Commit graph

2639 commits

Author SHA1 Message Date
Jo Drexl 0114373468
Fixing #9224 (#9328) 2021-03-22 12:57:26 -07:00
snipe 86fef3f40a Set SAML errors to warning instead of error
Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 22:30:26 -07:00
snipe c90604b5ae Merge remote-tracking branch 'origin/develop' 2021-03-17 22:19:24 -07:00
snipe 069e9e52fe Try/catch barcodes so they don’t shit up the logs
Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 22:19:10 -07:00
snipe 9f3a8a43cc Merge remote-tracking branch 'origin/develop'
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	composer.lock
2021-03-17 19:41:02 -07:00
snipe 8fd8e716ac
Changed debug level on bad LDAP connection (#9314)
* Changed debug level on bad LDAP connection

TODO:

Unfuck all of this. It’s a mess and it really doesn’t work the way we think it does. AdLdap library strikes again. :(

Signed-off-by: snipe <snipe@snipe.net>

* Improved phrasing

Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 19:24:28 -07:00
snipe ab092fd209 Merge remote-tracking branch 'origin/develop'
# Conflicts:
#	app/Providers/AppServiceProvider.php
#	config/logging.php
#	config/services.php
2021-03-15 12:29:29 -07:00
Brady Wetherington c7626f8387
Add new StorageHelper and use it where it makes sense (#9276) 2021-03-15 12:26:39 -07:00
snipe f164f0ea60 Fixed #9266 - set a colors_array variable even if other conditions are not met 2021-03-09 21:04:32 -08:00
snipe c3871c98df Updated rollbar package 2021-03-09 16:16:57 -08:00
snipe cf4e97f103 Log namespacing 2021-03-09 13:39:53 -08:00
snipe e9ee9ea2e9 Fixed rollbar integration 2021-03-09 12:40:00 -08:00
Ivan Nieto Vivanco 9ed226a0af
Fixes links in Models Actions, and to view the fieldset assigned to that Model. (#9232) 2021-03-01 13:08:29 -08:00
Ivan Nieto Vivanco d64b35c348
Added a condition to ensure that only assets checked out to an user that is being deleted are updating their status (#9233) 2021-03-01 13:07:23 -08:00
Ivan Nieto Vivanco ab7dd90602
Fixes ternary that sets the offset in 0 when the offset passed to the API for the user is greater than total locations. (#9210) 2021-02-26 12:56:04 -08:00
snipe f37d5d3d03 Fixed #9085 - asset models not showing proper pagination
Huge thanks to @inietov for catching this one
2021-02-25 16:43:38 -08:00
johnson-yi 763e17f491
Added saml custom setting retrieveParametersFromServer to enable fixing SLO issues with Azure AD (#9187) 2021-02-23 11:05:22 -08:00
Brady Wetherington 44eee019d9
Add variable declaration for $result (#9168) 2021-02-19 10:19:24 -08:00
snipe 5754f0aa3f Revert "Added logic to handle the CLI importer. (#9088)"
This reverts commit 2e2d087639.
2021-02-18 14:21:19 -08:00
Ivan Nieto 2e2d087639
Added logic to handle the CLI importer. (#9088) 2021-02-17 13:13:17 -08:00
Ivan Nieto 12ff465cdb
Added feature: Checkbox Custom Fields as list of values. (#9112)
* Added functionality for checkboxes in custom fields. Similar to how radio buttons work.

* Added the same functionality when the custom fieldset is encrypted.

* Added missing bits, so the edit custom assets view shows what values have been already stored in database
2021-02-16 17:20:29 -08:00
Ivan Nieto f89d789832
Fixes #8918 The validation rules on Manufacturer Model 'name' attribute are malformed. (#9133)
* Fixes the validation rules on Manufacturer Model

* Fixes a little issue; if the manufacturer is active soft-deletes it, if is already deleted permanently deletes it
2021-02-16 12:52:55 -08:00
Giuseppe Iannello 5edbb4b229
Support Google Cloud IAP (#8768)
Following up on 7c2da81700,
this extends the logic, adding support for Google Cloud IAP.
2021-02-03 11:59:55 -08:00
snipe 985193ffff Fixed #9082 - allow deployable status type on checkout 2021-02-03 01:29:54 -08:00
snipe 124343911f Merge remote-tracking branch 'origin/develop' 2021-02-02 16:57:18 -08:00
Brady Wetherington 462f8c791f
Hotfix to develop to yank extraneous e() (#9080) 2021-02-02 16:44:54 -08:00
Brady Wetherington 9a224a07ba
Modified how we do Select2 dynamic drop-down menus to be more secure (#9079)
* Modified how we do Select2 dynamic drop-down menus to be more secure

As noted by the author of select2, the more-secure way of creating
rich Select-dropdowns is to use jquery to create HTML snippets and
carefully modify text attributes within there. This prevents any
XSS from being brought to the page. As a side-effect, the extra
escaping that we had to do in all of the internal selectlist calls
is now no longer necessary, and has been removed. Rebased and
squashed from the original.

* Rebuilt all assets, but this still feels like it's too much stuff in here.

* Whoops, need to run that in dev, not prod
2021-02-02 15:55:21 -08:00
Ivan Nieto df4686bc96
Added a clause that lets the function that updates the department to fail gracefully if no dept. name is provided in the CSV passed to the Importer. (#9078) 2021-02-02 12:23:36 -08:00
snipe b6c432a596 One more line of logging for purges 2021-02-02 02:20:30 -08:00
snipe ef668317a9 Log user initiating a purge 2021-02-02 01:58:50 -08:00
snipe fdb5b3baf1
Depreciation detail view fixes [ch15776] (#9059)
* Allow sorting by months for depreciation list view

* Added dataTableLayout to standardize the list display table

* Implement the dataTableLayout() on the list view blade

* Split the view into tabs so we can combine asset depreciations and license depreciations

* Updated depreciation view to use tabbed interface for assets and licenses

* Added asset models to depreciation details page

* Make asset model category sortable

* Added cateory as allowed to be sorted on

* Added category sort scope

* Removed offset variable

* Small fixes to asset modes display in depreciation to bulk edit models
2021-01-27 17:44:05 -08:00
Brady Wetherington 70e6a6ced6
Fix issue where users with edit permission cannot invoke LDAP sync (#9058)
* Fix issue where users with edit permission cannot invoke LDAP sync

* Make User::class consistent with usage elsewhere in the same directory
2021-01-27 15:36:43 -08:00
Ivan Nieto 6772835efc
Added support for radio buttons in Custom Fields. (#9053) 2021-01-27 14:41:58 -08:00
Ivan Nieto 6e83679528
Instead of return a JSON response, redirect back to the previous screen (#9055) 2021-01-27 12:01:42 -08:00
snipe 0031fab0fe
Added termination date, depreciation in license column selection [ch14505] (#9052) 2021-01-27 01:34:32 -08:00
snipe 9f7f1460e9 Simplified availableForCheckout() on asset 2021-01-26 22:12:24 -08:00
Evgeny d8bb69533c
To eliminate 12/24hours ambiguity fix. This fix prevents loss of time accuracy. (#8887)
Its a tiny fix to eliminate 12/24hours ambiguity. Fix prevents time accuracy loss in field "last_audit_date" for assets.
2021-01-26 12:22:59 -08:00
snipe 01d3606c42 Merge remote-tracking branch 'origin/develop' 2021-01-26 12:20:57 -08:00
Vincent Lainé d6ead5ae17
Added #8931: add health controller without session (#8978)
* Added health controller

* Trying to move session middleware to web and api group to have health controller without session

* Fix health route store the session

Co-authored-by: Vincent Lainé <v.laine@dental-monitoring.com>
2021-01-26 12:10:54 -08:00
Ivan Nieto 2da6f9136f
Add 'Last Audit Date/Next Audit Date' filter to custom report (#8989)
* Add 'Last Audit Date/Next Audit Date' filter to custom report

* Added a constraint: cannot require a report with a Last Audit Date in the future.
2021-01-26 12:05:31 -08:00
Ivan Nieto 79549dbfb9
Use the correct env variables in config/auth.php file. (#9048) 2021-01-26 12:04:41 -08:00
snipe a48d09f37e
Fixed non-superadmin gate permissions for kits (#9029) 2021-01-26 11:56:42 -08:00
snipe 75a8639a20 Fixed weird checkbox display
TODO: fix the 500 on the save
2021-01-12 18:16:42 -08:00
snipe bbcd215ea4 Suppress OAuth token errors 2021-01-12 08:58:40 -08:00
snipe e6ba4a423d Fixed #8721 - duplicate asset tags in select list when asset has name 2020-12-21 13:43:54 -08:00
snipe cac78cdbf3 Use snipe-logo.png as default in settings seeder 2020-12-21 11:36:43 -08:00
Brady Wetherington 0329028e2c
Fixed #8926, #8252 - introduce circular reference check for location parent_id - rebased from #8253 (#8927)
* Fixed #8252 - circular references in location parents

* Remove non-translated translation changes

* Fix typo

* Add loop limit to avoid unforseen infinite loops

* Remove check against parent_id in location controllers

* Remove the Location->id=null piece (no longer needed)

* Fix some formatting and whitespace

* Re-introduce accidentally merged-out language file

Co-authored-by: Travis Miller <milletr@tulsaschools.org>
2020-12-18 17:18:04 -08:00
snipe 5909860c5a Updated exception handler 2020-12-15 17:25:05 -08:00
Evgeny bbf7fbcff4
Localization digit separator feature. (#8915)
Provides an ability to localize the purchase_cost field in front-end hardware index table.
Has two digit separator formats in admin settings with comma and dot.
2020-12-15 11:49:13 -08:00
snipe 45bfec5cd3 Match setup admin on Quickstart password with min reqs for Settings model 2020-12-11 13:52:48 -08:00
snipe 055522510b Fixed logo in seeder 2020-12-09 08:48:47 -08:00
Johnson Yi 1c4e20c712 Allow saml to be more easily debugged 2020-12-04 21:54:04 +11:00
snipe 71d0e6369e Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2020-12-02 11:01:10 -08:00
snipe b27aeb1952 Added LDAP flag in users API for #8741 2020-12-02 11:01:05 -08:00
snipe bec2b170ec Only overwrite notes if the LDAP user is new 2020-12-02 11:00:18 -08:00
Brady Wetherington 34d5473553
Fixes 8472 (again) - LDAP sync was assigning a bad default location (#8846) 2020-12-01 21:26:52 -08:00
snipe 4ac15daee7 Fixed #8147 - allow webp image format for public file uploads 2020-12-01 19:06:53 -08:00
Brady Wetherington 93cf8d4e0a
Forward-port of the old LDAP sync system (#8801)
* Forward-port of the old LDAP sync system

* Need to rename the class to avoid classname conflicts

* Make 'classic' LDAP sync not add surrounding parens to filters that already have them

* Re-work Test LDAP button to return 10 sample users

* Remove useless debugging code
2020-11-30 17:11:44 -08:00
snipe e83bc03d97 Switch backup files array order to show latest first [ch15486]' 2020-11-30 14:46:10 -08:00
snipe 705dd34f3e Removed older SAML fields 2020-11-27 18:14:32 -08:00
snipe 6cf5426540 Removed unused validation rule 2020-11-25 11:00:28 -08:00
snipe f475bdbb2d Fixed #8797 - use html_entity_decode in fullName presenter for User 2020-11-25 08:54:23 -08:00
snipe 820a39cc90 Fixed #8814 - added App\Models\Recipients\AlertRecipient 2020-11-25 01:52:56 -08:00
snipe 72fc03aa50 Adds location to searchableRelations for asset model 2020-11-24 19:49:46 -08:00
snipe c0d7564658 Fixed #8794 - Switched to firstOrCreate to create parents on import 2020-11-24 16:05:24 -08:00
snipe 973eacf6c3 Small fixes for SAML
The SAML routes are in a service provide (sigh), so they did not have the `web` middleware group assigned to it.

I also added some additional checks so that the setup blade won’t fail (the migrations wouldn’t have been run yet, so outside of a try/catch, it would return an error since those tables don’t exist.)
2020-11-24 13:51:02 -08:00
snipe b2660002b9
Fixed #8781 - added asset count by status type (#8806) 2020-11-24 12:15:07 -08:00
snipe 2c0b9f959b Comment with possible alternatve to the custom undeleted validator 2020-11-24 12:01:09 -08:00
johnson-yi 0cdd83aabf
Fixes #8584, #8654, #8727 - fixes and improvements for saml (#8795)
* Let onelogin/php-saml know to use 'X-Forwarded-*' headers if it is from a trusted proxy

* Gracefully handle the case where openssl_csr_new fails when openssl.cnf is invalid/missing

* Improve ui of saml sp metadata by displaying it's url and a download button
2020-11-20 18:54:25 -08:00
snipe 8a38b9d018 Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2020-11-20 14:34:35 -08:00
Brady Wetherington 734cb941dd
Fix for #8772 - initial LDAP import of users are deactivated (#8776) 2020-11-20 11:11:14 -08:00
snipe c66f8c04c8 For for deleted user API 2020-11-18 14:57:44 -08:00
snipe 551e28eec9 Fixed #8749 - added more default colors to prevent missing index in pie chart math 2020-11-18 07:06:14 -08:00
Brady Wetherington 8457207c8f
Fix for 500-page on deactivated LDAP user trying to log in (#8774) 2020-11-17 22:31:22 -08:00
snipe 2ea805b7ed Added search/sort by Location OU, added to listing 2020-11-17 22:17:07 -08:00
Brady Wetherington 3dda4c9116
Add a new UAC setting to valid User Accounts for Active Directory (#8775) 2020-11-17 19:25:49 -08:00
snipe 0286cf6d46 Prevent license categories from being deleted if there are licenses in that category 2020-11-17 19:22:10 -08:00
Brady Wetherington de6f3f866f
Attempt to solve LDAP sync overriding administrator choices (#8742) 2020-11-17 00:11:00 -08:00
NMC 402fecd408
Fixed #7850: allow xlsx file. (#8386)
Thanks!
2020-11-16 21:32:15 -08:00
Brady Wetherington a97b15ec96
Re-add LDAP "test login" feature to LDAP settings (helps with #8751) (#8757)
* Start work on re-adding back the "Test LDAP logins" feature to develop

* Add back-end method to allow LDAP test users to try to log in.
2020-11-16 21:23:08 -08:00
snipe fbaf6e2494 Fixed #8747 - upload path for uploaded images 2020-11-16 16:39:02 -08:00
snipe 1f5bcf2475 Added option to download activity report 2020-11-13 16:25:05 -08:00
snipe 052f8e2c42 Addresses - not fixes - #8740
More investigation here is needed
2020-11-13 12:34:42 -08:00
snipe e9578ba8a1 Fixed #8737 - incorrect validation string for components update 2020-11-13 12:09:48 -08:00
snipe 644084658a Merge remote-tracking branch 'origin/develop' 2020-11-13 04:30:03 -08:00
snipe 08784f9cc5 Make expected_checkin fillable 2020-11-13 03:22:26 -08:00
snipe a87e615e7f Fixed #8544 - escaping on maintenance notes 2020-11-12 23:55:16 -08:00
snipe fc6a33ad38 Added some LDAP debugging - related to #8670 2020-11-12 22:19:16 -08:00
snipe 896ce3456e Possible fix for #8670 - LDAP users deactivated on login 2020-11-12 22:18:49 -08:00
snipe 9db191f0b2 Fixes for #8732 - Flysystem paths, migrator script 2020-11-12 21:46:06 -08:00
snipe c7d752fb65 Added S3 url into CSP 2020-11-12 19:50:01 -08:00
snipe 6dccf399a5 Fixed offset issue for #8732 2020-11-12 15:51:31 -08:00
snipe d537fc5c32 Added linebreak to console confirmation 2020-11-12 15:21:00 -08:00
snipe 9164dda64f Added artisan command to purge logins 2020-11-12 15:20:15 -08:00
snipe 5ea9c31eab Removed debugging 2020-11-12 15:14:56 -08:00
snipe c8572deb5c Merge branch 'develop' of https://github.com/snipe/snipe-it into develop 2020-11-12 15:13:50 -08:00
snipe 57d25ebb20 Fixed #8719 - use same convention for file names on licenses as we do on assets 2020-11-12 15:13:45 -08:00
Dampfklon be114176a2
Refactor Expected Checkin Notification into markdown and enable translation (#8236)
Co-authored-by: snipe <snipe@snipe.net>
2020-11-12 15:09:40 -08:00
Dampfklon 4ef11c463c
Enable translations of checkin notifications (#8235) 2020-11-12 15:05:57 -08:00
snipe f0e04ab9e4 Fixed #8726 - disallow archived assets to be checked out 2020-11-12 15:01:13 -08:00