Merge master into develop

Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .all-contributorsrc # README.md # app/Http/Controllers/BulkAssetModelsController.php # app/Http/Controllers/CustomFieldsController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/ModalController.php # app/Http/Transformers/GroupsTransformer.php # config/version.php # package-lock.json # public/css/build/app.css # public/css/build/overrides.css # public/css/dist/all.css # public/css/dist/bootstrap-table.css # public/js/build/app.js # public/js/dist/all.js # public/js/dist/bootstrap-table.js # public/mix-manifest.json # resources/assets/less/overrides.less # resources/lang/en/admin/hardware/message.php # resources/lang/en/admin/settings/general.php # resources/views/partials/bootstrap-table.blade.php # routes/web.php
2024-09-19 23:37:38 -07:00 · 2022-01-12 20:51:33 -08:00 · 2022-01-12 20:51:33 -08:00 · 43c57c8461
parent ba5b835933 181dc5127f
commit 43c57c8461
55 changed files with 9546 additions and 13965 deletions
--- a/app/Http/Controllers/Api/PredefinedKitsController.php
+++ b/app/Http/Controllers/Api/PredefinedKitsController.php
@ -31,8 +31,8 @@ class PredefinedKitsController extends Controller

        $offset = $request->input('offset', 0);
        $limit = $request->input('limit', 50);
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
+        $order = $request->input('order') === 'desc' ? 'desc' : 'asc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'name';
        $kits->orderBy($sort, $order);

        $total = $kits->count();
--- a/app/Http/Controllers/BulkAssetModelsController.php
+++ b/app/Http/Controllers/BulkAssetModelsController.php
@ -31,6 +31,7 @@ class BulkAssetModelsController extends Controller

            // If deleting....
            if ($request->input('bulk_actions') == 'delete') {
+                $this->authorize('delete', AssetModel::class);
                $valid_count = 0;
                foreach ($models as $model) {
                    if ($model->assets_count == 0) {
@ -42,7 +43,7 @@ class BulkAssetModelsController extends Controller

                // Otherwise display the bulk edit screen
            }
-
+            $this->authorize('update', AssetModel::class);
            $nochange = ['NC' => 'No Change'];

            return view('models/bulk-edit', compact('models'))
@ -64,6 +65,8 @@ class BulkAssetModelsController extends Controller
     */
    public function update(Request $request)
    {
+        $this->authorize('update', AssetModel::class);
+      
        $models_raw_array = $request->input('ids');
        $update_array = [];

@ -106,6 +109,8 @@ class BulkAssetModelsController extends Controller
     */
    public function destroy(Request $request)
    {
+        $this->authorize('delete', AssetModel::class);
+      
        $models_raw_array = $request->input('ids');

        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
--- a/app/Http/Controllers/CustomFieldsController.php
+++ b/app/Http/Controllers/CustomFieldsController.php
@ -167,7 +167,7 @@ class CustomFieldsController extends Controller
     */
    public function edit($id)
    {
-        $field = CustomField::find($id);
+        if ($field = CustomField::find($id)) {

        $this->authorize('update', $field);

@ -183,6 +183,11 @@ class CustomFieldsController extends Controller
        ]);
        } 

+        return redirect()->route("fields.index")
+            ->with("error", trans('admin/custom_fields/message.field.invalid'));
+        
+    }
+
    /**
     * Store the updated field
     *
--- a/app/Http/Controllers/CustomFieldsetsController.php
+++ b/app/Http/Controllers/CustomFieldsetsController.php
@ -22,6 +22,13 @@ use Redirect;
 */
 class CustomFieldsetsController extends Controller
 {
+
+    public function index() 
+    {
+        return redirect()->route("fields.index")
+        ->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+    }
+
    /**
     * Validates and stores a new custom field.
     *
--- a/app/Http/Controllers/ModalController.php
+++ b/app/Http/Controllers/ModalController.php
@ -6,17 +6,49 @@ use App\Helpers\Helper;

 class ModalController extends Controller
 {
-    public function show($type, $itemId = null)
-    {
+
+    /** 
+     * Load the modal views after confirming they are in the allowed_types array.
+     * The allowed types away just prevents shithead skiddies from fuzzing the urls 
+     * with automated scripts and junking up the logs. - snipe
+     * 
+     * @version    v5.3.7-pre
+     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @return View
+     */
+    function show ($type, $itemId = null) {
+
+        // These values should correspond to a file in resources/views/modals/
+        $allowed_types = [
+            'category',
+            'kit-model', 
+            'kit-license', 
+            'kit-consumable', 
+            'kit-accessory',
+            'location',
+            'manufacturer',
+            'model',
+            'statuslabel',
+            'supplier',
+            'upload-file',
+            'user',         
+        ];
+
+
+        if (in_array($type, $allowed_types)) {
        $view = view("modals.${type}");

-        if ($type == 'statuslabel') {
+            if ($type == "statuslabel") {
            $view->with('statuslabel_types', Helper::statusTypeList());
        }
        if (in_array($type, ['kit-model', 'kit-license', 'kit-consumable', 'kit-accessory'])) {
            $view->with('kitId', $itemId);
            }
-
            return $view;
        }
+
+        abort(404,'Page not found');
+        
+    }
 }
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@ -165,7 +165,7 @@ class ViewAssetsController extends Controller
            $settings->notify(new RequestAssetCancelation($data));

            return redirect()->route('requestable-assets')
-                ->with('success')->with('success', trans('admin/hardware/message.requests.cancel-success'));
+                ->with('success')->with('success', trans('admin/hardware/message.requests.canceled'));
        }

        $logaction->logaction('requested');
--- a/app/Http/Transformers/GroupsTransformer.php
+++ b/app/Http/Transformers/GroupsTransformer.php
@ -9,14 +9,14 @@ use Illuminate\Database\Eloquent\Collection;

 class GroupsTransformer
 {
-    public function transformGroups(Collection $groups)
+    public function transformGroups (Collection $groups, $total = null)
    {
        $array = [];
        foreach ($groups as $group) {
            $array[] = self::transformGroup($group);
        }

-        return (new DatatablesTransformer)->transformDatatables($array);
+        return (new DatatablesTransformer)->transformDatatables($array, $total);
    }

    public function transformGroup(Group $group)
--- a/package-lock.json
+++ b/package-lock.json
--- a/public/css/build/AdminLTE.css
+++ b/public/css/build/AdminLTE.css
--- a/public/css/build/app.css
+++ b/public/css/build/app.css
--- a/public/css/build/overrides.css
+++ b/public/css/build/overrides.css
--- a/public/css/dist/all.css
+++ b/public/css/dist/all.css
--- a/public/css/dist/bootstrap-table.css
+++ b/public/css/dist/bootstrap-table.css
--- a/public/css/dist/signature-pad.css
+++ b/public/css/dist/signature-pad.css
--- a/public/css/dist/signature-pad.min.css
+++ b/public/css/dist/signature-pad.min.css
--- a/public/css/dist/skins/skin-black-dark.css
+++ b/public/css/dist/skins/skin-black-dark.css
--- a/public/css/dist/skins/skin-black-dark.min.css
+++ b/public/css/dist/skins/skin-black-dark.min.css
--- a/public/css/dist/skins/skin-black.css
+++ b/public/css/dist/skins/skin-black.css
--- a/public/css/dist/skins/skin-black.min.css
+++ b/public/css/dist/skins/skin-black.min.css
--- a/public/css/dist/skins/skin-blue-dark.css
+++ b/public/css/dist/skins/skin-blue-dark.css
--- a/public/css/dist/skins/skin-blue-dark.min.css
+++ b/public/css/dist/skins/skin-blue-dark.min.css
--- a/public/css/dist/skins/skin-blue.css
+++ b/public/css/dist/skins/skin-blue.css
--- a/public/css/dist/skins/skin-blue.min.css
+++ b/public/css/dist/skins/skin-blue.min.css
--- a/public/css/dist/skins/skin-contrast.css
+++ b/public/css/dist/skins/skin-contrast.css
--- a/public/css/dist/skins/skin-contrast.min.css
+++ b/public/css/dist/skins/skin-contrast.min.css
--- a/public/css/dist/skins/skin-green-dark.css
+++ b/public/css/dist/skins/skin-green-dark.css
--- a/public/css/dist/skins/skin-green-dark.min.css
+++ b/public/css/dist/skins/skin-green-dark.min.css
--- a/public/css/dist/skins/skin-green.css
+++ b/public/css/dist/skins/skin-green.css
--- a/public/css/dist/skins/skin-green.min.css
+++ b/public/css/dist/skins/skin-green.min.css
--- a/public/css/dist/skins/skin-orange-dark.css
+++ b/public/css/dist/skins/skin-orange-dark.css
--- a/public/css/dist/skins/skin-orange-dark.min.css
+++ b/public/css/dist/skins/skin-orange-dark.min.css
--- a/public/css/dist/skins/skin-orange.css
+++ b/public/css/dist/skins/skin-orange.css
--- a/public/css/dist/skins/skin-orange.min.css
+++ b/public/css/dist/skins/skin-orange.min.css
--- a/public/css/dist/skins/skin-purple-dark.css
+++ b/public/css/dist/skins/skin-purple-dark.css
--- a/public/css/dist/skins/skin-purple-dark.min.css
+++ b/public/css/dist/skins/skin-purple-dark.min.css
--- a/public/css/dist/skins/skin-purple.css
+++ b/public/css/dist/skins/skin-purple.css
--- a/public/css/dist/skins/skin-purple.min.css
+++ b/public/css/dist/skins/skin-purple.min.css
--- a/public/css/dist/skins/skin-red-dark.css
+++ b/public/css/dist/skins/skin-red-dark.css
--- a/public/css/dist/skins/skin-red-dark.min.css
+++ b/public/css/dist/skins/skin-red-dark.min.css
--- a/public/css/dist/skins/skin-red.css
+++ b/public/css/dist/skins/skin-red.css
--- a/public/css/dist/skins/skin-red.min.css
+++ b/public/css/dist/skins/skin-red.min.css
--- a/public/css/dist/skins/skin-yellow-dark.css
+++ b/public/css/dist/skins/skin-yellow-dark.css
--- a/public/css/dist/skins/skin-yellow-dark.min.css
+++ b/public/css/dist/skins/skin-yellow-dark.min.css
--- a/public/css/dist/skins/skin-yellow.css
+++ b/public/css/dist/skins/skin-yellow.css
--- a/public/css/dist/skins/skin-yellow.min.css
+++ b/public/css/dist/skins/skin-yellow.min.css
--- a/public/js/build/app.js
+++ b/public/js/build/app.js
--- a/public/js/build/vendor.js
+++ b/public/js/build/vendor.js
--- a/public/js/dist/all.js
+++ b/public/js/dist/all.js
--- a/public/js/dist/bootstrap-table.js
+++ b/public/js/dist/bootstrap-table.js
--- a/resources/lang/en/admin/hardware/message.php
+++ b/resources/lang/en/admin/hardware/message.php
@ -29,6 +29,7 @@ return [
        'success' 		=> 'Asset audit successfully logged.',
    ],

+
    'deletefile' => [
        'error'   => 'File not deleted. Please try again.',
        'success' => 'File successfully deleted.',
@ -49,6 +50,7 @@ return [
        'file_delete_error'      => 'The file was unable to be deleted',
    ],

+
    'delete' => [
        'confirm'   	=> 'Are you sure you wish to delete this asset?',
        'error'   		=> 'There was an issue deleting the asset. Please try again.',
--- a/resources/lang/en/admin/settings/general.php
+++ b/resources/lang/en/admin/settings/general.php
@ -24,9 +24,9 @@ return [
    'audit_interval_help'       => 'If you are required to regularly physically audit your assets, enter the interval in months.',
    'audit_warning_days'        => 'Audit Warning Threshold',
    'audit_warning_days_help'   => 'How many days in advance should we warn you when assets are due for auditing?',
-    'auto_increment_assets'		=> 'Generate auto-incrementing asset IDs',
+    'auto_increment_assets'		=> 'Generate auto-incrementing asset tags',
    'auto_increment_prefix'		=> 'Prefix (optional)',
-    'auto_incrementing_help'    => 'Enable auto-incrementing asset IDs first to set this',
+    'auto_incrementing_help'    => 'Enable auto-incrementing asset tags first to set this',
    'backups'					=> 'Backups',
    'backups_restoring'         => 'Restoring from Backup',
    'backups_upload'            => 'Upload Backup',
@ -56,6 +56,7 @@ return [
    'barcode_type'				=> '2D Barcode Type',
    'alt_barcode_type'			=> '1D barcode type',
    'email_logo_size'       => 'Square logos in email look best. ',
+    'enabled'                   => 'Enabled',
    'eula_settings'				=> 'EULA Settings',
    'eula_markdown'				=> 'This EULA allows <a href="https://help.github.com/articles/github-flavored-markdown/">Github flavored markdown</a>.',
    'favicon'                   => 'Favicon',
--- a/resources/views/partials/bootstrap-table.blade.php
+++ b/resources/views/partials/bootstrap-table.blade.php
@ -91,6 +91,9 @@
    });


+
+
+
    function dateRowCheckStyle(value) {
        if ((value.days_to_next_audit) && (value.days_to_next_audit < {{ $snipeSettings->audit_warning_days ?: 0 }})) {
            return { classes : "danger" }
@ -249,6 +252,7 @@
                actions += '<a class="btn btn-danger btn-sm delete-asset disabled" onClick="return false;"><i class="fas fa-trash"></i></a>&nbsp;';
            }

+
            if ((row.available_actions) && (row.available_actions.restore === true)) {
                actions += '<form style="display: inline;" method="POST" action="{{ url('/') }}/' + dest + '/' + row.id + '/restore"> ';
                actions += '@csrf';
--- a/resources/views/settings/asset_tags.blade.php
+++ b/resources/views/settings/asset_tags.blade.php
@ -43,11 +43,11 @@
                        <!-- auto ids -->
                        <div class="form-group">
                            <div class="col-md-5">
-                                {{ Form::label('auto_increment_assets', trans('admin/settings/general.asset_ids')) }}
+                                {{ Form::label('auto_increment_assets', trans('admin/settings/general.auto_increment_assets')) }}
                            </div>
                            <div class="col-md-7">
                                {{ Form::checkbox('auto_increment_assets', '1', old('auto_increment_assets', $setting->auto_increment_assets),array('class' => 'minimal', 'aria-label'=>'auto_increment_assets')) }}
-                                {{ trans('admin/settings/general.auto_increment_assets') }}
+                                {{ trans('admin/settings/general.enabled') }}
                            </div>
                        </div>

--- a/routes/web.php
+++ b/routes/web.php
@ -60,7 +60,7 @@ Route::group(['middleware' => 'auth'], function () {
    */

    Route::group(['prefix' => 'manufacturers', 'middleware' => ['auth']], function () {
-        Route::get('{manufacturers_id}/restore', [ManufacturersController::class, 'restore'] )->name('restore/manufacturer');
+        Route::post('{manufacturers_id}/restore', [ManufacturersController::class, 'restore'] )->name('restore/manufacturer');
    });

    Route::resource('manufacturers', ManufacturersController::class, [
@ -275,7 +275,7 @@ Route::group(['prefix' => 'account', 'middleware' => ['auth']], function () {
    Route::get('accept', [Account\AcceptanceController::class, 'index'])
        ->name('account.accept');

-    Route::get('accept/{id}', [Account\AcceptanceController::class, 'create'])
+    Route::post('accept/{id}', [Account\AcceptanceController::class, 'create'])
        ->name('account.accept.item');

    Route::post('accept/{id}', [Account\AcceptanceController::class, 'store']);