snipe-it/app/Models/User.php

702 lines
21 KiB
PHP
Raw Normal View History

2016-03-25 01:18:05 -07:00
<?php
namespace App\Models;
use App\Http\Traits\UniqueUndeletedTrait;
use App\Models\Traits\Searchable;
use App\Presenters\Presentable;
use DB;
2016-03-25 01:18:05 -07:00
use Illuminate\Auth\Authenticatable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
2016-03-25 01:18:05 -07:00
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Illuminate\Contracts\Translation\HasLocalePreference;
use Illuminate\Database\Eloquent\Builder;
2016-03-25 01:18:05 -07:00
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Illuminate\Notifications\Notifiable;
2016-12-14 10:06:05 -08:00
use Laravel\Passport\HasApiTokens;
use Watson\Validating\ValidatingTrait;
2016-03-25 01:18:05 -07:00
class User extends SnipeModel implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract, HasLocalePreference
2016-03-25 01:18:05 -07:00
{
protected $presenter = 'App\Presenters\UserPresenter';
use SoftDeletes, ValidatingTrait;
use Authenticatable, Authorizable, CanResetPassword, HasApiTokens;
use UniqueUndeletedTrait;
use Notifiable;
use Presentable;
2016-03-25 01:18:05 -07:00
protected $dates = ['deleted_at'];
protected $hidden = ['password','remember_token','permissions','reset_password_code','persist_code'];
2016-03-25 01:18:05 -07:00
protected $table = 'users';
protected $injectUniqueIdentifier = true;
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
protected $fillable = [
'activated',
'address',
'city',
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
'company_id',
'country',
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
'department_id',
'email',
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
'employee_num',
'first_name',
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
'jobtitle',
'last_name',
'ldap_import',
'locale',
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
'location_id',
'manager_id',
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
'password',
2018-01-17 05:33:55 -08:00
'phone',
2019-02-12 23:58:30 -08:00
'notes',
2017-10-30 18:57:00 -07:00
'state',
'username',
2017-10-30 18:57:00 -07:00
'zip',
Importer mapping - v1 (#3677) * Move importer to an inline-template, allows for translations and easier passing of data from laravel to vue. * Pull the modal out into a dedicated partial, move importer to views/importer. * Add document of CSV->importer mappings. Reorganize some code. Progress. * Add header_row and first_row to imports table, and process upon uploading a file * Use an expandable table row instead of a modal for import processing. This should allow for field mapping interaction easier. * Fix import processing after moving method. * Frontend importer mapping improvements. Invert display so we show found columns and allow users to select an importer field to map to. Also implement sample data based on first row of csv. * Update select2. Maintain selected items properly. * Backend support for importing. Only works on the web importer currently. Definitely needs testing and polish. * We no longer use vue-modal plugin. * Add a column to track field mappings to the imports table. * Cleanup/rename methods+refactor * Save field mappings and import type when attempting an import, and repopulate these values when returning to the page. * Update debugbar to fix a bug in the debugbar code. * Fix asset tag detection. Also rename findMatch to be a bit clearer as to what it does. Remove logging to file of imports for http imports because it eats an incredible amouint of memory. This commit also moves imports out of the hardware namespace and into their own webcontroller and route prefix, remove dead code from AssetController as a result. * Dynamically limit options for select2 based on import type selected, and group them by item type. * Add user importer. Still need to implement emailing of passwords to new users, and probably test a bit more. This also bumps the memory limit for web imports up as well, I need to profile memory usage here before too long. * Query the db to find user matches rather than search the array. Performance is much much better. * Speed/memory improvements in importers. Move to querying the db rather than maintaining an array for all importers. Also only store the id of items when we import, rather than the full model. It saves a decent amount of memory. * Remove grouping of items in select2 With the values being set dynamically, the grouping is redundant. It also caused a regression with automatically guessing/matching field names. This is starting to get close. * Remove debug line on every create. * Switch migration to be text field instead of json field for compatibility with older mysql/mariadb * Fix asset import regression matching email address. * Rearrange travis order in attempt to fix null settings. * Use auth::id instead of fetching it off the user. Fixes a null object reference during seeding.
2017-06-21 16:37:37 -07:00
];
2016-03-25 01:18:05 -07:00
Discussion: Moving to policies for controller based authorization (#3080) * Make delete routes work. We put a little form in the modal that spoofs the delete field. * Fix route on creating a user. * Fix redundant id parameter. * Port acceptance tests to new urls. * Initial work on migrating to model based policies instead of global gates. Will allow for much more detailed permissions bits in the future. * This needs to stay for the dashboard checks. * Add user states for permissions to build tests. * Build up unit tests for gates/permissions. Move accessories/consumables/assets to policies instead of in authserviceprovider * Migrate various locations to new syntax. Update test to be more specific * Fix functional tests. Add an artisan command for installing a settings setup on travis-ci * Try a different id... Need to come up with a better way of passing the id for tests that need an existing one. * Try to fix travis * Update urls to use routes and not hardcode old paths. Also fix some migration errors found along the way.: * Add a environment for travis functional tests. * Adjust config file to make travis use it. * Use redirect()->route instead of redirect()-to * Dump all failures in the output directory if travis fails. * Cleanups and minor fixes. * Adjust the supplier modelfactory to comply with new validation restrictions. * Some test fixes. * Locales can be longer than 5 characters according to faker... fex gez_ET. Increase lenght in mysql and add a validation * Update test database dump to latest migrations.
2016-12-19 11:04:28 -08:00
protected $casts = [
'activated' => 'boolean',
];
2016-03-25 01:18:05 -07:00
/**
* Model validation rules
*
* @var array
*/
2016-03-25 01:18:05 -07:00
protected $rules = [
'first_name' => 'required|string|min:1',
'username' => 'required|string|min:1|unique_undeleted',
'email' => 'email|nullable',
'password' => 'required|min:6',
2017-10-28 11:17:52 -07:00
'locale' => 'max:10|nullable',
'website' => 'url|nullable',
2016-03-25 01:18:05 -07:00
];
use Searchable;
/**
* The attributes that should be included when searching the model.
*
* @var array
*/
protected $searchableAttributes = [
'first_name',
'last_name',
'email',
'username',
'notes',
'phone',
'jobtitle',
'employee_num'
];
/**
* The relations and their attributes that should be included when searching the model.
*
* @var array
*/
protected $searchableRelations = [
'userloc' => ['name'],
'department' => ['name'],
'groups' => ['name'],
2018-12-05 18:36:39 -08:00
'company' => ['name'],
'manager' => ['first_name', 'last_name', 'username']
];
2016-03-25 01:18:05 -07:00
/**
* Check user permissions
*
* Parses the user and group permission masks to see if the user
* is authorized to do the thing
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return boolean
*/
2016-03-25 01:18:05 -07:00
public function hasAccess($section)
{
2016-05-14 15:05:35 -07:00
if ($this->isSuperUser()) {
return true;
}
2016-06-02 02:49:32 -07:00
$user_groups = $this->groups;
2016-06-02 02:49:32 -07:00
if (($this->permissions=='') && (count($user_groups) == 0)) {
return false;
}
2016-06-02 02:49:32 -07:00
2016-03-25 01:18:05 -07:00
$user_permissions = json_decode($this->permissions, true);
$is_user_section_permissions_set = ($user_permissions != '') && array_key_exists($section, $user_permissions);
//If the user is explicitly granted, return true
if ($is_user_section_permissions_set && ($user_permissions[$section]=='1')) {
return true;
}
// If the user is explicitly denied, return false
if ($is_user_section_permissions_set && ($user_permissions[$section]=='-1')) {
return false;
2016-03-25 01:18:05 -07:00
}
// Loop through the groups to see if any of them grant this permission
2016-03-25 01:18:05 -07:00
foreach ($user_groups as $user_group) {
$group_permissions = (array) json_decode($user_group->permissions, true);
2016-06-02 02:49:32 -07:00
if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) {
return true;
2016-03-25 01:18:05 -07:00
}
}
return false;
2016-03-25 01:18:05 -07:00
}
/**
* Checks if the user is a SuperUser
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return boolean
*/
2016-06-22 12:27:41 -07:00
public function isSuperUser()
{
2016-05-12 21:01:31 -07:00
if (!$user_permissions = json_decode($this->permissions, true)) {
return false;
}
2016-05-14 15:05:35 -07:00
2016-06-02 02:49:32 -07:00
foreach ($this->groups as $user_group) {
2016-05-12 21:01:31 -07:00
$group_permissions = json_decode($user_group->permissions, true);
$group_array = (array)$group_permissions;
2016-06-02 02:49:32 -07:00
if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
return true;
}
2016-05-12 21:01:31 -07:00
}
2016-03-25 01:18:05 -07:00
if ((array_key_exists('superuser', $user_permissions)) && ($user_permissions['superuser']=='1')) {
return true;
}
2016-06-02 02:49:32 -07:00
return false;
2016-03-25 01:18:05 -07:00
}
/**
* Establishes the user -> company relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function company()
{
return $this->belongsTo('\App\Models\Company', 'company_id');
}
/**
* Establishes the user -> department relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v4.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2017-05-23 02:49:27 -07:00
public function department()
{
return $this->belongsTo('\App\Models\Department', 'department_id');
}
/**
* Checks activated status
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return boolean
*/
2016-03-25 01:18:05 -07:00
public function isActivated()
{
return $this->activated ==1;
2016-03-25 01:18:05 -07:00
}
/**
* Returns the full name attribute
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
* @return string
*/
public function getFullNameAttribute()
{
return $this->first_name . " " . $this->last_name;
}
2016-03-25 01:18:05 -07:00
/**
* Returns the complete name attribute with username
*
* @todo refactor this so it's less repetitive and dumb
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
* @return string
*/
public function getCompleteNameAttribute()
{
return $this->last_name . ", " . $this->first_name . " (" . $this->username . ")";
}
Notification improvements (#5254) * Added “show fields in email” to custom fields * Added “show images in email” to settings * Added nicer HTML emails * Break notifications out into their own, instead of trying to mash them all together * Remove old notification for accessory checkout * Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you” * Add method for image url for accessories * Added accessory checkout email blade * Make accessory email notification on checkout screen consistent with assets * Added native consumables notifications * Fixes for asset notification * Updated notification blades with correct-er fields * Updated notifications * License checkin notification - does not work yet Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target * Added alternate “cc” email for admins * Only try to trigger notifications if the target is a user * Fix tests * Fixed consumable URL * Removed unused notification * Pass target type in params * Show slack status * Pass additional parameters There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck. * Pass a variable to the notification to supress the duplicate slack message * Slack is broken :( Trying to fix Will try a git bisect * Put preview back into checkout * Pulled old archaic mail * Removed debugging * Fixed wrong email title * Fixed slack endpoint not firing * Poobot, we hardly knew ye. * Removed old, manual mail from API * Typo :-/ * Code cleanup * Use defined formatted date in JSON * Use static properties for checkin/checkout notifiers for cleaner code * Removed debugging * Use date formatter * Fixed target_type * Fixed language in consumable email
2018-03-25 13:46:57 -07:00
/**
* The url for slack notifications.
* Used by Notifiable trait.
* @return mixed
*/
public function routeNotificationForSlack()
{
// At this point the endpoint is the same for everything.
// In the future this may want to be adapted for individual notifications.
$this->endpoint = \App\Models\Setting::getSettings()->slack_endpoint;
return $this->endpoint;
}
2016-03-25 01:18:05 -07:00
/**
* Establishes the user -> assets relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
public function assets()
2016-03-25 01:18:05 -07:00
{
2016-12-27 16:24:41 -08:00
return $this->morphMany('App\Models\Asset', 'assigned', 'assigned_type', 'assigned_to')->withTrashed();
2016-03-25 01:18:05 -07:00
}
2016-06-22 17:04:47 -07:00
/**
* Establishes the user -> maintenances relationship
*
* This would only be used to return maintenances that this user
* created.
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v4.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
2016-06-22 17:04:47 -07:00
*/
public function assetmaintenances()
{
return $this->hasMany('\App\Models\AssetMaintenance', 'user_id')->withTrashed();
}
/**
* Establishes the user -> accessories relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function accessories()
{
return $this->belongsToMany('\App\Models\Accessory', 'accessories_users', 'assigned_to', 'accessory_id')->withPivot('id')->withTrashed();
}
/**
* Establishes the user -> consumables relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v3.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function consumables()
{
return $this->belongsToMany('\App\Models\Consumable', 'consumables_users', 'assigned_to', 'consumable_id')->withPivot('id')->withTrashed();
}
/**
* Establishes the user -> license seats relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function licenses()
{
return $this->belongsToMany('\App\Models\License', 'license_seats', 'assigned_to', 'license_id')->withPivot('id');
}
/**
* Establishes the user -> actionlogs relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function userlog()
{
return $this->hasMany('\App\Models\Actionlog', 'target_id')->orderBy('created_at', 'DESC')->withTrashed();
2016-03-25 01:18:05 -07:00
}
/**
* Establishes the user -> location relationship
*
* Get the asset's location based on the assigned user
*
* @todo - this should be removed once we're sure we've switched it to location()
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v4.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function userloc()
{
return $this->belongsTo('\App\Models\Location', 'location_id')->withTrashed();
}
/**
* Establishes the user -> location relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v3.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
public function location()
{
return $this->belongsTo('\App\Models\Location', 'location_id')->withTrashed();
}
/**
* Establishes the user -> manager relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v4.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function manager()
{
return $this->belongsTo('\App\Models\User', 'manager_id')->withTrashed();
}
/**
* Establishes the user -> managed locations relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v4.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
public function managedLocations()
{
return $this->hasMany('\App\Models\Location', 'manager_id');
}
/**
* Establishes the user -> groups relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function groups()
{
return $this->belongsToMany('\App\Models\Group', 'users_groups');
2016-03-25 01:18:05 -07:00
}
/**
* Establishes the user -> assets relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v4.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function assetlog()
{
return $this->hasMany('\App\Models\Asset', 'id')->withTrashed();
}
/**
* Establishes the user -> uploads relationship
*
* @todo I don't think we use this?
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v3.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
2016-03-25 01:18:05 -07:00
public function uploads()
{
return $this->hasMany('\App\Models\Actionlog', 'item_id')
->where('item_type', User::class)
->where('action_type', '=', 'uploaded')
->whereNotNull('filename')
->orderBy('created_at', 'desc');
2016-03-25 01:18:05 -07:00
}
/**
* Establishes the user -> requested assets relationship
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
* @return \Illuminate\Database\Eloquent\Relations\Relation
*/
public function checkoutRequests()
{
WIP - Improved requested assets (#5289) * WIP - beginning of improved requested assets - Use Ajax tables for faster loading - Use new notifications for requesting an asset TODO: - Use ajax tables for requestable asset models - Use new notifications for canceling an asset request - Expire requests once the asset has been checked out to the requesting user * Only show asset name in email if it has one * Refactor requested method to only include non-canceled requests * Refactored requestable assets to log request and cancelation * Added softdeletes on checkout requests * Differentiate between canceling and deleting requests * Added asset request cancelation notification * Added timestamps and corrected unique key on requests table * Improved requests view * Re-use blade for cancel/request email * Refactored BS table formatter for requested assets * Location name min reduced to 2 * Added PAT test as maintenance option This needs to be refactored into database-driven options with a UI * Better slack message * Added getImageUrl method for assets * Include qty in request notifications TODO: - Try to pull requested info from original request for cancelation, otherwise it will default to 1 * Removed old asset request/cancel emails * Added user profile asset request routes * Added profile controller requested assets method * Added blade link to requested assets for profile view * Sort user history desc * Added requested assets blade * Added canceled at to checkoutRequest method * Include qty in request * Fixed comment, removed allowed_columns * Removed Queable methods, since we don’t use a queue * Fixed return type in method doc * Fixed version number * Changed id to user_id for clarity
2018-04-04 17:33:02 -07:00
return $this->belongsToMany(Asset::class, 'checkout_requests', 'user_id', 'requestable_id')->whereNull('canceled_at');
}
2016-03-25 01:18:05 -07:00
/**
* Query builder scope to return NOT-deleted users
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
*
* @param string $query
* @return \Illuminate\Database\Query\Builder
*/
2016-03-25 01:18:05 -07:00
public function scopeGetNotDeleted($query)
{
return $query->whereNull('deleted_at');
}
/**
* Query builder scope to return users by email or username
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
*
* @param string $query
* @param string $user_username
* @param string $user_email
* @return \Illuminate\Database\Query\Builder
*/
2016-03-25 01:18:05 -07:00
public function scopeMatchEmailOrUsername($query, $user_username, $user_email)
{
return $query->where('email', '=', $user_email)
->orWhere('username', '=', $user_username)
->orWhere('username', '=', $user_email);
2016-03-25 01:18:05 -07:00
}
/**
* Generate email from full name
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v2.0]
*
* @param string $query
* @return string
*/
2016-12-29 14:02:18 -08:00
public static function generateEmailFromFullName($name)
{
$username = User::generateFormattedNameFromFullName($name, Setting::getSettings()->email_format);
2016-08-12 16:02:39 -07:00
return $username['username'].'@'.Setting::getSettings()->email_domain;
}
2016-03-25 01:18:05 -07:00
public static function generateFormattedNameFromFullName($users_name, $format = 'filastname')
2016-03-25 01:18:05 -07:00
{
// If there was only one name given
if (strpos($users_name, ' ') === false) {
$first_name = $users_name;
$last_name = '';
$username = $users_name;
2016-08-12 16:02:39 -07:00
} else {
list($first_name, $last_name) = explode(" ", $users_name, 2);
// Assume filastname by default
$username = str_slug(substr($first_name, 0, 1).$last_name);
2016-08-12 16:02:39 -07:00
if ($format=='firstname.lastname') {
$username = str_slug($first_name) . '.' . str_slug($last_name);
} elseif ($format=='lastnamefirstinitial') {
$username = str_slug($last_name.substr($first_name, 0, 1));
} elseif ($format=='firstintial.lastname') {
$username = substr($first_name, 0, 1).'.'.str_slug($last_name);
} elseif ($format=='firstname_lastname') {
$username = str_slug($first_name).'_'.str_slug($last_name);
} elseif ($format=='firstname') {
$username = str_slug($first_name);
}
2016-03-25 01:18:05 -07:00
}
$user['first_name'] = $first_name;
$user['last_name'] = $last_name;
$user['username'] = strtolower($username);
2016-03-25 01:18:05 -07:00
return $user;
}
/**
* Check whether two-factor authorization is requiredfor this user
*
* 0 = 2FA disabled
* 1 = 2FA optional
* 2 = 2FA universally required
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v4.0]
*
* @return bool
*/
public function two_factor_active () {
// If the 2FA is optional and the user has opted in
if ((Setting::getSettings()->two_factor_enabled =='1') && ($this->two_factor_optin =='1'))
{
return true;
}
// If the 2FA is required for everyone so is implicitly active
elseif (Setting::getSettings()->two_factor_enabled =='2')
{
return true;
}
return false;
}
/**
* Check whether two-factor authorization is required and the user has activated it
* and enrolled a device
*
* 0 = 2FA disabled
* 1 = 2FA optional
* 2 = 2FA universally required
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v4.6.14]
*
* @return bool
*/
public function two_factor_active_and_enrolled () {
// If the 2FA is optional and the user has opted in and is enrolled
if ((Setting::getSettings()->two_factor_enabled =='1') && ($this->two_factor_optin =='1') && ($this->two_factor_enrolled =='1'))
{
return true;
}
// If the 2FA is required for everyone and the user has enrolled
elseif ((Setting::getSettings()->two_factor_enabled =='2') && ($this->two_factor_enrolled))
{
return true;
}
return false;
}
public function decodePermissions()
{
return json_decode($this->permissions, true);
}
/**
* Query builder scope to search user by name with spaces in it.
* We don't use the advancedTextSearch() scope because that searches
* all of the relations as well, which is more than what we need.
*
* @param \Illuminate\Database\Query\Builder $query Query builder instance
* @param array $terms The search terms
* @return \Illuminate\Database\Query\Builder
*/
public function scopeSimpleNameSearch($query, $search) {
$query = $query->where('first_name', 'LIKE', '%'.$search.'%')
->orWhere('last_name', 'LIKE', '%'.$search.'%')
->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$search%", "%$search%"]);
return $query;
}
/**
* Run additional, advanced searches.
*
* @param \Illuminate\Database\Query\Builder $query Query builder instance
* @param array $terms The search terms
* @return \Illuminate\Database\Eloquent\Builder
*/
public function advancedTextSearch(Builder $query, array $terms) {
2016-03-25 01:18:05 -07:00
foreach($terms as $term) {
$query = $query->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$term%", "%$term%"]);
}
return $query;
}
/**
* Query builder scope to return users by group
*
* @param \Illuminate\Database\Query\Builder $query Query builder instance
* @param int $id
* @return \Illuminate\Database\Query\Builder
*/
public function scopeByGroup($query, $id) {
return $query->whereHas('groups', function ($query) use ($id) {
$query->where('permission_groups.id', '=', $id);
2016-03-25 01:18:05 -07:00
});
}
/**
* Query builder scope to order on manager
*
* @param \Illuminate\Database\Query\Builder $query Query builder instance
* @param string $order Order
*
* @return \Illuminate\Database\Query\Builder Modified query builder
*/
2016-03-25 01:18:05 -07:00
public function scopeOrderManager($query, $order)
{
// Left join here, or it will only return results with parents
return $query->leftJoin('users as users_manager', 'users.manager_id', '=', 'users_manager.id')->orderBy('users_manager.first_name', $order)->orderBy('users_manager.last_name', $order);
2016-03-25 01:18:05 -07:00
}
/**
* Query builder scope to order on company
*
* @param \Illuminate\Database\Query\Builder $query Query builder instance
* @param string $order Order
*
* @return \Illuminate\Database\Query\Builder Modified query builder
*/
2016-03-25 01:18:05 -07:00
public function scopeOrderLocation($query, $order)
{
return $query->leftJoin('locations as locations_users', 'users.location_id', '=', 'locations_users.id')->orderBy('locations_users.name', $order);
2016-03-25 01:18:05 -07:00
}
2017-05-23 02:49:27 -07:00
/**
* Query builder scope to order on department
*
* @param \Illuminate\Database\Query\Builder $query Query builder instance
* @param string $order Order
2017-05-23 02:49:27 -07:00
*
* @return \Illuminate\Database\Query\Builder Modified query builder
2017-05-23 02:49:27 -07:00
*/
public function scopeOrderDepartment($query, $order)
{
return $query->leftJoin('departments as departments_users', 'users.department_id', '=', 'departments_users.id')->orderBy('departments_users.name', $order);
2017-05-23 02:49:27 -07:00
}
/**
* Query builder scope to order on company
*
* @param Illuminate\Database\Query\Builder $query Query builder instance
* @param text $order Order
*
* @return Illuminate\Database\Query\Builder Modified query builder
*/
public function scopeOrderCompany($query, $order)
{
return $query->leftJoin('companies as companies_user', 'users.company_id', '=', 'companies_user.id')->orderBy('companies_user.name', $order);
}
Integrations/develop into master (#7352) * Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992) * Added upcoming audit report TODO: Fid diff/threshold math * Added route to list overdue / upcoming assets via API * Controller/API methods for due/overdue audits We could probably skip this and just handle it via view in the routes… * Added query scopes for due and overdue audits * Added audit due console command to kernel * Added ability to pass audit specs to main API asset search method * Added audit presenter * Added bootstrap-tables presenter formatter to display an audit button * Added gated sidenav items to left nav * Added audit due/overdue blades * Cleanup on audit due/overdue console command * Added language strings for audit views * Fixed :threshold placeholder * Removed unused setting variable * Fixed next audit date math * Added scope for both overdue and upcoming * Derp. Wrong version * Bumped version (I will release this version officially tomorrow) * Leave the activated state for users alone in normal LDAP synchronisation. (#6988) * Fixed #7003 - crash when warranty months or purchase date is null * Fixed #6956 - viewKeys policy inconsistent (#7009) * Fixed #6956 - Added additional gates show showing/hiding license keys * Modified gate to allow user to see licenses if they can create or edit the license as well * Added API middleware to API routes to enable throttling TODO: Figure out how to make this costumizable without touching the code * Import locations from CSV via command line (#7021) * Added import locations command * Small fixes to location importer * Added country, LDAP OU * Cleaned up comments, added more clarification to what the script does * Added ability to update groups via API Fixes [ch9139] * Bumped version * Fixed #6883 - remove escaping of fields on LDAP import * Fixed #6880 - correctly encrypt encrypted fields via the API * Fixes #5054: LDAP users deactivated for none-ad (#7032) When using none-AD ldap, users are automatically deactivated every LDAP sync. This commit changes the behaviour so that if the active flag isn't set, the users are enabled. Fixed #5054, at least for 4.X * Updated packages - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%) - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%) - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%) - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%) - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%) - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%) - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed) Downloading (100%) - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%) - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%) * Fixed #7044 - API update deleted custom fields if they are not re-presented * Fixed XSS vulnerability when creating a new categories, etc via modal on create Same fix as before, because of the weird select2 post-parsing ajax behavior * Updated email strings * Fixed #7046 - added user website url back into UI * Updated language strings * Bumped version * Updated packages * New backups config for spatie * Removed debugbar service provider (autodiscovery) * Use laravel v5.5 withCount manual aliases * Added spatie language files * Removed old laravel backups config This config file was renamed in a newer version of spatie laravel-backup * Set the serialization * Added the command loader to console kernel * Renamed fire() to handle() * Updated withCount to use manual naming * Updated backup path in backup admin * Updated travis with new php versions * Bumped laravel version in readme * Fixed custom field edit screen * Fixed baseUrl is undefined error I literally cannot figure out how this ever worked before. * Fix for included files in backup * Bumped version * Switch has() to filled() * Change ->has() to ->filled() * Removed cosole log * Bumped packages * Use getReader instead of fetchAssoc for CSV parser https://csv.thephpleague.com/9.0/upgrading/ * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Trying to fix ajax asset validation This I think gets us closer, but still not handling the validation on the asset properly. When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this: ``` Illuminate\Support\MessageBag Object ( [messages:protected] => Array ( [name] => Array ( [0] => The name field is required. ) [seats] => Array ( [0] => The seats field is required. ) [category_id] => Array ( [0] => The category id field is required. ) ) [format:protected] => :message ) ``` Currently the Assets ajax returns: ``` [2019-05-24 06:52:06] develop.ERROR: array ( 'messages' => array ( 'model_id' => array ( 0 => 'The model id field is required.', ), 'status_id' => array ( 0 => 'The status id field is required.', ), 'asset_tag' => array ( 0 => 'The asset tag field is required.', ), ), ) ``` So not sure why it’s not working. * Fixed missing asset validation * Check that a model exists before trying to fiddle with fieldsets * Tidied up license check * Removed extra escaping on checkin * Updated importer to work with newer CSV Reader::getRecords() method * Fixed field mapping * Small fix for reordering fields Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151] This needs revisiting for a more solid fix, especially for data that was already entered bad. * Fixed bug where sorting by company name in Users API did not work Fixes [ch9200] * Removed custom fields from AssignedSearch to prevent confusing data in selectlist Fixes [ch9193] * Removed alert-danger from tests * Fixed missed consumables_count withCount() statement * Fixed Undefined variable user in $backto if checked out to a non-user Fixes [ch9194] * Check for valid model before attempting to access fieldsets Fixes [ch1249] * Only build the log upload destination path if there is a matching record Fixes [ch1232] * Fixed free_seats_count variable name (I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables) * Only gtry to delete the file if a record is found in the log * Only try to get fieldset if model is valid * Fixed more camel-casing -> snake-casing * Only display the file if the log record can be found * Fixed casing in sync command * Updated README * Derp - typo * Added link to Atlassian plugin * More Atlassian clarifications * Show accessory image on view page * Increased image size to 800px, added lightboxes * Fixed #7083 - Removed user_exists constraint on department save If the user has been deleted, this prevented the department from being successfully saved on edit * Updated branch in version file * Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084) * bump up to php7.1 & change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect` * AND modapache >< * 2 updates required to get software-properties+ppa * Bumped version * Bumped release again :( * Missed one * Fixed #7098 - updated backup config for deleteFile() method * Fixed #7092 - handle weird port forwarding/port numbers for baseUrl * Bumped version * Fixed #7099 - set email to null by default for backup notifications * Removed old comments * Fixed #7100 - Check if $user isset on checkin * Increased throttle to 120 requests per minute * Added Filipino, corrected order for Spanish variations * Update language strings * Bumped hash * Changed has to filled to fix bulk asset editing * Bumped point version * Small fixes for phpleague CSB reader v9 * Improved error checking in locations importer * Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility * Reduce minimum group name length to 2 (from 3) eg: IT * Back in time fix FOR #7145 for new installs on MySQL 8+ * Fixed permission insert //TODO Handle this via model * Possible fix for reporting/admin migration back in time * Fixed #7164 - change table name to permission_groups * Fixed LDAP password blanking on save * fixing previous commit's actual wiping of password (#7183) replaced Input::fille('ldap_pword') with _filled_. Should be good to go. https://github.com/snipe/snipe-it/issues/7179 https://github.com/snipe/snipe-it/issues/7169 * Bumped version * Downgrading rollbar for Laravel 5.5 * Spelling Correction (#7206) Fixed Spelling for the word reqrite, to be rewrite. * Fix #6910: Add logic to manipulate the eloquent query. (#7006) * Added company_id to consumables_users table * Added logic to manage when a pivot table doesn't have the column company_id trough a join with users * Remove a migration that tries to fix this problem, but is not longer necessary * Addresses #7238 - add PWA code to layout Needs additional UX testing * Better log message for bad LDAP connection * Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed * Comment clarification on #7186 * Check for valid seat on hardware view * Added space between footer and custom message * Cap warranty months to three characters Filles rollbar 209 * Cap warranty months to 3 on the frontend blade * Fixed countable() strings on user destroy * Check that the user has assets and that the aset model is valid * Bumped hash * Caps asset warranty to 20 years * Command to fix custom field unicode conversion differences between PHP versions (#7263) * Fixes #7252 form request changes (#7272) * Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests * Removed debug info * More fixes for #7252 This is mostly working as intended, if not yet the way Laravel wants us to do it. Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress. * Removed experimental method * Check for digits_between:0,240 for warranty * Removed debug code * Apply fix from PR #7273 to master * Bumped hash * Fixed #7250 - permission issue for API fieldsets and fields endpoints This applies the change from #7294 to master * Add @mskrip as a contributor * Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name * CORS for api (#7292) * Added CORS support to API * Changed order so CORS will still work if throttle hit * Added APP_CORS_ALLOWED_ORIGINS env option * Fixed typo * Clarified header comments * More clarification * DIsable CORS allowed origins by default to replicate existing behavior * Change variable name to be clearer * Bumped version * Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317) * Added comments to the ByFilter query scope for clarity * Added accessories checkout/checkin API endpoint * Fixed CVE-2019-10742 https://nvd.nist.gov/vuln/detail/CVE-2019-10742 * Update README.md (#7334) Add reference to CSV importer. * Group related variables in .env * History importer fixes * Fixes to history importer
2019-08-14 21:48:14 -07:00
public function preferredLocale(){
return $this->locale;
}
Integrations/develop into master (#7352) * Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992) * Added upcoming audit report TODO: Fid diff/threshold math * Added route to list overdue / upcoming assets via API * Controller/API methods for due/overdue audits We could probably skip this and just handle it via view in the routes… * Added query scopes for due and overdue audits * Added audit due console command to kernel * Added ability to pass audit specs to main API asset search method * Added audit presenter * Added bootstrap-tables presenter formatter to display an audit button * Added gated sidenav items to left nav * Added audit due/overdue blades * Cleanup on audit due/overdue console command * Added language strings for audit views * Fixed :threshold placeholder * Removed unused setting variable * Fixed next audit date math * Added scope for both overdue and upcoming * Derp. Wrong version * Bumped version (I will release this version officially tomorrow) * Leave the activated state for users alone in normal LDAP synchronisation. (#6988) * Fixed #7003 - crash when warranty months or purchase date is null * Fixed #6956 - viewKeys policy inconsistent (#7009) * Fixed #6956 - Added additional gates show showing/hiding license keys * Modified gate to allow user to see licenses if they can create or edit the license as well * Added API middleware to API routes to enable throttling TODO: Figure out how to make this costumizable without touching the code * Import locations from CSV via command line (#7021) * Added import locations command * Small fixes to location importer * Added country, LDAP OU * Cleaned up comments, added more clarification to what the script does * Added ability to update groups via API Fixes [ch9139] * Bumped version * Fixed #6883 - remove escaping of fields on LDAP import * Fixed #6880 - correctly encrypt encrypted fields via the API * Fixes #5054: LDAP users deactivated for none-ad (#7032) When using none-AD ldap, users are automatically deactivated every LDAP sync. This commit changes the behaviour so that if the active flag isn't set, the users are enabled. Fixed #5054, at least for 4.X * Updated packages - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%) - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%) - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%) - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%) - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%) - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%) - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%) - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed) Downloading (100%) - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%) - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%) - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%) * Fixed #7044 - API update deleted custom fields if they are not re-presented * Fixed XSS vulnerability when creating a new categories, etc via modal on create Same fix as before, because of the weird select2 post-parsing ajax behavior * Updated email strings * Fixed #7046 - added user website url back into UI * Updated language strings * Bumped version * Updated packages * New backups config for spatie * Removed debugbar service provider (autodiscovery) * Use laravel v5.5 withCount manual aliases * Added spatie language files * Removed old laravel backups config This config file was renamed in a newer version of spatie laravel-backup * Set the serialization * Added the command loader to console kernel * Renamed fire() to handle() * Updated withCount to use manual naming * Updated backup path in backup admin * Updated travis with new php versions * Bumped laravel version in readme * Fixed custom field edit screen * Fixed baseUrl is undefined error I literally cannot figure out how this ever worked before. * Fix for included files in backup * Bumped version * Switch has() to filled() * Change ->has() to ->filled() * Removed cosole log * Bumped packages * Use getReader instead of fetchAssoc for CSV parser https://csv.thephpleague.com/9.0/upgrading/ * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Handle JSON validation errors like 5.4 * Trying to fix ajax asset validation This I think gets us closer, but still not handling the validation on the asset properly. When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this: ``` Illuminate\Support\MessageBag Object ( [messages:protected] => Array ( [name] => Array ( [0] => The name field is required. ) [seats] => Array ( [0] => The seats field is required. ) [category_id] => Array ( [0] => The category id field is required. ) ) [format:protected] => :message ) ``` Currently the Assets ajax returns: ``` [2019-05-24 06:52:06] develop.ERROR: array ( 'messages' => array ( 'model_id' => array ( 0 => 'The model id field is required.', ), 'status_id' => array ( 0 => 'The status id field is required.', ), 'asset_tag' => array ( 0 => 'The asset tag field is required.', ), ), ) ``` So not sure why it’s not working. * Fixed missing asset validation * Check that a model exists before trying to fiddle with fieldsets * Tidied up license check * Removed extra escaping on checkin * Updated importer to work with newer CSV Reader::getRecords() method * Fixed field mapping * Small fix for reordering fields Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151] This needs revisiting for a more solid fix, especially for data that was already entered bad. * Fixed bug where sorting by company name in Users API did not work Fixes [ch9200] * Removed custom fields from AssignedSearch to prevent confusing data in selectlist Fixes [ch9193] * Removed alert-danger from tests * Fixed missed consumables_count withCount() statement * Fixed Undefined variable user in $backto if checked out to a non-user Fixes [ch9194] * Check for valid model before attempting to access fieldsets Fixes [ch1249] * Only build the log upload destination path if there is a matching record Fixes [ch1232] * Fixed free_seats_count variable name (I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables) * Only gtry to delete the file if a record is found in the log * Only try to get fieldset if model is valid * Fixed more camel-casing -> snake-casing * Only display the file if the log record can be found * Fixed casing in sync command * Updated README * Derp - typo * Added link to Atlassian plugin * More Atlassian clarifications * Show accessory image on view page * Increased image size to 800px, added lightboxes * Fixed #7083 - Removed user_exists constraint on department save If the user has been deleted, this prevented the department from being successfully saved on edit * Updated branch in version file * Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084) * bump up to php7.1 & change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect` * AND modapache >< * 2 updates required to get software-properties+ppa * Bumped version * Bumped release again :( * Missed one * Fixed #7098 - updated backup config for deleteFile() method * Fixed #7092 - handle weird port forwarding/port numbers for baseUrl * Bumped version * Fixed #7099 - set email to null by default for backup notifications * Removed old comments * Fixed #7100 - Check if $user isset on checkin * Increased throttle to 120 requests per minute * Added Filipino, corrected order for Spanish variations * Update language strings * Bumped hash * Changed has to filled to fix bulk asset editing * Bumped point version * Small fixes for phpleague CSB reader v9 * Improved error checking in locations importer * Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility * Reduce minimum group name length to 2 (from 3) eg: IT * Back in time fix FOR #7145 for new installs on MySQL 8+ * Fixed permission insert //TODO Handle this via model * Possible fix for reporting/admin migration back in time * Fixed #7164 - change table name to permission_groups * Fixed LDAP password blanking on save * fixing previous commit's actual wiping of password (#7183) replaced Input::fille('ldap_pword') with _filled_. Should be good to go. https://github.com/snipe/snipe-it/issues/7179 https://github.com/snipe/snipe-it/issues/7169 * Bumped version * Downgrading rollbar for Laravel 5.5 * Spelling Correction (#7206) Fixed Spelling for the word reqrite, to be rewrite. * Fix #6910: Add logic to manipulate the eloquent query. (#7006) * Added company_id to consumables_users table * Added logic to manage when a pivot table doesn't have the column company_id trough a join with users * Remove a migration that tries to fix this problem, but is not longer necessary * Addresses #7238 - add PWA code to layout Needs additional UX testing * Better log message for bad LDAP connection * Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed * Comment clarification on #7186 * Check for valid seat on hardware view * Added space between footer and custom message * Cap warranty months to three characters Filles rollbar 209 * Cap warranty months to 3 on the frontend blade * Fixed countable() strings on user destroy * Check that the user has assets and that the aset model is valid * Bumped hash * Caps asset warranty to 20 years * Command to fix custom field unicode conversion differences between PHP versions (#7263) * Fixes #7252 form request changes (#7272) * Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests * Removed debug info * More fixes for #7252 This is mostly working as intended, if not yet the way Laravel wants us to do it. Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress. * Removed experimental method * Check for digits_between:0,240 for warranty * Removed debug code * Apply fix from PR #7273 to master * Bumped hash * Fixed #7250 - permission issue for API fieldsets and fields endpoints This applies the change from #7294 to master * Add @mskrip as a contributor * Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name * CORS for api (#7292) * Added CORS support to API * Changed order so CORS will still work if throttle hit * Added APP_CORS_ALLOWED_ORIGINS env option * Fixed typo * Clarified header comments * More clarification * DIsable CORS allowed origins by default to replicate existing behavior * Change variable name to be clearer * Bumped version * Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317) * Added comments to the ByFilter query scope for clarity * Added accessories checkout/checkin API endpoint * Fixed CVE-2019-10742 https://nvd.nist.gov/vuln/detail/CVE-2019-10742 * Update README.md (#7334) Add reference to CSV importer. * Group related variables in .env * History importer fixes * Fixes to history importer
2019-08-14 21:48:14 -07:00
2016-03-25 01:18:05 -07:00
}