Commit graph

63 commits

Author SHA1 Message Date
Brady Wetherington 6df9742664 Built a workaround for backup notification translations 2024-06-27 13:17:16 +01:00
Brady Wetherington 30cafef9f2 Add a reasonable-looking SAML baseurl, mosty for users behind proxies 2024-06-26 13:25:11 +01:00
snipe fb233c0aa4 Cleaned up facade names and references
Signed-off-by: snipe <snipe@snipe.net>
2024-05-29 12:38:15 +01:00
Brady Wetherington 401e1842ee Fixed pluralization bug due to dashed-locale names instead of underscored
Our locale directories are named things like 'en-US'. But the pluralization
code used by Laravel (through Symfony) requires locale names to be
in the format en_US. This change introduces a new Translator,
SnipeTranslator, which is a tiny set of changes against the built-in
one. It additionally adds a SnipeTranslationServiceProvider, which
loads up the new Translator.
2024-01-26 15:40:55 +00:00
Brady Wetherington 81b8243e1d Enforce SAML assertion ID uniqueness and notValidOnOrAfter attribute 2024-01-25 19:53:24 +00:00
snipe 161999fbca Fixed #12772 - use the APP_URL config more consistently
Signed-off-by: snipe <snipe@snipe.net>
2023-04-05 16:05:40 -07:00
snipe 8a8575bf2d Made constant DATA_SESSION_KEY public
Signed-off-by: snipe <snipe@snipe.net>
2023-02-06 12:40:32 -08:00
snipe 910fc08406 Dropped log level to warn on SAML error
Signed-off-by: snipe <snipe@snipe.net>
2022-06-02 17:07:49 -07:00
Brady Wetherington 4e65a8d755 Reduce SAML debugging output to actual error conditions 2022-05-17 19:54:14 -07:00
snipe 780222d372 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	resources/views/users/print.blade.php
2022-05-10 17:26:26 -07:00
snipe f4650c65db Clearer phrasing for log
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 13:00:48 -07:00
snipe d3830a44d8 Added more verbose messaging
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:40:50 -07:00
snipe 5869b6ed0c And still more debugging
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:38:46 -07:00
Brady Wetherington c8fe929e09 Add new UserAccountControl to permitted UAC's for AD. 2022-01-12 12:07:51 -08:00
Brady Wetherington 4dda28de9e WIP: cleaning up LDAP 2021-10-28 18:19:50 -07:00
snipe e27065fe16 Merge branch 'develop-v6-integration' into develop-v6-rc1
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Console/Commands/ResetDemoSettings.php
#	app/Helpers/Helper.php
#	app/Http/Controllers/Api/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/CategoriesController.php
#	app/Http/Controllers/Api/ComponentsController.php
#	app/Http/Controllers/Api/ConsumablesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/StatuslabelsController.php
#	app/Http/Controllers/Api/SuppliersController.php
#	app/Http/Controllers/AssetMaintenancesController.php
#	app/Http/Controllers/Auth/ForgotPasswordController.php
#	app/Http/Controllers/DepreciationsController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Requests/ImageUploadRequest.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	app/Http/Transformers/DepreciationsTransformer.php
#	app/Listeners/CheckoutableListener.php
#	app/Models/Accessory.php
#	app/Models/Asset.php
#	app/Models/Company.php
#	app/Models/Ldap.php
#	app/Models/User.php
#	app/Presenters/AssetPresenter.php
#	app/Presenters/CategoryPresenter.php
#	composer.json
#	composer.lock
#	config/version.php
#	database/factories/AssetModelFactory.php
#	database/migrations/2020_10_22_233743_move_accessory_checkout_note_to_join_table.php
#	database/seeds/AssetModelSeeder.php
#	package-lock.json
#	public/css/build/AdminLTE.css
#	public/css/build/app.css
#	public/css/build/overrides.css
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/css/dist/skins/skin-black-dark.css
#	public/css/dist/skins/skin-black-dark.min.css
#	public/css/dist/skins/skin-black.css
#	public/css/dist/skins/skin-black.min.css
#	public/css/dist/skins/skin-blue-dark.css
#	public/css/dist/skins/skin-blue-dark.min.css
#	public/css/dist/skins/skin-blue.css
#	public/css/dist/skins/skin-blue.min.css
#	public/css/dist/skins/skin-contrast.css
#	public/css/dist/skins/skin-contrast.min.css
#	public/css/dist/skins/skin-green-dark.css
#	public/css/dist/skins/skin-green-dark.min.css
#	public/css/dist/skins/skin-green.css
#	public/css/dist/skins/skin-green.min.css
#	public/css/dist/skins/skin-orange-dark.css
#	public/css/dist/skins/skin-orange-dark.min.css
#	public/css/dist/skins/skin-orange.css
#	public/css/dist/skins/skin-orange.min.css
#	public/css/dist/skins/skin-purple-dark.css
#	public/css/dist/skins/skin-purple-dark.min.css
#	public/css/dist/skins/skin-purple.css
#	public/css/dist/skins/skin-purple.min.css
#	public/css/dist/skins/skin-red-dark.css
#	public/css/dist/skins/skin-red-dark.min.css
#	public/css/dist/skins/skin-red.css
#	public/css/dist/skins/skin-red.min.css
#	public/css/dist/skins/skin-yellow-dark.css
#	public/css/dist/skins/skin-yellow-dark.min.css
#	public/css/dist/skins/skin-yellow.css
#	public/css/dist/skins/skin-yellow.min.css
#	public/js/build/app.js
#	public/js/build/vendor.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/assets/js/vue.js
#	resources/lang/af/validation.php
#	resources/lang/ar/admin/settings/general.php
#	resources/lang/ar/validation.php
#	resources/lang/bg/admin/settings/general.php
#	resources/lang/bg/validation.php
#	resources/lang/cs/admin/settings/general.php
#	resources/lang/cs/validation.php
#	resources/lang/cy/help.php
#	resources/lang/cy/validation.php
#	resources/lang/da/admin/settings/general.php
#	resources/lang/da/validation.php
#	resources/lang/de/admin/settings/general.php
#	resources/lang/de/validation.php
#	resources/lang/el/validation.php
#	resources/lang/en-GB/admin/settings/general.php
#	resources/lang/en-GB/validation.php
#	resources/lang/en-ID/admin/hardware/table.php
#	resources/lang/en-ID/admin/settings/general.php
#	resources/lang/en-ID/validation.php
#	resources/lang/es-CO/admin/settings/general.php
#	resources/lang/es-CO/auth/message.php
#	resources/lang/es-CO/button.php
#	resources/lang/es-CO/help.php
#	resources/lang/es-CO/validation.php
#	resources/lang/es-ES/admin/settings/general.php
#	resources/lang/es-ES/auth/message.php
#	resources/lang/es-ES/button.php
#	resources/lang/es-ES/help.php
#	resources/lang/es-ES/validation.php
#	resources/lang/es-MX/admin/settings/general.php
#	resources/lang/es-MX/validation.php
#	resources/lang/es-VE/admin/settings/general.php
#	resources/lang/es-VE/auth/message.php
#	resources/lang/es-VE/button.php
#	resources/lang/es-VE/help.php
#	resources/lang/es-VE/validation.php
#	resources/lang/et/validation.php
#	resources/lang/fa/validation.php
#	resources/lang/fi/admin/settings/general.php
#	resources/lang/fi/validation.php
#	resources/lang/fil/validation.php
#	resources/lang/fr/admin/settings/general.php
#	resources/lang/fr/validation.php
#	resources/lang/ga-IE/validation.php
#	resources/lang/he/admin/settings/general.php
#	resources/lang/he/general.php
#	resources/lang/he/validation.php
#	resources/lang/hr/validation.php
#	resources/lang/hu/validation.php
#	resources/lang/id/validation.php
#	resources/lang/is/admin/categories/general.php
#	resources/lang/is/admin/companies/message.php
#	resources/lang/is/admin/companies/table.php
#	resources/lang/is/admin/components/general.php
#	resources/lang/is/admin/components/table.php
#	resources/lang/is/admin/consumables/table.php
#	resources/lang/is/admin/depreciations/general.php
#	resources/lang/is/admin/depreciations/message.php
#	resources/lang/is/admin/hardware/form.php
#	resources/lang/is/admin/hardware/general.php
#	resources/lang/is/admin/hardware/message.php
#	resources/lang/is/admin/hardware/table.php
#	resources/lang/is/admin/kits/general.php
#	resources/lang/is/admin/licenses/form.php
#	resources/lang/is/admin/licenses/general.php
#	resources/lang/is/admin/locations/table.php
#	resources/lang/is/admin/manufacturers/table.php
#	resources/lang/is/admin/reports/message.php
#	resources/lang/is/admin/settings/general.php
#	resources/lang/is/admin/settings/message.php
#	resources/lang/is/admin/statuslabels/message.php
#	resources/lang/is/admin/suppliers/message.php
#	resources/lang/is/admin/suppliers/table.php
#	resources/lang/is/admin/users/table.php
#	resources/lang/is/mail.php
#	resources/lang/is/validation.php
#	resources/lang/it/admin/settings/general.php
#	resources/lang/it/validation.php
#	resources/lang/iu/validation.php
#	resources/lang/ja/mail.php
#	resources/lang/ja/validation.php
#	resources/lang/ko/validation.php
#	resources/lang/lt/validation.php
#	resources/lang/lv/validation.php
#	resources/lang/mi/validation.php
#	resources/lang/mk/validation.php
#	resources/lang/ml-IN/validation.php
#	resources/lang/mn/validation.php
#	resources/lang/ms/validation.php
#	resources/lang/nl/admin/settings/general.php
#	resources/lang/nl/validation.php
#	resources/lang/no/validation.php
#	resources/lang/pl/admin/settings/general.php
#	resources/lang/pl/validation.php
#	resources/lang/pt-BR/admin/settings/general.php
#	resources/lang/pt-BR/mail.php
#	resources/lang/pt-BR/validation.php
#	resources/lang/pt-PT/validation.php
#	resources/lang/ro/validation.php
#	resources/lang/ru/validation.php
#	resources/lang/sl/validation.php
#	resources/lang/sr-CS/admin/settings/general.php
#	resources/lang/sr-CS/validation.php
#	resources/lang/sv-SE/admin/settings/general.php
#	resources/lang/sv-SE/auth/message.php
#	resources/lang/sv-SE/button.php
#	resources/lang/sv-SE/mail.php
#	resources/lang/sv-SE/validation.php
#	resources/lang/ta/validation.php
#	resources/lang/th/validation.php
#	resources/lang/tl/validation.php
#	resources/lang/tr/mail.php
#	resources/lang/tr/validation.php
#	resources/lang/uk/admin/accessories/table.php
#	resources/lang/uk/admin/asset_maintenances/message.php
#	resources/lang/uk/admin/asset_maintenances/table.php
#	resources/lang/uk/validation.php
#	resources/lang/ur-PK/validation.php
#	resources/lang/vi/admin/settings/general.php
#	resources/lang/vi/validation.php
#	resources/lang/zh-CN/admin/settings/general.php
#	resources/lang/zh-CN/validation.php
#	resources/lang/zh-HK/validation.php
#	resources/lang/zh-TW/validation.php
#	resources/lang/zu/validation.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/partials/forms/edit/company-select.blade.php
#	routes/api.php
2021-09-21 23:46:50 -07:00
Brady Wetherington 4d4badf830 Got the client-side LDAP setup working well enough for sync! 2021-08-17 14:43:36 -07:00
Laravel Shift 934afa036f Adopt Laravel coding style
Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions.

You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started.

[1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer
[2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 20:15:52 +00:00
snipe ded61614d1 Attempt to fix transient LDAP bug
Signed-off-by: snipe <snipe@snipe.net>
2021-05-07 18:13:04 -07:00
snipe e1c6d4ced7 Merge branch 'develop' of https://github.com/Skywalker-11/snipe-it into Skywalker-11-develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	app/Http/Requests/SettingsSamlRequest.php
2021-04-14 15:15:07 -07:00
Raell Dottin 78cc47a859
Added sanity check to determine if a bind user account is set. (#9340) 2021-03-24 14:08:37 -07:00
snipe 8fd8e716ac
Changed debug level on bad LDAP connection (#9314)
* Changed debug level on bad LDAP connection

TODO:

Unfuck all of this. It’s a mess and it really doesn’t work the way we think it does. AdLdap library strikes again. :(

Signed-off-by: snipe <snipe@snipe.net>

* Improved phrasing

Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 19:24:28 -07:00
johnson-yi 763e17f491
Added saml custom setting retrieveParametersFromServer to enable fixing SLO issues with Azure AD (#9187) 2021-02-23 11:05:22 -08:00
snipe bec2b170ec Only overwrite notes if the LDAP user is new 2020-12-02 11:00:18 -08:00
Brady Wetherington 93cf8d4e0a
Forward-port of the old LDAP sync system (#8801)
* Forward-port of the old LDAP sync system

* Need to rename the class to avoid classname conflicts

* Make 'classic' LDAP sync not add surrounding parens to filters that already have them

* Re-work Test LDAP button to return 10 sample users

* Remove useless debugging code
2020-11-30 17:11:44 -08:00
johnson-yi 0cdd83aabf
Fixes #8584, #8654, #8727 - fixes and improvements for saml (#8795)
* Let onelogin/php-saml know to use 'X-Forwarded-*' headers if it is from a trusted proxy

* Gracefully handle the case where openssl_csr_new fails when openssl.cnf is invalid/missing

* Improve ui of saml sp metadata by displaying it's url and a download button
2020-11-20 18:54:25 -08:00
Brady Wetherington 734cb941dd
Fix for #8772 - initial LDAP import of users are deactivated (#8776) 2020-11-20 11:11:14 -08:00
Brady Wetherington 8457207c8f
Fix for 500-page on deactivated LDAP user trying to log in (#8774) 2020-11-17 22:31:22 -08:00
Brady Wetherington 3dda4c9116
Add a new UAC setting to valid User Accounts for Active Directory (#8775) 2020-11-17 19:25:49 -08:00
Brady Wetherington de6f3f866f
Attempt to solve LDAP sync overriding administrator choices (#8742) 2020-11-17 00:11:00 -08:00
Brady Wetherington a97b15ec96
Re-add LDAP "test login" feature to LDAP settings (helps with #8751) (#8757)
* Start work on re-adding back the "Test LDAP logins" feature to develop

* Add back-end method to allow LDAP test users to try to log in.
2020-11-16 21:23:08 -08:00
snipe fc6a33ad38 Added some LDAP debugging - related to #8670 2020-11-12 22:19:16 -08:00
Anthony Winstanley cc79bb1449
Exclude blank LDAP attributes
Asking for '' attributes is an error for some LDAP servers.
2020-11-12 09:34:28 -08:00
Sanjay Govind ab6d2987a4
Include documentation from @uberbrady
Previously on v4 this was all documented, so i have copied that documentation across to v5
2020-11-06 12:31:33 +13:00
Sanjay Govind 45c140814f
Fix AD Accounts with delegation disabled 2020-11-06 12:02:19 +13:00
Brady Wetherington b626b7895a Ensure misdefined active flags will not prevent user syncing 2020-10-15 19:10:47 -07:00
Brady Wetherington be4aa07d8c Some logic bugs in the AD-specific code for logging in via AD/LDAP 2020-10-09 15:33:17 -07:00
Brady Wetherington b015cff8bd Modify Snipe-IT v5 AD handling to use the same ldap_host, and improve OU handling 2020-10-06 18:31:06 -07:00
snipe cb5104c27d
Hopefully fixes #8418 - migrations on new install go wonky because of LDAP service provider 2020-09-08 21:13:24 -07:00
snipe c23e28d0df
Merge pull request #8372 from snipe/fix_adldap_sync
Fix adldap sync
2020-08-26 13:34:07 -07:00
Brady Wetherington 67a1d2fa5f Remove hardcoding of LDAP Auth query to 'uid=', use setting instead 2020-08-26 12:25:10 -07:00
Brady Wetherington 6c23e881c7 Merge branch 'develop' of https://github.com/bushelpowered/snipe-it into bushelpowered-develop 2020-08-24 21:42:04 -07:00
Brady Wetherington 262a964760 [WIP] fix ldap-sync for v5 with AdLdap2 2020-08-14 14:45:05 -07:00
Michael Pietsch 4f5374b2e8 enable use custom file based saml certificate/private key 2020-08-14 12:25:00 +02:00
Johnson Yi 3d8fce50d0 Removed unnecessary default saml settings 2020-05-09 01:51:48 +10:00
Johnson Yi c1c37d521c Allow downloading sp metadata without idp 2020-05-06 19:50:50 +10:00
Johnson Yi b2930d6069 Added #542: add saml authentication 2020-05-06 00:06:19 +10:00
snipe c9ed205bb0
Added @throws to documentation
Signed-off-by: snipe <snipe@snipe.net>
2020-04-23 14:41:37 -07:00
Jared Biel bbeb51461f Fix LDAP logins 2020-03-24 16:27:14 -05:00
Fabian Grutschus 5becb93e6c
Added: allow appending of domain name to username when user tries to login (#7790) 2020-02-04 12:47:49 -08:00