DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-13 00:54:07 -08:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
5444 commits 97 branches 266 tags 292 MiB
Commit graph

1410 commits

Author SHA1 Message Date
snipe 262eb79471
WIP - this needs refactoring 
We have to use Storage::get() if the filesystem is local, since the method does a file_get_contents() and the file isn’t accessible via a URL since it’s private and doesn’t live on the web root. (We do this slightly differently than Laravel out of the box)

Signed-off-by: snipe <snipe@snipe.net>
 2020-05-28 01:59:01 -07:00
snipe 8ccc1c6515
Fixed weird merge in Bulk Users Controller 
Signed-off-by: snipe <snipe@snipe.net>
 2020-05-27 22:46:42 -07:00
snipe d54acd908c
Made logo file have a better name for multiple tries in the same day 
Signed-off-by: snipe <snipe@snipe.net>
 2020-05-27 02:31:04 -07:00
snipe dee1f5ec35
Merge pull request #8078 from dmeltzer/wrong-id 
Fix incorrectly named parameter.
 2020-05-26 19:51:38 -07:00
Daniel Meltzer b3fe47bfa7
Remove/Reorganize logic to make codacy happier. 2020-05-23 15:24:10 -04:00
Daniel Meltzer f0546bf689
Clean up Transformers and extract an isDeletable() method to models where it makes sense. 2020-05-23 15:24:10 -04:00
Daniel Meltzer 136df9418f
Deadcode-- 2020-05-23 15:24:10 -04:00
Daniel Meltzer 7ea862787c
Refactor controller to use one method that shows all modals based on name. 2020-05-23 15:24:00 -04:00
Daniel Meltzer 25d6ceee6e
Remove old code. 2020-05-23 12:18:27 -04:00
Daniel Meltzer fe74394ae6
Short circuit checkout logic to prevent iterating if we're not checking out to an asset 2020-05-23 11:48:02 -04:00
Daniel Meltzer c70bd62a0f
Missing includes. Fix by using the request object instead of facade. 2020-05-23 11:36:16 -04:00
Daniel Meltzer ad1db2c640
Fix incorrectly named parameter. 2020-05-23 10:26:56 -04:00
Daniel Meltzer a6f90cb3fc
Assorted licenses UI fixes while testing. 
* Rename licenses route checkin parameter to clarify it's purpose and
fix incorrect route in users view page.
* Checkin note can be nullable for checking in a license.
* License Seat view was only showing 20 license seats due to faulty
transformer logic.
 2020-05-12 14:38:21 -04:00
snipe 274f82893f
Regenerate session ID on logout 
Signed-off-by: snipe <snipe@snipe.net>
 2020-05-12 10:38:00 -07:00
snipe 730632e2eb
Apply PR #8043 to develop 
Signed-off-by: snipe <snipe@snipe.net>
 2020-05-11 22:57:55 -07:00
Johnson Yi c1c37d521c Allow downloading sp metadata without idp 2020-05-06 19:50:50 +10:00
Johnson Yi b2930d6069 Added #542: add saml authentication 2020-05-06 00:06:19 +10:00
snipe 85712a1960
Only override fieldset_id with custom_fieldset_id if it’s present 
This is mostly to support prior versions. I have NFC why we did this in the first place. I’m sure I had a stellar reason, but couldn’t tell you what it is today.

Signed-off-by: snipe <snipe@snipe.net>
 2020-04-30 20:59:42 -07:00
snipe e9cb17394c
Small validation fix on reset password 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-30 19:10:07 -07:00
snipe 8507bcd16b
Merge pull request #8008 from dmeltzer/component-checkinout-fixes 
Component checkout/checkin fixes.
 2020-04-30 17:49:22 -07:00
snipe b488cffc7e
Merge pull request #8006 from dmeltzer/api-test-fixes 
Test fixes pt 2.
 2020-04-30 17:46:25 -07:00
snipe 8bb3c01f78
Addressed merge issue for reset password for #7997 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-30 17:45:05 -07:00
snipe 82e02490fd
Removed duplicate update method (per #7997) 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-30 17:23:56 -07:00
Daniel Meltzer 68224757f4
Validate when editing the quantity of a component that the new quantity is > the amount checked out 2020-04-29 13:25:04 -04:00
Daniel Meltzer 358609720a
Component checkout/checkin fixes. 
- Provide proper translated messages for checkin vs checkout
- Pass appropriate methods to the Checkout event, fixes an error on
checkin.
- Default to a value of 1 on checkin in UI to save a click sometimes.
 2020-04-29 12:50:09 -04:00
Daniel Meltzer 1f8c3cc670
Test fixes. 2020-04-29 11:03:07 -04:00
Daniel Meltzer f8d18a8eb0
Revert asset-checkout-different validation. 
This was causing issues when trying to check an item out to a user or a
location because of the way laravel handles validation.

Instead, rely on the exception check we had in the controller.  I moved
this exception up to the model checkout method so that it would work
for anywhere that that method was called, even if it avoided the
controller.
 2020-04-29 10:59:00 -04:00
Daniel Meltzer 05187eb27f
Fix Functional Tests. 2020-04-28 11:39:53 -04:00
Daniel Meltzer c74b904f14
Fix Location parent different validation on new location creation. 2020-04-28 11:39:52 -04:00
snipe 412caebf69
Fixed logo uploads 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-27 23:22:52 -07:00
snipe bea3a7b982
Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-24 00:39:32 -07:00
snipe f66ce02756
Added debugging logs 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-23 22:46:02 -07:00
snipe c7b300a50d
Updated LDAP sync controller to use new Adldap2 connections 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-23 22:45:44 -07:00
snipe cdd0e405be
Fixed weird merge 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-22 07:12:29 -07:00
snipe b725e788ec
Applied new selectlist search to locations 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-22 06:39:41 -07:00
snipe 69a1732245
Removed duplicate form request in asset models controller 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-22 03:51:10 -07:00
snipe 7e9e5214ef
Fixed status label create error 
Signed-off-by: snipe <snipe@snipe.net>
 2020-04-22 03:50:43 -07:00
snipe 7a33e335d4
Fixes PSR autoloading issue 2020-04-21 20:15:24 -07:00
snipe c17106d1b3
Fixes for settings controller 2020-04-21 04:08:25 -07:00
snipe cb71bcc4af
Switch to old() helper 2020-04-21 03:58:31 -07:00
snipe 87464e6ec0
Merge branch 'develop' into integrations/2020-04-15-v5-merge 
# Conflicts:
#	README.md
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/ForgotPasswordController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Requests/ImageUploadRequest.php
#	app/Models/LicenseSeat.php
#	app/Models/Location.php
#	app/Models/Setting.php
#	composer.json
#	composer.lock
#	config/database.php
#	config/version.php
#	npm-shrinkwrap.json
#	package.json
#	public/css/AdminLTE.css
#	public/css/AdminLTE.css.map
#	public/css/overrides.css
#	public/css/overrides.css.map
#	public/css/skins/skin-blue-light.css
#	public/css/skins/skin-blue.css
#	public/css/skins/skin-green-dark.min.css
#	public/js/app.js
#	public/js/bootstrap-table.js
#	public/js/bootstrap/js/bootstrap.js
#	public/js/bootstrap/js/bootstrap.min.js
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/demo.js
#	public/js/ekko-lightbox.js
#	public/js/ekko-lightbox.min.js
#	public/js/extensions/export/bootstrap-table-export.js
#	public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.js
#	public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.min.js
#	public/js/extensions/toolbar/bootstrap-table-toolbar.min.js
#	public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js
#	public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js
#	public/js/plugins/timepicker/bootstrap-timepicker.js
#	public/js/plugins/timepicker/bootstrap-timepicker.min.js
#	public/js/vue.js
#	public/mix-manifest.json
#	resources/assets/js/bootstrap-js.js
#	resources/assets/js/bootstrap.min.js
#	resources/assets/js/ekko-lightbox.js
#	resources/assets/js/ekko-lightbox.min.js
#	resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js
#	resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js
#	resources/assets/js/plugins/chartjs/Chart.js
#	resources/assets/js/plugins/timepicker/bootstrap-timepicker.js
#	resources/assets/js/plugins/timepicker/bootstrap-timepicker.min.js
#	resources/assets/less/AdminLTE.less
#	resources/assets/less/overrides.less
#	resources/assets/less/skins/_all-skins.less
#	resources/assets/less/skins/skin-black.less
#	resources/assets/less/skins/skin-blue.less
#	resources/assets/less/skins/skin-green.less
#	resources/assets/less/skins/skin-purple.less
#	resources/assets/less/skins/skin-red.less
#	resources/assets/less/skins/skin-yellow.less
#	resources/assets/less/variables.less
#	resources/js/components/importer/importer-file.vue
#	resources/lang/en/auth/message.php
#	resources/lang/en/passwords.php
#	resources/lang/es-CO/general.php
#	resources/lang/es-ES/general.php
#	resources/lang/es-VE/general.php
#	resources/less/skins/skin-black-dark.less
#	resources/less/skins/skin-blue-dark.less
#	resources/less/skins/skin-contrast.less
#	resources/less/skins/skin-green-dark.less
#	resources/less/skins/skin-orange-dark.less
#	resources/less/skins/skin-orange.less
#	resources/less/skins/skin-purple-dark.less
#	resources/less/skins/skin-red-dark.less
#	resources/less/skins/skin-yellow-dark.less
#	resources/views/accessories/checkin.blade.php
#	resources/views/accessories/checkout.blade.php
#	resources/views/accessories/edit.blade.php
#	resources/views/account/profile.blade.php
#	resources/views/account/view-assets.blade.php
#	resources/views/asset_maintenances/edit.blade.php
#	resources/views/auth/passwords/email.blade.php
#	resources/views/auth/passwords/reset.blade.php
#	resources/views/categories/edit.blade.php
#	resources/views/companies/edit.blade.php
#	resources/views/components/checkin.blade.php
#	resources/views/components/checkout.blade.php
#	resources/views/components/edit.blade.php
#	resources/views/consumables/checkout.blade.php
#	resources/views/consumables/edit.blade.php
#	resources/views/custom_fields/fields/edit.blade.php
#	resources/views/custom_fields/fieldsets/edit.blade.php
#	resources/views/dashboard.blade.php
#	resources/views/departments/edit.blade.php
#	resources/views/groups/edit.blade.php
#	resources/views/hardware/audit.blade.php
#	resources/views/hardware/bulk-checkout.blade.php
#	resources/views/hardware/bulk.blade.php
#	resources/views/hardware/checkin.blade.php
#	resources/views/hardware/checkout.blade.php
#	resources/views/hardware/edit.blade.php
#	resources/views/hardware/index.blade.php
#	resources/views/hardware/quickscan.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/importer/import.blade.php
#	resources/views/layouts/basic.blade.php
#	resources/views/layouts/default.blade.php
#	resources/views/layouts/edit-form.blade.php
#	resources/views/licenses/checkin.blade.php
#	resources/views/licenses/checkout.blade.php
#	resources/views/licenses/edit.blade.php
#	resources/views/locations/edit.blade.php
#	resources/views/manufacturers/edit.blade.php
#	resources/views/modals/upload-file.blade.php
#	resources/views/models/bulk-edit.blade.php
#	resources/views/models/custom_fields_form.blade.php
#	resources/views/models/edit.blade.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/partials/forms/edit/address.blade.php
#	resources/views/partials/forms/edit/asset-select.blade.php
#	resources/views/partials/forms/edit/category-select.blade.php
#	resources/views/partials/forms/edit/category.blade.php
#	resources/views/partials/forms/edit/company-select.blade.php
#	resources/views/partials/forms/edit/company.blade.php
#	resources/views/partials/forms/edit/department-select.blade.php
#	resources/views/partials/forms/edit/depreciation.blade.php
#	resources/views/partials/forms/edit/email.blade.php
#	resources/views/partials/forms/edit/image-upload.blade.php
#	resources/views/partials/forms/edit/item_number.blade.php
#	resources/views/partials/forms/edit/location-profile-select.blade.php
#	resources/views/partials/forms/edit/location-select.blade.php
#	resources/views/partials/forms/edit/location.blade.php
#	resources/views/partials/forms/edit/maintenance_type.blade.php
#	resources/views/partials/forms/edit/manufacturer-select.blade.php
#	resources/views/partials/forms/edit/manufacturer.blade.php
#	resources/views/partials/forms/edit/minimum_quantity.blade.php
#	resources/views/partials/forms/edit/model-select.blade.php
#	resources/views/partials/forms/edit/model_number.blade.php
#	resources/views/partials/forms/edit/name.blade.php
#	resources/views/partials/forms/edit/notes.blade.php
#	resources/views/partials/forms/edit/order_number.blade.php
#	resources/views/partials/forms/edit/phone.blade.php
#	resources/views/partials/forms/edit/purchase_cost.blade.php
#	resources/views/partials/forms/edit/purchase_date.blade.php
#	resources/views/partials/forms/edit/quantity.blade.php
#	resources/views/partials/forms/edit/serial.blade.php
#	resources/views/partials/forms/edit/status.blade.php
#	resources/views/partials/forms/edit/submit.blade.php
#	resources/views/partials/forms/edit/supplier-select.blade.php
#	resources/views/partials/forms/edit/supplier.blade.php
#	resources/views/partials/forms/edit/user-select.blade.php
#	resources/views/reports/custom.blade.php
#	resources/views/settings/alerts.blade.php
#	resources/views/settings/asset_tags.blade.php
#	resources/views/settings/barcodes.blade.php
#	resources/views/settings/branding.blade.php
#	resources/views/settings/general.blade.php
#	resources/views/settings/labels.blade.php
#	resources/views/settings/ldap.blade.php
#	resources/views/settings/localization.blade.php
#	resources/views/settings/security.blade.php
#	resources/views/setup/user.blade.php
#	resources/views/suppliers/edit.blade.php
#	resources/views/users/bulk-edit.blade.php
#	resources/views/users/edit.blade.php
#	resources/views/users/ldap.blade.php
#	resources/views/users/print.blade.php
#	resources/views/users/view.blade.php
#	routes/api.php
#	routes/web/hardware.php
#	webpack.mix.js
 2020-04-20 23:20:34 -07:00
snipe 197a84be94
Commented out rtd_location_id override - why did we do that? 2020-04-09 14:17:39 -07:00
snipe b4fa4c77d7
Check for rtd_location_id before trying to assign 2020-04-09 14:14:30 -07:00
snipe f8a72db696
Changed LDAP 600 to 500, clearer error messages on LDAP test 2020-04-09 09:55:44 -07:00
snipe 206bd675f2
Pulled slack validation out of setting model validation so it doesn’t fail mysteriously on other pages 2020-04-08 15:07:02 -07:00
snipe a0f7fdc57a
Merge branch 'fixes/accessibility_fixes' 
# Conflicts:
#	public/css/build/all.css
#	public/css/dist/all.css
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/importer/importer-file.vue
 2020-04-08 11:19:42 -07:00
snipe 79232fc434
Fixed #7947 - Added rtd_location_id to API search 2020-04-08 11:00:04 -07:00
snipe 0b3f511534
Fixed compact() errors 2020-04-07 17:26:56 -07:00
snipe 893944403e
Check for location_id being set before trying to set it on checkout via API 2020-04-06 15:54:40 -07:00
snipe 7d466f3584 Update user uploads for more data to work with recport 2020-04-01 02:22:16 -07:00
snipe 6174f9b93f Check that there is actually a filed ID submitted 2020-04-01 01:25:31 -07:00
snipe a467a6999e Use upload modal 2020-03-31 22:50:07 -07:00
snipe 6066c249d5 Moved gate to the top of the method 2020-03-06 16:01:13 -08:00
Ivan Nieto 025ea93f05
Fix for when a user with the correct permissions couldn't update Manufacturers. (#7882) 
* Changed the ability name from 'edit' to 'update'. Changed the order of execution: first checks if the manufacturer exists, then checks permissions

* Handles the update method, that also has the ability parameter as edit instead of update"
q

* Revert "Handles the update method, that also has the ability parameter as edit instead of update""

This reverts commit d7dc0e451e.

* Handles the update method, that also has the ability parameter as 'edit' instead of 'update'
 2020-03-06 15:59:51 -08:00
snipe 54fd8f81ff
Added permissions on user api (#7883) 
* Add permissions to user edit API

* Add user permissions on user create/update API endpoint
 2020-03-06 15:28:46 -08:00
snipe ca43554327
Fixes search by serial or tag even if they have slashes in them (#7879) 
* Fixes search by serial or tag even if they have slashes in them

* Added support for url param byTag and bySerial

* Fixed typo comments

* Sojme additional comments to clarify use-cases

* Updated comments for clarity
 2020-03-06 14:55:20 -08:00
snipe 039f5da0e1
Add image upload to user edit [ch10508] (#7877) 
* Use correct Request include

* Updated to use additional form request

* Added SVG sanitizer

* Added response method to form request

* Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete

* Fixed upload path for avatars

* Added fieldname variable to blade partial for image upload

* Added enctype="multipart/form-data"  to form to allow uploads

* Added image field

* Updated Request::old() to use $request->old()

* Fixed derp in edit blade referring to $item when it should be $user

* Added svg+xml to image rule
 2020-03-05 18:00:24 -08:00
snipe 8b2f8ef3cb Spelling is hard :( 2020-03-04 22:19:59 -08:00
snipe 15518852aa Added validation to reject email addresses over 250 characters 2020-03-04 22:08:07 -08:00
snipe dfb9e430fa Removed debug line 2020-02-11 22:09:37 -08:00
snipe c33970e3e3 Added timestamp to uploaded files so they are unique and don’t overwrite 
Laravel 6 now does this automaically, so we should switch to their way
 2020-02-11 20:19:59 -08:00
Godfrey Martinez 0e0fe967e4
BadMethodCallException Method update does [ch10544] (#7804) 2020-02-10 19:27:23 -08:00
snipe 2f0ed129f0 Use “invalid barcode” image and suppress errors when barcode format is wrong 2020-02-04 18:15:01 -08:00
Fabian Grutschus 5becb93e6c
Added: allow appending of domain name to username when user tries to login (#7790) 2020-02-04 12:47:49 -08:00
snipe 3361b859c0
Changes offset to use the actual item count as override instead of 0 (#7788) 2020-02-04 12:32:24 -08:00
snipe 89e2a3ae3c Fixed #7752 - reformat /api/v1/users/me to use transformer 2020-01-30 13:12:43 -08:00
snipe 56582614b6 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2020-01-22 16:07:46 -08:00
Ivan Nieto 313cacdb71 Select Import File fails in Develop [ch10598] (#7718) 
* Delete an unused import, then replace a deprecated facade with the needed one for uploading files

* Added the needed use for the Request Facade
 2020-01-17 16:12:51 -08:00
Ivan Nieto 75bf8f3d58 Remove not existent variable 'id' in the redirect causing [ch10602] (#7732) 2020-01-17 16:12:24 -08:00
snipe 324da7c0c8 Include correct license, asset, etc count on user show API call 2019-12-19 18:09:53 -08:00
snipe 779fc6d195 Added license endpoint for users 2019-12-19 18:00:36 -08:00
snipe 159acf6788 Removed extra space 2019-12-19 17:47:50 -08:00
snipe 94ce8cad64 Make sure $user->item exists before trying to count on it 2019-12-11 14:43:46 -08:00
snipe 4d38c44a93 Fixed groups request 2019-12-11 11:26:58 -08:00
snipe c31e150935 Use $request->input over Request::get() 2019-12-11 11:09:54 -08:00
snipe a5b180a9c6 Fixed Call to a member function count() on null for location delete 2019-12-11 10:46:07 -08:00
snipe a8bbb951bc Use Request instead of Input 2019-12-10 22:05:49 -08:00
snipe df778cdb80 Include storage in use statements 2019-12-10 22:03:15 -08:00
snipe d7c51f1a2c Added Request to use statements 2019-12-10 20:39:29 -08:00
snipe 296de34e8a
WIP: Upgrade develop to Laravel 6.6.1 (#7637) 
I'm going ahead and merging this, since the upgrade doesn't break Flysystem any worse than the current develop is broken, so far as I can tell. 


* Upgraded framework to Laravel 6

### TO DO:

- Fix password restriction rules- the old library isn’t compatible with Laravel 6 :(
- Figure out why in-app API calls are returning “Unauthorized”

* More updates from Input:: to Request:: helper

* Switch to Request:: from Input

* Added passport config

* Fixed goofy password minimum in seeder

* Added laravel/helpers

* Changed ($item)  to ($item->id) in forms

I have no idea why this is necessary

* Changed ($item) to ($item->id) in forms

* Updated API middleware to auth:api

* Updated with added laravel auth.php values

* FIxed *&!^$%^&$^%!!!! ajax issue

* Switch to Request::get from Input::get

* Switched to Request facade

* Added password security minimums back in

The package we were using has not been updated to Laravel v6, so I created custom validators instead

* Added language strings for error messages for password rules

* Fixed `($item)` issue in formActions for partials
 2019-12-10 19:32:50 -08:00
snipe ff57f10e9f
Fix for searching on child location names (#7646) 
* Fix for child locations

* Reverts temp changes to indenter
 2019-12-06 13:14:10 -08:00
Yorick Terweijden 2a6a381bc7 Return real Asset error (#7054) 2019-12-06 11:07:12 -08:00
Valentyn Tulub 6ad1f51673 Added #6489: show asset assignments under user assignments (#7293) 
* Add a setting to show assets assigned to other assets #6489

* Update user's views to show assets assigned to other assets #6489

* Add ukrainian and russian translation for the feature #6489 in settings
 2019-12-06 10:57:48 -08:00
herroworrd 3fbfb0c658 Add requestable to asset model api results (#7577) 
Nice, thanks!
 2019-12-06 10:33:06 -08:00
Lorenzo P 7225b53986 fix syntax error in CustomFieldsetsController::show() (#7595) 
That someone was probably me :D Thanks for this, good catch!
 2019-12-06 10:31:00 -08:00
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
 2019-12-05 22:23:05 -08:00
snipe ff8d98c97c
Update child assets to reflect asset parent location (#7458) 2019-12-04 16:19:25 -08:00
snipe 704c696711 Fixed parse error in settings controller 2019-12-04 14:54:36 -08:00
snipe 88cf456386
Adding Dept to license seats (#7609) 
* Adding Dept to license seats

* Added query scope to order by department

* Make license seat department sortable

* Disable license seat internal search - this never actually worked
 2019-11-21 22:03:56 -08:00
snipe 5065164c40 Bumped Carbon version 2019-11-21 13:14:18 -08:00
snipe 5290c47e2a Merge branch 'develop' into v5-master-develop-integration 
# Conflicts:
#	.env.example
#	.travis.yml
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetFilesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Middleware/EncryptCookies.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Transformers/AssetMaintenancesTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/AssetMaintenance.php
#	app/Models/Location.php
#	app/Models/User.php
#	composer.json
#	composer.lock
#	config/backup.php
#	config/database.php
#	config/version.php
#	public/mix-manifest.json
#	resources/lang/en-ID/general.php
#	resources/lang/vi/admin/settings/general.php
#	resources/views/accessories/edit.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/layouts/default.blade.php
#	tests/api/ApiCategoriesCest.php
 2019-11-18 19:49:39 -08:00
Marián Skrip 53eae6fbfd Fix issues with update permission naming (#7493) 
This solves an issue when admin would be able to create and delete
categories but not edit them.
 2019-10-28 11:44:48 -07:00
Alexandr Hacicheant a90149940a Update UsersController.php (#7528) 
Returned missed bracket after merge master to develop
 2019-10-28 11:43:29 -07:00
snipe 0769f585ea Disallow locations from being their own parents 2019-10-21 15:45:05 -07:00
snipe 22d2ad9248
Fixes nested location selectlist (#7483) 
* Rename child locations method

* Use Ajax dropdown for locations selectlist for edit/create

* Removed locations database call on edit/create blades for faster loading

* Updated locations controller to use the new iterator

* Increase pagination on locations controller to 500

We’re already loading all of that data up beforehand anyway, so no point in keeping the query smaller.

* Fixed the else to make codacy happy

* Improve the design and performance of the nested location selectlist (#7484)

* Improve the design and performance of the nested location selectlist

* Fixed parse errors

* Removed debugging code/comments
 2019-10-02 03:56:56 -07:00
snipe 6deb26fafe Remove unused variable 2019-09-30 19:37:52 -07:00
snipe c68c0e1208 Account for limit if none is passed in the request 2019-09-03 20:28:49 -07:00
snipe c256536d21 Math is hard 2019-09-03 14:29:58 -07:00
snipe b8f7cd81eb
Limit API request results per page (#7405) 2019-09-03 14:02:08 -07:00
Martin Berg 3dcef9aac9 Add support for custom remote user header (#7370) 2019-09-03 11:07:26 -07:00