DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Disallow purge

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2022-06-23 20:11:43 -07:00
parent d0081188c7
commit 77bf28bcb6
5 changed files with 38 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env.example
View file

@ -8,6 +8,7 @@ APP_URL=null
APP_TIMEZONE='UTC' APP_TIMEZONE='UTC'
APP_LOCALE=en APP_LOCALE=en
MAX_RESULTS=500 MAX_RESULTS=500
ALLOW_DATA_PURGE=false
# -------------------------------------------- # --------------------------------------------
# REQUIRED: UPLOADED FILE STORAGE SETTINGS # REQUIRED: UPLOADED FILE STORAGE SETTINGS

35
app/Http/Controllers/SettingsController.php
View file

@ -1299,8 +1299,13 @@ class SettingsController extends Controller
public function getPurge() public function getPurge()
{ {
\Log::warning('User ID '.Auth::user()->id.' is attempting a PURGE'); \Log::warning('User ID '.Auth::user()->id.' is attempting a PURGE');
if (config('app.allow_purge')=='true') {
return view('settings.purge-form');
}
return redirect()->back()->with('error', trans('general.purge_not_allowed'));
return view('settings.purge-form');
} }
/** /**
@ -1314,21 +1319,25 @@ class SettingsController extends Controller
*/ */
public function postPurge(Request $request) public function postPurge(Request $request)
{ {
if (! config('app.lock_passwords')) { if (config('app.allow_purge')=='true') {
if ('DELETE' == $request->input('confirm_purge')) { if (!config('app.lock_passwords')) {
\Log::warning('User ID '.Auth::user()->id.' initiated a PURGE!'); if ('DELETE' == $request->input('confirm_purge')) {
// Run a backup immediately before processing \Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
Artisan::call('backup:run'); // Run a backup immediately before processing
Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]); Artisan::call('backup:run');
$output = Artisan::output(); Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
$output = Artisan::output();
return view('settings/purge') return view('settings/purge')
->with('output', $output)->with('success', trans('admin/settings/message.purge.success')); ->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
} else {
return redirect()->back()->with('error', trans('admin/settings/message.purge.validation_failed'));
}
} else { } else {
return redirect()->back()->with('error', trans('admin/settings/message.purge.validation_failed')); return redirect()->back()->with('error', trans('general.feature_disabled'));
} }
} else {
return redirect()->back()->with('error', trans('general.feature_disabled')); return redirect()->back()->with('error', trans('general.purge_not_allowed'));
} }
} }

12
config/app.php
View file

@ -430,4 +430,16 @@ return [
'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120), 'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120),
/*
|--------------------------------------------------------------------------
| Allow Web-Based Purge
|--------------------------------------------------------------------------
|
| This sets whether or not to allow superadmins to purge deleted data
|
*/
'allow_purge' => env('ALLOW_DATA_PURGE', false),
]; ];

1
resources/lang/en/general.php
View file

@ -360,4 +360,5 @@ return [
'maintenance_mode' => 'The service is temporarily unavailable for system updates. Please check back later.', 'maintenance_mode' => 'The service is temporarily unavailable for system updates. Please check back later.',
'maintenance_mode_title' => 'System Temporarily Unavailable', 'maintenance_mode_title' => 'System Temporarily Unavailable',
'ldap_import' => 'User password should not be managed by LDAP. (This allows you to send forgotten password requests.)', 'ldap_import' => 'User password should not be managed by LDAP. (This allows you to send forgotten password requests.)',
'purge_not_allowed' => 'Purging deleted data has been disabled in the .env file. Contact support or your systems administrator.',
]; ];

2
resources/views/settings/index.blade.php
View file

@ -314,6 +314,7 @@
</div> </div>
@endif @endif
@if (config('app.allow_purge')=='true')
<div class="col-md-4 col-lg-3 col-sm-6 col-xl-1"> <div class="col-md-4 col-lg-3 col-sm-6 col-xl-1">
<div class="box box-danger"> <div class="box box-danger">
<div class="box-body text-center"> <div class="box-body text-center">
@ -329,6 +330,7 @@
</div> </div>
</div> </div>
</div> </div>
@endif
</div> </div>