snipe-it/app/Http/Controllers/SettingsController.php

1460 lines
50 KiB
PHP
Raw Normal View History

2016-03-25 01:18:05 -07:00
<?php
2016-03-25 01:18:05 -07:00
namespace App\Http\Controllers;
2020-04-21 04:08:25 -07:00
use App\Helpers\Helper;
use App\Helpers\StorageHelper;
2020-04-21 04:08:25 -07:00
use App\Http\Requests\ImageUploadRequest;
2020-05-05 07:06:19 -07:00
use App\Http\Requests\SettingsSamlRequest;
use App\Http\Requests\SetupUserRequest;
2023-09-27 16:51:53 -07:00
use App\Models\CustomField;
use App\Models\Group;
2016-03-25 01:18:05 -07:00
use App\Models\Setting;
use App\Models\Asset;
2016-03-25 19:26:22 -07:00
use App\Models\User;
use App\Notifications\FirstAdminNotification;
use App\Notifications\MailTest;
use Auth;
use Crypt;
2016-03-25 01:18:05 -07:00
use DB;
use enshrined\svgSanitize\Sanitizer;
use Illuminate\Http\Request;
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
use Illuminate\Support\Facades\Storage;
use Illuminate\Validation\Rule;
2016-03-25 01:18:05 -07:00
use Image;
use Input;
use Redirect;
2016-03-25 01:18:05 -07:00
use Response;
use App\Http\Requests\SlackSettingsRequest;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Artisan;
use Illuminate\Support\Facades\Validator;
use Carbon\Carbon;
2016-12-27 17:31:53 -08:00
2016-03-25 01:18:05 -07:00
/**
2016-04-07 13:21:09 -07:00
* This controller handles all actions related to Settings for
* the Snipe-IT Asset Management application.
*
* @version v1.0
2016-03-25 01:18:05 -07:00
*/
class SettingsController extends Controller
{
/**
* Checks to see whether or not the database has a migrations table
* and a user, otherwise display the setup view.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*
* @return View
*/
2016-03-25 01:18:05 -07:00
public function getSetupIndex()
{
2018-08-02 21:36:18 -07:00
$start_settings['php_version_min'] = false;
2016-03-25 01:18:05 -07:00
2018-08-02 21:36:18 -07:00
if (version_compare(PHP_VERSION, config('app.min_php'), '<')) {
return response('<center><h1>This software requires PHP version '.config('app.min_php').' or greater. This server is running '.PHP_VERSION.'. </h1><h2>Please upgrade PHP on this server and try again. </h2></center>', 500);
2018-08-02 21:36:18 -07:00
}
2016-03-25 01:18:05 -07:00
try {
$conn = DB::select('select 2 + 2');
$start_settings['db_conn'] = true;
$start_settings['db_name'] = DB::connection()->getDatabaseName();
2016-03-25 01:18:05 -07:00
$start_settings['db_error'] = null;
} catch (\PDOException $e) {
$start_settings['db_conn'] = false;
$start_settings['db_name'] = config('database.connections.mysql.database');
2016-03-25 01:18:05 -07:00
$start_settings['db_error'] = $e->getMessage();
}
if (array_key_exists("HTTP_X_FORWARDED_PROTO", $_SERVER)) {
$protocol = $_SERVER["HTTP_X_FORWARDED_PROTO"] . "://";
} elseif (array_key_exists('HTTPS', $_SERVER) && ('on' == $_SERVER['HTTPS'])) {
$protocol = "https://";
} else {
$protocol = "http://";
}
2016-05-14 15:04:59 -07:00
if (array_key_exists("HTTP_X_FORWARDED_HOST", $_SERVER)) {
$host = $_SERVER["HTTP_X_FORWARDED_HOST"];
} else {
$host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null;
$port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null;
if (('http://' === $protocol && '80' != $port) || ('https://' === $protocol && '443' != $port)) {
$host .= ':'.$port;
}
2016-03-25 01:18:05 -07:00
}
$pageURL = $protocol.$host.$_SERVER['REQUEST_URI'];
2016-03-25 01:18:05 -07:00
$start_settings['url_config'] = config('app.url').'/setup';
$start_settings['url_valid'] = ($start_settings['url_config'] === $pageURL);
$start_settings['real_url'] = $pageURL;
2018-08-02 21:36:18 -07:00
$start_settings['php_version_min'] = true;
// Curl the .env file to make sure it's not accessible via a browser
$ch = curl_init($protocol.$host.'/.env');
curl_setopt($ch, CURLOPT_HEADER, true); // we want headers
curl_setopt($ch, CURLOPT_NOBODY, true); // we don't need body
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
$output = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
2016-03-25 01:18:05 -07:00
if (404 == $httpcode || 403 == $httpcode || 0 == $httpcode) {
2016-03-25 01:18:05 -07:00
$start_settings['env_exposed'] = false;
} else {
$start_settings['env_exposed'] = true;
2016-03-25 01:18:05 -07:00
}
if (\App::Environment('production') && (true == config('app.debug'))) {
2016-03-25 01:18:05 -07:00
$start_settings['debug_exposed'] = true;
} else {
$start_settings['debug_exposed'] = false;
}
$environment = app()->environment();
if ('production' != $environment) {
$start_settings['env'] = $environment;
2016-03-25 01:18:05 -07:00
$start_settings['prod'] = false;
} else {
$start_settings['env'] = $environment;
2016-03-25 01:18:05 -07:00
$start_settings['prod'] = true;
}
$start_settings['owner'] = '';
2016-06-22 12:27:41 -07:00
if (function_exists('posix_getpwuid')) { // Probably Linux
$owner = posix_getpwuid(fileowner($_SERVER['SCRIPT_FILENAME']));
// This *should* be an array, but we've seen this return a bool in some chrooted environments
if (is_array($owner)) {
$start_settings['owner'] = $owner['name'];
}
}
2016-03-25 01:18:05 -07:00
if (($start_settings['owner'] === 'root') || ($start_settings['owner'] === '0')) {
2016-03-25 01:18:05 -07:00
$start_settings['owner_is_admin'] = true;
} else {
$start_settings['owner_is_admin'] = false;
}
if ((is_writable(storage_path()))
&& (is_writable(storage_path().'/framework'))
&& (is_writable(storage_path().'/framework/cache'))
&& (is_writable(storage_path().'/framework/sessions'))
&& (is_writable(storage_path().'/framework/views'))
&& (is_writable(storage_path().'/logs'))
2016-03-25 01:18:05 -07:00
) {
$start_settings['writable'] = true;
} else {
$start_settings['writable'] = false;
}
$start_settings['gd'] = extension_loaded('gd');
return view('setup/index')
2020-04-21 04:08:25 -07:00
->with('step', 1)
->with('start_settings', $start_settings)
->with('section', 'Pre-Flight Check');
2016-03-25 01:18:05 -07:00
}
/**
* Save the first admin user from Setup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*
* @return Redirect
*/
2016-03-25 01:18:05 -07:00
public function postSaveFirstAdmin(SetupUserRequest $request)
{
$user = new User();
$user->first_name = $data['first_name'] = $request->input('first_name');
$user->last_name = $request->input('last_name');
$user->email = $data['email'] = $request->input('email');
$user->activated = 1;
$permissions = ['superuser' => 1];
2016-05-14 15:04:59 -07:00
$user->permissions = json_encode($permissions);
$user->username = $data['username'] = $request->input('username');
$user->password = bcrypt($request->input('password'));
$data['password'] = $request->input('password');
2016-03-25 01:18:05 -07:00
$settings = new Setting();
$settings->full_multiple_companies_support = $request->input('full_multiple_companies_support', 0);
$settings->site_name = $request->input('site_name');
$settings->alert_email = $request->input('email');
$settings->alerts_enabled = 1;
$settings->pwd_secure_min = 10;
$settings->brand = 1;
$settings->locale = $request->input('locale', 'en-US');
$settings->default_currency = $request->input('default_currency', 'USD');
$settings->user_id = 1;
$settings->email_domain = $request->input('email_domain');
$settings->email_format = $request->input('email_format');
$settings->next_auto_tag_base = 1;
$settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
$settings->auto_increment_prefix = $request->input('auto_increment_prefix');
Merge branch 'develop' into integrations/2020-04-15-v5-merge # Conflicts: # README.md # app/Http/Controllers/AccessoriesController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/LicensesController.php # app/Http/Controllers/Api/LocationsController.php # app/Http/Controllers/Api/SettingsController.php # app/Http/Controllers/Api/UsersController.php # app/Http/Controllers/AssetModelsController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/ForgotPasswordController.php # app/Http/Controllers/CategoriesController.php # app/Http/Controllers/CompaniesController.php # app/Http/Controllers/ComponentsController.php # app/Http/Controllers/ConsumablesController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/DepartmentsController.php # app/Http/Controllers/LicensesController.php # app/Http/Controllers/LocationsController.php # app/Http/Controllers/ManufacturersController.php # app/Http/Controllers/SettingsController.php # app/Http/Controllers/SuppliersController.php # app/Http/Controllers/UsersController.php # app/Http/Requests/AssetRequest.php # app/Http/Requests/ImageUploadRequest.php # app/Models/LicenseSeat.php # app/Models/Location.php # app/Models/Setting.php # composer.json # composer.lock # config/database.php # config/version.php # npm-shrinkwrap.json # package.json # public/css/AdminLTE.css # public/css/AdminLTE.css.map # public/css/overrides.css # public/css/overrides.css.map # public/css/skins/skin-blue-light.css # public/css/skins/skin-blue.css # public/css/skins/skin-green-dark.min.css # public/js/app.js # public/js/bootstrap-table.js # public/js/bootstrap/js/bootstrap.js # public/js/bootstrap/js/bootstrap.min.js # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/demo.js # public/js/ekko-lightbox.js # public/js/ekko-lightbox.min.js # public/js/extensions/export/bootstrap-table-export.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.min.js # public/js/extensions/toolbar/bootstrap-table-toolbar.min.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # public/js/plugins/timepicker/bootstrap-timepicker.js # public/js/plugins/timepicker/bootstrap-timepicker.min.js # public/js/vue.js # public/mix-manifest.json # resources/assets/js/bootstrap-js.js # resources/assets/js/bootstrap.min.js # resources/assets/js/ekko-lightbox.js # resources/assets/js/ekko-lightbox.min.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # resources/assets/js/plugins/chartjs/Chart.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.min.js # resources/assets/less/AdminLTE.less # resources/assets/less/overrides.less # resources/assets/less/skins/_all-skins.less # resources/assets/less/skins/skin-black.less # resources/assets/less/skins/skin-blue.less # resources/assets/less/skins/skin-green.less # resources/assets/less/skins/skin-purple.less # resources/assets/less/skins/skin-red.less # resources/assets/less/skins/skin-yellow.less # resources/assets/less/variables.less # resources/js/components/importer/importer-file.vue # resources/lang/en/auth/message.php # resources/lang/en/passwords.php # resources/lang/es-CO/general.php # resources/lang/es-ES/general.php # resources/lang/es-VE/general.php # resources/less/skins/skin-black-dark.less # resources/less/skins/skin-blue-dark.less # resources/less/skins/skin-contrast.less # resources/less/skins/skin-green-dark.less # resources/less/skins/skin-orange-dark.less # resources/less/skins/skin-orange.less # resources/less/skins/skin-purple-dark.less # resources/less/skins/skin-red-dark.less # resources/less/skins/skin-yellow-dark.less # resources/views/accessories/checkin.blade.php # resources/views/accessories/checkout.blade.php # resources/views/accessories/edit.blade.php # resources/views/account/profile.blade.php # resources/views/account/view-assets.blade.php # resources/views/asset_maintenances/edit.blade.php # resources/views/auth/passwords/email.blade.php # resources/views/auth/passwords/reset.blade.php # resources/views/categories/edit.blade.php # resources/views/companies/edit.blade.php # resources/views/components/checkin.blade.php # resources/views/components/checkout.blade.php # resources/views/components/edit.blade.php # resources/views/consumables/checkout.blade.php # resources/views/consumables/edit.blade.php # resources/views/custom_fields/fields/edit.blade.php # resources/views/custom_fields/fieldsets/edit.blade.php # resources/views/dashboard.blade.php # resources/views/departments/edit.blade.php # resources/views/groups/edit.blade.php # resources/views/hardware/audit.blade.php # resources/views/hardware/bulk-checkout.blade.php # resources/views/hardware/bulk.blade.php # resources/views/hardware/checkin.blade.php # resources/views/hardware/checkout.blade.php # resources/views/hardware/edit.blade.php # resources/views/hardware/index.blade.php # resources/views/hardware/quickscan.blade.php # resources/views/hardware/view.blade.php # resources/views/importer/import.blade.php # resources/views/layouts/basic.blade.php # resources/views/layouts/default.blade.php # resources/views/layouts/edit-form.blade.php # resources/views/licenses/checkin.blade.php # resources/views/licenses/checkout.blade.php # resources/views/licenses/edit.blade.php # resources/views/locations/edit.blade.php # resources/views/manufacturers/edit.blade.php # resources/views/modals/upload-file.blade.php # resources/views/models/bulk-edit.blade.php # resources/views/models/custom_fields_form.blade.php # resources/views/models/edit.blade.php # resources/views/partials/bootstrap-table.blade.php # resources/views/partials/forms/edit/address.blade.php # resources/views/partials/forms/edit/asset-select.blade.php # resources/views/partials/forms/edit/category-select.blade.php # resources/views/partials/forms/edit/category.blade.php # resources/views/partials/forms/edit/company-select.blade.php # resources/views/partials/forms/edit/company.blade.php # resources/views/partials/forms/edit/department-select.blade.php # resources/views/partials/forms/edit/depreciation.blade.php # resources/views/partials/forms/edit/email.blade.php # resources/views/partials/forms/edit/image-upload.blade.php # resources/views/partials/forms/edit/item_number.blade.php # resources/views/partials/forms/edit/location-profile-select.blade.php # resources/views/partials/forms/edit/location-select.blade.php # resources/views/partials/forms/edit/location.blade.php # resources/views/partials/forms/edit/maintenance_type.blade.php # resources/views/partials/forms/edit/manufacturer-select.blade.php # resources/views/partials/forms/edit/manufacturer.blade.php # resources/views/partials/forms/edit/minimum_quantity.blade.php # resources/views/partials/forms/edit/model-select.blade.php # resources/views/partials/forms/edit/model_number.blade.php # resources/views/partials/forms/edit/name.blade.php # resources/views/partials/forms/edit/notes.blade.php # resources/views/partials/forms/edit/order_number.blade.php # resources/views/partials/forms/edit/phone.blade.php # resources/views/partials/forms/edit/purchase_cost.blade.php # resources/views/partials/forms/edit/purchase_date.blade.php # resources/views/partials/forms/edit/quantity.blade.php # resources/views/partials/forms/edit/serial.blade.php # resources/views/partials/forms/edit/status.blade.php # resources/views/partials/forms/edit/submit.blade.php # resources/views/partials/forms/edit/supplier-select.blade.php # resources/views/partials/forms/edit/supplier.blade.php # resources/views/partials/forms/edit/user-select.blade.php # resources/views/reports/custom.blade.php # resources/views/settings/alerts.blade.php # resources/views/settings/asset_tags.blade.php # resources/views/settings/barcodes.blade.php # resources/views/settings/branding.blade.php # resources/views/settings/general.blade.php # resources/views/settings/labels.blade.php # resources/views/settings/ldap.blade.php # resources/views/settings/localization.blade.php # resources/views/settings/security.blade.php # resources/views/setup/user.blade.php # resources/views/suppliers/edit.blade.php # resources/views/users/bulk-edit.blade.php # resources/views/users/edit.blade.php # resources/views/users/ldap.blade.php # resources/views/users/print.blade.php # resources/views/users/view.blade.php # routes/api.php # routes/web/hardware.php # webpack.mix.js
2020-04-20 23:20:34 -07:00
2020-04-21 04:08:25 -07:00
if ((! $user->isValid()) || (! $settings->isValid())) {
2016-04-28 21:06:41 -07:00
return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
2016-03-25 01:18:05 -07:00
} else {
$user->save();
Auth::login($user, true);
$settings->save();
2020-09-15 01:51:10 -07:00
if ($request->input('email_creds') == '1') {
$data = [];
$data['email'] = $user->email;
$data['username'] = $user->username;
$data['first_name'] = $user->first_name;
$data['last_name'] = $user->last_name;
$data['password'] = $request->input('password');
$user->notify(new FirstAdminNotification($data));
2016-03-25 01:18:05 -07:00
}
return redirect()->route('setup.done');
}
}
/**
* Return the admin user creation form in Setup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*
* @return View
*/
2016-03-25 01:18:05 -07:00
public function getSetupUser()
{
return view('setup/user')
2020-04-21 04:08:25 -07:00
->with('step', 3)
->with('section', 'Create a User');
2016-03-25 01:18:05 -07:00
}
/**
* Return the view that tells the user that the Setup is done.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*
* @return View
*/
2016-03-25 01:18:05 -07:00
public function getSetupDone()
{
return view('setup/done')
2020-04-21 04:08:25 -07:00
->with('step', 4)
->with('section', 'Done!');
2016-03-25 01:18:05 -07:00
}
/**
* Migrate the database tables, and return the output
* to a view for Setup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*
* @return View
*/
2016-03-25 01:18:05 -07:00
public function getSetupMigrate()
{
Artisan::call('migrate', ['--force' => true]);
if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
Artisan::call('migrate', ['--path' => 'vendor/laravel/passport/database/migrations', '--force' => true]);
2017-10-11 12:42:31 -07:00
Artisan::call('passport:install');
2017-08-22 22:46:02 -07:00
}
return view('setup/migrate')
2020-04-21 04:08:25 -07:00
->with('output', 'Databases installed!')
->with('step', 2)
->with('section', 'Create Database Tables');
2016-03-25 01:18:05 -07:00
}
/**
* Return a view that shows some of the key settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.0]
*
* @return View
*/
2017-07-07 23:44:48 -07:00
public function index()
2016-03-25 01:18:05 -07:00
{
$settings = Setting::getSettings();
return view('settings/index', compact('settings'));
2016-03-25 01:18:05 -07:00
}
/**
* Return the admin settings page.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.0]
*
* @return View
*/
2016-03-25 01:18:05 -07:00
public function getEdit()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings/general', compact('setting'));
}
2016-03-25 01:18:05 -07:00
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getSettings()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings/general', compact('setting'));
2016-03-25 01:18:05 -07:00
}
/**
2017-07-07 23:44:48 -07:00
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postSettings(Request $request)
2016-03-25 01:18:05 -07:00
{
if (is_null($setting = Setting::getSettings())) {
2016-04-28 21:06:41 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
2016-03-25 01:18:05 -07:00
}
$setting->modellist_displays = '';
if (($request->filled('show_in_model_list')) && (count($request->input('show_in_model_list')) > 0)) {
$setting->modellist_displays = implode(',', $request->input('show_in_model_list'));
}
2017-07-07 23:44:48 -07:00
$setting->full_multiple_companies_support = $request->input('full_multiple_companies_support', '0');
$setting->unique_serial = $request->input('unique_serial', '0');
$setting->show_images_in_email = $request->input('show_images_in_email', '0');
$setting->show_archived_in_list = $request->input('show_archived_in_list', '0');
$setting->dashboard_message = $request->input('dashboard_message');
$setting->email_domain = $request->input('email_domain');
$setting->email_format = $request->input('email_format');
$setting->username_format = $request->input('username_format');
$setting->require_accept_signature = $request->input('require_accept_signature');
$setting->show_assigned_assets = $request->input('show_assigned_assets', '0');
if (! config('app.lock_passwords')) {
2017-09-22 17:23:22 -07:00
$setting->login_note = $request->input('login_note');
}
$setting->default_eula_text = $request->input('default_eula_text');
$setting->load_remote = $request->input('load_remote', 0);
$setting->thumbnail_max_h = $request->input('thumbnail_max_h');
$setting->privacy_policy_link = $request->input('privacy_policy_link');
2017-07-07 23:44:48 -07:00
$setting->depreciation_method = $request->input('depreciation_method');
$setting->dash_chart_type = $request->input('dash_chart_type');
2020-09-15 01:51:10 -07:00
if ($request->input('per_page') != '') {
2017-07-07 23:44:48 -07:00
$setting->per_page = $request->input('per_page');
} else {
$setting->per_page = 200;
}
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
2016-03-25 01:18:05 -07:00
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getBranding()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.branding', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postBranding(ImageUploadRequest $request)
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->brand = $request->input('brand', '1');
$setting->header_color = $request->input('header_color');
$setting->support_footer = $request->input('support_footer');
$setting->version_footer = $request->input('version_footer');
$setting->footer_text = $request->input('footer_text');
$setting->skin = $request->input('skin');
$setting->allow_user_skin = $request->input('allow_user_skin');
$setting->show_url_in_emails = $request->input('show_url_in_emails', '0');
$setting->logo_print_assets = $request->input('logo_print_assets', '0');
2017-07-07 23:44:48 -07:00
// Only allow the site name and CSS to be changed if lock_passwords is false
// Because public demos make people act like dicks
if (! config('app.lock_passwords')) {
$setting->site_name = $request->input('site_name');
2017-07-07 18:06:31 -07:00
$setting->custom_css = $request->input('custom_css');
$setting = $request->handleImages($setting, 600, 'logo', '', 'logo');
2017-07-07 23:44:48 -07:00
if ('1' == $request->input('clear_logo')) {
Storage::disk('public')->delete($setting->logo);
$setting->logo = null;
$setting->brand = 1;
}
$setting = $request->handleImages($setting, 600, 'email_logo', '', 'email_logo');
if ('1' == $request->input('clear_email_logo')) {
Storage::disk('public')->delete($setting->email_logo);
$setting->email_logo = null;
// If they are uploading an image, validate it and upload it
}
2019-01-18 14:05:52 -08:00
$setting = $request->handleImages($setting, 600, 'label_logo', '', 'label_logo');
2019-01-18 14:05:52 -08:00
if ('1' == $request->input('clear_label_logo')) {
Storage::disk('public')->delete($setting->label_logo);
$setting->label_logo = null;
}
$setting = $request->handleImages($setting, 600, 'favicon', '', 'favicon');
// If the user wants to clear the favicon...
if ('1' == $request->input('clear_favicon')) {
Storage::disk('public')->delete($setting->favicon);
$setting->favicon = null;
2017-07-07 23:44:48 -07:00
}
}
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getSecurity()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.security', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postSecurity(Request $request)
{
$this->validate($request, [
'pwd_secure_complexity' => 'array',
'pwd_secure_complexity.*' => [
Rule::in([
'disallow_same_pwd_as_user_fields',
'letters',
'numbers',
'symbols',
'case_diff',
])
]
]);
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
if (! config('app.lock_passwords')) {
if ('' == $request->input('two_factor_enabled')) {
2016-10-31 13:50:00 -07:00
$setting->two_factor_enabled = null;
} else {
2017-07-07 18:06:31 -07:00
$setting->two_factor_enabled = $request->input('two_factor_enabled');
2016-10-31 13:50:00 -07:00
}
2019-01-15 14:02:10 -08:00
// remote user login
$setting->login_remote_user_enabled = (int) $request->input('login_remote_user_enabled');
$setting->login_common_disabled = (int) $request->input('login_common_disabled');
$setting->login_remote_user_custom_logout_url = $request->input('login_remote_user_custom_logout_url');
$setting->login_remote_user_header_name = $request->input('login_remote_user_header_name');
2016-03-25 01:18:05 -07:00
}
$setting->pwd_secure_uncommon = (int) $request->input('pwd_secure_uncommon');
$setting->pwd_secure_min = (int) $request->input('pwd_secure_min');
$setting->pwd_secure_complexity = '';
2019-05-23 17:39:50 -07:00
if ($request->filled('pwd_secure_complexity')) {
$setting->pwd_secure_complexity = implode('|', $request->input('pwd_secure_complexity'));
}
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getLocalization()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.localization', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postLocalization(Request $request)
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
2016-03-25 01:18:05 -07:00
}
if (! config('app.lock_passwords')) {
$setting->locale = $request->input('locale', 'en-US');
}
$setting->default_currency = $request->input('default_currency', '$');
2017-07-07 23:44:48 -07:00
$setting->date_display_format = $request->input('date_display_format');
$setting->time_display_format = $request->input('time_display_format');
$setting->digit_separator = $request->input('digit_separator');
$setting->name_display_format = $request->input('name_display_format');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getAlerts()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.alerts', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postAlerts(Request $request)
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
// Check if the audit interval has changed - if it has, we want to update ALL of the assets audit dates
if ($request->input('audit_interval') != $setting->audit_interval) {
// This could be a negative number if the user is trying to set the audit interval to a lower number than it was before
$audit_diff_months = ((int)$request->input('audit_interval') - (int)($setting->audit_interval));
// Batch update the dates. We have to use this method to avoid time limit exceeded errors on very large datasets,
// but it DOES mean this change doesn't get logged in the action logs, since it skips the observer.
// @see https://stackoverflow.com/questions/54879160/laravel-observer-not-working-on-bulk-insert
$affected = Asset::whereNotNull('next_audit_date')
->whereNull('deleted_at')
->update(
['next_audit_date' => DB::raw('DATE_ADD(next_audit_date, INTERVAL '.$audit_diff_months.' MONTH)')]
);
\Log::debug($affected .' assets affected by audit interval update');
2022-02-20 13:29:12 -08:00
}
$alert_email = rtrim($request->input('alert_email'), ',');
$alert_email = trim($alert_email);
Notification improvements (#5254) * Added “show fields in email” to custom fields * Added “show images in email” to settings * Added nicer HTML emails * Break notifications out into their own, instead of trying to mash them all together * Remove old notification for accessory checkout * Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you” * Add method for image url for accessories * Added accessory checkout email blade * Make accessory email notification on checkout screen consistent with assets * Added native consumables notifications * Fixes for asset notification * Updated notification blades with correct-er fields * Updated notifications * License checkin notification - does not work yet Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target * Added alternate “cc” email for admins * Only try to trigger notifications if the target is a user * Fix tests * Fixed consumable URL * Removed unused notification * Pass target type in params * Show slack status * Pass additional parameters There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck. * Pass a variable to the notification to supress the duplicate slack message * Slack is broken :( Trying to fix Will try a git bisect * Put preview back into checkout * Pulled old archaic mail * Removed debugging * Fixed wrong email title * Fixed slack endpoint not firing * Poobot, we hardly knew ye. * Removed old, manual mail from API * Typo :-/ * Code cleanup * Use defined formatted date in JSON * Use static properties for checkin/checkout notifiers for cleaner code * Removed debugging * Use date formatter * Fixed target_type * Fixed language in consumable email
2018-03-25 13:46:57 -07:00
$admin_cc_email = rtrim($request->input('admin_cc_email'), ',');
$admin_cc_email = trim($admin_cc_email);
2017-07-07 23:44:48 -07:00
$setting->alert_email = $alert_email;
$setting->admin_cc_email = $admin_cc_email;
$setting->alerts_enabled = $request->input('alerts_enabled', '0');
$setting->alert_interval = $request->input('alert_interval');
$setting->alert_threshold = $request->input('alert_threshold');
$setting->audit_interval = $request->input('audit_interval');
$setting->audit_warning_days = $request->input('audit_warning_days');
$setting->show_alerts_in_menu = $request->input('show_alerts_in_menu', '0');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getSlack()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.slack', compact('setting'));
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getAssetTags()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
return view('settings.asset_tags', compact('setting'));
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postAssetTags(Request $request)
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->auto_increment_prefix = $request->input('auto_increment_prefix');
$setting->auto_increment_assets = $request->input('auto_increment_assets', '0');
$setting->zerofill_count = $request->input('zerofill_count');
$setting->next_auto_tag_base = $request->input('next_auto_tag_base');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getBarcodes()
{
$setting = Setting::getSettings();
2017-07-07 23:44:48 -07:00
$is_gd_installed = extension_loaded('gd');
return view('settings.barcodes', compact('setting'))->with('is_gd_installed', $is_gd_installed);
2017-07-07 23:44:48 -07:00
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v1.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postBarcodes(Request $request)
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->qr_code = $request->input('qr_code', '0');
$setting->alt_barcode = $request->input('alt_barcode');
2017-07-07 18:06:31 -07:00
$setting->alt_barcode_enabled = $request->input('alt_barcode_enabled', '0');
$setting->barcode_type = $request->input('barcode_type');
$setting->qr_text = $request->input('qr_text');
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v4.0]
*
* @return View
*/
public function getPhpInfo()
{
if (config('app.debug') === true) {
2017-07-08 00:22:30 -07:00
return view('settings.phpinfo');
}
2017-07-08 00:22:30 -07:00
return redirect()->route('settings.index')
->with('error', 'PHP syetem debugging information is only available when debug is enabled in your .env file.');
}
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v4.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getLabels()
{
2023-09-27 16:51:53 -07:00
return view('settings.labels', [
'setting' => Setting::getSettings(),
'customFields' => CustomField::all(),
]);
2017-07-07 23:44:48 -07:00
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v4.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postLabels(Request $request)
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
2022-11-01 05:00:53 -07:00
$setting->label2_enable = $request->input('label2_enable');
$setting->label2_template = $request->input('label2_template');
$setting->label2_title = $request->input('label2_title');
$setting->label2_asset_logo = $request->input('label2_asset_logo');
$setting->label2_1d_type = $request->input('label2_1d_type');
$setting->label2_2d_type = $request->input('label2_2d_type');
$setting->label2_2d_target = $request->input('label2_2d_target');
$setting->label2_fields = $request->input('label2_fields');
$setting->labels_per_page = $request->input('labels_per_page');
$setting->labels_width = $request->input('labels_width');
$setting->labels_height = $request->input('labels_height');
$setting->labels_pmargin_left = $request->input('labels_pmargin_left');
$setting->labels_pmargin_right = $request->input('labels_pmargin_right');
$setting->labels_pmargin_top = $request->input('labels_pmargin_top');
$setting->labels_pmargin_bottom = $request->input('labels_pmargin_bottom');
$setting->labels_display_bgutter = $request->input('labels_display_bgutter');
$setting->labels_display_sgutter = $request->input('labels_display_sgutter');
$setting->labels_fontsize = $request->input('labels_fontsize');
$setting->labels_pagewidth = $request->input('labels_pagewidth');
$setting->labels_pageheight = $request->input('labels_pageheight');
$setting->labels_display_company_name = $request->input('labels_display_company_name', '0');
$setting->labels_display_company_name = $request->input('labels_display_company_name', '0');
2017-07-07 23:44:48 -07:00
2016-03-25 01:18:05 -07:00
2016-10-31 13:50:00 -07:00
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_name')) {
2016-03-25 01:18:05 -07:00
$setting->labels_display_name = 1;
} else {
$setting->labels_display_name = 0;
}
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_serial')) {
2016-03-25 01:18:05 -07:00
$setting->labels_display_serial = 1;
} else {
$setting->labels_display_serial = 0;
}
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_tag')) {
2016-03-25 01:18:05 -07:00
$setting->labels_display_tag = 1;
} else {
$setting->labels_display_tag = 0;
2020-04-21 04:08:25 -07:00
}
2020-04-21 04:08:25 -07:00
if ($request->filled('labels_display_tag')) {
$setting->labels_display_tag = 1;
} else {
$setting->labels_display_tag = 0;
}
2016-03-25 01:18:05 -07:00
2019-05-23 17:39:50 -07:00
if ($request->filled('labels_display_model')) {
$setting->labels_display_model = 1;
} else {
$setting->labels_display_model = 0;
}
2017-07-07 23:44:48 -07:00
if ($setting->save()) {
return redirect()->route('settings.labels.index')
2017-07-07 23:44:48 -07:00
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2017-07-07 23:44:48 -07:00
}
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v4.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getLdapSettings()
{
$setting = Setting::getSettings();
$groups = Group::pluck('name', 'id');
/**
* This validator is only temporary (famous last words.) - @snipe
*/
$messages = [
'ldap_username_field.not_in' => '<code>sAMAccountName</code> (mixed case) will likely not work. You should use <code>samaccountname</code> (lowercase) instead. ',
'ldap_auth_filter_query.not_in' => '<code>uid=samaccountname</code> is probably not a valid auth filter. You probably want <code>uid=</code> ',
'ldap_filter.regex' => 'This value should probably not be wrapped in parentheses.',
];
$validator = Validator::make($setting->toArray(), [
'ldap_username_field' => 'not_in:sAMAccountName',
'ldap_auth_filter_query' => 'not_in:uid=samaccountname|required_if:ldap_enabled,1',
'ldap_filter' => 'nullable|regex:"^[^(]"|required_if:ldap_enabled,1',
], $messages);
return view('settings.ldap', compact('setting', 'groups'))->withErrors($validator);
2017-07-07 23:44:48 -07:00
}
/**
* Saves settings from form.
2017-07-07 23:44:48 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v4.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function postLdapSettings(Request $request)
{
if (is_null($setting = Setting::getSettings())) {
2017-07-07 23:44:48 -07:00
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
2016-03-25 01:18:05 -07:00
if (! config('app.lock_passwords') === true) {
$setting->ldap_enabled = $request->input('ldap_enabled', '0');
$setting->ldap_server = $request->input('ldap_server');
$setting->ldap_server_cert_ignore = $request->input('ldap_server_cert_ignore', false);
$setting->ldap_uname = $request->input('ldap_uname');
if ($request->filled('ldap_pword')) {
$setting->ldap_pword = Crypt::encrypt($request->input('ldap_pword'));
}
$setting->ldap_basedn = $request->input('ldap_basedn');
$setting->ldap_default_group = $request->input('ldap_default_group');
$setting->ldap_filter = $request->input('ldap_filter');
$setting->ldap_username_field = $request->input('ldap_username_field');
$setting->ldap_lname_field = $request->input('ldap_lname_field');
$setting->ldap_fname_field = $request->input('ldap_fname_field');
$setting->ldap_auth_filter_query = $request->input('ldap_auth_filter_query');
$setting->ldap_version = $request->input('ldap_version', 3);
$setting->ldap_active_flag = $request->input('ldap_active_flag');
$setting->ldap_emp_num = $request->input('ldap_emp_num');
$setting->ldap_email = $request->input('ldap_email');
$setting->ldap_manager = $request->input('ldap_manager');
$setting->ad_domain = $request->input('ad_domain');
$setting->is_ad = $request->input('is_ad', '0');
$setting->ad_append_domain = $request->input('ad_append_domain', '0');
$setting->ldap_tls = $request->input('ldap_tls', '0');
$setting->ldap_pw_sync = $request->input('ldap_pw_sync', '0');
$setting->custom_forgot_pass_url = $request->input('custom_forgot_pass_url');
$setting->ldap_phone_field = $request->input('ldap_phone');
$setting->ldap_jobtitle = $request->input('ldap_jobtitle');
$setting->ldap_country = $request->input('ldap_country');
2023-04-25 11:44:04 -07:00
$setting->ldap_location = $request->input('ldap_location');
$setting->ldap_dept = $request->input('ldap_dept');
$setting->ldap_client_tls_cert = $request->input('ldap_client_tls_cert');
$setting->ldap_client_tls_key = $request->input('ldap_client_tls_key');
}
2017-07-07 18:06:31 -07:00
2016-03-25 01:18:05 -07:00
if ($setting->save()) {
$setting->update_client_side_cert_files();
return redirect()->route('settings.ldap.index')
2017-07-07 23:44:48 -07:00
->with('success', trans('admin/settings/message.update.success'));
2016-03-25 01:18:05 -07:00
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
2016-03-25 01:18:05 -07:00
}
2020-05-05 07:06:19 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author Johnson Yi <jyi.dev@outlook.com>
*
* @since v5.0.0
*
* @return View
*/
public function getSamlSettings()
{
$setting = Setting::getSettings();
return view('settings.saml', compact('setting'));
}
/**
* Saves settings from form.
*
* @author Johnson Yi <jyi.dev@outlook.com>
*
* @since v5.0.0
*
* @return View
*/
public function postSamlSettings(SettingsSamlRequest $request)
{
if (is_null($setting = Setting::getSettings())) {
return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
}
$setting->saml_enabled = $request->input('saml_enabled', '0');
$setting->saml_idp_metadata = $request->input('saml_idp_metadata');
$setting->saml_attr_mapping_username = $request->input('saml_attr_mapping_username');
$setting->saml_forcelogin = $request->input('saml_forcelogin', '0');
$setting->saml_slo = $request->input('saml_slo', '0');
if (! empty($request->input('saml_sp_privatekey'))) {
$setting->saml_sp_x509cert = $request->input('saml_sp_x509cert');
$setting->saml_sp_privatekey = $request->input('saml_sp_privatekey');
2020-05-05 07:06:19 -07:00
}
if (! empty($request->input('saml_sp_x509certNew'))) {
$setting->saml_sp_x509certNew = $request->input('saml_sp_x509certNew');
} else {
$setting->saml_sp_x509certNew = '';
}
$setting->saml_custom_settings = $request->input('saml_custom_settings');
2020-05-05 07:06:19 -07:00
if ($setting->save()) {
return redirect()->route('settings.saml.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
}
2022-03-16 15:53:32 -07:00
public static function getPDFBranding()
{
$pdf_branding= Setting::getSettings();
return $pdf_branding;
}
2020-05-05 07:06:19 -07:00
/**
* Show Google login settings form
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v6.1.1]
* @return View
*/
public function getGoogleLoginSettings()
{
$setting = Setting::getSettings();
return view('settings.google', compact('setting'));
}
/**
* ShSaveow Google login settings form
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v6.1.1]
* @return View
*/
public function postGoogleLoginSettings(Request $request)
{
if (!config('app.lock_passwords')) {
$setting = Setting::getSettings();
$setting->google_login = $request->input('google_login', 0);
$setting->google_client_id = $request->input('google_client_id');
$setting->google_client_secret = $request->input('google_client_secret');
if ($setting->save()) {
return redirect()->route('settings.index')
->with('success', trans('admin/settings/message.update.success'));
}
return redirect()->back()->withInput()->withErrors($setting->getErrors());
}
return redirect()->back()->with('error', trans('general.feature_disabled'));
}
2016-03-25 01:18:05 -07:00
/**
* Show the listing of backups.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.8]
*
* @return View
*/
2016-03-25 01:18:05 -07:00
public function getBackups()
{
$settings = Setting::getSettings();
$path = 'app/backups';
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
$backup_files = Storage::files($path);
$files_raw = [];
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
if (count($backup_files) > 0) {
for ($f = 0; $f < count($backup_files); $f++) {
2020-08-28 14:10:43 -07:00
// Skip dotfiles like .gitignore and .DS_STORE
if ((substr(basename($backup_files[$f]), 0, 1) != '.')) {
//$lastmodified = Carbon::parse(Storage::lastModified($backup_files[$f]))->toDatetimeString();
$file_timestamp = Storage::lastModified($backup_files[$f]);
$files_raw[] = [
2020-08-28 14:10:43 -07:00
'filename' => basename($backup_files[$f]),
'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
'modified_value' => $file_timestamp,
'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
2020-08-28 14:10:43 -07:00
];
}
2016-03-25 01:18:05 -07:00
}
}
// Reverse the array so it lists oldest first
$files = array_reverse($files_raw);
return view('settings/backups', compact('path', 'files'));
2016-03-25 01:18:05 -07:00
}
/**
* Process the backup.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.8]
*
* @return Redirect
*/
2016-03-25 01:18:05 -07:00
public function postBackups()
{
if (! config('app.lock_passwords')) {
Artisan::call('snipeit:backup', ['--filename' => 'manual-backup-'.date('Y-m-d-H-i-s')]);
$output = Artisan::output();
// Backup completed
if (! preg_match('/failed/', $output)) {
return redirect()->route('settings.backups.index')
->with('success', trans('admin/settings/message.backup.generated'));
}
$formatted_output = str_replace('Backup completed!', '', $output);
$output_split = explode('...', $formatted_output);
if (array_key_exists(2, $output_split)) {
return redirect()->route('settings.backups.index')->with('error', $output_split[2]);
}
return redirect()->route('settings.backups.index')->with('error', $formatted_output);
}
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
2016-03-25 01:18:05 -07:00
}
/**
* Download the backup file.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.8]
*
2020-08-28 18:22:57 -07:00
* @return Storage
*/
2016-03-25 01:18:05 -07:00
public function downloadFile($filename = null)
{
2020-08-28 18:22:37 -07:00
$path = 'app/backups';
if (! config('app.lock_passwords')) {
if (Storage::exists($path.'/'.$filename)) {
return StorageHelper::downloader($path.'/'.$filename);
2016-03-25 01:18:05 -07:00
} else {
// Redirect to the backup page
2017-07-08 13:42:05 -07:00
return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
2016-03-25 01:18:05 -07:00
}
} else {
// Redirect to the backup page
2017-07-08 13:42:05 -07:00
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
2016-03-25 01:18:05 -07:00
}
}
/**
* Delete the backup file.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v1.8]
*
* @return View
*/
2016-03-25 01:18:05 -07:00
public function deleteFile($filename = null)
{
if (config('app.allow_backup_delete')=='true') {
2016-03-25 01:18:05 -07:00
if (!config('app.lock_passwords')) {
$path = 'app/backups';
if (Storage::exists($path . '/' . $filename)) {
try {
Storage::delete($path . '/' . $filename);
return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.file_deleted'));
} catch (\Exception $e) {
\Log::debug($e);
}
} else {
return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
}
2016-03-25 01:18:05 -07:00
}
2017-07-08 13:42:05 -07:00
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
2016-03-25 01:18:05 -07:00
}
// Hell to the no
\Log::warning('User ID '.Auth::user()->id.' is attempting to delete backup file '.$filename.' and is not authorized to.');
return redirect()->route('settings.backups.index')->with('error', trans('general.backup_delete_not_allowed'));
2016-03-25 01:18:05 -07:00
}
/**
* Uploads a backup file
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v6.0]
*
* @return Redirect
*/
public function postUploadBackup(Request $request) {
if (! config('app.lock_passwords')) {
if (!$request->hasFile('file')) {
return redirect()->route('settings.backups.index')->with('error', 'No file uploaded');
} else {
$max_file_size = Helper::file_upload_max_size();
$validator = Validator::make($request->all(), [
'file' => 'required|mimes:zip|max:'.$max_file_size,
]);
if ($validator->passes()) {
$upload_filename = 'uploaded-'.date('U').'-'.Str::slug(pathinfo($request->file('file')->getClientOriginalName(), PATHINFO_FILENAME)).'.zip';
Storage::putFileAs('app/backups', $request->file('file'), $upload_filename);
return redirect()->route('settings.backups.index')->with('success', 'File uploaded');
}
return redirect()->route('settings.backups.index')->withErrors($validator);
}
} else {
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
}
}
/**
* Restore the backup file.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v6.0]
*
* @return View
*/
public function postRestore($filename = null)
{
if (! config('app.lock_passwords')) {
$path = 'app/backups';
if (Storage::exists($path.'/'.$filename)) {
// grab the user's info so we can make sure they exist in the system
$user = User::find(Auth::user()->id);
2022-02-17 14:59:44 -08:00
// TODO: run a backup
Artisan::call('db:wipe', [
'--force' => true,
]);
\Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);
// run the restore command
Artisan::call('snipeit:restore',
[
'--force' => true,
'--no-progress' => true,
'filename' => storage_path($path).'/'.$filename
]);
// If it's greater than 300, it probably worked
2022-02-17 14:59:44 -08:00
$output = Artisan::output();
/* Run migrations */
\Log::debug('Migrating database...');
Artisan::call('migrate', ['--force' => true]);
$migrate_output = Artisan::output();
\Log::debug($migrate_output);
$find_user = DB::table('users')->where('username', $user->username)->exists();
if (!$find_user){
\Log::warning('Attempting to restore user: ' . $user->username);
$new_user = $user->replicate();
$new_user->push();
} else {
\Log::debug('User: ' . $user->username .' already exists.');
}
2022-02-17 16:00:24 -08:00
\Log::debug('Logging all users out..');
Artisan::call('snipeit:global-logout', ['--force' => true]);
DB::table('users')->update(['remember_token' => null]);
\Auth::logout();
2022-02-17 16:00:24 -08:00
return redirect()->route('login')->with('success', 'Your system has been restored. Please login again.');
} else {
return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
}
} else {
return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
}
}
2017-07-07 23:44:48 -07:00
/**
* Return a form to allow a super admin to update settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-07-07 23:44:48 -07:00
* @since [v4.0]
*
2017-07-07 23:44:48 -07:00
* @return View
*/
public function getPurge()
{
\Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');
if (config('app.allow_purge')=='true') {
return view('settings.purge-form');
}
return redirect()->route('settings.index')->with('error', trans('general.purge_not_allowed'));
2017-07-07 23:44:48 -07:00
}
/**
* Purges soft-deletes.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v3.0]
*
* @return View
*/
public function postPurge(Request $request)
{
\Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');
if (config('app.allow_purge')=='true') {
\Log::debug('Purging is not allowed via the .env');
if (!config('app.lock_passwords')) {
if ($request->input('confirm_purge')=='DELETE') {
\Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
// Run a backup immediately before processing
Artisan::call('backup:run');
Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
$output = Artisan::output();
return redirect()->route('settings.index')
->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
} else {
return redirect()->route('settings.purge.index')
->with('error', trans('admin/settings/message.purge.validation_failed'));
}
} else {
return redirect()->route('settings.index')
->with('error', trans('general.feature_disabled'));
}
}
\Log::error('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting to purge deleted data and is not authorized to.');
// Nope.
return redirect()->route('settings.index')
->with('error', trans('general.purge_not_allowed'));
}
/**
* Returns a page with the API token generation interface.
*
* We created a controller method for this because closures aren't allowed
* in the routes file if you want to be able to cache the routes.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
* @since [v4.0]
*
* @return View
*/
public function api()
{
2017-07-07 23:44:48 -07:00
return view('settings.api');
}
2017-10-19 06:16:03 -07:00
/**
* Test the email configuration.
2017-10-19 06:16:03 -07:00
*
* @author [A. Gianotto] [<snipe@snipe.net>]
*
2017-10-19 06:16:03 -07:00
* @since [v3.0]
*
2017-10-19 06:16:03 -07:00
* @return Redirect
*/
public function ajaxTestEmail()
{
try {
(new User())->forceFill([
'name' => config('mail.from.name'),
'email' => config('mail.from.address'),
2018-08-02 21:36:18 -07:00
])->notify(new MailTest());
return response()->json(Helper::formatStandardApiResponse('success', null, 'Maiol sent!'));
2017-10-19 06:16:03 -07:00
} catch (Exception $e) {
return response()->json(Helper::formatStandardApiResponse('success', null, $e->getMessage()));
2017-10-19 06:16:03 -07:00
}
}
public function getLoginAttempts()
{
return view('settings.logins');
2017-10-19 06:16:03 -07:00
}
}