snipe-it

mirror of https://github.com/snipe/snipe-it.git synced 2024-11-10 07:34:06 -08:00

Author	SHA1	Message	Date
snipe	5fe999eb02	Shored up the date math, updated the explanation Signed-off-by: snipe <snipe@snipe.net>	2022-02-17 14:34:33 -08:00
snipe	ea429d650e	Initial audit date fix Signed-off-by: snipe <snipe@snipe.net>	2022-02-16 20:19:38 -08:00
snipe	4f89dfee49	Merge pull request #10679 from snipe/fixes/timing_attack_mitigation_for_forgot_password Added usleep random to forgotten password method to mitigate timing attacks	2022-02-16 11:17:00 -07:00
snipe	017534bc07	Added deleted_at to license transformer Signed-off-by: snipe <snipe@snipe.net>	2022-02-16 09:33:28 -08:00
snipe	5540069cce	Be more specific with deleted license point Require this value to be "true" speciically to get the deleted list Signed-off-by: snipe <snipe@snipe.net>	2022-02-16 09:14:04 -08:00
snipe	1ad56760ce	Adds delete endpoint for licenses Signed-off-by: snipe <snipe@snipe.net>	2022-02-16 09:08:50 -08:00
Brady Wetherington	290baf1c8d	refactor and clean up attribute-changing logic for assets	2022-02-15 18:29:45 -08:00
snipe	f878e0ad66	Fixes 2FA cookie -> user issue Signed-off-by: snipe <snipe@snipe.net>	2022-02-15 18:29:23 -08:00
snipe	178e440951	Added usleep :( Signed-off-by: snipe <snipe@snipe.net>	2022-02-15 18:09:58 -08:00
snipe	cab4fa1687	Fixes some conceptual gates Signed-off-by: snipe <snipe@snipe.net>	2022-02-14 15:42:23 -08:00
snipe	4804e5b3ab	Added Asset edit/delete gates to maintenances Signed-off-by: snipe <snipe@snipe.net>	2022-02-14 15:34:06 -08:00
snipe	d77a47765e	Adds gate to supplier Signed-off-by: snipe <snipe@snipe.net>	2022-02-13 11:53:45 -07:00
snipe	2dad27eed6	Added additional gate for selectlists Signed-off-by: snipe <snipe@snipe.net>	2022-02-11 11:46:14 -08:00
snipe	f5ffda8053	Ahem. Signed-off-by: snipe <snipe@snipe.net>	2022-02-10 22:43:51 -08:00
snipe	70af10ae6c	Merge pull request #10640 from JonathonReinhart/10552-add-checkin-api-date Fix #10552: Add checkin_at parameter to /hardware/:id/checkin API	2022-02-10 09:54:20 -08:00
snipe	b9a8d45c07	Better messaging Signed-off-by: snipe <snipe@snipe.net>	2022-02-09 16:30:42 -08:00
snipe	7794c2f44b	Check that the fieldset exists before trying to detach it from the fieldset Signed-off-by: snipe <snipe@snipe.net>	2022-02-09 16:16:16 -08:00
snipe	d06e3dd892	Merge branch 'master' of https://github.com/snipe/snipe-it	2022-02-09 14:40:33 -08:00
snipe	6b25b53462	Merge pull request #10628 from inietov/fixes/default_values_dont_allow_checkbox_radio Fixes #10299 Default Values do not allow Checkbox/Radio Buttons	2022-02-09 14:39:46 -08:00
Ivan Nieto Vivanco	6d79c9f3e2	Save the default values for custom fields with same format than Assets do for actual values	2022-02-09 13:41:33 -06:00
Ivan Nieto Vivanco	a36957dd77	Finish the implementation of custom fields default values for checkboxes	2022-02-09 13:12:42 -06:00
Ivan Nieto Vivanco	2f3499e4b9	Show checkboxes a little less assy, actually save the data checked by them	2022-02-09 10:49:10 -06:00
Jonathon Reinhart	3536d08477	Add checkin_at parameter to /hardware/:id/checkin API Fixes #10552	2022-02-08 20:23:09 -05:00
Brady Wetherington	9a66f6a254	Remove extraneous backslash	2022-02-08 12:09:40 -08:00
Brady Wetherington	5e94726ec1	Properly alert when invalid JSON is submitted to something that wants JSON	2022-02-08 12:05:05 -08:00
Jonathon Reinhart	cd963179fd	Fix /hardware/{id}/checkin API response on error Fixes #10629	2022-02-08 01:08:42 -05:00
snipe	b3a0f86431	Temp fix for weird JSON format in history Signed-off-by: snipe <snipe@snipe.net>	2022-02-07 18:27:55 -08:00
Ivan Nieto Vivanco	eac8e0bdba	Add a casting to a truthy/falsy that needs to be integer	2022-02-02 13:54:57 -06:00
Ivan Nieto Vivanco	2fec40d7df	Adds actionlog for bulk edits	2022-02-01 00:00:12 -06:00
snipe	aa3aa78204	Adds Lookup Asset by Custom Field via API [sc-18632] Signed-off-by: snipe <snipe@snipe.net>	2022-01-28 09:08:48 -08:00
Ivan Nieto Vivanco	f510b9c2a9	Add query to filter non-deprecable assets when the Depreciation Report is called	2022-01-15 14:21:31 -06:00
snipe	984db1ef44	Apply personal API token fix to master Signed-off-by: snipe <snipe@snipe.net>	2022-01-13 01:39:56 -08:00
Haxatron	bb095641c2	Update BulkAssetModelsController.php https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7	2022-01-06 09:50:11 +08:00
snipe	884b6b0270	Fixes format property on invalid custom field object Signed-off-by: snipe <snipe@snipe.net>	2022-01-03 19:14:50 -08:00
snipe	2ee84c2675	Added a few more comments Signed-off-by: snipe <snipe@snipe.net>	2021-12-30 18:33:28 -08:00
snipe	c6ce928567	Added allow list to modal view options Signed-off-by: snipe <snipe@snipe.net>	2021-12-30 18:16:49 -08:00
snipe	b4fac3e4ae	Fixed missing index for fieldsets Signed-off-by: snipe <snipe@snipe.net>	2021-12-30 13:16:44 -08:00
snipe	bad6b862ca	assets_count doesnt exist as a column Signed-off-by: snipe <snipe@snipe.net>	2021-12-30 12:59:16 -08:00
Alex Janes	d0bfd8dfd2	Fixed the collection of the groups total to GroupsTransformer.php. Groups page should now paginate correctly.	2021-12-23 20:54:34 -05:00
snipe	9b2dd6522f	Switch GET to POST for asset request Signed-off-by: snipe <snipe@snipe.net>	2021-12-16 20:36:08 -08:00
Bradley Coudriet	dbdc1c7f3f	Update SettingsController.php to save Slack Settings This goes with #10438 that I just submitted about Slack Settings not saving. This adds the necessary code to actually save the Slack Settings, As they are already validated by the SlackSettingsRequest, this seems like an easy and low-impact fix.	2021-12-15 10:38:51 -05:00
Ivan Nieto Vivanco	c80aa2a289	Add title column to custom reports	2021-12-14 12:05:33 -06:00
snipe	25e2e7ecc6	Merge pull request #10418 from inietov/fixes/bulk_edit_count_more_users_than_selected Fixes bulk edit message counts more users than the actual selected users number	2021-12-13 14:13:14 -08:00
snipe	9d5d1a9f9a	Added escape to assigned_to API response Signed-off-by: snipe <snipe@snipe.net>	2021-12-13 12:03:03 -08:00
Ivan Nieto Vivanco	a419a690d4	Add a variable to better control the selected user's ids	2021-12-11 18:01:38 -06:00
Brady Wetherington	acfb41f129	Remove 'actionlog' from the ::with() clause in the asset query API	2021-12-10 18:42:56 -08:00
Haxatron	1699c09758	Update AssetModelsController.php	2021-12-09 21:42:18 +08:00
Haxatron	918e7c8dae	Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/	2021-12-09 12:57:04 +08:00
snipe	86afe6c4b1	Cleanup slack validation Signed-off-by: snipe <snipe@snipe.net>	2021-12-08 18:03:56 -08:00
snipe	ff97b359ad	Removed form request on ajax, cleaned up some other things Signed-off-by: snipe <snipe@snipe.net>	2021-12-08 17:58:46 -08:00
snipe	8fa690b635	Reverting form request because it doesn't seem to work (????!!) Signed-off-by: snipe <snipe@snipe.net>	2021-12-08 17:54:15 -08:00
snipe	8c1cd87831	Added slacksettingsrequest as use statement Signed-off-by: snipe <snipe@snipe.net>	2021-12-08 15:56:22 -08:00
snipe	80d36cd72b	Added slack settings request Signed-off-by: snipe <snipe@snipe.net>	2021-12-08 15:53:05 -08:00
snipe	ff81e6d536	Merge pull request #10361 from snipe/fixes/xss_in_accessories_checkout_notes Escape notes in transformCheckedOutAccessory	2021-11-24 19:56:36 -08:00
snipe	00fad35c2a	Escape notes in transformCheckedOutAccessory Signed-off-by: snipe <snipe@snipe.net>	2021-11-24 19:54:45 -08:00
snipe	3debe78574	Merge pull request #10350 from inietov/fixes/trim_custom_fields_names Apply trim() function when storing Custom Fields names	2021-11-24 19:42:04 -08:00
snipe	830d07f84f	Removed escaping on input save for asset checkout on creation Signed-off-by: snipe <snipe@snipe.net>	2021-11-24 19:19:32 -08:00
Ivan Nieto Vivanco	1ca770895a	Apply trim() function when storing Custom Fields names	2021-11-22 18:43:21 -06:00
snipe	f7b483358f	Escape custom field values in API response Signed-off-by: snipe <snipe@snipe.net>	2021-11-15 20:32:59 -08:00
Brady Wetherington	3ea209a507	Escape asset_tag attribute at controller level for consumption in bulk checkout	2021-11-08 20:27:43 -08:00
snipe	2f9e5f79af	Merge pull request #10139 from FliegenKLATSCH/patch-1 API: Do not include deleted items per default on lookup by serial	2021-10-28 17:09:20 -07:00
snipe	17bf899a17	Set default_label to 0 instead of null in API Signed-off-by: snipe <snipe@snipe.net>	2021-10-25 20:14:01 -07:00
snipe	8b1c60a17a	Make gates a little more consistent Signed-off-by: snipe <snipe@snipe.net>	2021-10-25 15:34:22 -07:00
snipe	033c3253bb	Fixed permissions array to handle missing clone button Signed-off-by: snipe <snipe@snipe.net>	2021-10-25 14:10:17 -07:00
FliegenKLATSCH	24c484303e	Do not include deleted assets by default when doing lookup by serial This commit introduces a new query parameter `deleted`, which can be set to `true` to include deleted assets in the response.	2021-10-09 08:56:31 +02:00
snipe	5d94b99035	Switched to 5 in one minute Signed-off-by: snipe <snipe@snipe.net>	2021-10-08 15:53:32 -07:00
snipe	0674ef5a3d	Fixed number to 1 (for minutes) Signed-off-by: snipe <snipe@snipe.net>	2021-10-08 15:43:32 -07:00
snipe	702791210e	Throttle password reset requests to 5 every 60 seconds Signed-off-by: snipe <snipe@snipe.net>	2021-10-08 14:26:30 -07:00
snipe	1c77fd0d09	Merge pull request #10178 from inietov/bug/sc-17520/symfony_component_debug_exception_fatalthrowableerror Fixed typo when setting the headers	2021-10-08 12:04:45 -07:00
Ivan Nieto Vivanco	d184da8611	Fixed typo (thanks @ssddanbrown)	2021-10-08 13:39:49 -05:00
snipe	ccd430ce07	Switched back down to debug level Signed-off-by: snipe <snipe@snipe.net>	2021-10-06 12:38:21 -07:00
snipe	f306401e7e	Fixed SVG XSS vuln Signed-off-by: snipe <snipe@snipe.net>	2021-10-06 12:26:45 -07:00
snipe	c06a93ef13	Removed extra brace in assets for components Signed-off-by: snipe <snipe@snipe.net>	2021-10-06 10:38:13 -07:00
Ivan Nieto Vivanco	ef6eea67d8	Set headers in a different manner in the middleware	2021-10-05 14:09:35 -05:00
snipe	34eab88b7e	Removed debugging Signed-off-by: snipe <snipe@snipe.net>	2021-10-04 20:25:31 -07:00
snipe	b20c841a89	Fixed asset models restore Signed-off-by: snipe <snipe@snipe.net>	2021-10-04 19:29:13 -07:00
snipe	52caee2a9f	Handle checking and unchecking for bulk actions Signed-off-by: snipe <snipe@snipe.net>	2021-10-04 17:18:26 -07:00
snipe	52ea172e5d	Fix ID array Signed-off-by: snipe <snipe@snipe.net>	2021-10-04 17:18:07 -07:00
snipe	9b48732cd2	Force revalidation headers when user logs out Signed-off-by: snipe <snipe@snipe.net>	2021-10-04 12:52:48 -07:00
snipe	daa88f06f7	Added pivot to components JSON Signed-off-by: snipe <snipe@snipe.net>	2021-09-30 15:51:08 -07:00
Brady Wetherington	ae466be153	Fix license output, tweak CleanFloat function to handle numbers over 1 million	2021-09-28 19:10:25 -07:00
Brady Wetherington	f3338667c7	Create new ParseCurrency helper and use it in the appropriate controllers	2021-09-28 18:20:39 -07:00
Brady Wetherington	f380da3f19	Try to ensure all currency output is formatted correctly.	2021-09-28 16:45:47 -07:00
snipe	2f9582ee5c	Switched to loadMissing for performance Signed-off-by: snipe <snipe@snipe.net>	2021-09-23 17:31:19 -07:00
snipe	3b7ce0091c	Load components in the assets API if components=true in API request Signed-off-by: snipe <snipe@snipe.net>	2021-09-23 17:23:53 -07:00
snipe	3862b6476b	Merge pull request #10122 from inietov/fixes/api_issue_when_component_checkout Fixes API Issue when checking out a component	2021-09-23 13:21:48 -07:00
Ivan Nieto Vivanco	7dfab3a6e2	Change the condition to 'bigger or equal' instead of just 'bigger than' in ComponentsController checkout api	2021-09-23 15:02:39 -05:00
snipe	a6b3aa5f04	Don't try to delete the file if there is no log entry Signed-off-by: snipe <snipe@snipe.net>	2021-09-22 19:04:25 -07:00
snipe	b4a90045e6	Added totals to depreciation report footer Signed-off-by: snipe <snipe@snipe.net>	2021-09-21 21:52:18 -07:00
snipe	0763c76a4e	Fixed scoping with leftjoin Signed-off-by: snipe <snipe@snipe.net>	2021-09-21 20:54:24 -07:00
snipe	5d32c17a2e	Removed comments Signed-off-by: snipe <snipe@snipe.net>	2021-09-21 20:01:36 -07:00
snipe	10ca7cffc3	Fixes for query scoping, ordering, and nicer readability Signed-off-by: snipe <snipe@snipe.net>	2021-09-21 19:59:23 -07:00
snipe	61176335d7	Improved category_type with strtolower() to make it case insensitive Signed-off-by: snipe <snipe@snipe.net>	2021-09-21 15:51:41 -07:00
snipe	8a93e1e796	Remove asset call on depreciation report controller method We ajax this in now, so no need for it Signed-off-by: snipe <snipe@snipe.net>	2021-09-15 13:49:53 -07:00
snipe	d96f877aa4	Default show_in_nav to 0 Signed-off-by: snipe <snipe@snipe.net>	2021-09-15 11:33:13 -07:00
snipe	80175cffdc	Fixed #9969 - added color, show_in_nav, and default_label to status labels API Signed-off-by: snipe <snipe@snipe.net>	2021-09-10 20:44:49 -07:00
snipe	514f9aa64a	Fixed #9973 - add use_default_eula to categories API endpoint Signed-off-by: snipe <snipe@snipe.net>	2021-09-10 20:23:49 -07:00
snipe	cfaa6679af	Merge pull request #10031 from inietov/fixes/checkout_date_not_saved_in_asset_history Fixed #10026: Checkout date not saved in asset history	2021-09-07 17:37:30 -07:00
snipe	94310e18b1	Presenters and Transformers for Depreciation report Signed-off-by: snipe <snipe@snipe.net>	2021-09-01 17:33:59 -07:00
snipe	2f25eb598b	Allow the Assets API controller to handle depreciation reports Signed-off-by: snipe <snipe@snipe.net>	2021-09-01 17:33:39 -07:00

1 2 3 4 5 ...

1996 commits