edit-form.blade.php # resources/views/licenses/checkin.blade.php # resources/views/licenses/checkout.blade.php # resources/views/licenses/edit.blade.php # resources/views/locations/edit.blade.php # resources/views/manufacturers/edit.blade.php # resources/views/modals/upload-file.blade.php # resources/views/models/bulk-edit.blade.php # resources/views/models/custom_fields_form.blade.php # resources/views/models/edit.blade.php # resources/views/partials/bootstrap-table.blade.php # resources/views/partials/forms/edit/address.blade.php # resources/views/partials/forms/edit/asset-select.blade.php # resources/views/partials/forms/edit/category-select.blade.php # resources/views/partials/forms/edit/category.blade.php # resources/views/partials/forms/edit/company-select.blade.php # resources/views/partials/forms/edit/company.blade.php # resources/views/partials/forms/edit/department-select.blade.php # resources/views/partials/forms/edit/depreciation.blade.php # resources/views/partials/forms/edit/email.blade.php # resources/views/partials/forms/edit/image-upload.blade.php # resources/views/partials/forms/edit/item_number.blade.php # resources/views/partials/forms/edit/location-profile-select.blade.php # resources/views/partials/forms/edit/location-select.blade.php # resources/views/partials/forms/edit/location.blade.php # resources/views/partials/forms/edit/maintenance_type.blade.php # resources/views/partials/forms/edit/manufacturer-select.blade.php # resources/views/partials/forms/edit/manufacturer.blade.php # resources/views/partials/forms/edit/minimum_quantity.blade.php # resources/views/partials/forms/edit/model-select.blade.php # resources/views/partials/forms/edit/model_number.blade.php # resources/views/partials/forms/edit/name.blade.php # resources/views/partials/forms/edit/notes.blade.php # resources/views/partials/forms/edit/order_number.blade.php # resources/views/partials/forms/edit/phone.blade.php # resources/views/partials/forms/edit/purchase_cost.blade.php # resources/views/partials/forms/edit/purchase_date.blade.php # resources/views/partials/forms/edit/quantity.blade.php # resources/views/partials/forms/edit/serial.blade.php # resources/views/partials/forms/edit/status.blade.php # resources/views/partials/forms/edit/submit.blade.php # resources/views/partials/forms/edit/supplier-select.blade.php # resources/views/partials/forms/edit/supplier.blade.php # resources/views/partials/forms/edit/user-select.blade.php # resources/views/reports/custom.blade.php # resources/views/settings/alerts.blade.php # resources/views/settings/asset_tags.blade.php # resources/views/settings/barcodes.blade.php # resources/views/settings/branding.blade.php # resources/views/settings/general.blade.php # resources/views/settings/labels.blade.php # resources/views/settings/ldap.blade.php # resources/views/settings/localization.blade.php # resources/views/settings/security.blade.php # resources/views/setup/user.blade.php # resources/views/suppliers/edit.blade.php # resources/views/users/bulk-edit.blade.php # resources/views/users/edit.blade.php # resources/views/users/ldap.blade.php # resources/views/users/print.blade.php # resources/views/users/view.blade.php # routes/api.php # routes/web/hardware.php # webpack.mix.js
2020-04-20 23:20:34 -07:00
2020-04-21 04:08:25 -07:00
if ((! $user->isValid()) || (! $settings->isValid())) {
2016-04-28 21:06:41 -07:00
return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
2016-03-25 01:18:05 -07:00
} else {
$user->save();
Auth::login($user, true);
$settings->save();
2020-09-15 01:51:10 -07:00
if ($request->input('email_creds') == '1') {
$data = [];
$data['email'] = $user->email;
$data['username'] = $user->username;
$data['first_name'] = $user->first_name;
$data['last_name'] = $user->last_name;
$data['password'] = $request->input('password');
$user->notify(new FirstAdminNotification($data));
2016-03-25 01:18:05 -07:00
}
return redirect()->route('setup.done');
}
}
/**
* Return the admin user creation form in Setup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*/
public function getSetupUser() : View
2016-03-25 01:18:05 -07:00
{
return view('setup/user')
2020-04-21 04:08:25 -07:00
->with('step', 3)
->with('section', 'Create a User');
2016-03-25 01:18:05 -07:00
}
/**
* Return the view that tells the user that the Setup is done.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*/
public function getSetupDone() : View
2016-03-25 01:18:05 -07:00
{
return view('setup/done')
2020-04-21 04:08:25 -07:00
->with('step', 4)
->with('section', 'Done!');
2016-03-25 01:18:05 -07:00
}
/**
* Migrate the database tables, and return the output
* to a view for Setup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*/
public function getSetupMigrate() : View
2016-03-25 01:18:05 -07:00
{
Artisan::call('migrate', ['--force' => true]);
if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
Artisan::call('migrate', ['--path' => 'vendor/laravel/passport/database/migrations', '--force' => true]);
2017-10-11 12:42:31 -07:00
Artisan::call('passport:install');
2017-08-22 22:46:02 -07:00
}
return view('setup/migrate')
2020-04-21 04:08:25 -07:00
->with('output', 'Databases installed!')
->with('step', 2)
->with('section', 'Create Database Tables');
2016-03-25 01:18:05 -07:00
}
/**
* Return a view that shows some of the key settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.0]
*/
public function index() : View
2016-03-25 01:18:05 -07:00
{
$settings = Setting::getSettings();
return view('settings/index', compact('settings'));
2016-03-25 01:18:05 -07:00
}
/**
* Return the admin settings page.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.0]
*/
public function getEdit() : View
2016-03-25 01:18:05 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings/general', compact('setting'));
}
2016-03-25 01:18:05 -07:00
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getSettings() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings/general', compact('setting'));
2016-03-25 01:18:05 -07:00
}
/**
2017-07-07 23:44:48 -07:00
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function postSettings(Request $request) : RedirectResponse
2016-03-25 01:18:05 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2016-04-28 21:06:41 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
2016-03-25 01:18:05 -07:00
}
$setting->modellist_displays = '';
if (($request->filled('show_in_model_list')) && (count($request->input('show_in_model_list')) > 0)) {
$setting->modellist_displays = implode(',', $request->input('show_in_model_list'));
}
2017-07-07 23:44:48 -07:00
$setting->full_multiple_companies_support = $request->input('full_multiple_companies_support', '0');
$setting->unique_serial = $request->input('unique_serial', '0');
$setting->show_images_in_email = $request->input('show_images_in_email', '0');
$setting->show_archived_in_list = $request->input('show_archived_in_list', '0');
$setting->dashboard_message = $request->input('dashboard_message');
$setting->email_domain = $request->input('email_domain');
$setting->email_format = $request->input('email_format');
$setting->username_format = $request->input('username_format');
$setting->require_accept_signature = $request->input('require_accept_signature');
$setting->show_assigned_assets = $request->input('show_assigned_assets', '0');
if (! config('app.lock_passwords')) {
2017-09-22 17:23:22 -07:00
$setting->login_note = $request->input('login_note');
}
$setting->default_eula_text = $request->input('default_eula_text');
$setting->thumbnail_max_h = $request->input('thumbnail_max_h');
$setting->privacy_policy_link = $request->input('privacy_policy_link');
$setting->depreciation_method = $request->input('depreciation_method');
$setting->dash_chart_type = $request->input('dash_chart_type');
$setting->profile_edit = $request->input('profile_edit', 0);
2020-09-15 01:51:10 -07:00
if ($request->input('per_page') != '') {
2017-07-07 23:44:48 -07:00
$setting->per_page = $request->input('per_page');
} else {
$setting->per_page = 200;
}
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
2016-03-25 01:18:05 -07:00
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getBranding() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.branding', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function postBranding(ImageUploadRequest $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
// Something has gone horribly wrong - no settings record exists!
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->brand = $request->input('brand', '1');
$setting->header_color = $request->input('header_color');
$setting->support_footer = $request->input('support_footer');
$setting->version_footer = $request->input('version_footer');
$setting->footer_text = $request->input('footer_text');
$setting->skin = $request->input('skin');
$setting->allow_user_skin = $request->input('allow_user_skin', '0');
$setting->show_url_in_emails = $request->input('show_url_in_emails', '0');
$setting->logo_print_assets = $request->input('logo_print_assets', '0');
$setting->load_remote = $request->input('load_remote', 0);
// Only allow the site name, images, and CSS to be changed if lock_passwords is false
2017-07-07 23:44:48 -07:00
// Because public demos make people act like dicks
if (!config('app.lock_passwords')) {
if ($request->has('site_name')) {
$request->validate(['site_name' => 'required']);
}
$setting->site_name = $request->input('site_name', 'Snipe-IT');
2017-07-07 18:06:31 -07:00
$setting->custom_css = $request->input('custom_css');
2017-07-07 23:44:48 -07:00
// Logo upload
$setting = $request->handleImages($setting, 600, 'logo', '', 'logo');
if ($request->input('clear_logo') == '1') {
$setting = $request->deleteExistingImage($setting, '', 'logo');
$setting->logo = null;
$setting->brand = 1;
}
// Email logo upload
$setting = $request->handleImages($setting, 600, 'email_logo', '', 'email_logo');
if ($request->input('clear_email_logo') == '1') {
$setting = $request->deleteExistingImage($setting, '', 'email_logo');
$setting->email_logo = null;
}
// Label logo upload
$setting = $request->handleImages($setting, 600, 'label_logo', '', 'label_logo');
if ($request->input('clear_label_logo') == '1') {
$setting = $request->deleteExistingImage($setting, '', 'label_logo');
$setting->label_logo = null;
}
// Favicon upload
$setting = $request->handleImages($setting, 100, 'favicon', '', 'favicon');
if ('1' == $request->input('clear_favicon')) {
$setting = $request->deleteExistingImage($setting, '', 'favicon');
$setting->favicon = null;
2017-07-07 23:44:48 -07:00
}
// Default avatar upload
$setting = $request->handleImages($setting, 500, 'default_avatar', 'avatars', 'default_avatar');
if ($request->input('clear_default_avatar') == '1') {
// Don't delete the file, just update the field if this is the default
if ($setting->default_avatar!='default.png') {
$setting = $request->deleteExistingImage($setting, 'avatars', 'default_avatar');
}
$setting->default_avatar = null;
}
if ($request->input('restore_default_avatar') == '1') {
$setting->default_avatar = 'default.png';
}
}
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getSecurity() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.security', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function postSecurity(Request $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
$this->validate($request, [
'pwd_secure_complexity' => 'array',
'pwd_secure_complexity.*' => [
Rule::in([
'disallow_same_pwd_as_user_fields',
'letters',
'numbers',
'symbols',
'case_diff',
])
]
]);
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
if (! config('app.lock_passwords')) {
if ('' == $request->input('two_factor_enabled')) {
2016-10-31 13:50:00 -07:00
$setting->two_factor_enabled = null;
} else {
2017-07-07 18:06:31 -07:00
$setting->two_factor_enabled = $request->input('two_factor_enabled');
2016-10-31 13:50:00 -07:00
}
2019-01-15 14:02:10 -08:00
// remote user login
$setting->login_remote_user_enabled = (int) $request->input('login_remote_user_enabled');
$setting->login_common_disabled = (int) $request->input('login_common_disabled');
$setting->login_remote_user_custom_logout_url = $request->input('login_remote_user_custom_logout_url');
$setting->login_remote_user_header_name = $request->input('login_remote_user_header_name');
2016-03-25 01:18:05 -07:00
}
$setting->pwd_secure_uncommon = (int) $request->input('pwd_secure_uncommon');
$setting->pwd_secure_min = (int) $request->input('pwd_secure_min');
$setting->pwd_secure_complexity = '';
2019-05-23 17:39:50 -07:00
if ($request->filled('pwd_secure_complexity')) {
$setting->pwd_secure_complexity = implode('|', $request->input('pwd_secure_complexity'));
}
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getLocalization() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.localization', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function postLocalization(Request $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
2016-03-25 01:18:05 -07:00
}
if (! config('app.lock_passwords')) {
$setting->locale = $request->input('locale', 'en-US');
}
$setting->default_currency = $request->input('default_currency', '$');
2017-07-07 23:44:48 -07:00
$setting->date_display_format = $request->input('date_display_format');
$setting->time_display_format = $request->input('time_display_format');
$setting->digit_separator = $request->input('digit_separator');
$setting->name_display_format = $request->input('name_display_format');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getAlerts() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.alerts', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.0]
*/
public function postAlerts(Request $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
// Check if the audit interval has changed - if it has, we want to update ALL of the assets audit dates
if ($request->input('audit_interval') != $setting->audit_interval) {
// This could be a negative number if the user is trying to set the audit interval to a lower number than it was before
$audit_diff_months = ((int)$request->input('audit_interval') - (int)($setting->audit_interval));
// Batch update the dates. We have to use this method to avoid time limit exceeded errors on very large datasets,
// but it DOES mean this change doesn't get logged in the action logs, since it skips the observer.
// @see https://stackoverflow.com/questions/54879160/laravel-observer-not-working-on-bulk-insert
$affected = Asset::whereNotNull('next_audit_date')
->whereNull('deleted_at')
->update(
['next_audit_date' => DB::raw('DATE_ADD(next_audit_date, INTERVAL '.$audit_diff_months.' MONTH)')]
);
Log::debug($affected .' assets affected by audit interval update');
2022-02-20 13:29:12 -08:00
}
$alert_email = rtrim($request->input('alert_email'), ',');
$alert_email = trim($alert_email);
Notification improvements (#5254) * Added “show fields in email” to custom fields * Added “show images in email” to settings * Added nicer HTML emails * Break notifications out into their own, instead of trying to mash them all together * Remove old notification for accessory checkout * Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you” * Add method for image url for accessories * Added accessory checkout email blade * Make accessory email notification on checkout screen consistent with assets * Added native consumables notifications * Fixes for asset notification * Updated notification blades with correct-er fields * Updated notifications * License checkin notification - does not work yet Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target * Added alternate “cc” email for admins * Only try to trigger notifications if the target is a user * Fix tests * Fixed consumable URL * Removed unused notification * Pass target type in params * Show slack status * Pass additional parameters There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck. * Pass a variable to the notification to supress the duplicate slack message * Slack is broken :( Trying to fix Will try a git bisect * Put preview back into checkout * Pulled old archaic mail * Removed debugging * Fixed wrong email title * Fixed slack endpoint not firing * Poobot, we hardly knew ye. * Removed old, manual mail from API * Typo :-/ * Code cleanup * Use defined formatted date in JSON * Use static properties for checkin/checkout notifiers for cleaner code * Removed debugging * Use date formatter * Fixed target_type * Fixed language in consumable email
2018-03-25 13:46:57 -07:00
$admin_cc_email = rtrim($request->input('admin_cc_email'), ',');
$admin_cc_email = trim($admin_cc_email);
2017-07-07 23:44:48 -07:00
$setting->alert_email = $alert_email;
$setting->admin_cc_email = $admin_cc_email;
$setting->alerts_enabled = $request->input('alerts_enabled', '0');
$setting->alert_interval = $request->input('alert_interval');
$setting->alert_threshold = $request->input('alert_threshold');
$setting->audit_interval = $request->input('audit_interval');
$setting->audit_warning_days = $request->input('audit_warning_days');
$setting->show_alerts_in_menu = $request->input('show_alerts_in_menu', '0');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getSlack() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.slack', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getAssetTags() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.asset_tags', compact('setting'));
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function postAssetTags(Request $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->auto_increment_prefix = $request->input('auto_increment_prefix');
$setting->auto_increment_assets = $request->input('auto_increment_assets', '0');
$setting->zerofill_count = $request->input('zerofill_count');
$setting->next_auto_tag_base = $request->input('next_auto_tag_base');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function getBarcodes() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
$is_gd_installed = extension_loaded('gd');
return view('settings.barcodes', compact('setting'))->with('is_gd_installed', $is_gd_installed);
2017-07-07 23:44:48 -07:00
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*/
public function postBarcodes(Request $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->qr_code = $request->input('qr_code', '0');
$setting->alt_barcode = $request->input('alt_barcode');
2017-07-07 18:06:31 -07:00
$setting->alt_barcode_enabled = $request->input('alt_barcode_enabled', '0');
$setting->barcode_type = $request->input('barcode_type');
$setting->qr_text = $request->input('qr_text');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v4.0]
*/
public function getPhpInfo() : View | RedirectResponse
{
if (config('app.debug') === true) {
2017-07-08 00:22:30 -07:00
return view('settings.phpinfo');
}
2017-07-08 00:22:30 -07:00
return redirect()->route('settings.index')
->with('error', 'PHP syetem debugging information is only available when debug is enabled in your .env file.');
}
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v4.0]
*/
public function getLabels() : View
2017-07-07 23:44:48 -07:00
{
return view('settings.labels')
->with('setting', Setting::getSettings())
->with('customFields', CustomField::where('field_encrypted', '=', 0)->get());
2017-07-07 23:44:48 -07:00
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v4.0]
*/
public function postLabels(Request $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
2022-11-01 05:00:53 -07:00
$setting->label2_enable = $request->input('label2_enable');
$setting->label2_template = $request->input('label2_template');
$setting->label2_title = $request->input('label2_title');
$setting->label2_asset_logo = $request->input('label2_asset_logo');
$setting->label2_1d_type = $request->input('label2_1d_type');
$setting->label2_2d_type = $request->input('label2_2d_type');
$setting->label2_2d_target = $request->input('label2_2d_target');
$setting->label2_fields = $request->input('label2_fields');
$setting->labels_per_page = $request->input('labels_per_page');
$setting->labels_width = $request->input('labels_width');
$setting->labels_height = $request->input('labels_height');
$setting->labels_pmargin_left = $request->input('labels_pmargin_left');
$setting->labels_pmargin_right = $request->input('labels_pmargin_right');
$setting->labels_pmargin_top = $request->input('labels_pmargin_top');
$setting->labels_pmargin_bottom = $request->input('labels_pmargin_bottom');
$setting->labels_display_bgutter = $request->input('labels_display_bgutter');
$setting->labels_display_sgutter = $request->input('labels_display_sgutter');
$setting->labels_fontsize = $request->input('labels_fontsize');
$setting->labels_pagewidth = $request->input('labels_pagewidth');
$setting->labels_pageheight = $request->input('labels_pageheight');
$setting->labels_display_company_name = $request->input('labels_display_company_name', '0');
$setting->labels_display_company_name = $request->input('labels_display_company_name', '0');
2017-07-07 23:44:48 -07:00
2016-03-25 01:18:05 -07:00
2016-10-31 13:50:00 -07:00
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_name')) {
2016-03-25 01:18:05 -07:00
$setting->labels_display_name = 1;
} else {
$setting->labels_display_name = 0;
}
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_serial')) {
2016-03-25 01:18:05 -07:00
$setting->labels_display_serial = 1;
} else {
$setting->labels_display_serial = 0;
}
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_tag')) {
2016-03-25 01:18:05 -07:00
$setting->labels_display_tag = 1;
} else {
$setting->labels_display_tag = 0;
2020-04-21 04:08:25 -07:00
}
2020-04-21 04:08:25 -07:00
if ($request->filled('labels_display_tag')) {
$setting->labels_display_tag = 1;
} else {
$setting->labels_display_tag = 0;
}
2016-03-25 01:18:05 -07:00
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_model')) {
$setting->labels_display_model = 1;
} else {
$setting->labels_display_model = 0;
}
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.labels.index')
2017-07-07 23:44:48 -07:00
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v4.0]
*/
public function getLdapSettings() : View
2017-07-07 23:44:48 -07:00
{
$setting = Setting::getSettings();
$groups = Group::pluck('name', 'id');
/**
* This validator is only temporary (famous last words.) - @snipe
*/
$messages = [
'ldap_username_field.not_in' => '<code>sAMAccountName</code> (mixed case) will likely not work. You should use <code>samaccountname</code> (lowercase) instead. ',
'ldap_auth_filter_query.not_in' => '<code>uid=samaccountname</code> is probably not a valid auth filter. You probably want <code>uid=</code> ',
'ldap_filter.regex' => 'This value should probably not be wrapped in parentheses.',
];
$validator = Validator::make($setting->toArray(), [
'ldap_username_field' => 'not_in:sAMAccountName',
'ldap_auth_filter_query' => 'not_in:uid=samaccountname|required_if:ldap_enabled,1',
'ldap_filter' => 'nullable|regex:"^[^(]"|required_if:ldap_enabled,1',
], $messages);
return view('settings.ldap', compact('setting', 'groups'))->withErrors($validator);
2017-07-07 23:44:48 -07:00
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v4.0]
*/
public function postLdapSettings(Request $request) : RedirectResponse
2017-07-07 23:44:48 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
2016-03-25 01:18:05 -07:00
if (! config('app.lock_passwords') === true) {
$setting->ldap_enabled = $request->input('ldap_enabled', '0');
$setting->ldap_server = $request->input('ldap_server');
$setting->ldap_server_cert_ignore = $request->input('ldap_server_cert_ignore', false);
$setting->ldap_uname = $request->input('ldap_uname');
if ($request->filled('ldap_pword')) {
$setting->ldap_pword = Crypt::encrypt($request->input('ldap_pword'));
}
$setting->ldap_basedn = $request->input('ldap_basedn');
$setting->ldap_default_group = $request->input('ldap_default_group');
$setting->ldap_filter = $request->input('ldap_filter');
$setting->ldap_username_field = $request->input('ldap_username_field');
$setting->ldap_lname_field = $request->input('ldap_lname_field');
$setting->ldap_fname_field = $request->input('ldap_fname_field');
$setting->ldap_auth_filter_query = $request->input('ldap_auth_filter_query');
$setting->ldap_version = $request->input('ldap_version', 3);
$setting->ldap_active_flag = $request->input('ldap_active_flag');
$setting->ldap_emp_num = $request->input('ldap_emp_num');
$setting->ldap_email = $request->input('ldap_email');
$setting->ldap_manager = $request->input('ldap_manager');
$setting->ad_domain = $request->input('ad_domain');
$setting->is_ad = $request->input('is_ad', '0');
$setting->ad_append_domain = $request->input('ad_append_domain', '0');
$setting->ldap_tls = $request->input('ldap_tls', '0');
$setting->ldap_pw_sync = $request->input('ldap_pw_sync', '0');
$setting->custom_forgot_pass_url = $request->input('custom_forgot_pass_url');
$setting->ldap_phone_field = $request->input('ldap_phone');
$setting->ldap_jobtitle = $request->input('ldap_jobtitle');
$setting->ldap_country = $request->input('ldap_country');
2023-04-25 11:44:04 -07:00
$setting->ldap_location = $request->input('ldap_location');
$setting->ldap_dept = $request->input('ldap_dept');
$setting->ldap_client_tls_cert = $request->input('ldap_client_tls_cert');
$setting->ldap_client_tls_key = $request->input('ldap_client_tls_key');
}
2017-07-07 18:06:31 -07:00
2016-03-25 01:18:05 -07:00
if ($setting->save()) {
$setting->update_client_side_cert_files();
return redirect()->route('settings.ldap.index')
2017-07-07 23:44:48 -07:00
->with('success', trans('admin/settings/message.update.success'));
2016-03-25 01:18:05 -07:00
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2016-03-25 01:18:05 -07:00
}
2020-05-05 07:06:19 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author Johnson Yi <jyi.dev@outlook.com>
* @since v5.0.0
*/
public function getSamlSettings() : View
2020-05-05 07:06:19 -07:00
{
$setting = Setting::getSettings();
return view('settings.saml', compact('setting'));
}
/**
* Saves settings from form.
*
* @author Johnson Yi <jyi.dev@outlook.com>
* @since v5.0.0
*/
public function postSamlSettings(SettingsSamlRequest $request) : RedirectResponse
2020-05-05 07:06:19 -07:00
{
if (is_null($setting = Setting::getSettings())) {
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->saml_enabled = $request->input('saml_enabled', '0');
$setting->saml_idp_metadata = $request->input('saml_idp_metadata');
$setting->saml_attr_mapping_username = $request->input('saml_attr_mapping_username');
$setting->saml_forcelogin = $request->input('saml_forcelogin', '0');
$setting->saml_slo = $request->input('saml_slo', '0');
if (! empty($request->input('saml_sp_privatekey'))) {
$setting->saml_sp_x509cert = $request->input('saml_sp_x509cert');
$setting->saml_sp_privatekey = $request->input('saml_sp_privatekey');
2020-05-05 07:06:19 -07:00
}
if (! empty($request->input('saml_sp_x509certNew'))) {
$setting->saml_sp_x509certNew = $request->input('saml_sp_x509certNew');
} else {
$setting->saml_sp_x509certNew = '';
}
$setting->saml_custom_settings = $request->input('saml_custom_settings');
2020-05-05 07:06:19 -07:00
if ($setting->save()) {
return redirect()->route('settings.saml.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
}
2022-03-16 15:53:32 -07:00
/**
* Do we need this? Can we not just call getSettings() directly?
*/
public static function getPDFBranding() : Setting
{
$pdf_branding = Setting::getSettings();
2022-03-16 15:53:32 -07:00
return $pdf_branding;
}
2020-05-05 07:06:19 -07:00
/**
* Show Google login settings form
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v6.1.1]
*/
public function getGoogleLoginSettings() : View
{
$setting = Setting::getSettings();
return view('settings.google', compact('setting'));
}
/**
* ShSaveow Google login settings form
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v6.1.1]
*/
public function postGoogleLoginSettings(Request $request) : RedirectResponse
{
if (!config('app.lock_passwords')) {
$setting = Setting::getSettings();
$setting->google_login = $request->input('google_login', 0);
$setting->google_client_id = $request->input('google_client_id');
$setting->google_client_secret = $request->input('google_client_secret');
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
}
return redirect()->back()->with('error', trans('general.feature_disabled'));
}
2016-03-25 01:18:05 -07:00
/**
* Show the listing of backups.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.8]
*/
public function getBackups() : View
2016-03-25 01:18:05 -07:00
{
$settings = Setting::getSettings();
$path = 'app/backups';
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
$backup_files = Storage::files($path);
$files_raw = [];
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
if (count($backup_files) > 0) {
for ($f = 0; $f < count($backup_files); $f++) {
2020-08-28 14:10:43 -07:00
// Skip dotfiles like .gitignore and .DS_STORE
if ((substr(basename($backup_files[$f]), 0, 1) != '.')) {
//$lastmodified = Carbon::parse(Storage::lastModified($backup_files[$f]))->toDatetimeString();
$file_timestamp = Storage::lastModified($backup_files[$f]);
$files_raw[] = [
2020-08-28 14:10:43 -07:00
'filename' => basename($backup_files[$f]),
'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
'modified_value' => $file_timestamp,
'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
2020-08-28 14:10:43 -07:00
];
}
2016-03-25 01:18:05 -07:00
}
}
// Reverse the array so it lists oldest first
$files = array_reverse($files_raw);
return view('settings/backups', compact('path', 'files'));
2016-03-25 01:18:05 -07:00
}
/**
* Process the backup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.8]
*/
public function postBackups() : RedirectResponse
2016-03-25 01:18:05 -07:00
{
if (! config('app.lock_passwords')) {
Artisan::call('snipeit:backup', ['--filename' => 'manual-backup-'.date('Y-m-d-H-i-s')]);
$output = Artisan::output();
// Backup completed
if (! preg_match('/failed/', $output)) {
return redirect()->route('settings.backups.index')
->with('success', trans('admin/settings/message.backup.generated'));
}
$formatted_output = str_replace('Backup completed!', '', $output);
$output_split = explode('...', $formatted_output);
if (array_key_exists(2, $output_split)) {
return redirect()->route('settings.backups.index')->with('error', $output_split[2]);
}
return redirect()->route('settings.backups.index')->with('error', $formatted_output);
}
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
2016-03-25 01:18:05 -07:00
}
/**
* Download the backup file.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.8]
*/
public function downloadFile($filename = null) : RedirectResponse | BinaryFileResponse
2016-03-25 01:18:05 -07:00
{
2020-08-28 18:22:37 -07:00
$path = 'app/backups';
if (! config('app.lock_passwords')) {
if (Storage::exists($path.'/'.$filename)) {
return StorageHelper::downloader($path.'/'.$filename);
2016-03-25 01:18:05 -07:00
} else {
// Redirect to the backup page
2017-07-08 13:42:05 -07:00
return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
2016-03-25 01:18:05 -07:00
}
} else {
// Redirect to the backup page
2017-07-08 13:42:05 -07:00
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
2016-03-25 01:18:05 -07:00
}
}
/**
* Delete the backup file.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v1.8]
*/
public function deleteFile($filename = null) : RedirectResponse
2016-03-25 01:18:05 -07:00
{
if (config('app.allow_backup_delete')=='true') {
2016-03-25 01:18:05 -07:00
if (!config('app.lock_passwords')) {
$path = 'app/backups';
if (Storage::exists($path . '/' . $filename)) {
try {
Storage::delete($path . '/' . $filename);
return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.file_deleted'));
} catch (\Exception $e) {
Log::debug($e);
}
} else {
return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
}
2016-03-25 01:18:05 -07:00
}
2017-07-08 13:42:05 -07:00
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
2016-03-25 01:18:05 -07:00
}
// Hell to the no
Log::warning('User ID '.auth()->id().' is attempting to delete backup file '.$filename.' and is not authorized to.');
return redirect()->route('settings.backups.index')->with('error', trans('general.backup_delete_not_allowed'));
2016-03-25 01:18:05 -07:00
}
/**
* Uploads a backup file
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v6.0]
*/
public function postUploadBackup(Request $request) : RedirectResponse
{
if (! config('app.lock_passwords')) {
if (!$request->hasFile('file')) {
return redirect()->route('settings.backups.index')->with('error', 'No file uploaded');
} else {
$max_file_size = Helper::file_upload_max_size();
$validator = Validator::make($request->all(), [
'file' => 'required|mimes:zip|max:'.$max_file_size,
]);
if ($validator->passes()) {
$upload_filename = 'uploaded-'.date('U').'-'.Str::slug(pathinfo($request->file('file')->getClientOriginalName(), PATHINFO_FILENAME)).'.zip';
Storage::putFileAs('app/backups', $request->file('file'), $upload_filename);
return redirect()->route('settings.backups.index')->with('success', 'File uploaded');
}
return redirect()->route('settings.backups.index')->withErrors($validator);
}
} else {
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
}
}
/**
* Restore the backup file.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v6.0]
*/
public function postRestore($filename = null) : RedirectResponse
{
if (! config('app.lock_passwords')) {
$path = 'app/backups';
if (Storage::exists($path.'/'.$filename)) {
// grab the user's info so we can make sure they exist in the system
$user = User::find(auth()->id());
2022-02-17 14:59:44 -08:00
// TODO: run a backup
Artisan::call('db:wipe', [
'--force' => true,
]);
Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);
// run the restore command
Artisan::call('snipeit:restore',
[
'--force' => true,
'--no-progress' => true,
'filename' => storage_path($path).'/'.$filename
]);
// If it's greater than 300, it probably worked
2022-02-17 14:59:44 -08:00
$output = Artisan::output();
/* Run migrations */
Log::debug('Migrating database...');
Artisan::call('migrate', ['--force' => true]);
$migrate_output = Artisan::output();
Log::debug($migrate_output);
$find_user = DB::table('users')->where('username', $user->username)->exists();
if (!$find_user){
Log::warning('Attempting to restore user: ' . $user->username);
$new_user = $user->replicate();
$new_user->push();
} else {
Log::debug('User: ' . $user->username .' already exists.');
}
2022-02-17 16:00:24 -08:00
Log::debug('Logging all users out..');
Artisan::call('snipeit:global-logout', ['--force' => true]);
DB::table('users')->update(['remember_token' => null]);
Auth::logout();
2022-02-17 16:00:24 -08:00
return redirect()->route('login')->with('success', 'Your system has been restored. Please login again.');
} else {
return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
}
} else {
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
}
}
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v4.0]
*/
public function getPurge() : View | RedirectResponse
2017-07-07 23:44:48 -07:00
{
Log::warning('User '.auth()->user()->username.' (ID: '.auth()->id().') is attempting a PURGE');
if (config('app.allow_purge')=='true') {
return view('settings.purge-form');
}
return redirect()->route('settings.index')->with('error', trans('general.purge_not_allowed'));
2017-07-07 23:44:48 -07:00
}
/**
* Purges soft-deletes.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
*/
public function postPurge(Request $request) : RedirectResponse
{
Log::warning('User '.auth()->user()->username.' (ID'.auth()->id().') is attempting a PURGE');
if (config('app.allow_purge')=='true') {
Log::debug('Purging is not allowed via the .env');
if (!config('app.lock_passwords')) {
if ($request->input('confirm_purge')=='DELETE') {
Log::warning('User ID ' . auth()->id() . ' initiated a PURGE!');
// Run a backup immediately before processing
Artisan::call('backup:run');
Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
$output = Artisan::output();
return redirect()->route('settings.index')
->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
} else {
return redirect()->route('settings.purge.index')
->with('error', trans('admin/settings/message.purge.validation_failed'));
}
} else {
return redirect()->route('settings.index')
->with('error', trans('general.feature_disabled'));
}
}
Log::error('User '.auth()->user()->username.' (ID'.auth()->id().') is attempting to purge deleted data and is not authorized to.');
// Nope.
return redirect()->route('settings.index')
->with('error', trans('general.purge_not_allowed'));
}
/**
* Returns a page with the API token generation interface.
*
* We created a controller method for this because closures aren't allowed
* in the routes file if you want to be able to cache the routes.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v4.0]
*/
public function api() : View
{
2017-07-07 23:44:48 -07:00
return view('settings.api');
}
2017-10-19 06:16:03 -07:00
/**
* Test the email configuration.
2017-10-19 06:16:03 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
*/
public function ajaxTestEmail() : JsonResponse
2017-10-19 06:16:03 -07:00
{
try {
(new User())->forceFill([
'name' => config('mail.from.name'),
'email' => config('mail.from.address'),
2018-08-02 21:36:18 -07:00
])->notify(new MailTest());
return response()->json(Helper::formatStandardApiResponse('success', null, trans('mail_sent.mail_sent')));
} catch (\Exception $e) {
return response()->json(Helper::formatStandardApiResponse('success', null, $e->getMessage()));
2017-10-19 06:16:03 -07:00
}
}
/**
* Get login attempts view
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*/
public function getLoginAttempts() : View
{
return view('settings.logins');
2017-10-19 06:16:03 -07:00
}
}