From the collection of users displayed just filtered the data with the method where() and concat()
for the user can search for first name or last name. The solution is case sensitive.
* Added Freebsd as vagrant machine for development
* Ran npm audit fix
Manually added peer depenencies
* Added charset=UTF-8 to content-type
Removed reference to throttle model as is is not longer included.
* Add half-year convention in depreciation for Models/Depreciable.php
* Add a setting for the depreciation method
* Integrate half-year convention inside working output
* fix: add more checks at Depreciable.php
* depreciation value rounding
* Codestyle fix
This would only come into play if an inactive user already received a password reset email and then the system was upgraded to prevent those emails from being sent to inactive users
A checkout acceptance gets generated for every item that needs to be checked out. This resource tracks the user user who can accept the item and their signature
I think this merged in a weird order and was missed by the global
find/replace. This fixes bulkassets/bulkusers editing.
At some point we should look at refactoring BulkAssetsController@edit to
only run one DB query, rather than one per item.
* Move findLicenseSeatToCheckout back to controller.
After discussion, move findLicenseSeatToCheckout method back to
controller from form request. Also cleanup one tiny bit more with null
coalesce operator (Yay php 7).
* Revert Earlier change.
$target only exists in the checkoutTo* methods. Need to log the
checkout individually in each of those.
* Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods.
* Use same image upload/layout in accessories as consum+components.
* Monster: Cleanup/Refactor http controllers.
This cleans up docblocks, pulls most non-crudy actions into their own
controllers, and does general cleanup/logic refactoring. There /should/
be no functional changes, but we all know how should works..
Extract checkin/checkout functions to a separate controller for accessories.
Move controllers to subdirectory.
Cleanup AssetModelsController
Extract component checkin/checkout
Assorted cleanups/doc/formatting in controllers.
Refactor LicenseController.
Refactor UsersController
Update viewassetscontroller.
* Codacy cleanups
* More codacy cleanups. Extract a LicenseCheckout Form request as well.
* A bit more refactor/cleaning of the license checkout method.
* Review Related Cleanups
* Fix most of the item_not_found translations. In many cases, the
string being generated did not even use the id parameter. Where it
does, pass it as id instead of as a different value.
* Remove some old $data arrays from when we manually sent emails from
the controllers. This has been superseeded by the notification system
(yay!)
* Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
* Adds a method to consumables to check if a notification should be sent
Adds the checkin_email method to Consumables, this gets checked in notifications when checking out the consumable.
Without the method, no notifications get sent for checking out consumables.
* Fixes the checkin_email method on the License model
This should allow the License to also send checkout/checkin notifications again.
* Fix Importer emailformat
Str::slug() strips periods from the string, which caused our existing
logic to misbehave when generating a user's email on an import. Adjust
logic to use generateEmail() helper on user instead. Also clean up some
of the logic in this method.
* Remove dead code.
* More refactor/cleanup of the user create method. I think it is almost readable now.
* Give advancedTextSearch all search terms at one
The additional conditions for assets had some problems, since they were joining tables for the additional attributes. The method was called once for every search term, so the join was added multiple times if the user entered multiple search terms.
* Allows search to handle multiple search terms better
The search now better handles multiple search terms, adding additional orWhere clauses, instead of duplicating all queries.
* Fixing typo
* Extract method/cleanup
* Remove apiStore method that is unusued since api controllers.
* Use proper model exception
* Remove old user importer. This is now supported by the general importer framework.
* Refactor AssetsController methods.
This is a giant diff without many functional changes, mostly cosmetic.
I've pulled a number of methods out of assetscontroller, preferring
instead to create some more targetted controllers for related actions.
I think this cleans up the file some, and suggests some places for
future targetted improvement.
Fix weird missing things.
* Fix Unit test failing after date changes.
* Pass valid string to be translated.
* Some method cleanup for codacy.
* Extract trait for common checkout uses and codacy fixes.
* Cleanup model bulk-edit
Use the general partials where appropriate, as well as display a list of
what models we are editing in the bulk edit.
* Use new api based fetch/display for modal select2.
This is just copy/pasting the code currently because I'm not entirely
sure how the two pieces of code interact.
* Remove old helper functions that are no longer necessary with our populating of select2 dropdowns via ajax.
* Adds the ability to search by dates
Adding extra „where“-conditions to the „TextSearch“ queries, allowing the users to search by dates
* Adds missing dates to $dates in models
* Removes duplicated „where“ conditions
* Adds the Searchable trait to models, defining the searchable attributes and relations
* Removes the old text search methods
* Adds back additional conditions to the search
These conditions could not be modeled in the „attributes“ or „relations“, so we include them here
* Removes unnecessary check for the deleted_at attribute
* Fixes typo in comments
* suppresses errors from Codacy
We can safely ignore the error codacy is throwing here, since this method is a standin/noop for models who need to implement more advanced searches
* adds select2 placeholders to select lists
To allow us to clear the selection on „select2“ selects, we need a placeholder attribute
See: https://select2.org/placeholders
* Removes empty option from multiple select
select2 requires an empty option value on singular selects, but not on multiple selects.
When selecting multiple options, this empty option would be shown as selectable otherwise, not clearing the selection.
* Adds the option to clear select2 instances
Sets the correct options to allow clearing of out select2 instances. The empty placeholder is required, since clearing only works when a placeholder ist set (event an empty one).
See: https://select2.org/placeholders
* Removes the „Clear selection“ option from select lists
Since we can clear the select2 lists with their native clearing method, we can remove this hack
* Updates generated assets (css/js)
* Always send checkin notifications to users
This fixes the routing of the notifications, to only send „checkin“ emails if the „mail on checkin“ flag on the category was set. (and we checkout to a user with a non-empty email)
* Fixes checkout notification routing
Notifications to users should be send if the category of the resource (accessory/asset/consumable/license):
a) requires the user to confirm acceptance
b) should send notifications on checkin/checkout
* adds a check for EULAs
Adds back a check for the EULA, since the user should receive the EULA if it was set (regardless of other setings on the category, etc)
* adds permission checks to custom fields
* adds permission checks to custom fieldsets
* adds separate permissions for custom fieldsets
* check for permissions in views
* Removes custom fieldsets from permissions config
* Proxy the authorization for custom fieldsets down to custom fields.
This allows us to use the existing permissions in use and have more semantically correct authorization checks for custom fieldsets.
* simplifies the authorization check for the custom fields overview
* removes special handling of custom fieldsets in base policy
I just realised that this code duplicates the logic from the custom fieldset policy.
Since we are checking for the authorization of custom fields anyway, we can just use the columnName for the fields.
* cleanup of unused imports
* adds permission checks for companies
* adds permission checks for depreciations
* adds permission check for all reports
* fixes permissions for departments
* fixes permission naming (edit -> update)
* fixes authorization checking wrong permission in API
The authorization was checking for the non-existent „edit“ method where it should have checked for the „update“ method.
* adds authorization checks for select2 lists
* adds missing authorization checks for api
* fixes user authorization check for creating users
* adds additional check viewing assets on showing a users assets
* Removes authorization checks for select2 lists
Reference: https://github.com/snipe/snipe-it/pull/5807#pullrequestreview-136018755
* Added option to include model information on asset labels.
Cleaned up label page to fix skewed label alignment on last row per page.
* Changes made per Snipe's direction
changed type from tinyint to boolean in DB
changed labels back to initials
* Added de-norm counter migration for assets
* Renaming counter columns, since Eloquent has a magical *_count helper
* Added artisan command to sync counters (one-off)
* Update API to use de-normed fields
* Increment counters for checkin;/checkout
* Derp.
* Added request increment/decrementer
* Move increment for checkout to the Asset::checkout method
* Added “could take a while” message
* Fixes#4445: prevents assigned assets from being checked out in bulk checkout
* Updates data attribute to more versatile 'data-asset-status-type'
* Fixes broken unit test
* Fixes CustomFieldsetsController::fields() which I think is not used anywhere else and don't think ever worked as you can't call get() on a Collection.
Have tested extensively and doesn't seem to affect anywhere else?
* Adds default value functionality
* Adds built assets
* Fixes assignment to asset_model_id which should have been evaluation and alters route so it sits more in line with existing work
* Updates built assets
* Remove silly docker.env file; fix Dockerfile to preserve Oauth keys (#5377)
* Added department to custom asset export
Updates build assets
* Adds translation support for 'add default values' checkbox label
* Allow setting of "ldap_import" through the API, this will allow cusom scripts to be made to import data from Active directory using the API, this would allow any field to be filled such as the manager (based on the ID), department etc.
* Password fix for LDAP through API
* Fix condition where matching user fails when providing a username but no full name. Also shortcircuit username matching if a user exists.
* Simplify Logic
If the user provided is numeric, but doesn't exist in the database, assume that the user's name is a number and go through all relevant generation. of email/first+last names. Alternatively we may want to abort or remove the is_numeric bits.. it seems a little counterintuitive
* WIP - beginning of improved requested assets
- Use Ajax tables for faster loading
- Use new notifications for requesting an asset
TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user
* Only show asset name in email if it has one
* Refactor requested method to only include non-canceled requests
* Refactored requestable assets to log request and cancelation
* Added softdeletes on checkout requests
* Differentiate between canceling and deleting requests
* Added asset request cancelation notification
* Added timestamps and corrected unique key on requests table
* Improved requests view
* Re-use blade for cancel/request email
* Refactored BS table formatter for requested assets
* Location name min reduced to 2
* Added PAT test as maintenance option
This needs to be refactored into database-driven options with a UI
* Better slack message
* Added getImageUrl method for assets
* Include qty in request notifications
TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1
* Removed old asset request/cancel emails
* Added user profile asset request routes
* Added profile controller requested assets method
* Added blade link to requested assets for profile view
* Sort user history desc
* Added requested assets blade
* Added canceled at to checkoutRequest method
* Include qty in request
* Fixed comment, removed allowed_columns
* Removed Queable methods, since we don’t use a queue
* Fixed return type in method doc
* Fixed version number
* Changed id to user_id for clarity
Filter down the custom fields we are iterating over to only custom fields in the header row.
This prevents nulling out fields when performing an import-update that doesn't include
all custom fields as well as properly nulls out values between items being imported.
Filter down the custom fields we are iterating over to only custom fields in the header row.
This prevents nulling out fields when performing an import-update that doesn't include
all custom fields as well as properly nulls out values between items being imported.
* Added “show fields in email” to custom fields
* Added “show images in email” to settings
* Added nicer HTML emails
* Break notifications out into their own, instead of trying to mash them all together
* Remove old notification for accessory checkout
* Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you”
* Add method for image url for accessories
* Added accessory checkout email blade
* Make accessory email notification on checkout screen consistent with assets
* Added native consumables notifications
* Fixes for asset notification
* Updated notification blades with correct-er fields
* Updated notifications
* License checkin notification - does not work yet
Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target
* Added alternate “cc” email for admins
* Only try to trigger notifications if the target is a user
* Fix tests
* Fixed consumable URL
* Removed unused notification
* Pass target type in params
* Show slack status
* Pass additional parameters
There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck.
* Pass a variable to the notification to supress the duplicate slack message
* Slack is broken :( Trying to fix
Will try a git bisect
* Put preview back into checkout
* Pulled old archaic mail
* Removed debugging
* Fixed wrong email title
* Fixed slack endpoint not firing
* Poobot, we hardly knew ye.
* Removed old, manual mail from API
* Typo :-/
* Code cleanup
* Use defined formatted date in JSON
* Use static properties for checkin/checkout notifiers for cleaner code
* Removed debugging
* Use date formatter
* Fixed target_type
* Fixed language in consumable email
* Added authentication via Remote User
* - Removed nullable from remote_user settings fileds and used just default values instead
- Removed german translations
- Removed 401 error page and replaced usage with 403 error page as 401 was actual a duplicate of 403
- Replaced usage of $_SERVER['REMOTE_USER'] with Laravels API Request::server('REMOVE_USER')
* - Fixed request usage
This restore() is still not working, though not sure why. Seems like it should be pretty straghtforward, and yet…
Additonally, manually setting the deleted)at date to null or blank isn’t working either. I’m sure I’m just missing something obvious.
* New Test Notification
Created Test Notification.
Updated Vendor Mail message.blade files.
Updated api settings controller to use Notification Façade.
* Add show URL in Emails condition
* New Welcome Notification
* Cleanup
* API tests for asset models and related cleanup/improvements
* Api license test. Tests incomplete because create/update/destroy are not implemented yet in the controller
* API Category tests.
* Manufacturers API Test.
* Implement License Create/Update/Delete Methods for API and enable test.
* Add missing gate for api. Fixes only superadmins being able to generate Personal Access Toekns
* Use the formated date helper to clean up verifications.
* Add Checkin/Checkout api tests.
* Accessories api test
* Add Companies API Test.
* Return ModelNotFound as a 404.
* Cleanups/simplficiations/updates.
* Locations api test.
* currency and image should be fillable on location.
* Update components api test.
* Use findOrFail so we return a 404 instead of a 200. Matches other item types.
* order_number should be fillable in component.
* Add updated_at and permissions to information returned from api for a user.
* Add users test and flesh out factory and fillable fields.
* Add test for assets method
* API status label test.
* Disable php7.2 for now on travis until the count(null) issues are remedied
* Add serial to update.
* API model not found should return a 200
* Work towards a functional travis. Step 1: Disable broken unit tests.
* Fix functional tests
This updates the login information and model factories to work with
changes to source.
* Importer name/full name fixes.
Fix a bug where "name" was used ambigously and mapping "item name" to
"name" would confuse the importer into thinking it should also be a user
name. Now we default to "full name" for the users name, and "item name"
for the item name. These are still both configurable through the custom
mapping.
Also update sample csvs and remove an outdated sample.
* Max length of supplier notes is 191, not 255, as per default laravel string length. Might make sense to change this to a text field in the future to match other places.
* Use sqlite/different db setup for unit tests.
* Fix assets api test.
* Fix Components API test.
* increase travis memory limit for functional tests.
* Use travis config for api tests as well.
* Fix memory limit file.
* Disable ApiComponentsAssetsCest until it's fixed.
Fix a bug where "name" was used ambigously and mapping "item name" to
"name" would confuse the importer into thinking it should also be a user
name. Now we default to "full name" for the users name, and "item name"
for the item name. These are still both configurable through the custom
mapping.
Also update sample csvs and remove an outdated sample.
* Added CSS for table toolbar
* Use maintenances API for table listings
* NIcer layout for allowed_columns in maintenances API
* Fixed#5014 - bootstrap cookie issues
* Fixed#5015 - bug when saving settings
* Refactored datatable code to use data attributes
* Updated dashboard with new table code
* Added - Order by group user count
* Updated groups to use new table attributes
* New license listing table code
* More bootstrap table implementations
* More BS table refactoring
* Improved bootstrap assigned assets
* New bootstrap for reports
* Misc BS fixes
* FIxed small issue with asset history display
* Removed multisort option
* JS refactor
* Hotfix: Disabling the event dispatcher broke model validation.
This resulted in invalid data being imported. Reenable the event dispatcher for now--this causes double logs, but at least validates properly.
* Actually disable the event dispatcher.
* Sign in where necessary to fix the importer unit test. This catches the issues found manually in 4912
* start work on fields in fieldset api
* revert CustomFieldsetsController
* fieldset associate / disassociate api
* fix variable names and payload
* fix variable name
The API UsersController accepts manager_id, but calls the following:
$user->fill($request->all());
This results in manager_id being ignored. I can't see any problem with
allowing a user's manager to be modified using the API, so this change
allows it.
* Add Asset Tag settings to Setup
* Add Locale Settings to Setup
* Add multiple company support to setup
* Changed the locale label name from 'site_name' to locale
Added default value for language to 'en' and multiple companies support
to 0 (false)
Switched out the old Input facade to the preferred $request->input
method for the setup page.
* Allow auto incrementing asset_id from the API when the setting is enabled
* Cleaned up the if else statement
* Added prefix to the orWhereRaw which causes a database error if the configuration uses a prefix
* Auto incrementing through the API
* If a user id is provided in the name column of an import, we should assume that it is a user id and check out to it.
* Fix build of vue files. The location is public/js/build, not public/build
* Ensure a status type is set before allowing submission of an import.
Also expand the status text label to change color based on success/failure.
Fixes#4658
* Use right key to lookup emails when importing users. Fixes 4619.
* Import serial for components, and make unique matches based on the serial as well as the name. Fixes#4569
* Set the location_id when importing an item properly.
This moves as well to using the Asset::checkout() method, which should consolidate the logic into a useful spot.
Fixes#4563 (I think)
* Production assets.
* Case insensitive field map guessing and repopulate when changingin import type.
This will return the error from the ldap_search ran in Models/Ldap.php instead of throwing an exception. Users seem to commonly be getting an Exception because of invalid search filters. This will better inform them of that issue without requiring them to enable DEBUG.
* The default locale of en does not include dollar sign in default currency. Assume if there is no currency symbol set that the dollar sign is a good thing to look for in parsefloat.
* Fix for 4485. Serial not serial_number
Also fix bug where updating with a csv that does not include custom field columns should not overwrite current values.
* Rename serial_number to serial in default imports to avoid needing to map weirdly.
* Add Test for 4359. Not reproducable at current though
* Added form checkout selector partial
* Stupid stash
* Added radio button checkout selector javascript
* New compiled production assets
* Added $style override in form partials for select2 ajax lists
* Added checkout-to radio button selector
TODO: Fix for accessibility - currently cannot tab-select this radio button
* Added new checkout-to selector to hardware edit
* Added new checkout-to selector to asset checkout form
* Refactored postCheckout to use radio button submission
This defaults to user checkout if nothing is passed for some reason
* Better visual feedback on whether or not an asset is deployable in edit screen
* Migration - Labels Display Company Name setting
* Add Company Name to Labels
Add company name if it is turned on in settings and asset has a valid company
* Add Company Name checkbox to Label settings
* Add Company Name Lang
* Add display company name to postLabels
* Revert Add Company Name Lang
* Fix display company name in postLabels
* Change tinyInt to boolean for display company name
* Simplify checking for company and getting the name
* Change to square brackets for array notation
* Move divs inside if statements on optional fields
* More helpful text on how the custom validator works
* Clarified language of custom format, fixed regex example
* Fixed regex example in placeholder
* Added comments to custom fields
* Added regex validation string
* Added valid_regex validator in format requirements
* Removed useles comments
* Fixes#4236 - validate the regex custom validation
* Add Authorizable trait and interface to our user model so we have access to User::can/User::cant. We should take a look at where else our user model has diverged from Larvel since it was created...
* Policy cleanup/fixes.
This commit adds policies for the missing backend/"settings" areas. The
permissions were implemented a while back but the policies did not, so
authorizing actions was failing.
In addition, this condenses a lot of code in the policies into base
classes. Most of the files were identical except for table names, so we
move all of the checks into a base class and override the table name in
each policy.
* Use a better name and permission for the check in the default layout.
* Locations API support for image
* Added manufacturers API support for image
* Added manufacturers API support for image
* Added image support for locations add/update
* Added manufacturer image upload support to controller
* General image string
* Added blade support for image uploads/delete image
* Added $request support (from Input::)
* Added image support in API transformers
* Added image to Manufacturers presenter for data table
* Migration to create image fields
* Ignore the contents of the new image directories
* Create new image upload directories
* Created components/consumables uploads directory
* Fixed missing textSearch scope from companies
* Added ignore for companies uploads directory
* Added blade support for image upload
* Fixed path to upload directory on edit
* Added company image upport to transformers, controllers
* Added image support for categories
* Added support for images in Departments
* Added support for image in Consumables
* Added image support for components