Commit graph

1658 commits

Author SHA1 Message Date
snipe 36f9905be0 Removed test code 2020-04-01 04:29:35 -07:00
snipe 2d2cd68061 Switched to h2 from h4 2020-04-01 03:51:08 -07:00
snipe fd642e95eb Hide success icons from screen readers 2020-04-01 03:25:07 -07:00
snipe 9ab3370be5 Hide icons in error messages 2020-04-01 03:21:15 -07:00
snipe 4dcc1ffdbc More form labels 2020-04-01 02:22:24 -07:00
snipe 7718abaa72 Added aria-hidden 2020-04-01 01:26:44 -07:00
snipe 59c5a1ea87 Added aria label to form helper 2020-04-01 01:26:32 -07:00
snipe 0cf70c9e16 Fixed select2 placeholder 2020-04-01 01:26:19 -07:00
snipe c3d2e8ff26 Added aria-hidden to inline form error text 2020-04-01 00:18:20 -07:00
snipe 192f703885 Trying placeholder CSS styling for the high contrast skin
Doesn’t seem to work :(
2020-04-01 00:15:58 -07:00
snipe be93b23488 Added aria-label to form fields 2020-04-01 00:15:33 -07:00
snipe b079d0d6d5 Use btn-primary for submit button 2020-03-31 23:38:10 -07:00
snipe c6c75cc11f Fixed missing </h3 tags 2020-03-31 23:36:56 -07:00
snipe b188285bc9 Fixed empty table headings 2020-03-31 23:02:24 -07:00
snipe 6d659a84b8 Removed extra div tag 2020-03-31 22:53:58 -07:00
snipe 3e3828229d Removed _tab from tab names 2020-03-31 22:52:21 -07:00
snipe bf6a0f8d2f Added aria-hidden 2020-03-31 22:50:38 -07:00
snipe 3873c4b253 Added aria form labels to upload modal 2020-03-31 22:50:29 -07:00
snipe 6cc23f69f9 Added aria form labels 2020-03-31 22:50:14 -07:00
snipe a467a6999e Use upload modal 2020-03-31 22:50:07 -07:00
snipe e0eb10ca1e Added aria-hidden tags 2020-03-31 22:49:49 -07:00
snipe 99c4c73c09 Fixed aria labels on dropdowns 2020-03-31 21:53:26 -07:00
snipe bde45cbb34 Fixed h3 to h2 for semantic header levels 2020-03-31 21:30:24 -07:00
snipe c408c27bf4 Updated dark skins 2020-03-31 21:10:55 -07:00
snipe bfa9c0c528 Updated dark skins with updated styles 2020-03-31 20:58:54 -07:00
snipe 9cc9cddd68 Fixed visited button text color 2020-03-31 20:39:41 -07:00
snipe fe2261c88d A few more aria-hidden fixes 2020-03-31 19:34:01 -07:00
snipe 6aeb3c0a47 Use divs instead of layout table on view 2020-03-31 19:27:21 -07:00
snipe dfaa1c9578 Use the same “no results” treatment for each tab 2020-03-31 18:45:43 -07:00
snipe 0ef1dfe061 Switched from layout tables to decorated divs for asset detail page 2020-03-31 18:39:58 -07:00
snipe ba8bcd6413 Slight tweaks to div table styles 2020-03-31 18:39:41 -07:00
snipe 7854003ec2 Added sr-only text to “made with love” footer 2020-03-31 17:29:20 -07:00
snipe c71dd9b68a Added sr-only text 2020-03-31 17:29:06 -07:00
snipe dfeabbc85d Added table-styles div CSS
(Still needs to be applied for dark mode skins)
2020-03-31 17:28:40 -07:00
snipe b8b9ac8a1b Fixed mismatched <b>/<strong> tags 2020-03-28 18:00:46 -07:00
snipe 80ac2607cd Added alt tags to assigned assets view 2020-03-28 18:00:19 -07:00
snipe 3552fb1fd8 Added alt tags to profile image 2020-03-28 18:00:05 -07:00
snipe 54a96b8453 Fixed <b> to <strong> 2020-03-28 17:30:17 -07:00
snipe 03be4e74df Higher contrast pagination 2020-03-28 04:00:46 -07:00
snipe e9ddd1af81 Added th content on activity report 2020-03-28 04:00:26 -07:00
snipe f305885e8e Regenerated assets 2020-03-28 03:43:35 -07:00
snipe f0b9cd7820 Changed header for h2 2020-03-28 03:43:24 -07:00
snipe 59accca89d Added form labelss 2020-03-28 03:43:08 -07:00
snipe e72ebfb94b Added placeholder text for modal header 2020-03-28 03:42:45 -07:00
snipe 0b7316d548 Changed side heading to h2 2020-03-28 03:42:27 -07:00
snipe d0cf76989a Fixed table headers for custom fields 2020-03-28 02:52:14 -07:00
snipe c299efca0c Darkened the home screen boxes for high contrast 2020-03-28 02:41:43 -07:00
snipe 5e4918579a Added table headers 2020-03-28 02:41:27 -07:00
snipe db75f0e894 Regenerated assets 2020-03-28 01:38:01 -07:00
snipe 5a6c13e364 Added aria-hidden and sr-only tags to minus/collapse symbol 2020-03-28 01:37:49 -07:00
snipe 4b22f07dd7 Fixed less attribute names 2020-03-28 01:37:27 -07:00
snipe 57cb5146fc Just use navy for links 2020-03-28 01:37:13 -07:00
snipe 5c68353e62 Use non-min bs tables for now 2020-03-28 01:36:35 -07:00
snipe 53728e5c71 Removed whitespace 2020-03-28 01:36:22 -07:00
snipe b965d170ab Added accessibility features to bootstrap tables 2020-03-28 00:51:26 -07:00
snipe 34a1bb7152 Fixed contrast skin 2020-03-28 00:24:37 -07:00
snipe 8787f228d9 Fixed asset build 2020-03-28 00:16:28 -07:00
snipe 623655b6f6 New dark background skins 2020-03-28 00:07:34 -07:00
snipe da6830225a Remove light colored less files - it looks crappy 2020-03-28 00:06:51 -07:00
snipe a729410fe8 Regenerated JS 2020-03-27 22:03:30 -07:00
snipe 03a9219a7c Fixed duplicate color: attribute 2020-03-27 22:01:43 -07:00
snipe a8f6bbd86a Added alt text to image formatter in bootstrap tables 2020-03-27 22:01:24 -07:00
snipe 9a2ee2638b Updated color-specific skins 2020-03-27 21:46:00 -07:00
snipe 2a813244a2 Wrapped text in h5s, added aria hidden to icons 2020-03-27 21:45:27 -07:00
snipe b50894fca1 Use a variable in the settings to determine what css classes to use 2020-03-27 21:44:50 -07:00
snipe 41fa2d1aa1 Added aria handlers and sr-only text 2020-03-27 21:44:32 -07:00
snipe 54d39c04ad Added additional themes to dropdown 2020-03-27 21:44:18 -07:00
snipe 3c1365b2c8 Added color variables 2020-03-27 21:44:00 -07:00
snipe 5858c90e71 Minor formatting change (spacing) 2020-03-27 15:50:01 -07:00
snipe f0ef06ebe1 Added more alt tags 2020-03-27 15:35:29 -07:00
snipe 700f7de748 Added alt text to logo 2020-03-27 14:10:56 -07:00
snipe af2ea7ac03 Added aria-hidden="true" to create dropdown in topnav
Since it’s technically duplicated content
2020-03-27 14:08:01 -07:00
snipe 690d8255c9 Removed the title attribute from the select2 output
It contains duplicate info since its auto-generated by select2
2020-03-27 14:07:30 -07:00
snipe aded2193a2 Added aria-hidden="true" to top navigation elements 2020-03-27 13:29:00 -07:00
snipe 6d99b2a68c Added “skip to content” link 2020-03-27 13:28:48 -07:00
snipe 55a619778f Added language header 2020-03-25 16:32:33 -07:00
snipe 039f5da0e1
Add image upload to user edit [ch10508] (#7877)
* Use correct Request include

* Updated to use additional form request

* Added SVG sanitizer

* Added response method to form request

* Allow ImageUploadRequest to accept fieldname params, added SVG sanitization, fixed delete

* Fixed upload path for avatars

* Added fieldname variable to blade partial for image upload

* Added enctype="multipart/form-data"  to form to allow uploads

* Added image field

* Updated Request::old() to use $request->old()

* Fixed derp in edit blade referring to $item when it should be $user

* Added svg+xml to image rule
2020-03-05 18:00:24 -08:00
snipe 60fc1d3f6d Added/matched forgotten password strings in lang files 2020-03-04 22:07:35 -08:00
snipe d1a8d76d85 Set maxlength in password reset form to 250 2020-03-04 22:06:43 -08:00
snipe 03c5a42f5a Fixes for flysystem paths :( 2020-02-11 20:22:55 -08:00
snipe 46a138c64b Fixed id to statuslabel in sidenav 2020-02-10 12:36:48 -08:00
Fabian Grutschus 5becb93e6c
Added: allow appending of domain name to username when user tries to login (#7790) 2020-02-04 12:47:49 -08:00
Ivan Nieto ab36784edd Added a parameter that http://snipe-it.app/fields expected, without it that functionality was broken (#7687)
Nice!
2019-12-30 20:18:47 -08:00
snipe b5db0b22f8 Switched to Request facade
I don’t know why my greps keep missing this shit.
2019-12-10 19:47:54 -08:00
snipe 296de34e8a
WIP: Upgrade develop to Laravel 6.6.1 (#7637)
I'm going ahead and merging this, since the upgrade doesn't break Flysystem any worse than the current develop is broken, so far as I can tell. 


* Upgraded framework to Laravel 6

### TO DO:

- Fix password restriction rules- the old library isn’t compatible with Laravel 6 :(
- Figure out why in-app API calls are returning “Unauthorized”

* More updates from Input:: to Request:: helper

* Switch to Request:: from Input

* Added passport config

* Fixed goofy password minimum in seeder

* Added laravel/helpers

* Changed ($item)  to ($item->id) in forms

I have no idea why this is necessary

* Changed ($item) to ($item->id) in forms

* Updated API middleware to auth:api

* Updated with added laravel auth.php values

* FIxed *&!^$%^&$^%!!!! ajax issue

* Switch to Request::get from Input::get

* Switched to Request facade

* Added password security minimums back in

The package we were using has not been updated to Laravel v6, so I created custom validators instead

* Added language strings for error messages for password rules

* Fixed `($item)` issue in formActions for partials
2019-12-10 19:32:50 -08:00
snipe 88fb1370f0 Added slightly friendlier error handling for assets without models
This scenario should never happen, barring someone manually editing their data, but better to handle that scenario in a more user-friendly way.
2019-12-06 18:17:03 -08:00
snipe 893454dca7 Updated translations 2019-12-06 12:03:04 -08:00
snipe de0b5a6149 Fixes #6440 - quote marks in the right place 2019-12-06 11:04:16 -08:00
Dustin B 8fd4e35244 Closes #6440 Print All Assigned - New Tab (#7135)
Should add the functionality to, by default open in a new tab and not reference back to the source page. Reduces overhead and should resolve #6440. 

Untested, need confirmation.
2019-12-06 11:00:01 -08:00
Valentyn Tulub 6ad1f51673 Added #6489: show asset assignments under user assignments (#7293)
* Add a setting to show assets assigned to other assets #6489

* Update user's views to show assets assigned to other assets #6489

* Add ukrainian and russian translation for the feature #6489 in settings
2019-12-06 10:57:48 -08:00
Godfrey Martinez 5b946087c4 added a proper response for password errors (#7636) 2019-12-05 17:49:56 -08:00
snipe e820d4bc4d Moved js/css/less out of resources/assets
Per https://laravel.com/docs/5.7/upgrade
2019-12-04 17:03:16 -08:00
snipe 88cf456386
Adding Dept to license seats (#7609)
* Adding Dept to license seats

* Added query scope to order by department

* Make license seat department sortable

* Disable license seat internal search - this never actually worked
2019-11-21 22:03:56 -08:00
snipe d8049209ca Fixed bug where deleted consumable would throw an error on print page 2019-11-21 21:43:54 -08:00
snipe 5290c47e2a Merge branch 'develop' into v5-master-develop-integration
# Conflicts:
#	.env.example
#	.travis.yml
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/AccessoriesController.php
#	app/Http/Controllers/Api/AccessoriesController.php
#	app/Http/Controllers/Api/AssetsController.php
#	app/Http/Controllers/Api/LocationsController.php
#	app/Http/Controllers/Api/SettingsController.php
#	app/Http/Controllers/Api/UsersController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetFilesController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/ComponentsController.php
#	app/Http/Controllers/ConsumablesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/LicensesController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/ReportsController.php
#	app/Http/Controllers/SettingsController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Controllers/UsersController.php
#	app/Http/Middleware/EncryptCookies.php
#	app/Http/Requests/AssetRequest.php
#	app/Http/Transformers/AssetMaintenancesTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/AssetMaintenance.php
#	app/Models/Location.php
#	app/Models/User.php
#	composer.json
#	composer.lock
#	config/backup.php
#	config/database.php
#	config/version.php
#	public/mix-manifest.json
#	resources/lang/en-ID/general.php
#	resources/lang/vi/admin/settings/general.php
#	resources/views/accessories/edit.blade.php
#	resources/views/hardware/view.blade.php
#	resources/views/layouts/default.blade.php
#	tests/api/ApiCategoriesCest.php
2019-11-18 19:49:39 -08:00
snipe 22d2ad9248
Fixes nested location selectlist (#7483)
* Rename child locations method

* Use Ajax dropdown for locations selectlist for edit/create

* Removed locations database call on edit/create blades for faster loading

* Updated locations controller to use the new iterator

* Increase pagination on locations controller to 500

We’re already loading all of that data up beforehand anyway, so no point in keeping the query smaller.

* Fixed the else to make codacy happy

* Improve the design and performance of the nested location selectlist (#7484)

* Improve the design and performance of the nested location selectlist

* Fixed parse errors

* Removed debugging code/comments
2019-10-02 03:56:56 -07:00
snipe 7f5f4a1297 Added softwarew support and hardware support to maintenance types 2019-09-24 01:34:23 -07:00
Martin Berg 3dcef9aac9 Add support for custom remote user header (#7370) 2019-09-03 11:07:26 -07:00
Logan Swartzendruber 4c8b26f732 Implement #3088: Add "Generate Label" option to "Actions" dropdown menu in individual Asset Details view. (#7388)
* Implement #3088: Add "Generate Label" option to "Actions" dropdown menu in individual Asset Details view.

* Add conditional for including the asset number in the URL of the barcode image.

* Change case of variables to pass Codacy PR review standards.
2019-09-03 11:02:55 -07:00
snipe 60bb385cf7 Make status label required 2019-08-14 23:46:09 -07:00
snipe 47724d7268 Make error text color match 2019-08-14 23:46:00 -07:00
snipe c9f9a60354 Fixed asset tag error message alignment 2019-08-14 23:28:01 -07:00
snipe 441ae69f5c
Integrations/develop into master (#7352)
* Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)

* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)

* Leave the activated state for users alone in normal LDAP synchronisation. (#6988)

* Fixed #7003 - crash when warranty months or purchase date is null

* Fixed #6956 - viewKeys policy inconsistent  (#7009)

* Fixed #6956 - Added additional gates show showing/hiding license keys

* Modified gate to allow user to see licenses if they can create or edit the license as well

* Added API middleware to API routes to enable throttling

TODO: Figure out how to make this costumizable without touching the code

* Import locations from CSV via command line (#7021)

* Added import locations command

* Small fixes to location importer

* Added country, LDAP OU

* Cleaned up comments, added more clarification to what the script does

* Added ability to update groups via API

Fixes [ch9139]

* Bumped version

* Fixed #6883 - remove escaping of fields on LDAP import

* Fixed #6880 - correctly encrypt encrypted fields via the API

* Fixes #5054: LDAP users deactivated for none-ad (#7032)

When using none-AD ldap, users are automatically deactivated every LDAP
sync.  This commit changes the behaviour so that if the active flag isn't set,
the users are enabled.

Fixed #5054, at least for 4.X

* Updated packages

  - Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
  - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
  - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
  - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
  - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
  - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
  - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)

* Fixed #7044 - API update deleted custom fields if they are not re-presented

* Fixed XSS vulnerability when creating a new categories, etc via modal on create

Same fix as before, because of the weird select2 post-parsing ajax behavior

* Updated email strings

* Fixed #7046 - added user website url back into UI

* Updated language strings

* Bumped version

* Updated packages

* New backups config for spatie

* Removed debugbar service provider (autodiscovery)

* Use laravel v5.5 withCount manual aliases

* Added spatie language files

* Removed old laravel backups config

This config file was renamed in a newer version of spatie laravel-backup

* Set the serialization

* Added the command loader to console kernel

* Renamed fire() to handle()

* Updated withCount to use manual naming

* Updated backup path in backup admin

* Updated travis with new php versions

* Bumped laravel version in readme

* Fixed custom field edit screen

* Fixed baseUrl is undefined error

I literally cannot figure out how this ever worked before.

* Fix for included files in backup

* Bumped version

* Switch has() to filled()

* Change ->has() to ->filled()

* Removed cosole log

* Bumped packages

* Use getReader instead of fetchAssoc for CSV parser

https://csv.thephpleague.com/9.0/upgrading/

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Handle JSON validation errors like 5.4

* Trying to fix ajax asset validation

This I think gets us closer, but still not handling the validation on the asset properly.

When I do a print_r of the validation in the other items, its looking for an error bag that looks something like this:

```
Illuminate\Support\MessageBag Object
(
    [messages:protected] => Array
        (
            [name] => Array
                (
                    [0] => The name field is required.
                )

            [seats] => Array
                (
                    [0] => The seats field is required.
                )

            [category_id] => Array
                (
                    [0] => The category id field is required.
                )

        )

    [format:protected] => :message
)
```

Currently the Assets ajax returns:

```
[2019-05-24 06:52:06] develop.ERROR: array (
  'messages' =>
  array (
    'model_id' =>
    array (
      0 => 'The model id field is required.',
    ),
    'status_id' =>
    array (
      0 => 'The status id field is required.',
    ),
    'asset_tag' =>
    array (
      0 => 'The asset tag field is required.',
    ),
  ),
)
```

So not sure why it’s not working.

* Fixed missing asset validation

* Check that a model exists before trying to fiddle with fieldsets

* Tidied up license check

* Removed extra escaping on checkin

* Updated importer to work with newer CSV Reader::getRecords() method

* Fixed field mapping

* Small fix for reordering fields

Fixes Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'order' cannot be null (SQL: insert into `custom_field_custom_fieldset` (`custom_field_id`, `custom_fieldset_id`, `order`, `required`) values (12, 7, , 0)) [ch1151]

This needs revisiting for a more solid fix, especially for data that was already entered bad.

* Fixed bug where sorting by company name in Users API did not work

Fixes [ch9200]

* Removed custom fields from AssignedSearch to prevent confusing data in selectlist

Fixes [ch9193]

* Removed alert-danger from tests

* Fixed missed consumables_count withCount() statement

* Fixed Undefined variable user in $backto if checked out to a non-user

Fixes [ch9194]

* Check for valid model before attempting to access fieldsets

Fixes [ch1249]

* Only build the log upload destination path if there is a matching record

Fixes [ch1232]

* Fixed free_seats_count variable name

(I forgot that Laravel switched camel case to snake case for their old 5.4 withCount variables)

* Only gtry to delete the file if a record is found in the log

* Only try to get fieldset if model is valid

* Fixed more camel-casing -> snake-casing

* Only display the file if the log record can be found

* Fixed casing in sync command

* Updated README

* Derp - typo

* Added link to Atlassian plugin

* More Atlassian clarifications

* Show accessory image on view page

* Increased image size to 800px, added lightboxes

* Fixed #7083 - Removed user_exists constraint on department save

If the user has been deleted, this prevented the department from being successfully saved on edit

* Updated branch in version file

* Dockerfile update to bring us up to php v7.1 for Laravel 5.5 (#7084)

* bump up to php7.1

& change deprecated MAINTAINER to a LABEL so it is visible with `docker inspect`

* AND modapache ><

* 2 updates required to get software-properties+ppa

* Bumped version

* Bumped release again :(

* Missed one

* Fixed #7098 - updated backup config for deleteFile() method

* Fixed #7092 -  handle weird port forwarding/port numbers for baseUrl

* Bumped version

* Fixed #7099 - set email to null by default for backup notifications

* Removed old comments

* Fixed #7100 - Check if $user isset on checkin

* Increased throttle to 120 requests per minute

* Added Filipino, corrected order for Spanish variations

* Update language strings

* Bumped hash

* Changed has to filled to fix bulk asset editing

* Bumped point version

* Small fixes for phpleague CSB reader v9

* Improved error checking in locations importer

* Fixed #7145 - rename groups table to permissions_group for mysql 8 reserved word compatibility

* Reduce minimum group name length to 2 (from 3)

eg: IT

* Back in time fix FOR #7145 for new installs on MySQL 8+

* Fixed permission insert

//TODO

Handle this via model

* Possible fix for reporting/admin migration back in time

* Fixed #7164 - change table name to permission_groups

* Fixed LDAP password blanking on save

* fixing previous commit's actual wiping of password (#7183)

replaced Input::fille('ldap_pword') with _filled_.   Should be good to go.  

https://github.com/snipe/snipe-it/issues/7179

https://github.com/snipe/snipe-it/issues/7169

* Bumped version

* Downgrading rollbar for Laravel 5.5

* Spelling Correction (#7206)

Fixed Spelling for the word reqrite, to be rewrite.

* Fix #6910: Add logic to manipulate the eloquent query. (#7006)

* Added company_id to consumables_users table

* Added logic to manage when a pivot table doesn't have the column company_id trough a join with users

* Remove a migration that tries to fix this problem, but is not longer necessary

* Addresses #7238 - add PWA code to layout

Needs additional UX testing

* Better log message for bad LDAP connection

* Fixed #7186 - has vs filled in User’s API blanking out groups if no group_ids are passed

* Comment clarification on #7186

* Check for valid seat on hardware view

* Added space between footer and custom message

* Cap warranty months to three characters

Filles rollbar 209

* Cap warranty months to 3 on the frontend blade

* Fixed countable() strings on user destroy

* Check that the user has assets and that the aset model is valid

* Bumped hash

* Caps asset warranty to 20 years

* Command to fix custom field unicode conversion differences between PHP versions (#7263)

* Fixes #7252 form request changes (#7272)

* Fixes for #7252 - custom fields not validating / no validaton messages in API w/form requests

* Removed debug info

* More fixes for #7252

This is mostly working as intended, if not yet the way Laravel wants us to do it.

Right now, the API returns correctly, and the form UI will return highlighted errors, with the input filled in ~sometimes~. I’m not sure why it’s only sometimes yet, but this is potentially progress.

* Removed experimental method

* Check for digits_between:0,240 for warranty

* Removed debug code

* Apply fix from PR #7273 to master

* Bumped hash

* Fixed #7250 - permission issue for API fieldsets and fields endpoints

This applies the change from #7294 to master

* Add @mskrip as a contributor

* Fixed #7270 - Checking-in Assets via API Removes the Item's Asset Name

* CORS for api (#7292)

* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer

* Bumped version

* Added condition to deal with fieldname 'rtd_location' which can be tried to be queried in some places and doesn't exist in database (#7317)

* Added comments to the ByFilter query scope for clarity

* Added accessories checkout/checkin API endpoint

* Fixed CVE-2019-10742

https://nvd.nist.gov/vuln/detail/CVE-2019-10742

* Update README.md (#7334)

Add reference to CSV importer.

* Group related variables in .env

* History importer fixes

* Fixes to history importer
2019-08-14 21:48:14 -07:00
snipe 8b4a9aa382 Fixes to history importer 2019-08-13 18:15:42 -07:00
snipe 0e93495ca2 Check that the user has assets and that the aset model is valid 2019-07-17 17:51:35 -07:00
snipe 77a6f6f400 Cap warranty months to 3 on the frontend blade 2019-07-17 12:15:15 -07:00
snipe fecf8015a1 Added space between footer and custom message 2019-07-17 12:09:32 -07:00
snipe 79ab0d8dc2 Check for valid seat on hardware view 2019-07-17 12:09:18 -07:00
snipe 6736b1c4e7 Addresses #7238 - add PWA code to layout
Needs additional UX testing
2019-07-15 13:49:56 -07:00
snipe 6966c132d0 Update language strings 2019-05-31 12:17:09 -07:00
snipe c29ab90029 Added Filipino, corrected order for Spanish variations 2019-05-31 11:58:14 -07:00
snipe 087cdd859e Fixed #7092 - handle weird port forwarding/port numbers for baseUrl 2019-05-29 14:57:58 -07:00
snipe 2dd31544fe Increased image size to 800px, added lightboxes 2019-05-24 19:11:08 -07:00
snipe 237acdcff0 Show accessory image on view page 2019-05-24 18:22:57 -07:00
sreyemnayr f85ac97d8c Feedback for Kits; Fix checkins for accessories (#7060)
* Kits feedback

* Fix accessory checkin
2019-05-23 19:39:30 -07:00
snipe 149ac4bdf8 Removed cosole log 2019-05-23 17:52:53 -07:00
snipe f6ef139111 Fixed baseUrl is undefined error
I literally cannot figure out how this ever worked before.
2019-05-23 16:56:22 -07:00
snipe de1189295a Added spatie language files 2019-05-22 00:51:00 -07:00
snipe 21ec670531 Updated language strings 2019-05-21 19:17:00 -07:00
snipe b2eacb147b Fixed #7046 - added user website url back into UI 2019-05-21 18:55:12 -07:00
snipe 729e3eb70d Updated email strings 2019-05-21 18:43:00 -07:00
snipe 978533b2f4 Fixed XSS vulnerability when creating a new categories, etc via modal on create
Same fix as before, because of the weird select2 post-parsing ajax behavior
2019-05-21 18:29:50 -07:00
Ivan Nieto e40a5a70a5 RTF support added (#7024)
* Added the Gatte Facade to AssetsController

* Added the filetype RTF in the modal to upload files

* Added validation of RTF files
2019-05-15 15:47:40 -07:00
snipe d016076806
Fixed #6956 - viewKeys policy inconsistent (#7009)
* Fixed #6956 - Added additional gates show showing/hiding license keys

* Modified gate to allow user to see licenses if they can create or edit the license as well
2019-05-08 08:14:49 -04:00
snipe 407445456a Merge branch 'features/6204_email_audit-alerts' into develop
# Conflicts:
#	app/Console/Commands/LdapSync.php
#	app/Console/Kernel.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/LicensesController.php
#	composer.json
#	composer.lock
#	config/version.php
#	resources/views/auth/two_factor_enroll.blade.php
2019-05-06 08:45:13 -04:00
snipe e5c2d77c7d
Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992)
* Added upcoming audit report

TODO: Fid diff/threshold math

* Added route to list overdue / upcoming assets via API

* Controller/API methods for due/overdue audits

We could probably skip this and just handle it via view in the routes…

* Added query scopes for due and overdue audits

* Added audit due console command to kernel

* Added ability to pass audit specs to main API asset search method

* Added audit presenter

* Added bootstrap-tables presenter formatter to display an audit button

* Added gated sidenav items to left nav

* Added audit due/overdue blades

* Cleanup on audit due/overdue console command

* Added language strings for audit views

* Fixed :threshold placeholder

* Removed unused setting variable

* Fixed next audit date math

* Added scope for both overdue and upcoming

* Derp. Wrong version

* Bumped version

(I will release this version officially tomorrow)
2019-05-05 22:32:52 -04:00
snipe e4a298ca2a Added scope for both overdue and upcoming 2019-05-05 22:13:30 -04:00
snipe 00a8a2aff3 Fixed next audit date math 2019-05-05 20:00:05 -04:00
snipe 7d416d1175 Fixed :threshold placeholder 2019-05-05 19:57:23 -04:00
snipe e9b9301efb Added language strings for audit views 2019-05-05 19:35:20 -04:00
snipe 4369d6adc6 Added audit due/overdue blades 2019-05-05 19:21:48 -04:00
snipe 69614a7db4 Added gated sidenav items to left nav 2019-05-05 19:21:26 -04:00
snipe 8154d1116c Added bootstrap-tables presenter formatter to display an audit button 2019-05-05 19:21:06 -04:00
snipe e46cccdf90 Added upcoming audit report
TODO: Fid diff/threshold math
2019-05-04 17:52:17 -04:00
snipe ce16eae508 Merge branch 'master' of https://github.com/snipe/snipe-it 2019-05-02 15:20:52 -07:00
snipe dc73dbfbfd Fixed #6911 - note must be a string on license checkin 2019-05-02 15:20:47 -07:00
snipe 420e8bc85a Allow phone number to be changed in Profile 2019-04-18 14:13:50 -04:00
snipe ded1a59914 Removed help text for email images (since we embed them by default now)
Added help text for username format
2019-04-02 18:22:31 -07:00
snipe fe553aec02 Added first-initial dot lastname format for usernames/email
Fixed [ch1379]
2019-04-02 18:21:54 -07:00
snipe 37b8029d04 Fixed parse error on label settings
Also fixed [ch1362] - moving left/right
2019-04-02 18:04:31 -07:00
snipe d01f9a701c Fix double-encoding issue?
I assume there’s something new in Laravel 5.7/5.8 that’s causing the double escaping. I’m not seeing it everywhere, which is more confusing, TBH. :-/
2019-03-20 04:12:03 -07:00
snipe acb90c7aee Horrible master -> dev merge that makes baby jesus cry :(
# Conflicts:
#	app/Http/Controllers/Auth/LoginController.php
#	composer.json
#	composer.lock
#	resources/views/auth/two_factor_enroll.blade.php
2019-03-20 02:24:23 -07:00
snipe bca82684a1 Merge branch 'hotfixes/2fa_qr' into develop
# Conflicts:
#	.all-contributorsrc
#	Dockerfile
#	README.md
#	app/Console/Commands/LdapSync.php
#	app/Http/Controllers/Api/ImportController.php
#	app/Http/Controllers/AssetModelsController.php
#	app/Http/Controllers/Assets/AssetsController.php
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Controllers/CategoriesController.php
#	app/Http/Controllers/CompaniesController.php
#	app/Http/Controllers/DepartmentsController.php
#	app/Http/Controllers/ImportsController.php
#	app/Http/Controllers/LocationsController.php
#	app/Http/Controllers/ManufacturersController.php
#	app/Http/Controllers/SuppliersController.php
#	app/Http/Requests/ItemImportRequest.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/version.php
#	docker/startup.sh
#	public/css/build/all.css
#	public/css/dist/all.css
#	public/js/build/all.js
#	public/js/build/vue.js
#	public/js/build/vue.js.map
#	public/js/dist/all.js
#	public/mix-manifest.json
2019-03-20 02:17:02 -07:00
snipe da015ec4a8
Fixed #6834 and #6402 - use inline QR code generation for 2FA (#6840)
* Fixed  #6834 and #6402 - use inline QR code generation for

* Update auth controllers to use translations

* Updated composer lock

* Added comments

* Moar comments

* Typo
2019-03-20 01:24:31 -07:00
snipe cf92618c70 Fixed #6834 and #6402 - use inline QR code generation for 2019-03-20 00:49:44 -07:00
snipe a874dbb0d0 Working attempt, but will try with old library for mininal footprint 2019-03-19 23:18:16 -07:00
snipe dee92cfc6c
Fixes XSS vulnerabilities (#6831)
* Properly escape log_meta values

* Vue syntax fix to allow npm run dev to work again

* Janky fix for Select2 bug

* Compiled production assets

* Escape user’s last name in API

* Removed duplicate alertClass

* Compiled production assets
2019-03-18 20:49:32 -07:00
snipe 0e1289f12f
Fixes #6821 - fixed 2 fa active for users list (#6822)
* Fixed #6821 - confusing UI for 2FA when 2FA is universally enforced

I also updated the language in the user’s listing table to clarify what “activated” means

* Added login enabled info to user view

* Clarified comments

* Added info about 2FA on user profile

Because why not

* Added nowrap to table, and added 2FA reset for superadmins
2019-03-18 11:59:02 -07:00
snipe 7b33f95e83
Fixes/import permissions mask (#6826)
* Check for empty headers in import

* Added import permission

* Fixed model path in docblock

* Added import gate to default blade

* Check if the user is an admin OR idf they have import permissions

* Walked back that admin permission

Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission
2019-03-18 11:58:08 -07:00
Ivan Nieto bebdbdfb87 Fix #6763. Import Stuck Processing - Error - Can only flip STRING and INTEGER values! (#6804)
* Added validation for errors when the Import Field to map isn't setted

* A slightly correction to the error message

* Added the translation strings for the Error Message
2019-03-14 12:32:40 -07:00