DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-01-12 06:17:28 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Disallow purge

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2022-06-23 20:11:43 -07:00
parent d0081188c7
commit 77bf28bcb6
5 changed files with 38 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env.example
View file

@ -8,6 +8,7 @@ APP_URL=null
APP_TIMEZONE='UTC'
APP_LOCALE=en
MAX_RESULTS=500
ALLOW_DATA_PURGE=false
# --------------------------------------------
# REQUIRED: UPLOADED FILE STORAGE SETTINGS

35
app/Http/Controllers/SettingsController.php
View file

@ -1299,8 +1299,13 @@ class SettingsController extends Controller
public function getPurge()
{
\Log::warning('User ID '.Auth::user()->id.' is attempting a PURGE');
if (config('app.allow_purge')=='true') {
return view('settings.purge-form');
}
return redirect()->back()->with('error', trans('general.purge_not_allowed'));
return view('settings.purge-form');
}
/**
@ -1314,21 +1319,25 @@ class SettingsController extends Controller
*/
public function postPurge(Request $request)
{
if (! config('app.lock_passwords')) {
if ('DELETE' == $request->input('confirm_purge')) {
\Log::warning('User ID '.Auth::user()->id.' initiated a PURGE!');
// Run a backup immediately before processing
Artisan::call('backup:run');
Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
$output = Artisan::output();
if (config('app.allow_purge')=='true') {
if (!config('app.lock_passwords')) {
if ('DELETE' == $request->input('confirm_purge')) {
\Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
// Run a backup immediately before processing
Artisan::call('backup:run');
Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
$output = Artisan::output();
return view('settings/purge')
->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
return view('settings/purge')
->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
} else {
return redirect()->back()->with('error', trans('admin/settings/message.purge.validation_failed'));
}
} else {
return redirect()->back()->with('error', trans('admin/settings/message.purge.validation_failed'));
return redirect()->back()->with('error', trans('general.feature_disabled'));
}
} else {
return redirect()->back()->with('error', trans('general.feature_disabled'));
return redirect()->back()->with('error', trans('general.purge_not_allowed'));
}
}

12
config/app.php
View file

@ -430,4 +430,16 @@ return [
'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120),
/*
|--------------------------------------------------------------------------
| Allow Web-Based Purge
|--------------------------------------------------------------------------
|
| This sets whether or not to allow superadmins to purge deleted data
|
*/
'allow_purge' => env('ALLOW_DATA_PURGE', false),
];

1
resources/lang/en/general.php
View file

@ -360,4 +360,5 @@ return [
'maintenance_mode' => 'The service is temporarily unavailable for system updates. Please check back later.',
'maintenance_mode_title' => 'System Temporarily Unavailable',
'ldap_import' => 'User password should not be managed by LDAP. (This allows you to send forgotten password requests.)',
'purge_not_allowed' => 'Purging deleted data has been disabled in the .env file. Contact support or your systems administrator.',
];

2
resources/views/settings/index.blade.php
View file

@ -314,6 +314,7 @@
</div>
@endif
@if (config('app.allow_purge')=='true')
<div class="col-md-4 col-lg-3 col-sm-6 col-xl-1">
<div class="box box-danger">
<div class="box-body text-center">
@ -329,6 +330,7 @@
</div>
</div>
</div>
@endif
</div>