Commit graph

6720 commits

Author SHA1 Message Date
Ivan Nieto Vivanco 64fa7e23fc Separate notes on assets and asset models 2022-02-24 16:05:03 -06:00
snipe 4b7f45a15e
Merge pull request #10734 from snipe/fixes/api_throttling
Fixed API throttling
2022-02-24 13:43:49 -08:00
snipe 83f21d0ddf Added a comment about why we use the middleware there
Signed-off-by: snipe <snipe@snipe.net>
2022-02-24 13:41:16 -08:00
snipe 2906a89442 Make the 429 error less stupid
Signed-off-by: snipe <snipe@snipe.net>
2022-02-24 13:10:34 -08:00
snipe 50f55b4308 Fixes broken API throttling
Signed-off-by: snipe <snipe@snipe.net>
2022-02-24 13:10:10 -08:00
snipe a8028e7dd0
Merge pull request #10727 from uberbrady/master
Fix for negative CORS/SAML interaction
2022-02-23 11:17:17 -08:00
Brady Wetherington 15abc84ab0 Migrate to Fruitcake/laravel-cors which has path-exclusion built-in 2022-02-23 11:06:19 -08:00
snipe 8a09211310
Merge pull request #10722 from snipe/features/add_force_saml_to_master
Fixes Restricted Logins to SAML controlled via environment variable #10436 - applies #10449 to master
2022-02-22 21:45:19 -08:00
snipe 42fcd29200 Fixed #10436 on master, applies #10449
Signed-off-by: snipe <snipe@snipe.net>
2022-02-22 21:06:54 -08:00
snipe 0cfc0a4bee
Merge pull request #10718 from uberbrady/fix_cors_option_1_master
Fix CORS requests on master (option *ONE*)
2022-02-22 19:24:18 -08:00
Brady Wetherington 64f83f9a5f Move HandleCors middleware to be universal 2022-02-22 17:43:40 -08:00
snipe dc2b58f865
Merge pull request #10691 from snipe/fixes/update_audit_date_when_settings_update
Fixed #10690 - Initial audit date fix
2022-02-20 11:16:54 -08:00
snipe 34ebc629c2 Remove unusued translation string
Signed-off-by: snipe <snipe@snipe.net>
2022-02-20 11:15:56 -08:00
snipe d1b45a83b8 Blergh, one more linebreak
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:51:06 -08:00
snipe 01a8701a8c Removed extra linebreaks
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:50:38 -08:00
snipe 67fe53e32a Removed debugging, added comments
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:50:07 -08:00
snipe 7f6b8cc43d Removed carbon, since we went with PHP's datetime instead
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:48:12 -08:00
snipe 5fe999eb02 Shored up the date math, updated the explanation
Signed-off-by: snipe <snipe@snipe.net>
2022-02-17 14:34:33 -08:00
snipe ea429d650e Initial audit date fix
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 20:19:38 -08:00
snipe 7fe7d56999
Merge pull request #10656 from snipe/snyk-upgrade-0005397ba83c98631126ff98d5471e6d
[Snyk] Upgrade jquery-ui from 1.13.0 to 1.13.1
2022-02-16 11:19:00 -07:00
snipe 4f89dfee49
Merge pull request #10679 from snipe/fixes/timing_attack_mitigation_for_forgot_password
Added usleep random to forgotten password method to mitigate timing attacks
2022-02-16 11:17:00 -07:00
snipe 017534bc07 Added deleted_at to license transformer
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:33:28 -08:00
snipe 5540069cce Be more specific with deleted license point
Require this value to be "true" speciically to get the deleted list

Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:14:04 -08:00
snipe e9a4ff8e74
Merge pull request #10683 from snipe/features/add_deleted_only_endpoint_for_licenses
Adds delete endpoint for licenses
2022-02-16 10:10:22 -07:00
snipe 1ad56760ce Adds delete endpoint for licenses
Signed-off-by: snipe <snipe@snipe.net>
2022-02-16 09:08:50 -08:00
snipe 5582949008
Merge pull request #10681 from snipe/fixes/2fa_cookie_fix
Fixes 2FA cookie -> user issue
2022-02-15 19:34:13 -07:00
snipe f878e0ad66 Fixes 2FA cookie -> user issue
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:29:23 -08:00
snipe 178e440951 Added usleep :(
Signed-off-by: snipe <snipe@snipe.net>
2022-02-15 18:09:58 -08:00
snipe 321be4733d
Merge pull request #10672 from snipe/fixes/missing_gates_for_maintenances
Added Asset edit/delete gates to maintenances
2022-02-14 15:58:19 -08:00
snipe cab4fa1687 Fixes some conceptual gates
Signed-off-by: snipe <snipe@snipe.net>
2022-02-14 15:42:23 -08:00
snipe 4804e5b3ab Added Asset edit/delete gates to maintenances
Signed-off-by: snipe <snipe@snipe.net>
2022-02-14 15:34:06 -08:00
snipe 885ab64c2e Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-13 12:01:59 -07:00
snipe 8624531f78 Bumped version
Signed-off-by: snipe <snipe@snipe.net>
2022-02-13 12:01:37 -07:00
snipe db0c0e7908
Merge pull request #10665 from snipe/fixes/adds_gate_to_supplier_view
Adds gate to supplier
2022-02-13 10:56:55 -08:00
snipe d77a47765e Adds gate to supplier
Signed-off-by: snipe <snipe@snipe.net>
2022-02-13 11:53:45 -07:00
snipe 05c0819776 Updated language string
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 15:55:42 -08:00
snipe 16f963fa3d Merge branch 'master' of https://github.com/snipe/snipe-it 2022-02-11 13:07:29 -08:00
snipe e032cf1fda Bumped version
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 13:07:26 -08:00
snipe 10c26f38c4
Merge pull request #10662 from snipe/fixes/tighter_security_on_select_lists
Added additional gate for selectlists
2022-02-11 12:48:55 -08:00
snipe d6b8222371 Refactor to combine permissions
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:48:30 -08:00
snipe 2c5abaaea4 Fixed copypasta
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:32:09 -08:00
snipe c1a0653847 Restrict to update or create gate methods for select lists
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:31:11 -08:00
snipe 9226c8292d Fixed typos in comments
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 12:02:14 -08:00
snipe 5fafa81dc1 Forgot components
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:57:29 -08:00
snipe b30d1dce89 Removed selectlist
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:55:24 -08:00
snipe 2dad27eed6 Added additional gate for selectlists
Signed-off-by: snipe <snipe@snipe.net>
2022-02-11 11:46:14 -08:00
snipe f5ffda8053 Ahem.
Signed-off-by: snipe <snipe@snipe.net>
2022-02-10 22:43:51 -08:00
snipe 5703b95de3
Merge pull request #10657 from snipe/fixes/handle_deleted_auditor
Fixed - Check for valid user before trying to present the auditor name
2022-02-10 20:14:24 -08:00
snipe d406dc43c2 Check for valid user before trying to present the auditor name
Signed-off-by: snipe <snipe@snipe.net>
2022-02-10 20:13:02 -08:00
snipe 2ce44bd4e6 Line break for easier debugging
Signed-off-by: snipe <snipe@snipe.net>
2022-02-10 20:06:55 -08:00