Commit graph

2424 commits

Author SHA1 Message Date
snipe d4f7b5f80c Fixed #11100 for individual users
Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 12:07:18 -07:00
snipe 64b582c657
Merge pull request #11108 from uberbrady/fix_ldap_first_login_password
Pass the password along directly instead of retrieving it from the In…
2022-05-16 11:01:35 -07:00
Brady Wetherington 6c86a28d18 Pass the password along directly instead of retrieving it from the Input or Request 2022-05-16 10:58:27 -07:00
Brady Wetherington b05d85ab0a Fix bulk-user reset-password links 2022-05-16 10:38:12 -07:00
Johnson Yi 4401dab8d6 fix saml slo for logout 2022-05-14 11:59:34 +00:00
snipe 333aa05809 Added missing use statement
Signed-off-by: snipe <snipe@snipe.net>
2022-05-13 16:46:13 -07:00
snipe c5ec3efc70
Merge pull request #11065 from snipe/fixes/double_encoding_for_custom_fields
Fixed  #11014 - double encoding for custom fields
2022-05-13 16:12:24 -07:00
Brady Wetherington 0ddb0f2c81 Switch the barcode backend to SVG, and fix the two-factor middleware 2022-05-13 14:22:27 -07:00
snipe 6fc222a648 Fixed #11014 - Removed double escaping on custom fields
Signed-off-by: snipe <snipe@snipe.net>
2022-05-13 05:45:00 -07:00
snipe ef1eb15a91 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	config/permissions.php
2022-05-12 09:31:42 -07:00
snipe c52faaf23d Added checkout to permissions check
Signed-off-by: snipe <snipe@snipe.net>
2022-05-11 19:02:23 -07:00
snipe 780222d372 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	resources/views/users/print.blade.php
2022-05-10 17:26:26 -07:00
snipe 4fccf4ddc4 Few more log lines
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:27:42 -07:00
snipe 646166b2b6 Removed debug line
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:16:07 -07:00
snipe f4e737eaf3 More SAML debugging
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:14:22 -07:00
snipe f572eaa421 Added debugging for SAML login
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:07:07 -07:00
snipe dfd4d54433 Fixed route name
Signed-off-by: snipe <snipe@snipe.net>
2022-05-06 15:46:25 -07:00
snipe 220f94faee Check that the session key exists
Signed-off-by: snipe <snipe@snipe.net>
2022-05-06 14:10:47 -07:00
snipe 22ec3c1398 Use error style instead of warn/info when nothing was selected
Signed-off-by: snipe <snipe@snipe.net>
2022-05-06 05:41:52 -07:00
snipe caf17d4f25 Fixed wrong variable name
Signed-off-by: snipe <snipe@snipe.net>
2022-05-06 05:41:32 -07:00
snipe e1b24bb763 Added a comment
Signed-off-by: snipe <snipe@snipe.net>
2022-05-06 05:30:21 -07:00
snipe 76213ec3d9 Create a session on bulk actions, store it for redirect, then delete it
Signed-off-by: snipe <snipe@snipe.net>
2022-05-06 05:14:08 -07:00
snipe 243739e9c3 Added missing gate for bulk checkout
Signed-off-by: snipe <snipe@snipe.net>
2022-05-06 05:13:36 -07:00
snipe 784bf4d784 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.github/ISSUE_TEMPLATE/feature_request.yml
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/ReportsController.php
#	config/version.php
#	package-lock.json
#	package.json
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/views/users/print.blade.php
#	webpack.mix.js
2022-05-06 01:52:43 -07:00
snipe b20921cb62 Removed duplicate session regenerate
Signed-off-by: snipe <snipe@snipe.net>
2022-05-05 21:35:05 -07:00
snipe 0939591efb
Merge pull request #11003 from inietov/fixes/integrity_constraint_violation_column_order_cannot_be_null_develop
Fixes QueryException Integrity constraint violation: Column 'order' cannot be null for develop
2022-05-05 13:28:00 -07:00
snipe a859eac4a0
Merge pull request #11002 from inietov/fixes/integrity_constraint_violation_column_order_cannot_be_null
Fixes QueryException Integrity constraint violation:  Column 'order' cannot be null
2022-05-05 13:27:45 -07:00
snipe 953b3a8d6e
Merge pull request #10993 from snipe/rcs/merge_master_into_develop_for_rc_8
Merge master into develop for RC 6.0.0-8
2022-05-05 10:53:17 -07:00
Ivan Nieto Vivanco 37805509da Adds an integer casting to the order input field so it cannot be null 2022-05-01 15:27:05 -05:00
Ivan Nieto Vivanco 01232d9a54 Adds an integer casting to the order input field so it cannot be null 2022-05-01 15:16:56 -05:00
Ivan Nieto Vivanco ac8da55270 Evaluate if an item still exists before trying to get its name in the report 2022-05-01 13:25:55 -05:00
Ivan Nieto Vivanco 1cbbf8f976 Evaluate if an item still exists before trying to get its name in the report 2022-05-01 13:11:05 -05:00
Johnson Yi 92fe1287ea Do not saml login automatically after normal logout 2022-04-29 15:35:08 +00:00
snipe 9aac1cbba4 Merge branch 'master' into rcs/merge_master_into_develop_for_rc_8
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	README.md
#	app/Console/Commands/MoveUploadsToNewDisk.php
#	app/Http/Controllers/ActionlogController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/StatuslabelsController.php
#	app/Http/Controllers/Assets/AssetCheckinController.php
#	app/Http/Controllers/Licenses/LicensesController.php
#	app/Http/Controllers/Users/BulkUsersController.php
#	app/Http/Requests/AssetCheckoutRequest.php
#	app/Importer/LicenseImporter.php
#	app/Models/Actionlog.php
#	app/Models/License.php
#	app/Models/User.php
#	app/Observers/AssetObserver.php
#	composer.lock
#	config/version.php
#	database/factories/LicenseFactory.php
#	database/migrations/2015_09_21_235926_create_custom_field_custom_fieldset.php
#	database/migrations/2018_10_18_191228_add_kits_licenses_table.php
#	database/migrations/2018_10_19_153910_add_kits_table.php
#	database/migrations/2018_10_19_154013_add_kits_models_table.php
#	database/migrations/2019_02_07_185953_add_kits_consumables_table.php
#	database/migrations/2019_02_07_190030_add_kits_accessories_table.php
#	package-lock.json
#	package.json
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/lang/ar/general.php
#	resources/lang/ar/passwords.php
#	resources/lang/cs/general.php
#	resources/lang/cs/passwords.php
#	resources/lang/de/admin/custom_fields/general.php
#	resources/lang/de/admin/settings/general.php
#	resources/lang/de/admin/settings/message.php
#	resources/lang/fr/admin/custom_fields/general.php
#	resources/lang/fr/admin/hardware/general.php
#	resources/lang/fr/admin/locations/table.php
#	resources/lang/fr/admin/settings/message.php
#	resources/lang/hu/admin/custom_fields/general.php
#	resources/lang/hu/admin/settings/general.php
#	resources/lang/hu/general.php
#	resources/lang/it/admin/settings/general.php
#	resources/lang/nl/admin/custom_fields/general.php
#	resources/lang/nl/admin/settings/general.php
#	resources/lang/nl/general.php
#	resources/lang/pl/admin/custom_fields/general.php
#	resources/lang/sv-SE/passwords.php
#	resources/lang/tr/general.php
#	resources/views/hardware/view.blade.php
#	resources/views/partials/bootstrap-table.blade.php
#	resources/views/reports/activity.blade.php
#	resources/views/users/print.blade.php
2022-04-28 17:49:06 +01:00
snipe 2e9cf8fa87 Added access gate to the requested assets index
Signed-off-by: snipe <snipe@snipe.net>
2022-04-28 15:45:37 +01:00
snipe f623d05d0c Escape checkout target name
Signed-off-by: snipe <snipe@snipe.net>
2022-04-24 15:27:11 +01:00
snipe b2087a9947 Adds validator to make sure the status ID is deployable
Signed-off-by: snipe <snipe@snipe.net>
2022-04-15 13:06:55 +01:00
snipe 6b1329133b Adds status ID to asset checkout API endpoint
Signed-off-by: snipe <snipe@snipe.net>
2022-04-15 13:06:35 +01:00
snipe 698c7f4904 Fixes potential XSS vuln in user requestable results
Signed-off-by: snipe <snipe@snipe.net>
2022-04-15 12:22:20 +01:00
snipe 1441cf9f4f Ports #10494 to master
Signed-off-by: snipe <snipe@snipe.net>
2022-04-12 21:04:57 +01:00
snipe 7b891f0952
Merge pull request #10913 from inietov/fixes/bulk_user_edit_not_updating_asset_locations
Fixes Bulk user edit not updating checked out asset locations
2022-04-07 19:41:01 +01:00
snipe 8218b5ef47
Merge pull request #10914 from inietov/fixes/bulk_user_edit_not_updating_asset_locations_develop
Fixes Bulk user edit not updating checked out asset locations
2022-04-07 19:40:42 +01:00
snipe b73542664b
Merge pull request #10919 from Godmartinz/gh10866-checkin_time_always_show_12am
Fixed #10866 - Checkin time always shows 12am
2022-04-07 19:40:11 +01:00
Godfrey M 3eb7a87a66 fixes action_date for check-in not including H:i:s 2022-04-07 11:24:12 -07:00
Godfrey M 1325628039 fixes typo 2022-04-07 11:18:16 -07:00
Godfrey M 8498082f21 fixes typo 2022-04-07 11:16:40 -07:00
Godfrey M 6dc45c189b removed deadspace 2022-04-07 11:10:36 -07:00
Godfrey M 5d0a1ebb7a fixes action_date for check-in not including H:i:s 2022-04-07 11:08:43 -07:00
Ivan Nieto Vivanco e1927aa154 Update Assets locations when user's location changes whey they got bulk-edited 2022-04-06 19:23:49 -05:00
Ivan Nieto Vivanco 6529a75683 Update Assets locations when user's location changes whey they got bulk-edited 2022-04-06 19:12:02 -05:00
Ivan Nieto Vivanco b5378eff64 Fix several typos 2022-04-05 16:12:31 -05:00
Ivan Nieto Vivanco 1a448cc4b6 Take the values from the importer form to configure the used importer 2022-03-29 17:31:43 -06:00
snipe a937bd34f6 Merge master back down into develop
Signed-off-by: snipe <snipe@snipe.net>
2022-03-29 16:28:43 +01:00
snipe bdabbbd4e9 Logout user when their activated status is switched to off
Signed-off-by: snipe <snipe@snipe.net>
2022-03-29 13:44:53 +01:00
snipe 7941a88623
Merge pull request #10817 from dampfklon/fix-10810-unaccepted-assets
Fix #10810 unaccepted assets
2022-03-29 12:10:37 +01:00
snipe b5f3a357e2
Merge pull request #10850 from Godmartinz/feature/sc-18937/add-manager-to-ldap-sync
This looks good, thanks!
2022-03-29 12:06:01 +01:00
snipe 639409fb3f Backporting #10829 to master
Signed-off-by: snipe <snipe@snipe.net>
2022-03-25 13:00:16 +00:00
Godfrey M a1429ce86b removed manager_name from user files 2022-03-24 11:47:13 -07:00
Godfrey M c1f8252388 adds manager field to LDAP sync 2022-03-24 11:24:39 -07:00
Godfrey M 55680762de Merge branch 'develop' into feature/sc-18937/add-manager-to-ldap-sync 2022-03-22 16:33:58 -07:00
Godfrey Martinez fe6a6740db
Merge branch 'develop' into feature/sc-15014/asset-acceptance-and-signed-eula-as-pdf 2022-03-22 10:10:56 -07:00
Godfrey M 3e01981576 clean up 2022-03-22 10:07:08 -07:00
Godfrey M 62352ef1a1 completes accessory eula agreement blade 2022-03-22 10:04:22 -07:00
Ivan Nieto Vivanco 319d816002 Update in the license seat the user that the asset with that license have assigned 2022-03-21 15:06:43 -06:00
Godfrey M 4956eb0410 WIP: needs to be tested. adds ldap_manager field to ldap sync 2022-03-21 11:15:39 -07:00
Godfrey M 220df9710e adds most of the fields for an accessory eula agreement pdf 2022-03-21 09:18:29 -07:00
snipe df60729140 Fixed #10769 - redirect user back to due for audit page
This could probably take a little reworking, since if you are auditing from the Overdue for Audit page, we’d want to take you back *there* instead of the Due for Audit page.

Signed-off-by: snipe <snipe@snipe.net>
2022-03-21 14:27:18 +00:00
snipe e04ae63d02 Apply the fix to API controller too :(
Signed-off-by: snipe <snipe@snipe.net>
2022-03-19 23:12:48 +00:00
snipe 7db252ade3 Fixed #10840 - defaulting to 0 on supplier ID if no value provided
Signed-off-by: snipe <snipe@snipe.net>
2022-03-19 23:11:42 +00:00
Godfrey M b2e78e3382 formats most of the pdf blade 2022-03-16 15:53:32 -07:00
Dampfklon 9818d16834 fix showDeletedFunction by reverting #9508 2022-03-16 20:20:46 +01:00
Godfrey M 5fcc3c39f3 routes eula agreements for download correctly to the asset history 2022-03-16 11:56:56 -07:00
snipe 9db8bd782d Merging master down into develop
Signed-off-by: snipe <snipe@snipe.net>
2022-03-16 18:02:07 +00:00
Godfrey M 6386fa1c5e clean up 2022-03-16 09:54:10 -07:00
snipe 7498fe36e9 Removed extra space because pedantry
Signed-off-by: snipe <snipe@snipe.net>
2022-03-16 16:45:03 +00:00
snipe babf7c064b Added ability to filter status label index endpoint by status type
Signed-off-by: snipe <snipe@snipe.net>
2022-03-16 16:38:45 +00:00
Ivan Nieto Vivanco 570dd09dcd Add validation to Accessories and Consumables to not let the user update the number of items to less than they already have checked out 2022-03-15 17:52:19 -06:00
Godfrey M b2f7262cd2 adds table structure for asset history 2022-03-14 19:38:36 -07:00
Godfrey M e1a6a2afc6 adds translation for accept_eula, a bit more logic on the Acceptance Controller that is not working yet 2022-03-10 12:15:50 -08:00
snipe e3d2f7cc96 Missed a few
Signed-off-by: snipe <snipe@snipe.net>
2022-03-08 20:05:17 -08:00
snipe d1358b6249 Removed experimental feature policies
Signed-off-by: snipe <snipe@snipe.net>
2022-03-08 16:58:24 -08:00
Godfrey M 59c583ac74 adds the ability to save eula pdfs to storage, still working on storing them in the DB and exposing them in the UI 2022-03-08 16:42:27 -08:00
snipe e9d297e97d Added cache comment
Signed-off-by: snipe <snipe@snipe.net>
2022-03-07 19:37:06 -08:00
snipe 9269d5945e Added QR and alt barcode urls to asset transformer
Signed-off-by: snipe <snipe@snipe.net>
2022-03-07 19:32:18 -08:00
snipe 3e2fe10480 Fixed getAssetBySerial
Signed-off-by: snipe <snipe@snipe.net>
2022-03-05 09:03:29 -08:00
snipe 2d7a8b5e15
Merge pull request #10776 from snipe/added_trim_to_email_and_username
Added trim to email and username
2022-03-04 11:57:33 -08:00
snipe 9a358087ec Add remote user to bulk edit
Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 06:47:23 -08:00
snipe 67134ca387 Do a trim() before inserting/updating
Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 06:18:52 -08:00
snipe 0dfc27f56e Added remote to allowed_columns for sorting
Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 05:44:46 -08:00
snipe 43c1949092 Add remote option to user
Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 05:35:26 -08:00
snipe f840652395 Suppress errors for missing signatures
Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 03:18:28 -08:00
snipe 67ed0d91c0 Handle file_get_contents more gracefully
Signed-off-by: snipe <snipe@snipe.net>
2022-03-04 02:54:37 -08:00
snipe b876d0abb0 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.env.example
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Kernel.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/Accessory.php
#	app/Models/Consumable.php
#	app/Presenters/AccessoryPresenter.php
#	app/Presenters/ComponentPresenter.php
#	app/Presenters/ConsumablePresenter.php
#	app/Providers/AuthServiceProvider.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/cors.php
#	config/version.php
#	package-lock.json
#	public/js/build/app.js
#	public/js/build/app.js.LICENSE.txt
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/views/accessories/view.blade.php
#	resources/views/consumables/view.blade.php
#	resources/views/settings/saml.blade.php
#	routes/api.php
2022-03-03 21:59:38 -08:00
snipe 29a2e80984
Merge pull request #10771 from uberbrady/retry_fix_bad_metadata_display
Retry fix bad metadata display
2022-03-03 20:49:30 -08:00
snipe 6fca8350f9 Added notes field to transformers
Signed-off-by: snipe <snipe@snipe.net>
2022-03-03 20:29:35 -08:00
snipe 9acb5413f6 Added notes field to controllers
Signed-off-by: snipe <snipe@snipe.net>
2022-03-03 20:29:25 -08:00
snipe 08a2fe4edb
Merge pull request #10773 from snipe/features/adds_ldap_import_and_assets_count_to_user_api
Features/adds ldap import and assets count to user api
2022-03-03 19:15:14 -08:00
snipe 6abe8f296b We don’t need the users table here
Signed-off-by: snipe <snipe@snipe.net>
2022-03-03 19:12:03 -08:00
snipe a53a67be4a Added consumables, licenses, accessories count filters too
Signed-off-by: snipe <snipe@snipe.net>
2022-03-03 19:08:08 -08:00
snipe b72cac3511 Adds ldap_import and assets_count filter to user API endpoint
Signed-off-by: snipe <snipe@snipe.net>
2022-03-03 19:03:35 -08:00
snipe c940d36fff Updated maintenance gate in API
Signed-off-by: snipe <snipe@snipe.net>
2022-03-03 18:49:54 -08:00
snipe cd12028845 Use “update” instead of edit in gate
Signed-off-by: snipe <snipe@snipe.net>
2022-03-03 18:47:20 -08:00
Brady Wetherington 3225605ef3 Handling the old weirdly-formatted data wasn't quite working. 2022-03-03 18:17:29 -08:00
Brady Wetherington 31dde20a2b Actually, re-introduce this code comment as it's still relevant and tricky 2022-03-03 15:48:04 -08:00
Brady Wetherington aa36ebc947 Merge branch 'fix_bad_metadata_display' into retry_fix_bad_metadata_display 2022-03-03 15:46:19 -08:00
Brady Wetherington 92434fa943 Revert "Revert "refactor and clean up attribute-changing logic for assets""
This reverts commit bdc737ce0c.
2022-03-03 15:45:54 -08:00
Brady Wetherington 0164354463 Fix for the weird error that blew up the demo when my PR got merged 2022-03-02 15:15:16 -08:00
snipe bdc737ce0c Revert "refactor and clean up attribute-changing logic for assets"
This reverts commit 290baf1c8d.

Signed-off-by: snipe <snipe@snipe.net>
2022-03-02 14:45:14 -08:00
snipe 733b3a7550
Merge pull request #10682 from uberbrady/fix_bad_metadata_display
Fixed weird JSON-handling on log_meta updates
2022-03-02 14:36:38 -08:00
snipe 3339a691e1
Merge pull request #10721 from snipe/features/adds_users_consumables_endpoint
Added consumables endpoint to user API
2022-03-02 14:33:45 -08:00
Ivan Nieto Vivanco 0df9dd8320 Delete a function that is not longer used 2022-03-01 18:59:50 -06:00
Godfrey M 533670f3f1 faulty method for converting asset acceptance to pdf 2022-02-24 14:50:16 -08:00
snipe 50f55b4308 Fixes broken API throttling
Signed-off-by: snipe <snipe@snipe.net>
2022-02-24 13:10:10 -08:00
snipe a8028e7dd0
Merge pull request #10727 from uberbrady/master
Fix for negative CORS/SAML interaction
2022-02-23 11:17:17 -08:00
Brady Wetherington 15abc84ab0 Migrate to Fruitcake/laravel-cors which has path-exclusion built-in 2022-02-23 11:06:19 -08:00
snipe 42fcd29200 Fixed #10436 on master, applies #10449
Signed-off-by: snipe <snipe@snipe.net>
2022-02-22 21:06:54 -08:00
snipe dc2e6c2b06 Adds consumables endpoint to user API
Signed-off-by: snipe <snipe@snipe.net>
2022-02-22 20:44:34 -08:00
Brady Wetherington 294606fb0b Move new CORS library to global middleware, the only place it works 2022-02-22 19:07:23 -08:00
Brady Wetherington 64f83f9a5f Move HandleCors middleware to be universal 2022-02-22 17:43:40 -08:00
snipe dd5f812d88 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Console/Commands/FixDoubleEscape.php
#	app/Console/Commands/LdapSync.php
#	app/Exceptions/Handler.php
#	app/Http/Controllers/Api/AssetMaintenancesController.php
#	app/Http/Controllers/Api/AssetModelsController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/CategoriesController.php
#	app/Http/Controllers/Api/CompaniesController.php
#	app/Http/Controllers/Api/DepartmentsController.php
#	app/Http/Controllers/Api/LicensesController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/ManufacturersController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/SuppliersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Models/Loggable.php
#	app/Providers/AuthServiceProvider.php
#	config/version.php
#	database/migrations/2014_11_04_231416_update_group_field_for_reporting.php
#	database/migrations/2015_11_08_222305_add_ldap_fields_to_settings.php
#	package-lock.json
#	package.json
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/assets/js/components/forms/asset-models/fieldset-default-values.vue
#	resources/views/hardware/view.blade.php
2022-02-20 13:29:12 -08:00
Ivan Nieto Vivanco 23a6907975 Some minor stylistic changes 2022-02-17 18:05:06 -06:00
Ivan Nieto Vivanco 5b2a5ff124 Put the 'remember_token' column as null in the users table 2022-02-17 18:03:00 -06:00
Ivan Nieto Vivanco 548b172744 Logout every connected user 2022-02-17 18:00:24 -06:00
Ivan Nieto Vivanco 263893b3c6 Search logged in user that made the restore, if they doesn't exist in the restored system, add it again 2022-02-17 17:42:06 -06:00
Ivan Nieto Vivanco 811ca51c4f Wipe database before restoration 2022-02-17 16:59:44 -06:00
snipe d1b45a83b8 Blergh, one more linebreak
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:51:06 -08:00
snipe 01a8701a8c Removed extra linebreaks
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:50:38 -08:00
snipe 67fe53e32a Removed debugging, added comments
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:50:07 -08:00
snipe 7f6b8cc43d Removed carbon, since we went with PHP's datetime instead
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:48:12 -08:00
snipe 5fe999eb02 Shored up the date math, updated the explanation
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:34:33 -08:00
snipe ea429d650e Initial audit date fix
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 20:19:38 -08:00
snipe 824eedf7c2 Added UI elements for is_unique
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 13:47:48 -08:00
snipe a4a0aa5124 Removed debugging line
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 13:47:22 -08:00
snipe 4f89dfee49
Merge pull request #10679 from snipe/fixes/timing_attack_mitigation_for_forgot_password
Added usleep random to forgotten password method to mitigate timing attacks
2022-02-16 11:17:00 -07:00
snipe 017534bc07 Added deleted_at to license transformer
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:33:28 -08:00
snipe 5540069cce Be more specific with deleted license point
Require this value to be "true" speciically to get the deleted list

Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:14:04 -08:00
snipe 1ad56760ce Adds delete endpoint for licenses
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:08:50 -08:00
Brady Wetherington 290baf1c8d refactor and clean up attribute-changing logic for assets 2022-02-15 18:29:45 -08:00
snipe f878e0ad66 Fixes 2FA cookie -> user issue
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:29:23 -08:00
snipe 178e440951 Added usleep :(
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:09:58 -08:00
snipe cab4fa1687 Fixes some conceptual gates
Signed-off-by: snipe <snipe@snipe.net>
2022-02-14 15:42:23 -08:00
snipe 4804e5b3ab Added Asset edit/delete gates to maintenances
Signed-off-by: snipe <snipe@snipe.net>
2022-02-14 15:34:06 -08:00
snipe 1c0a96b0ce Added gate to supplier
Signed-off-by: snipe <snipe@snipe.net>
2022-02-13 11:58:12 -07:00
snipe d77a47765e Adds gate to supplier
Signed-off-by: snipe <snipe@snipe.net>
2022-02-13 11:53:45 -07:00
Dampfklon 0d49fc3a2e remove unused route, controller functions and view 2022-02-13 12:10:19 +01:00
snipe 2dad27eed6 Added additional gate for selectlists
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:46:14 -08:00
snipe f5ffda8053 Ahem.
Signed-off-by: snipe <snipe@snipe.net>
2022-02-10 22:43:51 -08:00
snipe 70af10ae6c
Merge pull request #10640 from JonathonReinhart/10552-add-checkin-api-date
Fix #10552: Add checkin_at parameter to /hardware/:id/checkin API
2022-02-10 09:54:20 -08:00
snipe b9a8d45c07 Better messaging
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 16:30:42 -08:00
snipe 7794c2f44b Check that the fieldset exists before trying to detach it from the fieldset
Signed-off-by: snipe <snipe@snipe.net>
2022-02-09 16:16:16 -08:00
snipe d06e3dd892 Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-09 14:40:33 -08:00
snipe 6b25b53462
Merge pull request #10628 from inietov/fixes/default_values_dont_allow_checkbox_radio
Fixes #10299 Default Values do not allow Checkbox/Radio Buttons
2022-02-09 14:39:46 -08:00
Ivan Nieto Vivanco 6d79c9f3e2 Save the default values for custom fields with same format than Assets do for actual values 2022-02-09 13:41:33 -06:00
Ivan Nieto Vivanco a36957dd77 Finish the implementation of custom fields default values for checkboxes 2022-02-09 13:12:42 -06:00
Ivan Nieto Vivanco 2f3499e4b9 Show checkboxes a little less assy, actually save the data checked by them 2022-02-09 10:49:10 -06:00
Jonathon Reinhart 3536d08477 Add checkin_at parameter to /hardware/:id/checkin API
Fixes #10552
2022-02-08 20:23:09 -05:00
Brady Wetherington c300e7c7f6 Remove extraneous backslash 2022-02-08 12:23:15 -08:00
Brady Wetherington fb890fbc30 Properly alert when invalid JSON is submitted to something that wants JSON 2022-02-08 12:22:59 -08:00
Brady Wetherington 9a66f6a254 Remove extraneous backslash 2022-02-08 12:09:40 -08:00
Brady Wetherington 5e94726ec1 Properly alert when invalid JSON is submitted to something that wants JSON 2022-02-08 12:05:05 -08:00
Jonathon Reinhart cd963179fd Fix /hardware/{id}/checkin API response on error
Fixes #10629
2022-02-08 01:08:42 -05:00
snipe b3a0f86431 Temp fix for weird JSON format in history
Signed-off-by: snipe <snipe@snipe.net>
2022-02-07 18:27:55 -08:00
Ivan Nieto Vivanco eac8e0bdba Add a casting to a truthy/falsy that needs to be integer 2022-02-02 13:54:57 -06:00
snipe ce154a2382
Merge pull request #10455 from adagioajanes/features/quickscan_checkin
Added #10454: Quick Scan Checkin
2022-02-01 20:19:45 -08:00
snipe 06a5ea1530 Fixed duplicate use statement
Signed-off-by: snipe <snipe@snipe.net>
2022-02-01 18:57:45 -08:00
snipe 5fded57ec6 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/ProfileController.php
#	app/Importer/ItemImporter.php
#	app/Importer/UserImporter.php
#	app/Models/Asset.php
#	app/Models/License.php
#	app/Providers/AppServiceProvider.php
#	app/Services/LdapAd.php
#	config/version.php
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/lang/ar/button.php
#	resources/lang/de/admin/companies/general.php
#	resources/lang/de/admin/custom_fields/general.php
#	resources/lang/de/admin/groups/titles.php
#	resources/lang/de/admin/hardware/form.php
#	resources/lang/de/admin/hardware/general.php
#	resources/lang/de/admin/hardware/message.php
#	resources/lang/de/admin/hardware/table.php
#	resources/lang/de/admin/kits/general.php
#	resources/lang/de/admin/locations/table.php
#	resources/lang/de/admin/reports/general.php
#	resources/lang/de/admin/settings/general.php
#	resources/lang/de/admin/settings/message.php
#	resources/lang/de/admin/users/general.php
#	resources/lang/de/general.php
#	resources/lang/de/mail.php
#	resources/lang/en/admin/asset_maintenances/message.php
#	resources/lang/en/admin/asset_maintenances/table.php
#	resources/lang/en/admin/companies/general.php
#	resources/lang/en/admin/companies/message.php
#	resources/lang/en/admin/custom_fields/general.php
#	resources/lang/en/admin/depreciations/general.php
#	resources/lang/en/admin/groups/titles.php
#	resources/lang/en/admin/hardware/form.php
#	resources/lang/en/admin/hardware/general.php
#	resources/lang/en/admin/hardware/table.php
#	resources/lang/en/admin/kits/general.php
#	resources/lang/en/admin/locations/table.php
#	resources/lang/en/admin/reports/general.php
#	resources/lang/en/admin/settings/general.php
#	resources/lang/en/admin/settings/message.php
#	resources/lang/en/admin/users/general.php
#	resources/lang/en/button.php
#	resources/lang/en/general.php
#	resources/lang/en/help.php
#	resources/lang/en/mail.php
#	resources/lang/en/passwords.php
#	resources/lang/hu/admin/hardware/general.php
#	resources/lang/hu/admin/hardware/table.php
#	resources/lang/hu/admin/locations/table.php
#	resources/lang/is/admin/locations/table.php
#	resources/lang/ko/admin/custom_fields/general.php
#	resources/lang/ko/general.php
#	resources/lang/nl/admin/hardware/general.php
#	resources/lang/nl/admin/hardware/message.php
#	resources/lang/nl/admin/hardware/table.php
#	resources/lang/nl/admin/locations/table.php
#	resources/lang/nl/admin/statuslabels/message.php
#	resources/lang/nl/admin/users/general.php
#	resources/lang/no/admin/companies/general.php
#	resources/lang/no/admin/custom_fields/general.php
#	resources/lang/no/admin/depreciations/general.php
#	resources/lang/no/admin/depreciations/table.php
#	resources/lang/no/admin/groups/titles.php
#	resources/lang/no/admin/hardware/form.php
#	resources/lang/no/admin/hardware/general.php
#	resources/lang/no/admin/hardware/table.php
#	resources/lang/no/admin/kits/general.php
#	resources/lang/no/admin/locations/table.php
#	resources/lang/no/admin/reports/general.php
#	resources/lang/no/admin/settings/general.php
#	resources/lang/no/admin/settings/message.php
#	resources/lang/no/admin/statuslabels/message.php
#	resources/lang/no/admin/users/general.php
#	resources/lang/no/button.php
#	resources/lang/no/general.php
#	resources/lang/no/mail.php
#	resources/lang/no/validation.php
#	resources/lang/pl/admin/companies/general.php
#	resources/lang/pl/admin/custom_fields/general.php
#	resources/lang/pl/admin/depreciations/general.php
#	resources/lang/pl/admin/depreciations/table.php
#	resources/lang/pl/admin/groups/titles.php
#	resources/lang/pl/admin/hardware/form.php
#	resources/lang/pl/admin/hardware/general.php
#	resources/lang/pl/admin/hardware/table.php
#	resources/lang/pl/admin/kits/general.php
#	resources/lang/pl/admin/locations/table.php
#	resources/lang/pl/admin/reports/general.php
#	resources/lang/pl/admin/settings/general.php
#	resources/lang/pl/admin/settings/message.php
#	resources/lang/pl/admin/users/general.php
#	resources/lang/pl/button.php
#	resources/lang/pl/general.php
#	resources/lang/pt-PT/admin/companies/general.php
#	resources/lang/pt-PT/admin/custom_fields/general.php
#	resources/lang/pt-PT/admin/depreciations/general.php
#	resources/lang/pt-PT/admin/depreciations/table.php
#	resources/lang/pt-PT/admin/groups/titles.php
#	resources/lang/pt-PT/admin/hardware/form.php
#	resources/lang/pt-PT/admin/hardware/general.php
#	resources/lang/pt-PT/general.php
#	resources/lang/pt-PT/help.php
#	resources/lang/pt-PT/validation.php
#	resources/lang/ro/admin/companies/general.php
#	resources/lang/ro/admin/custom_fields/general.php
#	resources/lang/ro/admin/groups/titles.php
#	resources/lang/ro/admin/hardware/form.php
#	resources/lang/ro/admin/hardware/general.php
#	resources/lang/ro/admin/hardware/message.php
#	resources/lang/ro/admin/hardware/table.php
#	resources/lang/ro/admin/locations/table.php
#	resources/lang/ro/admin/settings/message.php
#	resources/lang/ru/admin/companies/general.php
#	resources/lang/ru/admin/custom_fields/general.php
#	resources/lang/ru/admin/settings/general.php
#	resources/lang/ru/button.php
#	resources/lang/ru/general.php
#	resources/lang/ru/validation.php
#	resources/lang/sk/admin/settings/general.php
#	resources/lang/sk/button.php
#	resources/lang/sk/general.php
#	resources/lang/tr/admin/hardware/form.php
#	resources/lang/tr/admin/hardware/table.php
#	resources/lang/tr/admin/kits/general.php
#	resources/lang/tr/admin/locations/table.php
#	resources/lang/tr/admin/reports/general.php
#	resources/lang/tr/admin/settings/general.php
#	resources/lang/tr/admin/settings/message.php
#	resources/lang/tr/admin/statuslabels/message.php
#	resources/lang/tr/admin/users/general.php
#	resources/lang/tr/button.php
#	resources/lang/tr/general.php
#	resources/lang/zh-CN/admin/companies/general.php
#	resources/lang/zh-CN/admin/custom_fields/general.php
#	resources/lang/zh-CN/admin/depreciations/general.php
#	resources/lang/zh-CN/admin/depreciations/table.php
#	resources/lang/zh-CN/admin/groups/titles.php
#	resources/lang/zh-CN/admin/hardware/form.php
#	resources/lang/zh-CN/admin/hardware/general.php
#	resources/lang/zh-CN/admin/hardware/message.php
#	resources/lang/zh-CN/admin/hardware/table.php
#	resources/lang/zh-CN/admin/kits/general.php
#	resources/lang/zh-CN/admin/locations/table.php
#	resources/lang/zh-CN/admin/reports/general.php
#	resources/lang/zh-CN/admin/settings/general.php
#	resources/lang/zh-CN/admin/settings/message.php
#	resources/lang/zh-CN/admin/statuslabels/message.php
#	resources/lang/zh-CN/admin/users/general.php
#	resources/lang/zh-CN/button.php
#	resources/lang/zh-CN/general.php
#	resources/lang/zh-CN/mail.php
#	resources/views/depreciations/edit.blade.php
2022-02-01 18:53:05 -08:00
Ivan Nieto Vivanco 3ef775533a Adds actionlog for bulk edits 2022-02-01 12:10:46 -06:00
Ivan Nieto Vivanco 2fec40d7df Adds actionlog for bulk edits 2022-02-01 00:00:12 -06:00
snipe aa3aa78204 Adds Lookup Asset by Custom Field via API [sc-18632]
Signed-off-by: snipe <snipe@snipe.net>
2022-01-28 09:08:48 -08:00
Ivan Nieto Vivanco 7383ec7f1e Add an early return if the model id is not set (for new Asset Models) 2022-01-21 11:45:45 -06:00
Ivan Nieto Vivanco f510b9c2a9 Add query to filter non-deprecable assets when the Depreciation Report is called 2022-01-15 14:21:31 -06:00
Ivan Nieto Vivanco 8334ed6f7e Add query to filter non-deprecable assets when the Depreciation Report is called 2022-01-15 14:01:19 -06:00
Brady Wetherington ef463a37d8 Make 'pending' assets properly requestable; use requestable scope 2022-01-14 12:48:33 -08:00
Brady Wetherington 65e584c2bd Revert the unnecessary optimization for asset->count() 2022-01-13 19:37:08 -08:00
Brady Wetherington 4e8ae8a162 Fix extraneous wildcard query in requestable asset search 2022-01-13 16:32:40 -08:00
snipe 984db1ef44 Apply personal API token fix to master
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:39:56 -08:00
snipe 512dbfee7a Added gate to check that the user is allowed to view API keys
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:33:27 -08:00
snipe eb8f23a888 Removed commented code
Signed-off-by: snipe <snipe@snipe.net>
2022-01-13 01:32:28 -08:00
snipe 8f4ec95fbb Remove assets query, since we handle that via API call now and just need the count()
Signed-off-by: snipe <snipe@snipe.net>
2022-01-12 23:23:00 -08:00
snipe 224d0b2fd2 Small language file additions
Signed-off-by: snipe <snipe@snipe.net>
2022-01-12 22:21:00 -08:00
snipe 43c57c8461 Merge master into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Http/Controllers/BulkAssetModelsController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/CustomFieldsetsController.php
#	app/Http/Controllers/ModalController.php
#	app/Http/Transformers/GroupsTransformer.php
#	config/version.php
#	package-lock.json
#	public/css/build/app.css
#	public/css/build/overrides.css
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/assets/less/overrides.less
#	resources/lang/en/admin/hardware/message.php
#	resources/lang/en/admin/settings/general.php
#	resources/views/partials/bootstrap-table.blade.php
#	routes/web.php
2022-01-12 20:51:33 -08:00
Alex Janes d2bb3e6377
Merge branch 'develop' into features/quickscan_checkin 2022-01-11 16:40:20 -05:00
Alex Janes edef640d35
Merge branch 'develop' into features/lock_logins_to_saml 2022-01-11 09:05:14 -05:00
snipe ea83567e7d
Merge pull request #10494 from exula/fix/increase_max_licenses
Fixed #7824
2022-01-10 15:04:47 -08:00
snipe d9624b59b4
Merge pull request #10264 from nuraeil/added-localized-strings
Added #10242: Improved localized strings
2022-01-10 14:48:52 -08:00
Brad 81084fa717 Fixed #7824
Previously there was a 999 max seats on Licenses as anything above that seemed to cause slowdowns and failure.

This commit allievates those pain points

- removed freeSeats as a hydrated Eloquent model on JSON requests for the licenses index
- removed 'licenseSeats.user', 'licenseSeats.asset' from the 'with' clause as it's not needed in the view (Datatabales takes care of that)
- removed the 999 max seats limit from the License Model,
- reworked how new license seats are created when increasing seats or creating licenses
- Added an index the license_seats table to help speed up lookups
2022-01-10 14:03:28 -05:00
Wächtler, Yannick 04d649122b Fixed duplication for a couple of items, removed TODO markers, added lots of translation strings where there was a TODO 2022-01-06 12:35:37 +01:00
Haxatron bb095641c2
Update BulkAssetModelsController.php
https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7
2022-01-06 09:50:11 +08:00
snipe 884b6b0270 Fixes format property on invalid custom field object
Signed-off-by: snipe <snipe@snipe.net>
2022-01-03 19:14:50 -08:00
Brady Wetherington 95c30cae8d Some duplicate imports at the top of the Settings file 2022-01-03 13:53:53 -08:00
Brady Wetherington 3c7f2e89ec Merge branch 'develop' into remove_old_ldap
Had to re-do the composer install because the conflicts were too complicated.
2022-01-03 12:56:58 -08:00
snipe 2ee84c2675 Added a few more comments
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:33:28 -08:00
snipe c6ce928567 Added allow list to modal view options
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 18:16:49 -08:00
snipe b4fac3e4ae Fixed missing index for fieldsets
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 13:16:44 -08:00
snipe bad6b862ca assets_count doesnt exist as a column
Signed-off-by: snipe <snipe@snipe.net>
2021-12-30 12:59:16 -08:00
Alex Janes d0bfd8dfd2 Fixed the collection of the groups total to GroupsTransformer.php. Groups page should now paginate correctly. 2021-12-23 20:54:34 -05:00
Alex Janes 7acb559069 corrected issue with asset not found errors 2021-12-20 19:55:00 -05:00
Alex Janes 2b5aca183c removed unnecessary additional data call from api method 2021-12-19 19:21:58 -05:00
Alex Janes 14b21a6e95 removed some whitespace 2021-12-19 19:17:32 -05:00
Alex Janes 08cb8c354b more cleanup to fit formatting convention 2021-12-19 19:11:24 -05:00
Alex Janes 29da4f4325 Removed a bunch of redundant code I created from the API 2021-12-19 18:39:57 -05:00
Alex Janes bc4fe88ac0 First version of bulk checkin 2021-12-19 16:53:31 -05:00
Alex Janes a68ec8bb57
Update LoginController.php
Updated if statements to match convention exactly.
2021-12-17 18:52:42 -05:00
Alex Janes 74de91c31a
Merge pull request #1 from snipe/develop
Develop
2021-12-17 14:51:03 -05:00
snipe 9b2dd6522f Switch GET to POST for asset request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 20:36:08 -08:00
Alex Janes d99db5c63b bug fix and formatting fix 2021-12-16 19:04:37 -05:00
snipe 398180dc59 Small merge unmagling
Signed-off-by: snipe <snipe@snipe.net>
2021-12-16 14:38:04 -08:00
snipe c3d55ee27e Merge master down into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.all-contributorsrc
#	README.md
#	app/Exceptions/Handler.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/CustomFieldsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Transformers/AssetsTransformer.php
#	app/Models/Setting.php
#	config/version.php
#	resources/lang/af/button.php
#	resources/lang/ar/button.php
#	resources/lang/bg/button.php
#	resources/lang/cs/button.php
#	resources/lang/cy/button.php
#	resources/lang/da/button.php
#	resources/lang/de/button.php
#	resources/lang/el/button.php
#	resources/lang/en-GB/button.php
#	resources/lang/en-ID/button.php
#	resources/lang/es-CO/admin/groups/message.php
#	resources/lang/es-MX/button.php
#	resources/lang/et/admin/custom_fields/general.php
#	resources/lang/et/admin/hardware/table.php
#	resources/lang/et/admin/kits/general.php
#	resources/lang/et/admin/manufacturers/message.php
#	resources/lang/et/admin/models/general.php
#	resources/lang/et/admin/settings/general.php
#	resources/lang/et/button.php
#	resources/lang/et/mail.php
#	resources/lang/fa/button.php
#	resources/lang/fa/help.php
#	resources/lang/fi/button.php
#	resources/lang/fil/button.php
#	resources/lang/fr/button.php
#	resources/lang/ga-IE/button.php
#	resources/lang/he/button.php
#	resources/lang/hr/button.php
#	resources/lang/hu/admin/settings/general.php
#	resources/lang/hu/auth/message.php
#	resources/lang/hu/button.php
#	resources/lang/hu/mail.php
#	resources/lang/id/admin/hardware/table.php
#	resources/lang/id/button.php
#	resources/lang/it/button.php
#	resources/lang/iu/button.php
#	resources/lang/ja/button.php
#	resources/lang/ko/button.php
#	resources/lang/lt/button.php
#	resources/lang/lv/button.php
#	resources/lang/mi/button.php
#	resources/lang/mk/button.php
#	resources/lang/ml-IN/button.php
#	resources/lang/mn/button.php
#	resources/lang/ms/admin/hardware/table.php
#	resources/lang/ms/admin/kits/general.php
#	resources/lang/ms/admin/models/general.php
#	resources/lang/ms/admin/models/message.php
#	resources/lang/ms/admin/settings/general.php
#	resources/lang/ms/button.php
#	resources/lang/nl/button.php
#	resources/lang/no/admin/hardware/table.php
#	resources/lang/no/admin/kits/general.php
#	resources/lang/no/admin/settings/general.php
#	resources/lang/no/auth/message.php
#	resources/lang/no/button.php
#	resources/lang/no/help.php
#	resources/lang/no/mail.php
#	resources/lang/pl/button.php
#	resources/lang/pt-BR/button.php
#	resources/lang/pt-PT/auth/message.php
#	resources/lang/pt-PT/button.php
#	resources/lang/pt-PT/mail.php
#	resources/lang/ro/button.php
#	resources/lang/ru/admin/settings/general.php
#	resources/lang/ru/button.php
#	resources/lang/ru/help.php
#	resources/lang/sl/admin/custom_fields/general.php
#	resources/lang/sl/admin/hardware/table.php
#	resources/lang/sl/admin/kits/general.php
#	resources/lang/sl/admin/manufacturers/message.php
#	resources/lang/sl/admin/models/general.php
#	resources/lang/sl/admin/settings/general.php
#	resources/lang/sl/admin/users/general.php
#	resources/lang/sl/auth/message.php
#	resources/lang/sl/button.php
#	resources/lang/sl/help.php
#	resources/lang/sr-CS/button.php
#	resources/lang/ta/button.php
#	resources/lang/th/button.php
#	resources/lang/th/mail.php
#	resources/lang/tl/button.php
#	resources/lang/tr/admin/settings/general.php
#	resources/lang/tr/auth/message.php
#	resources/lang/tr/button.php
#	resources/lang/uk/button.php
#	resources/lang/ur-PK/button.php
#	resources/lang/vi/button.php
#	resources/lang/zh-CN/button.php
#	resources/lang/zh-HK/button.php
#	resources/lang/zh-TW/admin/hardware/table.php
#	resources/lang/zh-TW/button.php
#	resources/lang/zu/button.php
#	resources/views/models/custom_fields_form.blade.php
#	resources/views/reports/custom.blade.php
#	resources/views/settings/slack.blade.php
2021-12-16 14:26:24 -08:00
Alex Janes 6898119891 Replaced env() with config() to check environment variables
Made the app.php description for 'REQUIRE_SAML' a bit more... descriptive.
2021-12-16 16:56:39 -05:00
Alex Janes a6116a1b15 If SAML required, don't accept login form post. 2021-12-16 14:33:25 -05:00
Alex Janes 3c8d70c5fb Add option to environment to require SAML for a more secure installation. 2021-12-16 11:44:07 -05:00
Bradley Coudriet dbdc1c7f3f
Update SettingsController.php to save Slack Settings
This goes with #10438 that I just submitted about Slack Settings not saving.

This adds the necessary code to actually save the Slack Settings,
As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.
2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco c80aa2a289 Add title column to custom reports 2021-12-14 12:05:33 -06:00
Ivan Nieto Vivanco 0037cdb00c Add title column to custom reports 2021-12-13 20:27:23 -06:00
snipe 25e2e7ecc6
Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected
Fixes bulk edit message counts more users than the actual selected users number
2021-12-13 14:13:14 -08:00
snipe 9d5d1a9f9a Added escape to assigned_to API response
Signed-off-by: snipe <snipe@snipe.net>
2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco a419a690d4 Add a variable to better control the selected user's ids 2021-12-11 18:01:38 -06:00
Brady Wetherington ea71086dfc Yank assetlog from eager-load clause in API query for develop 2021-12-10 18:50:34 -08:00
Brady Wetherington acfb41f129 Remove 'actionlog' from the ::with() clause in the asset query API 2021-12-10 18:42:56 -08:00
Haxatron 1699c09758
Update AssetModelsController.php 2021-12-09 21:42:18 +08:00
Haxatron 918e7c8dae
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/ 2021-12-09 12:57:04 +08:00
snipe 86afe6c4b1 Cleanup slack validation
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 18:03:56 -08:00
snipe ff97b359ad Removed form request on ajax, cleaned up some other things
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:58:46 -08:00
snipe 8fa690b635 Reverting form request because it doesn't seem to work (????!!)
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 17:54:15 -08:00
snipe 8c1cd87831 Added slacksettingsrequest as use statement
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:56:22 -08:00
snipe 80d36cd72b Added slack settings request
Signed-off-by: snipe <snipe@snipe.net>
2021-12-08 15:53:05 -08:00
snipe ebdbc20740 Adds stricter validation for slack endpoints
Signed-off-by: snipe <snipe@snipe.net>
2021-12-06 11:40:24 -08:00
snipe ff81e6d536
Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes
Escape notes in transformCheckedOutAccessory
2021-11-24 19:56:36 -08:00
snipe 00fad35c2a Escape notes in transformCheckedOutAccessory
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:54:45 -08:00
snipe 3debe78574
Merge pull request #10350 from inietov/fixes/trim_custom_fields_names
Apply trim() function when storing Custom Fields names
2021-11-24 19:42:04 -08:00
snipe 29bbfad693 Applied escaping fix from master to develop
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:38:27 -08:00
snipe 830d07f84f Removed escaping on input save for asset checkout on creation
Signed-off-by: snipe <snipe@snipe.net>
2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco 1ca770895a Apply trim() function when storing Custom Fields names 2021-11-22 18:43:21 -06:00
snipe bbb0d1be17 Possible fix for asset model editing when no custom fieldset is associated
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 21:09:35 -08:00
snipe f7b483358f Escape custom field values in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
snipe 476e17055b Escape custom fields in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:31:01 -08:00
snipe 46d2f8a81d Disallow file upload to backups on demo
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 19:42:02 -08:00
snipe 92b7aaf44b Log the user out upon successful restore
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 19:40:01 -08:00
snipe f2f8f96991 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Transformers/AssetsTransformer.php
#	app/Importer/ConsumableImporter.php
#	app/Models/Consumable.php
#	config/version.php
#	package-lock.json
#	package.json
#	public/css/dist/all.css
#	public/css/dist/bootstrap-table.css
#	public/js/build/app.js
#	public/js/dist/all.js
#	public/js/dist/bootstrap-table.js
#	public/mix-manifest.json
#	resources/views/custom_fields/fieldsets/view.blade.php
#	resources/views/layouts/default.blade.php
#	routes/web.php
#	routes/web/fields.php
2021-11-15 19:24:38 -08:00
Brady Wetherington 864cc4f8d5 Fix FIXME's by downgrading them to TODO's :) 2021-11-10 11:37:10 -08:00
snipe 457c6080cc Better handling if there was no file uploaded
Signed-off-by: snipe <snipe@snipe.net>
2021-11-10 01:43:45 -08:00
snipe 96f76e1f6b INCOMPLETE: Added restore and upload methods for backups
Signed-off-by: snipe <snipe@snipe.net>
2021-11-10 00:07:17 -08:00
snipe 3b25093aeb Removed noisy debugging
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:38:27 -08:00
snipe 76506dabbf Made helpers call full namespace (tho I have no idea why this was necessary)
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:38:14 -08:00
snipe 1b1b54fbf4 Add modified_value and modified_display so we can use the formatted date but still sort correctly
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 22:37:49 -08:00
snipe 0e21a95817 Escape error message in asset autdit apI (same as in v5)
Signed-off-by: snipe <snipe@snipe.net>
2021-11-09 19:39:32 -08:00
Brady Wetherington 91f087258b Merge branch 'develop' into remove_old_ldap 2021-11-09 18:33:41 -08:00
Brady Wetherington 3ea209a507 Escape asset_tag attribute at controller level for consumption in bulk checkout 2021-11-08 20:27:43 -08:00
Brady Wetherington a58c5ce27f Better documentation, disable AdLdap2-based "Add domain" setting 2021-11-08 17:11:47 -08:00
Brady Wetherington b0417e5bd7 Finish pulling out the AdLdap2-based LDAP remnants that were still in the system 2021-11-03 15:22:06 -07:00