* Update Ldap.php
* Update Ldap.php
* Update Ldap.php
* Update Ldap.php
* Update Ldap.php
Updating LDAP.php such that the admin bind will ONLY occur if the user attempting auth cannot bind. If that is the case, it will attempt to bind as admin and search for that user, prior to failing.
* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder
* php 7.3 collect() fix (undefined variable)
* Fix travis ci
* Add iCheck png files to webpack config (inconsistency for css <> png) and blue.png to public folder
* php 7.3 collect() fix (undefined variable)
* change LDAP implementation from model to (singleton) service
* Re-apply check for content in ldap_server variable before parsing
* Update LDAP implementation
* Switch iCheck to minimal as referenced in js
* Don't init on load but on first access via init (returns ldap enabled status)
* Re-Enable notifications
* Re-add missing test target php versions
* Only init() once (singleton class, so ldap variable is already set)
* Fixed missing oauth tables during setup.
* Custom fields of type "CUSTOM REGEX" are always saved as "ANY"
Fixes#5896
* Updated per PR
Fixed spelling
* Fixed logic error
Moved conditional code from view to controller
Added getFromatType function for dropdown
* Fixed missing oauth tables during setup.
* WIP New LDAP implementation
* WIP New LDAP implementation
* WIP New LDAP implementation
Merge remote-tracking branch 'origin/WIP_LDAP' into WIP_LDAP
* WIP New LDAP implementation
Added Adldap2 to handle ldap intergration.
* Updated per PR quality review
* Added specific LDAP settings method
* Corrected version number
* Added return documentation
* Added imports
* Changed class to be injected into controller
* Updated with PR suggestions
* Fixed missing oauth tables during setup.
* Merge remote-tracking branch 'snipe-it-upstream/develop' into develop
* Merge remote-tracking branch 'snipe-it-upstream/develop' into develop
Merge remote-tracking branch 'origin/develop' into develop
* Fixed error during setup when settings table is not present
* Another 'or' caught in a blade template
* Added the requireAcceptance() method in LicenseSeat.php. Changed the permission in checkout-license mail to view.
* Getting right the permission in the view checkout-license
The class was missing as a result that the composer was unable to update and the site returned a 500 error
```
$ composer update
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Nothing to install or update
Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.
Generating optimized autoload files
> Illuminate\Foundation\ComposerScripts::postAutoloadDump
> @php artisan package:discover
In Asset.php line 30:
Declaration of App\Models\Asset::save($params = Array) should be compatible
with Illuminate\Database\Eloquent\Model::save(array $options = Array)
Script @php artisan package:discover handling the post-autoload-dump event returned with error code 1
```
* Added AWS url to example env
* Upgrader - added check for new storage path and attempt to move
* Ignore symlink
* Updated paths for models
* Moved copy methods
* Added AWS_URL support
For some reasin, Flysystem was generating the wrong AWS url (with a region included)
* Switch to Flysystem for image uploads
* Nicer display of image preview
* Updated image preview on edit blades to use Flysystem
* Twiddled some more paths
* Working filesystems config
* Updated Asset Models and Departments to use Flysystem
* Janky workaround for differing S3/local urls/paths
* Try to smartly use S3 as public disk if S3 is configured
* Use public disk Storage options for public files
* Additional transformer edits for Flysystem
* Removed debugging
* Added missing use Storage directive
* Updated seeders to use Flysystem
* Default logo
* Set a default width
We can potentially override this in settings later
* Use Flysystem for logo upload
* Update downloadFile to use Flysystem
* Updated AssetFilesController to use Flysystem
* Updated acceptance signatures to use Flysystem
* Updated signature view to use Flysystem
This isn’t working 100% yet
* Use Flysystem facade for displaying asset image
* Set assets path
Should clean all these up when we’re done here
* Added Rackspace support for Flysystem
* Added Flysystem migrator console command
* Added use Storage directive for categories
* Added user avatars to Flysystem
* Added profile avatar to Flysystem
* Added the option to delete local files with the migrator
* Added a check to prevent people from trying to move from local to local
* Fixed the selectlists for Flysystem
* Fixed the getImageUrl method to reflect Flysystem
* Fixed AWS copy process
* Fixed models path
* More selectlist updates for Flysystem
* Updated example .envs with updated env variable names
* *sigh*
* Updated non-asset getImageUrl() methods to use Flysystem
* Removed S3 hardcoding
* Use Flysystem in email headers
* Fixed typo
* Removed camera support from asset file upload
We’ll find a way to add this in later (and add that support to all of the other image uploads as well)
* Fixed path for categories
* WIP - Switched to standard handleImages for asset upload.
This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now.
* Fixed css URL error
* Updated Debugbar to latest version (#6265)
v3.2 adds support for Laravel 5.7
* Fixed: Missing CSS file in basic.blade.php (#6264)
* Fixed missing CSS file in basic.blade.php
* Added
* Changed stylesheet import for authorize.blade.php
* Updated composer lock
* Added AWS_BUCKET_ROOT as env variable
* Use nicer image preview for logo upload
* Removed AssetRequest form request
* Removed asset form request, moved custom field validation into model
* Added additional help text for logo upload
* Increased the size of the image resize - should make this a setting tho
* Few more formatting tweaks to logo section of branding blade preview
* Use Flysystem for asset/license file uploads
* Use Flysystem for removing images from models that have been deleted
* Enable backups to use Flysystem
This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3
* Use Flysystem to download license files
* Updated audits to use Flysystem
When a user has no permissions set (=NULL) in the database (like after an
LDAP import) but is a member of a group with permissions, those group
permissions would not have be applied, effectively denying every access
regardless of group permissions.
This was causing the error: Undefined index: App\Models\CustomField (View: /Users/snipe/Sites/snipe-it/snipe-it/resources/views/hardware/index.blade.php)
and pointed to the Eloquent model library method:
```
protected function initializeTraits()
{
foreach (static::$traitInitializers[static::class] as $method) {
$this->{$method}();
}
}
```
Thanks to https://github.com/laravel/framework/issues/25455 for the clue.
* Add half-year convention in depreciation for Models/Depreciable.php
* Add a setting for the depreciation method
* Integrate half-year convention inside working output
* fix: add more checks at Depreciable.php
* depreciation value rounding
* Codestyle fix
A checkout acceptance gets generated for every item that needs to be checked out. This resource tracks the user user who can accept the item and their signature
* Extract a handlesimages trait to centralize logic for parsing/storing images on upload in create/edit methods.
* Use same image upload/layout in accessories as consum+components.
* Monster: Cleanup/Refactor http controllers.
This cleans up docblocks, pulls most non-crudy actions into their own
controllers, and does general cleanup/logic refactoring. There /should/
be no functional changes, but we all know how should works..
Extract checkin/checkout functions to a separate controller for accessories.
Move controllers to subdirectory.
Cleanup AssetModelsController
Extract component checkin/checkout
Assorted cleanups/doc/formatting in controllers.
Refactor LicenseController.
Refactor UsersController
Update viewassetscontroller.
* Codacy cleanups
* More codacy cleanups. Extract a LicenseCheckout Form request as well.
* A bit more refactor/cleaning of the license checkout method.
* Review Related Cleanups
* Fix most of the item_not_found translations. In many cases, the
string being generated did not even use the id parameter. Where it
does, pass it as id instead of as a different value.
* Remove some old $data arrays from when we manually sent emails from
the controllers. This has been superseeded by the notification system
(yay!)
* Bugfix: Only log the checkin of an accessory if the checkin completes sucessfully.
* Adds a method to consumables to check if a notification should be sent
Adds the checkin_email method to Consumables, this gets checked in notifications when checking out the consumable.
Without the method, no notifications get sent for checking out consumables.
* Fixes the checkin_email method on the License model
This should allow the License to also send checkout/checkin notifications again.
* Fix Importer emailformat
Str::slug() strips periods from the string, which caused our existing
logic to misbehave when generating a user's email on an import. Adjust
logic to use generateEmail() helper on user instead. Also clean up some
of the logic in this method.
* Remove dead code.
* More refactor/cleanup of the user create method. I think it is almost readable now.
* Give advancedTextSearch all search terms at one
The additional conditions for assets had some problems, since they were joining tables for the additional attributes. The method was called once for every search term, so the join was added multiple times if the user entered multiple search terms.
* Allows search to handle multiple search terms better
The search now better handles multiple search terms, adding additional orWhere clauses, instead of duplicating all queries.
* Fixing typo
* Adds the ability to search by dates
Adding extra „where“-conditions to the „TextSearch“ queries, allowing the users to search by dates
* Adds missing dates to $dates in models
* Removes duplicated „where“ conditions
* Adds the Searchable trait to models, defining the searchable attributes and relations
* Removes the old text search methods
* Adds back additional conditions to the search
These conditions could not be modeled in the „attributes“ or „relations“, so we include them here
* Removes unnecessary check for the deleted_at attribute
* Fixes typo in comments
* suppresses errors from Codacy
We can safely ignore the error codacy is throwing here, since this method is a standin/noop for models who need to implement more advanced searches
* Added de-norm counter migration for assets
* Renaming counter columns, since Eloquent has a magical *_count helper
* Added artisan command to sync counters (one-off)
* Update API to use de-normed fields
* Increment counters for checkin;/checkout
* Derp.
* Added request increment/decrementer
* Move increment for checkout to the Asset::checkout method
* Added “could take a while” message
* Fixes#4445: prevents assigned assets from being checked out in bulk checkout
* Updates data attribute to more versatile 'data-asset-status-type'
* Fixes broken unit test
* Fixes CustomFieldsetsController::fields() which I think is not used anywhere else and don't think ever worked as you can't call get() on a Collection.
Have tested extensively and doesn't seem to affect anywhere else?
* Adds default value functionality
* Adds built assets
* Fixes assignment to asset_model_id which should have been evaluation and alters route so it sits more in line with existing work
* Updates built assets
* Remove silly docker.env file; fix Dockerfile to preserve Oauth keys (#5377)
* Added department to custom asset export
Updates build assets
* Adds translation support for 'add default values' checkbox label
* Allow setting of "ldap_import" through the API, this will allow cusom scripts to be made to import data from Active directory using the API, this would allow any field to be filled such as the manager (based on the ID), department etc.
* Password fix for LDAP through API
* WIP - beginning of improved requested assets
- Use Ajax tables for faster loading
- Use new notifications for requesting an asset
TODO:
- Use ajax tables for requestable asset models
- Use new notifications for canceling an asset request
- Expire requests once the asset has been checked out to the requesting user
* Only show asset name in email if it has one
* Refactor requested method to only include non-canceled requests
* Refactored requestable assets to log request and cancelation
* Added softdeletes on checkout requests
* Differentiate between canceling and deleting requests
* Added asset request cancelation notification
* Added timestamps and corrected unique key on requests table
* Improved requests view
* Re-use blade for cancel/request email
* Refactored BS table formatter for requested assets
* Location name min reduced to 2
* Added PAT test as maintenance option
This needs to be refactored into database-driven options with a UI
* Better slack message
* Added getImageUrl method for assets
* Include qty in request notifications
TODO:
- Try to pull requested info from original request for cancelation, otherwise it will default to 1
* Removed old asset request/cancel emails
* Added user profile asset request routes
* Added profile controller requested assets method
* Added blade link to requested assets for profile view
* Sort user history desc
* Added requested assets blade
* Added canceled at to checkoutRequest method
* Include qty in request
* Fixed comment, removed allowed_columns
* Removed Queable methods, since we don’t use a queue
* Fixed return type in method doc
* Fixed version number
* Changed id to user_id for clarity
* Added “show fields in email” to custom fields
* Added “show images in email” to settings
* Added nicer HTML emails
* Break notifications out into their own, instead of trying to mash them all together
* Remove old notification for accessory checkout
* Janky fix for #5076 - “The asset you have attempted to accept was not checked out to you”
* Add method for image url for accessories
* Added accessory checkout email blade
* Make accessory email notification on checkout screen consistent with assets
* Added native consumables notifications
* Fixes for asset notification
* Updated notification blades with correct-er fields
* Updated notifications
* License checkin notification - does not work yet
Need to figure out whether the license seat is assigned to a person or an asset before we can pass the target
* Added alternate “cc” email for admins
* Only try to trigger notifications if the target is a user
* Fix tests
* Fixed consumable URL
* Removed unused notification
* Pass target type in params
* Show slack status
* Pass additional parameters
There is a logic bug in this :( Will send to slack twice, since the admin CC and the user are both using the same notification. Fuckity fuck fuck fuck.
* Pass a variable to the notification to supress the duplicate slack message
* Slack is broken :( Trying to fix
Will try a git bisect
* Put preview back into checkout
* Pulled old archaic mail
* Removed debugging
* Fixed wrong email title
* Fixed slack endpoint not firing
* Poobot, we hardly knew ye.
* Removed old, manual mail from API
* Typo :-/
* Code cleanup
* Use defined formatted date in JSON
* Use static properties for checkin/checkout notifiers for cleaner code
* Removed debugging
* Use date formatter
* Fixed target_type
* Fixed language in consumable email
* Cleanup
* API tests for asset models and related cleanup/improvements
* Api license test. Tests incomplete because create/update/destroy are not implemented yet in the controller
* API Category tests.
* Manufacturers API Test.
* Implement License Create/Update/Delete Methods for API and enable test.
* Add missing gate for api. Fixes only superadmins being able to generate Personal Access Toekns
* Use the formated date helper to clean up verifications.
* Add Checkin/Checkout api tests.
* Accessories api test
* Add Companies API Test.
* Return ModelNotFound as a 404.
* Cleanups/simplficiations/updates.
* Locations api test.
* currency and image should be fillable on location.
* Update components api test.
* Use findOrFail so we return a 404 instead of a 200. Matches other item types.
* order_number should be fillable in component.
* Add updated_at and permissions to information returned from api for a user.
* Add users test and flesh out factory and fillable fields.
* Add test for assets method
* API status label test.
* Disable php7.2 for now on travis until the count(null) issues are remedied
* Add serial to update.
* API model not found should return a 200
* Work towards a functional travis. Step 1: Disable broken unit tests.
* Fix functional tests
This updates the login information and model factories to work with
changes to source.
* Importer name/full name fixes.
Fix a bug where "name" was used ambigously and mapping "item name" to
"name" would confuse the importer into thinking it should also be a user
name. Now we default to "full name" for the users name, and "item name"
for the item name. These are still both configurable through the custom
mapping.
Also update sample csvs and remove an outdated sample.
* Max length of supplier notes is 191, not 255, as per default laravel string length. Might make sense to change this to a text field in the future to match other places.
* Use sqlite/different db setup for unit tests.
* Fix assets api test.
* Fix Components API test.
* increase travis memory limit for functional tests.
* Use travis config for api tests as well.
* Fix memory limit file.
* Disable ApiComponentsAssetsCest until it's fixed.
The API UsersController accepts manager_id, but calls the following:
$user->fill($request->all());
This results in manager_id being ignored. I can't see any problem with
allowing a user's manager to be modified using the API, so this change
allows it.
* If a user id is provided in the name column of an import, we should assume that it is a user id and check out to it.
* Fix build of vue files. The location is public/js/build, not public/build
* Ensure a status type is set before allowing submission of an import.
Also expand the status text label to change color based on success/failure.
Fixes#4658
* Use right key to lookup emails when importing users. Fixes 4619.
* Import serial for components, and make unique matches based on the serial as well as the name. Fixes#4569
* Set the location_id when importing an item properly.
This moves as well to using the Asset::checkout() method, which should consolidate the logic into a useful spot.
Fixes#4563 (I think)
* Production assets.
* Case insensitive field map guessing and repopulate when changingin import type.
* The default locale of en does not include dollar sign in default currency. Assume if there is no currency symbol set that the dollar sign is a good thing to look for in parsefloat.
* Fix for 4485. Serial not serial_number
Also fix bug where updating with a csv that does not include custom field columns should not overwrite current values.
* Rename serial_number to serial in default imports to avoid needing to map weirdly.
* Add Test for 4359. Not reproducable at current though
* More helpful text on how the custom validator works
* Clarified language of custom format, fixed regex example
* Fixed regex example in placeholder
* Added comments to custom fields
* Added regex validation string
* Added valid_regex validator in format requirements
* Removed useles comments
* Fixes#4236 - validate the regex custom validation
* Add Authorizable trait and interface to our user model so we have access to User::can/User::cant. We should take a look at where else our user model has diverged from Larvel since it was created...
* Policy cleanup/fixes.
This commit adds policies for the missing backend/"settings" areas. The
permissions were implemented a while back but the policies did not, so
authorizing actions was failing.
In addition, this condenses a lot of code in the policies into base
classes. Most of the files were identical except for table names, so we
move all of the checks into a base class and override the table name in
each policy.
* Use a better name and permission for the check in the default layout.
* Locations API support for image
* Added manufacturers API support for image
* Added manufacturers API support for image
* Added image support for locations add/update
* Added manufacturer image upload support to controller
* General image string
* Added blade support for image uploads/delete image
* Added $request support (from Input::)
* Added image support in API transformers
* Added image to Manufacturers presenter for data table
* Migration to create image fields
* Ignore the contents of the new image directories
* Create new image upload directories
* Created components/consumables uploads directory
* Fixed missing textSearch scope from companies
* Added ignore for companies uploads directory
* Added blade support for image upload
* Fixed path to upload directory on edit
* Added company image upport to transformers, controllers
* Added image support for categories
* Added support for images in Departments
* Added support for image in Consumables
* Added image support for components
* Ignore accesories uploads
* API: Allow searching accessories by supplier id
* Adds suppliers and image upload to accessories
* Allow sorting by counts for suppliers
* Validate supplier image uploads
* Remove purchase_date from protected accessory array, it was converting it to datetime in datepicker
For a while, prior to 987536930, we did not null assigned_type on
checkin. This migration manually nulls all assigned_type fields if
assigned_to is unset. Add a test to AssetTest for this as well...kind
of. We need to extract an Asset::checkin() method for 4.1 that mirrors
Asset::checkOut() to really test this.
This also fixes a separate (but related) issue. The Asset importer did
not set assigned_type when importing and creating users. In this
instance, we assume that if assigned_to is set and assigned_type is not,
then the item was checked out to a user and update the DB accordingly.
Also add a check in ImporterTest for this issue.
* There is no notes field on accessories. Fixes Importer Test.
* Fix notification test. We should see a checkout not allowed exception when trying to check out to a location if the asset requires acceptance.
* Fix Custom field import.
Add a test for custom field import, and fix a few issues related to
importing custom fields. This will restore v3 functionality.
* Add UI support for mapping custom fields.
This still requires the field mappings to be created/assigned in
advance, but will fetch all custom field names and allow them to be
selected when setting up custom field mappings.
This commit also updates laravel-mix to v1.4.3 and other node
dependencies to fix some build issues.
* Fix some requestable asset page/assetloc issues. I'd love to know why laravel expections relationships to be in lower case... but thats a question for another day.
* Fix accidental commit of ImporterTest.
* Move the name() method to the presenter
This fixes some weird collisions between laravels voodoo and our
presenter voodoo that confused php. It's also probably a cleaner place
to put it. Should fix#3927
* Add missing parenthesis
* Add heading to tables on locations/view page.
* Fix some n+1 problems
* Use route in notification dropdown to make sure we link to correct page
* Work on better UI support for checkout to non-user. Fix links on index bootstrap table, work towards eliminating assignedUser
* Remove Asset::assigneduser() relationship. Instead add a checkedOutToUser() method and/or port to using assignedTo()
* Adjust string to fit new reality
* Fix#3780. Move the consumables getDataView method to the ApiController. Not entirely RESTful, but it's a weird method that probably doesn't need its own controller and the functionality would be strange to stack on the userscontroller...
* Fix file uploads to assets and restore the delete route.
* Add asset maintence edit action to index.
* Suppliers asset list should link to the related asset, not to the supplier with same ID.
* Asset models page should use polymorphic formatter on assigned to to better handle assorted item types.
* Comment out more assigneduser fallacy until we figure out the query builder approach to searching for location text.
Working mail from notification. Still requires testing/cleaning
Add tests around checkout notification.
This also removes the ability to check out an asset to a location|asset
that requires acceptance/a Eula. For 4.1 we may think about how to
support such a thing, but at present it seems to make sense to only alow
such assets to be checked out to users, who can be responsible for the
items.
