DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-02-21 03:15:45 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop'

Browse source 
# Conflicts:
#	config/version.php
This commit is contained in:
snipe 2020-11-24 12:17:38 -08:00
parent 98dfb9d1b5 b2660002b9
commit 02fef7049f
10 changed files with 85 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/Http/Controllers/Auth/SamlController.php
View file

@ -53,8 +53,10 @@ class SamlController extends Controller
if (empty($metadata)) { if (empty($metadata)) {
return response()->view('errors.403', [], 403); return response()->view('errors.403', [], 403);
} }
return response($metadata)->header('Content-Type', 'text/xml'); return response()->streamDownload(function () use ($metadata) {
echo $metadata;
}, 'snipe-it-metadata.xml', ['Content-Type' => 'text/xml']);
} }
/** /**

1
app/Http/Kernel.php
View file

@ -38,6 +38,7 @@ class Kernel extends HttpKernel
\App\Http\Middleware\CheckLocale::class, \App\Http\Middleware\CheckLocale::class,
\App\Http\Middleware\CheckForTwoFactor::class, \App\Http\Middleware\CheckForTwoFactor::class,
\Laravel\Passport\Http\Middleware\CreateFreshApiToken::class, \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
\App\Http\Middleware\AssetCountForSidebar::class,
], ],
'api' => [ 'api' => [

33
app/Http/Middleware/AssetCountForSidebar.php Normal file
View file

@ -0,0 +1,33 @@
<?php
namespace App\Http\Middleware;
use Auth;
use App\Models\Asset;
use Closure;
class AssetCountForSidebar
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$total_rtd_sidebar = Asset::RTD()->count();
$total_deployed_sidebar = Asset::Deployed()->count();
$total_archived_sidebar = Asset::Archived()->count();
$total_pending_sidebar = Asset::Pending()->count();
$total_undeployable_sidebar = Asset::Undeployable()->count();
view()->share('total_rtd_sidebar', $total_rtd_sidebar);
view()->share('total_deployed_sidebar', $total_deployed_sidebar);
view()->share('total_archived_sidebar', $total_archived_sidebar);
view()->share('total_pending_sidebar', $total_pending_sidebar);
view()->share('total_undeployable_sidebar', $total_undeployable_sidebar);
return $next($request);
}
}

33
app/Http/Requests/SettingsSamlRequest.php
View file

@ -70,22 +70,27 @@ class SettingsSamlRequest extends FormRequest
]); ]);
$csr = openssl_csr_new($dn, $pkey, ['digest_alg' => 'sha256']); $csr = openssl_csr_new($dn, $pkey, ['digest_alg' => 'sha256']);
$x509 = openssl_csr_sign($csr, null, $pkey, 3650, ['digest_alg' => 'sha256']);
openssl_x509_export($x509, $x509cert); if ($csr) {
openssl_pkey_export($pkey, $privateKey);
$errors = []; $x509 = openssl_csr_sign($csr, null, $pkey, 3650, ['digest_alg' => 'sha256']);
while (($error = openssl_error_string() !== false)) {
$errors[] = $error; openssl_x509_export($x509, $x509cert);
} openssl_pkey_export($pkey, $privateKey);
if (!(empty($x509cert) && empty($privateKey))) { $errors = [];
$this->merge([ while (($error = openssl_error_string() !== false)) {
'saml_sp_x509cert' => $x509cert, $errors[] = $error;
'saml_sp_privatekey' => $privateKey, }
]);
if (!(empty($x509cert) && empty($privateKey))) {
$this->merge([
'saml_sp_x509cert' => $x509cert,
'saml_sp_privatekey' => $privateKey,
]);
}
} else {
$validator->errors()->add('saml_integration', 'openssl.cnf is missing/invalid');
} }
} }

1
app/Models/User.php
View file

@ -70,6 +70,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
* @var array * @var array
*/ */
// 'username' => 'required|string|min:1|unique:users,username,NULL,id,deleted_at,NULL',
protected $rules = [ protected $rules = [
'first_name' => 'required|string|min:1', 'first_name' => 'required|string|min:1',
'username' => 'required|string|min:1|unique_undeleted', 'username' => 'required|string|min:1|unique_undeleted',

4
app/Services/Saml.php
View file

@ -5,6 +5,7 @@ namespace App\Services;
use OneLogin\Saml2\Auth as OneLogin_Saml2_Auth; use OneLogin\Saml2\Auth as OneLogin_Saml2_Auth;
use OneLogin\Saml2\IdPMetadataParser as OneLogin_Saml2_IdPMetadataParser; use OneLogin\Saml2\IdPMetadataParser as OneLogin_Saml2_IdPMetadataParser;
use OneLogin\Saml2\Settings as OneLogin_Saml2_Settings; use OneLogin\Saml2\Settings as OneLogin_Saml2_Settings;
use OneLogin\Saml2\Utils as OneLogin_Saml2_Utils;
use App\Models\Setting; use App\Models\Setting;
use App\Models\User; use App\Models\User;
use Exception; use Exception;
@ -153,6 +154,9 @@ class Saml
$this->_enabled = $setting->saml_enabled == '1'; $this->_enabled = $setting->saml_enabled == '1';
if ($this->isEnabled()) { if ($this->isEnabled()) {
//Let onelogin/php-saml know to use 'X-Forwarded-*' headers if it is from a trusted proxy
OneLogin_Saml2_Utils::setProxyVars(request()->isFromTrustedProxy());
data_set($settings, 'sp.entityId', url('/')); data_set($settings, 'sp.entityId', url('/'));
data_set($settings, 'sp.assertionConsumerService.url', route('saml.acs')); data_set($settings, 'sp.assertionConsumerService.url', route('saml.acs'));
data_set($settings, 'sp.singleLogoutService.url', route('saml.sls')); data_set($settings, 'sp.singleLogoutService.url', route('saml.sls'));

10
config/version.php
View file

@ -1,10 +1,10 @@
<?php <?php
return array ( return array (
'app_version' => 'v5.0.7', 'app_version' => 'v5.0.8',
'full_app_version' => 'v5.0.7 - build 5615-g6eb860ca2', 'full_app_version' => 'v5.0.8 - build 5616-8a38b9d',
'build_version' => '5615', 'build_version' => '5616',
'prerelease_version' => '', 'prerelease_version' => '',
'hash_version' => 'g6eb860ca2', 'hash_version' => '8a38b9d',
'full_hash' => 'v5.0.7-87-g6eb860ca2', 'full_hash' => 'v5.0.8-87-8a38b9d',
'branch' => 'master', 'branch' => 'master',
); );

1
resources/lang/en/admin/settings/general.php
View file

@ -125,6 +125,7 @@ return array(
'saml_sp_acs_url' => 'Assertion Consumer Service (ACS) URL', 'saml_sp_acs_url' => 'Assertion Consumer Service (ACS) URL',
'saml_sp_sls_url' => 'Single Logout Service (SLS) URL', 'saml_sp_sls_url' => 'Single Logout Service (SLS) URL',
'saml_sp_x509cert' => 'Public Certificate', 'saml_sp_x509cert' => 'Public Certificate',
'saml_sp_metadata_url' => 'Metadata URL',
'saml_idp_metadata' => 'SAML IdP Metadata', 'saml_idp_metadata' => 'SAML IdP Metadata',
'saml_idp_metadata_help' => 'You can specify the IdP metadata using a URL or XML file.', 'saml_idp_metadata_help' => 'You can specify the IdP metadata using a URL or XML file.',
'saml_attr_mapping_username' => 'Attribute Mapping - Username', 'saml_attr_mapping_username' => 'Attribute Mapping - Username',

16
resources/views/layouts/default.blade.php
View file

@ -403,24 +403,26 @@
</a> </a>
<ul class="treeview-menu"> <ul class="treeview-menu">
<li> <li>
<a href="{{ url('hardware') }}"> <a href="{{ url('hardware') }}">
<i class="fa fa-circle-o text-grey" aria-hidden="true"></i>
{{ trans('general.list_all') }} {{ trans('general.list_all') }}
</a> </a>
</li> </li>
<?php $status_navs = \App\Models\Statuslabel::where('show_in_nav', '=', 1)->get(); ?> <?php $status_navs = \App\Models\Statuslabel::where('show_in_nav', '=', 1)->withCount('assets as asset_count')->get(); ?>
@if (count($status_navs) > 0) @if (count($status_navs) > 0)
<li class="divider">&nbsp;</li>
@foreach ($status_navs as $status_nav) @foreach ($status_navs as $status_nav)
<li><a href="{{ route('statuslabels.show', ['statuslabel' => $status_nav->id]) }}"}> {{ $status_nav->name }}</a></li> <li><a href="{{ route('statuslabels.show', ['statuslabel' => $status_nav->id]) }}"><i class="fa fa-circle text-grey" aria-hidden="true"></i> {{ $status_nav->name }} ({{ $status_nav->asset_count }})</a></li>
@endforeach @endforeach
@endif @endif
<li{!! (Request::query('status') == 'Deployed' ? ' class="active"' : '') !!}> <li{!! (Request::query('status') == 'Deployed' ? ' class="active"' : '') !!}>
<a href="{{ url('hardware?status=Deployed') }}"><i class="fa fa-circle-o text-blue"></i> <a href="{{ url('hardware?status=Deployed') }}">
<i class="fa fa-circle-o text-blue"></i>
{{ trans('general.all') }} {{ trans('general.all') }}
{{ trans('general.deployed') }} {{ trans('general.deployed') }}
({{ ($total_deployed_sidebar) ? $total_deployed_sidebar : '' }})
</a> </a>
</li> </li>
<li{!! (Request::query('status') == 'RTD' ? ' class="active"' : '') !!}> <li{!! (Request::query('status') == 'RTD' ? ' class="active"' : '') !!}>
@ -428,21 +430,25 @@
<i class="fa fa-circle-o text-green"></i> <i class="fa fa-circle-o text-green"></i>
{{ trans('general.all') }} {{ trans('general.all') }}
{{ trans('general.ready_to_deploy') }} {{ trans('general.ready_to_deploy') }}
({{ ($total_rtd_sidebar) ? $total_rtd_sidebar : '' }})
</a> </a>
</li> </li>
<li{!! (Request::query('status') == 'Pending' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Pending') }}"><i class="fa fa-circle-o text-orange"></i> <li{!! (Request::query('status') == 'Pending' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Pending') }}"><i class="fa fa-circle-o text-orange"></i>
{{ trans('general.all') }} {{ trans('general.all') }}
{{ trans('general.pending') }} {{ trans('general.pending') }}
({{ ($total_pending_sidebar) ? $total_pending_sidebar : '' }})
</a> </a>
</li> </li>
<li{!! (Request::query('status') == 'Undeployable' ? ' class="active"' : '') !!} ><a href="{{ url('hardware?status=Undeployable') }}"><i class="fa fa-times text-red"></i> <li{!! (Request::query('status') == 'Undeployable' ? ' class="active"' : '') !!} ><a href="{{ url('hardware?status=Undeployable') }}"><i class="fa fa-times text-red"></i>
{{ trans('general.all') }} {{ trans('general.all') }}
{{ trans('general.undeployable') }} {{ trans('general.undeployable') }}
({{ ($total_undeployable_sidebar) ? $total_undeployable_sidebar : '' }})
</a> </a>
</li> </li>
<li{!! (Request::query('status') == 'Archived' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Archived') }}"><i class="fa fa-times text-red"></i> <li{!! (Request::query('status') == 'Archived' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Archived') }}"><i class="fa fa-times text-red"></i>
{{ trans('general.all') }} {{ trans('general.all') }}
{{ trans('admin/hardware/general.archived') }} {{ trans('admin/hardware/general.archived') }}
({{ ($total_archived_sidebar) ? $total_archived_sidebar : '' }})
</a> </a>
</li> </li>
<li{!! (Request::query('status') == 'Requestable' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Requestable') }}"><i class="fa fa-check text-blue"></i> <li{!! (Request::query('status') == 'Requestable' ? ' class="active"' : '') !!}><a href="{{ url('hardware?status=Requestable') }}"><i class="fa fa-check text-blue"></i>

7
resources/views/settings/saml.blade.php
View file

@ -55,6 +55,7 @@
{{ Form::checkbox('saml_enabled', '1', Request::old('saml_enabled', $setting->saml_enabled), [((config('app.lock_passwords')===true)) ? 'disabled ': '', 'class' => 'minimal '. $setting->demoMode, $setting->demoMode]) }} {{ Form::checkbox('saml_enabled', '1', Request::old('saml_enabled', $setting->saml_enabled), [((config('app.lock_passwords')===true)) ? 'disabled ': '', 'class' => 'minimal '. $setting->demoMode, $setting->demoMode]) }}
{{ trans('admin/settings/general.saml_enabled') }} {{ trans('admin/settings/general.saml_enabled') }}
{!! $errors->first('saml_integration', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}<br>
@if (config('app.lock_passwords')===true) @if (config('app.lock_passwords')===true)
<p class="text-warning"><i class="fa fa-lock"></i> {{ trans('general.feature_disabled') }}</p> <p class="text-warning"><i class="fa fa-lock"></i> {{ trans('general.feature_disabled') }}</p>
@endif @endif
@ -82,8 +83,12 @@
{{ Form::textarea('saml_sp_x509cert', $setting->saml_sp_x509cert, ['class' => 'form-control', 'wrap' => 'off', 'readonly']) }} {{ Form::textarea('saml_sp_x509cert', $setting->saml_sp_x509cert, ['class' => 'form-control', 'wrap' => 'off', 'readonly']) }}
<br> <br>
@endif @endif
<!-- SAML SP Metadata URL -->
{{ Form::label('saml_sp_metadata_url', trans('admin/settings/general.saml_sp_metadata_url')) }}
{{ Form::text('saml_sp_metadata_url', route('saml.metadata'), ['class' => 'form-control', 'readonly']) }}
<br>
<p class="help-block"> <p class="help-block">
<a href="{{ route('saml.metadata') }}" target="_blank" class="btn btn-default" style="margin-right: 5px;">View Metadata</a> <a href="{{ route('saml.metadata') }}" target="_blank" class="btn btn-default" style="margin-right: 5px;">Download Metadata</a>
</p> </p>
@endif @endif
{!! $errors->first('saml_enabled', '<span class="alert-msg" aria-hidden="true">:message</span>') !!} {!! $errors->first('saml_enabled', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}