Commit graph

4234 commits

Author SHA1 Message Date
Dustin B 8fd4e35244 Closes #6440 Print All Assigned - New Tab (#7135)
Should add the functionality to, by default open in a new tab and not reference back to the source page. Reduces overhead and should resolve #6440. 

Untested, need confirmation.
2019-12-06 11:00:01 -08:00
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639)
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
snipe 3f5840d390 Bumped vendor files 2019-12-05 19:53:01 -08:00
dependabot[bot] d3f4205f09 Bump symfony/http-foundation from 3.4.30 to 3.4.36 (#7638)
Bumps [symfony/http-foundation](https://github.com/symfony/http-foundation) from 3.4.30 to 3.4.36.
- [Release notes](https://github.com/symfony/http-foundation/releases)
- [Changelog](https://github.com/symfony/http-foundation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/symfony/http-foundation/compare/v3.4.30...v3.4.36)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-05 19:37:00 -08:00
Godfrey Martinez 5b946087c4 added a proper response for password errors (#7636) 2019-12-05 17:49:56 -08:00
snipe ff8d98c97c
Update child assets to reflect asset parent location (#7458) 2019-12-04 16:19:25 -08:00
snipe 2fbbe430b5
Removed escaping on custom fields in presenter (#7631) 2019-12-03 17:42:13 -08:00
Godfrey Martinez f0af750b0a Fixed comment (#7617)
* Set theme jekyll-theme-hacker

* fixed commenty about scopebyDeprecationID being identified as a method to location ID

* fixed commenty about scopebyDeprecationID being identified as a method to location ID
2019-11-22 16:13:42 -08:00
snipe 88cf456386
Adding Dept to license seats (#7609)
* Adding Dept to license seats

* Added query scope to order by department

* Make license seat department sortable

* Disable license seat internal search - this never actually worked
2019-11-21 22:03:56 -08:00
snipe d8049209ca Fixed bug where deleted consumable would throw an error on print page 2019-11-21 21:43:54 -08:00
snipe dd40ddf5a5 Fixed an error on audit due list when no audit_warning_days had been set [ch9764] 2019-11-21 21:34:41 -08:00
snipe a73fd24695 Fix maintenances permissions check to allow users who can edit assets to edit maintenances 2019-11-08 17:02:17 -08:00
snipe 70c8ad9797 Bumped minor version 2019-10-28 13:55:21 -07:00
snipe 0290257734 Limit license seats to 999 to prevent latency 2019-10-28 13:48:18 -07:00
snipe 4fe689dc5d Merge branch 'master' of https://github.com/snipe/snipe-it 2019-10-21 15:45:17 -07:00
snipe 0769f585ea Disallow locations from being their own parents 2019-10-21 15:45:05 -07:00
snipe 04562e6d4a Added 4260352 to ldapsync enabled account constraint 2019-10-18 17:48:50 -07:00
snipe 22d2ad9248
Fixes nested location selectlist (#7483)
* Rename child locations method

* Use Ajax dropdown for locations selectlist for edit/create

* Removed locations database call on edit/create blades for faster loading

* Updated locations controller to use the new iterator

* Increase pagination on locations controller to 500

We’re already loading all of that data up beforehand anyway, so no point in keeping the query smaller.

* Fixed the else to make codacy happy

* Improve the design and performance of the nested location selectlist (#7484)

* Improve the design and performance of the nested location selectlist

* Fixed parse errors

* Removed debugging code/comments
2019-10-02 03:56:56 -07:00
snipe 6deb26fafe Remove unused variable 2019-09-30 19:37:52 -07:00
snipe 6c1de7ff05 Apply fix for #6642 to master 2019-09-30 19:21:57 -07:00
snipe 7f5f4a1297 Added softwarew support and hardware support to maintenance types 2019-09-24 01:34:23 -07:00
snipe c68c0e1208 Account for limit if none is passed in the request 2019-09-03 20:28:49 -07:00
snipe c256536d21 Math is hard 2019-09-03 14:29:58 -07:00
snipe 4159a0effa Bumped version 2019-09-03 14:12:13 -07:00
snipe b8f7cd81eb
Limit API request results per page (#7405) 2019-09-03 14:02:08 -07:00
snipe b381528668
Added console rekey tool (#7330)
* Removed console command specifications, since they’re pulled dynamically now

* Added rekey console command

* Removed unused code

* Comment clarifiction

* Handle LDAP password
2019-09-03 11:03:32 -07:00
snipe 6d66d7e215 Removed withErrors on JSON response 2019-08-22 21:36:47 -07:00
snipe b5bf8e9a37 Smaller chunking for custom report, add max_execution_time 2019-08-15 06:14:25 -07:00
snipe ba197c8857 Fixed #7259 - upgraded phpdocumentor/reflection-docblock to v4 2019-08-15 03:02:24 -07:00
snipe 124b249df4 Fixed #7289 - git fetch before checkout in upgrade.php 2019-08-15 01:32:20 -07:00
snipe 2a6919c438 Fixed #7321 - added link to Helm Chart repo 2019-08-15 01:07:30 -07:00
snipe 8b4a9aa382 Fixes to history importer 2019-08-13 18:15:42 -07:00
snipe 99cd552d5c History importer fixes 2019-08-13 18:00:21 -07:00
snipe 6c7e5cb9cf Merge branch 'master' of https://github.com/snipe/snipe-it 2019-08-10 17:49:23 -07:00
snipe 6ebb01a081 Group related variables in .env 2019-08-10 17:48:03 -07:00
Greg Stamper 5591c861b9 Update README.md (#7334)
Add reference to CSV importer.
2019-08-07 23:12:46 -07:00
snipe d37280567d Fixed CVE-2019-10742
https://nvd.nist.gov/vuln/detail/CVE-2019-10742
2019-08-06 21:11:38 -07:00
snipe e7b0ee2539 Added accessories checkout/checkin API endpoint 2019-08-02 15:08:26 -07:00
snipe c593b3645c Added comments to the ByFilter query scope for clarity 2019-07-31 14:24:01 -07:00
Ivan Nieto 28ae90fa8a Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317) 2019-07-31 13:55:21 -07:00
snipe c7be25078e Bumped version 2019-07-26 13:02:47 -07:00
snipe 3dc2cc9f22
CORS for api (#7292)
* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer
2019-07-26 12:38:31 -07:00
snipe ab86e42b2e Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name 2019-07-26 12:37:38 -07:00
snipe 9af9ed9eb9 Add @mskrip as a contributor 2019-07-24 11:01:28 -07:00
snipe 250a797339 Fixed #7250 - permission issue for API fieldsets and fields endpoints
This applies the change from #7294 to master
2019-07-24 11:00:42 -07:00
snipe a0f3fc6d76 Bumped hash 2019-07-18 14:37:54 -07:00
snipe 74e647fea7 Apply fix from PR #7273 to master 2019-07-18 14:37:48 -07:00
snipe 55ee90b25d
Fixes #7252 form request changes (#7272)
* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests

* Removed debug info

* More fixes for #7252

This is mostly working as intended, if not yet the way Laravel wants us to do it.

Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.

* Removed experimental method

* Check for digits_between:0,240 for warranty

* Removed debug code
2019-07-18 14:32:23 -07:00
snipe eec445fcf5
Command to fix custom field unicode conversion differences between PHP versions (#7263) 2019-07-18 14:30:18 -07:00
snipe cef22c3158 Caps asset warranty to 20 years 2019-07-18 09:49:58 -07:00