DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-12-25 13:44:06 -08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop'
Some checks are pending
CodeQL Security Scan / CodeQL Security Scan (javascript) (push) Waiting to run
Details
Codacy Security Scan / Codacy Security Scan (push) Waiting to run
Details
Docker images (Alpine) / docker (push) Waiting to run
Details
Docker images / docker (push) Waiting to run
Details
Tests in MySQL / PHP ${{ matrix.php-version }} (8.1) (push) Waiting to run
Details
Tests in MySQL / PHP ${{ matrix.php-version }} (8.2) (push) Waiting to run
Details
Tests in MySQL / PHP ${{ matrix.php-version }} (8.3) (push) Waiting to run
Details
Tests in SQLite / PHP ${{ matrix.php-version }} (8.1.1) (push) Waiting to run
Details

Browse source
This commit is contained in:
snipe 2024-09-20 13:44:45 +01:00
parent d96c5e1ba4 cdb7ccb8f3
commit 4ab478bb97
8 changed files with 134 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

103
app/Console/Commands/LdapSync.php Executable file → Normal file
View file

@ -53,18 +53,22 @@ class LdapSync extends Command
ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
ini_set('memory_limit', env('LDAP_MEM_LIM', '500M')); ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));
$ldap_result_username = Setting::getSettings()->ldap_username_field;
$ldap_result_last_name = Setting::getSettings()->ldap_lname_field; $ldap_map = [
$ldap_result_first_name = Setting::getSettings()->ldap_fname_field; "username" => Setting::getSettings()->ldap_username_field,
$ldap_result_active_flag = Setting::getSettings()->ldap_active_flag; "last_name" => Setting::getSettings()->ldap_lname_field,
$ldap_result_emp_num = Setting::getSettings()->ldap_emp_num; "first_name" => Setting::getSettings()->ldap_fname_field,
$ldap_result_email = Setting::getSettings()->ldap_email; "active_flag" => Setting::getSettings()->ldap_active_flag,
$ldap_result_phone = Setting::getSettings()->ldap_phone_field; "emp_num" => Setting::getSettings()->ldap_emp_num,
$ldap_result_jobtitle = Setting::getSettings()->ldap_jobtitle; "email" => Setting::getSettings()->ldap_email,
$ldap_result_country = Setting::getSettings()->ldap_country; "phone" => Setting::getSettings()->ldap_phone_field,
$ldap_result_location = Setting::getSettings()->ldap_location; "jobtitle" => Setting::getSettings()->ldap_jobtitle,
$ldap_result_dept = Setting::getSettings()->ldap_dept; "country" => Setting::getSettings()->ldap_country,
$ldap_result_manager = Setting::getSettings()->ldap_manager; "location" => Setting::getSettings()->ldap_location,
"dept" => Setting::getSettings()->ldap_dept,
"manager" => Setting::getSettings()->ldap_manager,
];
$ldap_default_group = Setting::getSettings()->ldap_default_group; $ldap_default_group = Setting::getSettings()->ldap_default_group;
$search_base = Setting::getSettings()->ldap_base_dn; $search_base = Setting::getSettings()->ldap_base_dn;
@ -107,14 +111,21 @@ class LdapSync extends Command
} }
/** /**
* If a filter has been specified, use that * If a filter has been specified, use that, otherwise default to null
*/ */
if ($this->option('filter') != '') { if ($this->option('filter') != '') {
$results = Ldap::findLdapUsers($search_base, -1, $this->option('filter')); $filter = $this->option('filter');
} else { } else {
$results = Ldap::findLdapUsers($search_base); $filter = null;
} }
/**
* We only need to request the LDAP attributes that we process
*/
$attributes = array_values(array_filter($ldap_map));
$results = Ldap::findLdapUsers($search_base, -1, $filter, $attributes);
} catch (\Exception $e) { } catch (\Exception $e) {
if ($this->option('json_summary')) { if ($this->option('json_summary')) {
$json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []]; $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
@ -183,17 +194,17 @@ class LdapSync extends Command
} }
$usernames = []; $usernames = [];
for ($i = 0; $i < $location_users['count']; $i++) { for ($i = 0; $i < $location_users['count']; $i++) {
if (array_key_exists($ldap_result_username, $location_users[$i])) { if (array_key_exists($ldap_map["username"], $location_users[$i])) {
$location_users[$i]['ldap_location_override'] = true; $location_users[$i]['ldap_location_override'] = true;
$location_users[$i]['location_id'] = $ldap_loc['id']; $location_users[$i]['location_id'] = $ldap_loc['id'];
$usernames[] = $location_users[$i][$ldap_result_username][0]; $usernames[] = $location_users[$i][$ldap_map["username"]][0];
} }
} }
// Delete located users from the general group. // Delete located users from the general group.
foreach ($results as $key => $generic_entry) { foreach ($results as $key => $generic_entry) {
if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) { if ((is_array($generic_entry)) && (array_key_exists($ldap_map["username"], $generic_entry))) {
if (in_array($generic_entry[$ldap_result_username][0], $usernames)) { if (in_array($generic_entry[$ldap_map["username"]][0], $usernames)) {
unset($results[$key]); unset($results[$key]);
} }
} }
@ -219,22 +230,22 @@ class LdapSync extends Command
for ($i = 0; $i < $results['count']; $i++) { for ($i = 0; $i < $results['count']; $i++) {
$item = []; $item = [];
$item['username'] = $results[$i][$ldap_result_username][0] ?? ''; $item['username'] = $results[$i][$ldap_map["username"]][0] ?? '';
$item['employee_number'] = $results[$i][$ldap_result_emp_num][0] ?? ''; $item['employee_number'] = $results[$i][$ldap_map["emp_num"]][0] ?? '';
$item['lastname'] = $results[$i][$ldap_result_last_name][0] ?? ''; $item['lastname'] = $results[$i][$ldap_map["last_name"]][0] ?? '';
$item['firstname'] = $results[$i][$ldap_result_first_name][0] ?? ''; $item['firstname'] = $results[$i][$ldap_map["first_name"]][0] ?? '';
$item['email'] = $results[$i][$ldap_result_email][0] ?? ''; $item['email'] = $results[$i][$ldap_map["email"]][0] ?? '';
$item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? ''; $item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? '';
$item['location_id'] = $results[$i]['location_id'] ?? ''; $item['location_id'] = $results[$i]['location_id'] ?? '';
$item['telephone'] = $results[$i][$ldap_result_phone][0] ?? ''; $item['telephone'] = $results[$i][$ldap_map["phone"]][0] ?? '';
$item['jobtitle'] = $results[$i][$ldap_result_jobtitle][0] ?? ''; $item['jobtitle'] = $results[$i][$ldap_map["jobtitle"]][0] ?? '';
$item['country'] = $results[$i][$ldap_result_country][0] ?? ''; $item['country'] = $results[$i][$ldap_map["country"]][0] ?? '';
$item['department'] = $results[$i][$ldap_result_dept][0] ?? ''; $item['department'] = $results[$i][$ldap_map["dept"]][0] ?? '';
$item['manager'] = $results[$i][$ldap_result_manager][0] ?? ''; $item['manager'] = $results[$i][$ldap_map["manager"]][0] ?? '';
$item['location'] = $results[$i][$ldap_result_location][0] ?? ''; $item['location'] = $results[$i][$ldap_map["location"]][0] ?? '';
// ONLY if you are using the "ldap_location" option *AND* you have an actual result // ONLY if you are using the "ldap_location" option *AND* you have an actual result
if ($ldap_result_location && $item['location']) { if ($ldap_map["location"] && $item['location']) {
$location = Location::firstOrCreate([ $location = Location::firstOrCreate([
'name' => $item['location'], 'name' => $item['location'],
]); ]);
@ -257,38 +268,38 @@ class LdapSync extends Command
} }
//If a sync option is not filled in on the LDAP settings don't populate the user field //If a sync option is not filled in on the LDAP settings don't populate the user field
if($ldap_result_username != null){ if($ldap_map["username"] != null){
$user->username = $item['username']; $user->username = $item['username'];
} }
if($ldap_result_last_name != null){ if($ldap_map["last_name"] != null){
$user->last_name = $item['lastname']; $user->last_name = $item['lastname'];
} }
if($ldap_result_first_name != null){ if($ldap_map["first_name"] != null){
$user->first_name = $item['firstname']; $user->first_name = $item['firstname'];
} }
if($ldap_result_emp_num != null){ if($ldap_map["emp_num"] != null){
$user->employee_num = e($item['employee_number']); $user->employee_num = e($item['employee_number']);
} }
if($ldap_result_email != null){ if($ldap_map["email"] != null){
$user->email = $item['email']; $user->email = $item['email'];
} }
if($ldap_result_phone != null){ if($ldap_map["phone"] != null){
$user->phone = $item['telephone']; $user->phone = $item['telephone'];
} }
if($ldap_result_jobtitle != null){ if($ldap_map["jobtitle"] != null){
$user->jobtitle = $item['jobtitle']; $user->jobtitle = $item['jobtitle'];
} }
if($ldap_result_country != null){ if($ldap_map["country"] != null){
$user->country = $item['country']; $user->country = $item['country'];
} }
if($ldap_result_dept != null){ if($ldap_map["dept"] != null){
$user->department_id = $department->id; $user->department_id = $department->id;
} }
if($ldap_result_location != null){ if($ldap_map["location"] != null){
$user->location_id = $location ? $location->id : null; $user->location_id = $location ? $location->id : null;
} }
if($ldap_result_manager != null){ if($ldap_map["manager"] != null){
if($item['manager'] != null) { if($item['manager'] != null) {
// Check Cache first // Check Cache first
if (isset($manager_cache[$item['manager']])) { if (isset($manager_cache[$item['manager']])) {
@ -305,7 +316,7 @@ class LdapSync extends Command
$ldap_manager = [ $ldap_manager = [
"count" => 1, "count" => 1,
0 => [ 0 => [
$ldap_result_username => [$item['manager']] $ldap_map["username"] => [$item['manager']]
] ]
]; ];
} }
@ -314,7 +325,7 @@ class LdapSync extends Command
// Get the Manager's username // Get the Manager's username
// PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array. // PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array.
$ldapManagerUsername = $ldap_manager[0][$ldap_result_username][0]; $ldapManagerUsername = $ldap_manager[0][$ldap_map["username"]][0];
// Get User from Manager username. // Get User from Manager username.
$ldap_manager = User::where('username', $ldapManagerUsername)->first(); $ldap_manager = User::where('username', $ldapManagerUsername)->first();
@ -331,10 +342,10 @@ class LdapSync extends Command
} }
// Sync activated state for Active Directory. // Sync activated state for Active Directory.
if ( !empty($ldap_result_active_flag)) { // IF we have an 'active' flag set.... if ( !empty($ldap_map["active_flag"])) { // IF we have an 'active' flag set....
// ....then *most* things that are truthy will activate the user. Anything falsey will deactivate them. // ....then *most* things that are truthy will activate the user. Anything falsey will deactivate them.
// (Specifically, we don't handle a value of '0.0' correctly) // (Specifically, we don't handle a value of '0.0' correctly)
$raw_value = @$results[$i][$ldap_result_active_flag][0]; $raw_value = @$results[$i][$ldap_map["active_flag"]][0];
$filter_var = filter_var($raw_value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); $filter_var = filter_var($raw_value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
$boolean_cast = (bool)$raw_value; $boolean_cast = (bool)$raw_value;

6
app/Http/Controllers/Account/AcceptanceController.php
View file

@ -237,7 +237,11 @@ class AcceptanceController extends Controller
} }
$acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note')); $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note'));
$acceptance->notify(new AcceptanceAssetAcceptedNotification($data)); try {
$acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
} catch (\Exception $e) {
Log::error($e);
}
event(new CheckoutAccepted($acceptance)); event(new CheckoutAccepted($acceptance));
$return_msg = trans('admin/users/message.accepted'); $return_msg = trans('admin/users/message.accepted');

24
app/Http/Controllers/Api/AssetsController.php
View file

@ -372,7 +372,29 @@ class AssetsController extends Controller
$assets->OrderAssigned($order); $assets->OrderAssigned($order);
break; break;
default: default:
$assets->orderBy($column_sort, $order); $numeric_sort = false;
// Search through the custom fields array to see if we're sorting on a custom field
if (array_search($column_sort, $all_custom_fields->pluck('db_column')->toArray()) !== false) {
// Check to see if this is a numeric field type
foreach ($all_custom_fields as $field) {
if (($field->db_column == $sort_override) && ($field->format == 'NUMERIC')) {
$numeric_sort = true;
break;
}
}
// This may not work for all databases, but it works for MySQL
if ($numeric_sort) {
$assets->orderByRaw($sort_override . ' * 1 ' . $order);
} else {
$assets->orderBy($sort_override, $order);
}
} else {
$assets->orderBy($column_sort, $order);
}
break; break;
} }

21
app/Http/Controllers/Assets/BulkAssetsController.php
View file

@ -10,6 +10,7 @@ use App\Models\AssetModel;
use App\Models\Statuslabel; use App\Models\Statuslabel;
use App\Models\Setting; use App\Models\Setting;
use App\View\Label; use App\View\Label;
use Carbon\Carbon;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Crypt; use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
@ -271,6 +272,23 @@ class BulkAssetsController extends Controller
$this->conditionallyAddItem($custom_field_column); $this->conditionallyAddItem($custom_field_column);
} }
if (!($asset->eol_explicit)) {
if ($request->filled('model_id')) {
$model = AssetModel::find($request->input('model_id'));
if ($model->eol > 0) {
if ($request->filled('purchase_date')) {
$this->update_array['asset_eol_date'] = Carbon::parse($request->input('purchase_date'))->addMonths($model->eol)->format('Y-m-d');
} else {
$this->update_array['asset_eol_date'] = Carbon::parse($asset->purchase_date)->addMonths($model->eol)->format('Y-m-d');
}
} else {
$this->update_array['asset_eol_date'] = null;
}
} elseif (($request->filled('purchase_date')) && ($asset->model->eol > 0)) {
$this->update_array['asset_eol_date'] = Carbon::parse($request->input('purchase_date'))->addMonths($asset->model->eol)->format('Y-m-d');
}
}
/** /**
* Blank out fields that were requested to be blanked out via checkbox * Blank out fields that were requested to be blanked out via checkbox
*/ */
@ -281,6 +299,9 @@ class BulkAssetsController extends Controller
if ($request->input('null_purchase_date')=='1') { if ($request->input('null_purchase_date')=='1') {
$this->update_array['purchase_date'] = null; $this->update_array['purchase_date'] = null;
if (!($asset->eol_explicit)) {
$this->update_array['asset_eol_date'] = null;
}
} }
if ($request->input('null_expected_checkin_date')=='1') { if ($request->input('null_expected_checkin_date')=='1') {

6
app/Http/Controllers/ReportsController.php
View file

@ -703,6 +703,10 @@ class ReportsController extends Controller
$assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]); $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
} }
if (($request->filled('asset_eol_date_start')) && ($request->filled('asset_eol_date_end'))) {
$assets->whereBetween('assets.asset_eol_date', [$request->input('asset_eol_date_start'), $request->input('asset_eol_date_end')]);
}
if (($request->filled('last_audit_start')) && ($request->filled('last_audit_end'))) { if (($request->filled('last_audit_start')) && ($request->filled('last_audit_end'))) {
$last_audit_start = Carbon::parse($request->input('last_audit_start'))->startOfDay(); $last_audit_start = Carbon::parse($request->input('last_audit_start'))->startOfDay();
$last_audit_end = Carbon::parse($request->input('last_audit_end'))->endOfDay(); $last_audit_end = Carbon::parse($request->input('last_audit_end'))->endOfDay();
@ -778,7 +782,7 @@ class ReportsController extends Controller
} }
if ($request->filled('eol')) { if ($request->filled('eol')) {
$row[] = ($asset->asset_eol_date) ? $asset->asset_eol_date : ''; $row[] = ($asset->purchase_date != '') ? $asset->asset_eol_date : '';
} }
if ($request->filled('order')) { if ($request->filled('order')) {

5
app/Models/Ldap.php
View file

@ -283,9 +283,10 @@ class Ldap extends Model
* @param $base_dn * @param $base_dn
* @param $count * @param $count
* @param $filter * @param $filter
* @param $attributes
* @return array|bool * @return array|bool
*/ */
public static function findLdapUsers($base_dn = null, $count = -1, $filter = null) public static function findLdapUsers($base_dn = null, $count = -1, $filter = null, $attributes = [])
{ {
$ldapconn = self::connectToLdap(); $ldapconn = self::connectToLdap();
self::bindAdminToLdap($ldapconn); self::bindAdminToLdap($ldapconn);
@ -319,7 +320,7 @@ class Ldap extends Model
//if($count == -1) { //count is -1 means we have to employ paging to query the entire directory //if($count == -1) { //count is -1 means we have to employ paging to query the entire directory
$ldap_controls = [['oid' => LDAP_CONTROL_PAGEDRESULTS, 'iscritical' => false, 'value' => ['size'=> $count == -1||$count>$page_size ? $page_size : $count, 'cookie' => $cookie]]]; $ldap_controls = [['oid' => LDAP_CONTROL_PAGEDRESULTS, 'iscritical' => false, 'value' => ['size'=> $count == -1||$count>$page_size ? $page_size : $count, 'cookie' => $cookie]]];
//} //}
$search_results = ldap_search($ldapconn, $base_dn, $filter, [], 0, /* $page_size */ -1, -1, LDAP_DEREF_NEVER, $ldap_controls); // TODO - I hate the @, and I hate that we get a full page even if we ask for 10 records. Can we use an ldap_control? $search_results = ldap_search($ldapconn, $base_dn, $filter, $attributes, 0, /* $page_size */ -1, -1, LDAP_DEREF_NEVER, $ldap_controls); // TODO - I hate the @, and I hate that we get a full page even if we ask for 10 records. Can we use an ldap_control?
Log::debug("LDAP search executed successfully."); Log::debug("LDAP search executed successfully.");
if (! $search_results) { if (! $search_results) {
return redirect()->route('users.index')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn)); // TODO this is never called in any routed context - only from the Artisan command. So this redirect will never work. return redirect()->route('users.index')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn)); // TODO this is never called in any routed context - only from the Artisan command. So this redirect will never work.

3
app/Notifications/CheckoutAssetNotification.php
View file

@ -192,10 +192,9 @@ public function toGoogleChat()
* @return \Illuminate\Notifications\Messages\MailMessage * @return \Illuminate\Notifications\Messages\MailMessage
*/ */
public function toMail() public function toMail()
{ { $this->item->load('assetstatus');
$eula = method_exists($this->item, 'getEula') ? $this->item->getEula() : ''; $eula = method_exists($this->item, 'getEula') ? $this->item->getEula() : '';
$req_accept = method_exists($this->item, 'requireAcceptance') ? $this->item->requireAcceptance() : 0; $req_accept = method_exists($this->item, 'requireAcceptance') ? $this->item->requireAcceptance() : 0;
$fields = []; $fields = [];
// Check if the item has custom fields associated with it // Check if the item has custom fields associated with it

18
resources/views/reports/custom.blade.php
View file

@ -88,7 +88,7 @@
<label class="form-control"> <label class="form-control">
{{ Form::checkbox('eol', '1', '1') }} {{ Form::checkbox('eol', '1', '1') }}
{{ trans('admin/hardware/table.eol') }} {{ trans('admin/hardware/form.eol_date') }}
</label> </label>
<label class="form-control"> <label class="form-control">
@ -429,6 +429,16 @@
</div> </div>
<!-- EoL Date -->
<div class="form-group asset_eol_date-range">
<label for="asset_eol_date" class="col-md-3 control-label">{{ trans('admin/hardware/form.eol_date') }}</label>
<div class="input-daterange input-group col-md-6" id="datepicker">
<input type="text" class="form-control" name="asset_eol_date_start" aria-label="asset_eol_date_start">
<span class="input-group-addon">to</span>
<input type="text" class="form-control" name="asset_eol_date_end" aria-label="asset_eol_date_end">
</div>
</div>
<!-- Last Audit Date --> <!-- Last Audit Date -->
<div class="form-group last_audit-range{{ ($errors->has('last_audit_start') || $errors->has('last_audit_end')) ? ' has-error' : '' }}"> <div class="form-group last_audit-range{{ ($errors->has('last_audit_start') || $errors->has('last_audit_end')) ? ' has-error' : '' }}">
<label for="last_audit_start" class="col-md-3 control-label">{{ trans('general.last_audit') }}</label> <label for="last_audit_start" class="col-md-3 control-label">{{ trans('general.last_audit') }}</label>
@ -538,6 +548,12 @@
format: 'yyyy-mm-dd' format: 'yyyy-mm-dd'
}); });
$('.asset_eol_date-range .input-daterange').datepicker({
clearBtn: true,
todayHighlight: true,
format: 'yyyy-mm-dd'
});
$('.last_audit-range .input-daterange').datepicker({ $('.last_audit-range .input-daterange').datepicker({
clearBtn: true, clearBtn: true,
todayHighlight: true, todayHighlight: true,